From 1c2948ca382b2e68496f6b73b162c629ed96b116 Mon Sep 17 00:00:00 2001 From: Charanpreet Date: Fri, 2 Feb 2024 15:02:32 +0530 Subject: [PATCH 1/4] feat: added 1:1 implementation of PHP signing and verification utility --- .../signing_and_verification/php/.gitignore | 0 .../php/composer.json | 14 + .../php/composer.lock | 940 +++ .../signing_and_verification/php/src/.env | 4 + .../php/src/index.php | 135 + .../php/vendor/autoload.php | 25 + .../php/vendor/composer/ClassLoader.php | 579 ++ .../php/vendor/composer/InstalledVersions.php | 359 ++ .../php/vendor/composer/LICENSE | 21 + .../php/vendor/composer/autoload_classmap.php | 15 + .../php/vendor/composer/autoload_files.php | 13 + .../vendor/composer/autoload_namespaces.php | 9 + .../php/vendor/composer/autoload_psr4.php | 22 + .../php/vendor/composer/autoload_real.php | 50 + .../php/vendor/composer/autoload_static.php | 123 + .../php/vendor/composer/installed.json | 964 +++ .../php/vendor/composer/installed.php | 142 + .../php/vendor/composer/platform_check.php | 26 + .../graham-campbell/result-type/LICENSE | 21 + .../graham-campbell/result-type/composer.json | 33 + .../graham-campbell/result-type/src/Error.php | 121 + .../result-type/src/Result.php | 69 + .../result-type/src/Success.php | 120 + .../constant_time_encoding/LICENSE.txt | 48 + .../constant_time_encoding/README.md | 84 + .../constant_time_encoding/composer.json | 56 + .../constant_time_encoding/src/Base32.php | 519 ++ .../constant_time_encoding/src/Base32Hex.php | 111 + .../constant_time_encoding/src/Base64.php | 314 + .../src/Base64DotSlash.php | 88 + .../src/Base64DotSlashOrdered.php | 82 + .../src/Base64UrlSafe.php | 95 + .../constant_time_encoding/src/Binary.php | 90 + .../src/EncoderInterface.php | 52 + .../constant_time_encoding/src/Encoding.php | 262 + .../constant_time_encoding/src/Hex.php | 146 + .../constant_time_encoding/src/RFC4648.php | 186 + .../vendor/paragonie/random_compat/LICENSE | 22 + .../paragonie/random_compat/build-phar.sh | 5 + .../paragonie/random_compat/composer.json | 34 + .../dist/random_compat.phar.pubkey | 5 + .../dist/random_compat.phar.pubkey.asc | 11 + .../paragonie/random_compat/lib/random.php | 32 + .../random_compat/other/build_phar.php | 57 + .../random_compat/psalm-autoload.php | 9 + .../vendor/paragonie/random_compat/psalm.xml | 19 + .../php/vendor/phpoption/phpoption/LICENSE | 201 + .../vendor/phpoption/phpoption/composer.json | 52 + .../phpoption/src/PhpOption/LazyOption.php | 175 + .../phpoption/src/PhpOption/None.php | 136 + .../phpoption/src/PhpOption/Option.php | 434 ++ .../phpoption/src/PhpOption/Some.php | 169 + .../php/vendor/phpseclib/phpseclib/AUTHORS | 7 + .../php/vendor/phpseclib/phpseclib/BACKERS.md | 16 + .../php/vendor/phpseclib/phpseclib/LICENSE | 20 + .../php/vendor/phpseclib/phpseclib/README.md | 97 + .../vendor/phpseclib/phpseclib/composer.json | 84 + .../phpseclib/Common/Functions/Strings.php | 505 ++ .../phpseclib/phpseclib/Crypt/AES.php | 116 + .../phpseclib/phpseclib/Crypt/Blowfish.php | 918 +++ .../phpseclib/phpseclib/Crypt/ChaCha20.php | 799 +++ .../phpseclib/Crypt/Common/AsymmetricKey.php | 581 ++ .../phpseclib/Crypt/Common/BlockCipher.php | 24 + .../Crypt/Common/Formats/Keys/JWK.php | 69 + .../Crypt/Common/Formats/Keys/OpenSSH.php | 220 + .../Crypt/Common/Formats/Keys/PKCS.php | 72 + .../Crypt/Common/Formats/Keys/PKCS1.php | 209 + .../Crypt/Common/Formats/Keys/PKCS8.php | 725 +++ .../Crypt/Common/Formats/Keys/PuTTY.php | 374 ++ .../Crypt/Common/Formats/Signature/Raw.php | 60 + .../phpseclib/Crypt/Common/PrivateKey.php | 31 + .../phpseclib/Crypt/Common/PublicKey.php | 25 + .../phpseclib/Crypt/Common/StreamCipher.php | 54 + .../phpseclib/Crypt/Common/SymmetricKey.php | 3398 +++++++++++ .../Crypt/Common/Traits/Fingerprint.php | 57 + .../Crypt/Common/Traits/PasswordProtected.php | 46 + .../phpseclib/phpseclib/Crypt/DES.php | 1392 +++++ .../phpseclib/phpseclib/Crypt/DH.php | 405 ++ .../phpseclib/Crypt/DH/Formats/Keys/PKCS1.php | 77 + .../phpseclib/Crypt/DH/Formats/Keys/PKCS8.php | 132 + .../phpseclib/Crypt/DH/Parameters.php | 36 + .../phpseclib/Crypt/DH/PrivateKey.php | 75 + .../phpseclib/Crypt/DH/PublicKey.php | 49 + .../phpseclib/phpseclib/Crypt/DSA.php | 337 + .../Crypt/DSA/Formats/Keys/OpenSSH.php | 118 + .../Crypt/DSA/Formats/Keys/PKCS1.php | 143 + .../Crypt/DSA/Formats/Keys/PKCS8.php | 146 + .../Crypt/DSA/Formats/Keys/PuTTY.php | 109 + .../phpseclib/Crypt/DSA/Formats/Keys/Raw.php | 85 + .../phpseclib/Crypt/DSA/Formats/Keys/XML.php | 132 + .../Crypt/DSA/Formats/Signature/ASN1.php | 62 + .../Crypt/DSA/Formats/Signature/Raw.php | 25 + .../Crypt/DSA/Formats/Signature/SSH2.php | 74 + .../phpseclib/Crypt/DSA/Parameters.php | 36 + .../phpseclib/Crypt/DSA/PrivateKey.php | 152 + .../phpseclib/Crypt/DSA/PublicKey.php | 86 + .../phpseclib/phpseclib/Crypt/EC.php | 480 ++ .../phpseclib/Crypt/EC/BaseCurves/Base.php | 218 + .../phpseclib/Crypt/EC/BaseCurves/Binary.php | 373 ++ .../Crypt/EC/BaseCurves/KoblitzPrime.php | 335 + .../Crypt/EC/BaseCurves/Montgomery.php | 279 + .../phpseclib/Crypt/EC/BaseCurves/Prime.php | 785 +++ .../Crypt/EC/BaseCurves/TwistedEdwards.php | 215 + .../phpseclib/Crypt/EC/Curves/Curve25519.php | 81 + .../phpseclib/Crypt/EC/Curves/Curve448.php | 92 + .../phpseclib/Crypt/EC/Curves/Ed25519.php | 333 + .../phpseclib/Crypt/EC/Curves/Ed448.php | 273 + .../Crypt/EC/Curves/brainpoolP160r1.php | 34 + .../Crypt/EC/Curves/brainpoolP160t1.php | 47 + .../Crypt/EC/Curves/brainpoolP192r1.php | 34 + .../Crypt/EC/Curves/brainpoolP192t1.php | 34 + .../Crypt/EC/Curves/brainpoolP224r1.php | 34 + .../Crypt/EC/Curves/brainpoolP224t1.php | 34 + .../Crypt/EC/Curves/brainpoolP256r1.php | 34 + .../Crypt/EC/Curves/brainpoolP256t1.php | 34 + .../Crypt/EC/Curves/brainpoolP320r1.php | 40 + .../Crypt/EC/Curves/brainpoolP320t1.php | 40 + .../Crypt/EC/Curves/brainpoolP384r1.php | 58 + .../Crypt/EC/Curves/brainpoolP384t1.php | 58 + .../Crypt/EC/Curves/brainpoolP512r1.php | 58 + .../Crypt/EC/Curves/brainpoolP512t1.php | 58 + .../phpseclib/Crypt/EC/Curves/nistb233.php | 18 + .../phpseclib/Crypt/EC/Curves/nistb409.php | 18 + .../phpseclib/Crypt/EC/Curves/nistk163.php | 18 + .../phpseclib/Crypt/EC/Curves/nistk233.php | 18 + .../phpseclib/Crypt/EC/Curves/nistk283.php | 18 + .../phpseclib/Crypt/EC/Curves/nistk409.php | 18 + .../phpseclib/Crypt/EC/Curves/nistp192.php | 18 + .../phpseclib/Crypt/EC/Curves/nistp224.php | 18 + .../phpseclib/Crypt/EC/Curves/nistp256.php | 18 + .../phpseclib/Crypt/EC/Curves/nistp384.php | 18 + .../phpseclib/Crypt/EC/Curves/nistp521.php | 18 + .../phpseclib/Crypt/EC/Curves/nistt571.php | 18 + .../phpseclib/Crypt/EC/Curves/prime192v1.php | 18 + .../phpseclib/Crypt/EC/Curves/prime192v2.php | 34 + .../phpseclib/Crypt/EC/Curves/prime192v3.php | 34 + .../phpseclib/Crypt/EC/Curves/prime239v1.php | 34 + .../phpseclib/Crypt/EC/Curves/prime239v2.php | 34 + .../phpseclib/Crypt/EC/Curves/prime239v3.php | 34 + .../phpseclib/Crypt/EC/Curves/prime256v1.php | 18 + .../phpseclib/Crypt/EC/Curves/secp112r1.php | 34 + .../phpseclib/Crypt/EC/Curves/secp112r2.php | 35 + .../phpseclib/Crypt/EC/Curves/secp128r1.php | 34 + .../phpseclib/Crypt/EC/Curves/secp128r2.php | 35 + .../phpseclib/Crypt/EC/Curves/secp160k1.php | 46 + .../phpseclib/Crypt/EC/Curves/secp160r1.php | 34 + .../phpseclib/Crypt/EC/Curves/secp160r2.php | 35 + .../phpseclib/Crypt/EC/Curves/secp192k1.php | 45 + .../phpseclib/Crypt/EC/Curves/secp192r1.php | 78 + .../phpseclib/Crypt/EC/Curves/secp224k1.php | 45 + .../phpseclib/Crypt/EC/Curves/secp224r1.php | 34 + .../phpseclib/Crypt/EC/Curves/secp256k1.php | 49 + .../phpseclib/Crypt/EC/Curves/secp256r1.php | 34 + .../phpseclib/Crypt/EC/Curves/secp384r1.php | 52 + .../phpseclib/Crypt/EC/Curves/secp521r1.php | 46 + .../phpseclib/Crypt/EC/Curves/sect113r1.php | 34 + .../phpseclib/Crypt/EC/Curves/sect113r2.php | 34 + .../phpseclib/Crypt/EC/Curves/sect131r1.php | 34 + .../phpseclib/Crypt/EC/Curves/sect131r2.php | 34 + .../phpseclib/Crypt/EC/Curves/sect163k1.php | 34 + .../phpseclib/Crypt/EC/Curves/sect163r1.php | 34 + .../phpseclib/Crypt/EC/Curves/sect163r2.php | 34 + .../phpseclib/Crypt/EC/Curves/sect193r1.php | 34 + .../phpseclib/Crypt/EC/Curves/sect193r2.php | 34 + .../phpseclib/Crypt/EC/Curves/sect233k1.php | 34 + .../phpseclib/Crypt/EC/Curves/sect233r1.php | 34 + .../phpseclib/Crypt/EC/Curves/sect239k1.php | 34 + .../phpseclib/Crypt/EC/Curves/sect283k1.php | 34 + .../phpseclib/Crypt/EC/Curves/sect283r1.php | 34 + .../phpseclib/Crypt/EC/Curves/sect409k1.php | 38 + .../phpseclib/Crypt/EC/Curves/sect409r1.php | 38 + .../phpseclib/Crypt/EC/Curves/sect571k1.php | 42 + .../phpseclib/Crypt/EC/Curves/sect571r1.php | 42 + .../Crypt/EC/Formats/Keys/Common.php | 549 ++ .../phpseclib/Crypt/EC/Formats/Keys/JWK.php | 189 + .../EC/Formats/Keys/MontgomeryPrivate.php | 101 + .../EC/Formats/Keys/MontgomeryPublic.php | 71 + .../Crypt/EC/Formats/Keys/OpenSSH.php | 209 + .../phpseclib/Crypt/EC/Formats/Keys/PKCS1.php | 194 + .../phpseclib/Crypt/EC/Formats/Keys/PKCS8.php | 234 + .../phpseclib/Crypt/EC/Formats/Keys/PuTTY.php | 138 + .../phpseclib/Crypt/EC/Formats/Keys/XML.php | 485 ++ .../Crypt/EC/Formats/Keys/libsodium.php | 116 + .../Crypt/EC/Formats/Signature/ASN1.php | 62 + .../Crypt/EC/Formats/Signature/IEEE.php | 66 + .../Crypt/EC/Formats/Signature/Raw.php | 25 + .../Crypt/EC/Formats/Signature/SSH2.php | 94 + .../phpseclib/Crypt/EC/Parameters.php | 36 + .../phpseclib/Crypt/EC/PrivateKey.php | 256 + .../phpseclib/Crypt/EC/PublicKey.php | 172 + .../phpseclib/phpseclib/Crypt/Hash.php | 1455 +++++ .../phpseclib/Crypt/PublicKeyLoader.php | 111 + .../phpseclib/phpseclib/Crypt/RC2.php | 640 ++ .../phpseclib/phpseclib/Crypt/RC4.php | 280 + .../phpseclib/phpseclib/Crypt/RSA.php | 934 +++ .../phpseclib/Crypt/RSA/Formats/Keys/JWK.php | 142 + .../Crypt/RSA/Formats/Keys/MSBLOB.php | 228 + .../Crypt/RSA/Formats/Keys/OpenSSH.php | 132 + .../Crypt/RSA/Formats/Keys/PKCS1.php | 160 + .../Crypt/RSA/Formats/Keys/PKCS8.php | 122 + .../phpseclib/Crypt/RSA/Formats/Keys/PSS.php | 238 + .../Crypt/RSA/Formats/Keys/PuTTY.php | 121 + .../phpseclib/Crypt/RSA/Formats/Keys/Raw.php | 184 + .../phpseclib/Crypt/RSA/Formats/Keys/XML.php | 171 + .../phpseclib/Crypt/RSA/PrivateKey.php | 530 ++ .../phpseclib/Crypt/RSA/PublicKey.php | 513 ++ .../phpseclib/phpseclib/Crypt/Random.php | 222 + .../phpseclib/phpseclib/Crypt/Rijndael.php | 1036 ++++ .../phpseclib/phpseclib/Crypt/Salsa20.php | 526 ++ .../phpseclib/phpseclib/Crypt/TripleDES.php | 436 ++ .../phpseclib/phpseclib/Crypt/Twofish.php | 816 +++ .../Exception/BadConfigurationException.php | 23 + .../Exception/BadDecryptionException.php | 23 + .../phpseclib/Exception/BadModeException.php | 23 + .../Exception/ConnectionClosedException.php | 23 + .../Exception/FileNotFoundException.php | 23 + .../Exception/InconsistentSetupException.php | 23 + .../Exception/InsufficientSetupException.php | 23 + .../Exception/NoKeyLoadedException.php | 23 + .../NoSupportedAlgorithmsException.php | 23 + .../Exception/UnableToConnectException.php | 23 + .../UnsupportedAlgorithmException.php | 23 + .../Exception/UnsupportedCurveException.php | 23 + .../Exception/UnsupportedFormatException.php | 23 + .../UnsupportedOperationException.php | 23 + .../phpseclib/phpseclib/File/ANSI.php | 551 ++ .../phpseclib/phpseclib/File/ASN1.php | 1508 +++++ .../phpseclib/phpseclib/File/ASN1/Element.php | 43 + .../File/ASN1/Maps/AccessDescription.php | 32 + .../ASN1/Maps/AdministrationDomainName.php | 36 + .../File/ASN1/Maps/AlgorithmIdentifier.php | 35 + .../phpseclib/File/ASN1/Maps/AnotherName.php | 37 + .../phpseclib/File/ASN1/Maps/Attribute.php | 37 + .../File/ASN1/Maps/AttributeType.php | 26 + .../File/ASN1/Maps/AttributeTypeAndValue.php | 32 + .../File/ASN1/Maps/AttributeValue.php | 26 + .../phpseclib/File/ASN1/Maps/Attributes.php | 31 + .../ASN1/Maps/AuthorityInfoAccessSyntax.php | 31 + .../File/ASN1/Maps/AuthorityKeyIdentifier.php | 45 + .../phpseclib/File/ASN1/Maps/BaseDistance.php | 26 + .../File/ASN1/Maps/BasicConstraints.php | 39 + .../Maps/BuiltInDomainDefinedAttribute.php | 32 + .../Maps/BuiltInDomainDefinedAttributes.php | 31 + .../ASN1/Maps/BuiltInStandardAttributes.php | 67 + .../phpseclib/File/ASN1/Maps/CPSuri.php | 26 + .../File/ASN1/Maps/CRLDistributionPoints.php | 31 + .../phpseclib/File/ASN1/Maps/CRLNumber.php | 26 + .../phpseclib/File/ASN1/Maps/CRLReason.php | 41 + .../phpseclib/File/ASN1/Maps/CertPolicyId.php | 26 + .../phpseclib/File/ASN1/Maps/Certificate.php | 33 + .../File/ASN1/Maps/CertificateIssuer.php | 24 + .../File/ASN1/Maps/CertificateList.php | 33 + .../File/ASN1/Maps/CertificatePolicies.php | 31 + .../ASN1/Maps/CertificateSerialNumber.php | 26 + .../File/ASN1/Maps/CertificationRequest.php | 33 + .../ASN1/Maps/CertificationRequestInfo.php | 41 + .../File/ASN1/Maps/Characteristic_two.php | 36 + .../phpseclib/File/ASN1/Maps/CountryName.php | 36 + .../phpseclib/File/ASN1/Maps/Curve.php | 36 + .../phpseclib/File/ASN1/Maps/DHParameter.php | 38 + .../phpseclib/File/ASN1/Maps/DSAParams.php | 33 + .../File/ASN1/Maps/DSAPrivateKey.php | 36 + .../phpseclib/File/ASN1/Maps/DSAPublicKey.php | 26 + .../phpseclib/File/ASN1/Maps/DigestInfo.php | 34 + .../File/ASN1/Maps/DirectoryString.php | 35 + .../phpseclib/File/ASN1/Maps/DisplayText.php | 34 + .../File/ASN1/Maps/DistributionPoint.php | 45 + .../File/ASN1/Maps/DistributionPointName.php | 40 + .../phpseclib/File/ASN1/Maps/DssSigValue.php | 32 + .../phpseclib/File/ASN1/Maps/ECParameters.php | 45 + .../phpseclib/File/ASN1/Maps/ECPoint.php | 26 + .../phpseclib/File/ASN1/Maps/ECPrivateKey.php | 48 + .../phpseclib/File/ASN1/Maps/EDIPartyName.php | 42 + .../File/ASN1/Maps/EcdsaSigValue.php | 32 + .../File/ASN1/Maps/EncryptedData.php | 26 + .../ASN1/Maps/EncryptedPrivateKeyInfo.php | 32 + .../File/ASN1/Maps/ExtKeyUsageSyntax.php | 31 + .../phpseclib/File/ASN1/Maps/Extension.php | 43 + .../File/ASN1/Maps/ExtensionAttribute.php | 42 + .../File/ASN1/Maps/ExtensionAttributes.php | 31 + .../phpseclib/File/ASN1/Maps/Extensions.php | 33 + .../phpseclib/File/ASN1/Maps/FieldElement.php | 26 + .../phpseclib/File/ASN1/Maps/FieldID.php | 35 + .../phpseclib/File/ASN1/Maps/GeneralName.php | 80 + .../phpseclib/File/ASN1/Maps/GeneralNames.php | 31 + .../File/ASN1/Maps/GeneralSubtree.php | 42 + .../File/ASN1/Maps/GeneralSubtrees.php | 31 + .../File/ASN1/Maps/HashAlgorithm.php | 24 + .../File/ASN1/Maps/HoldInstructionCode.php | 26 + .../File/ASN1/Maps/InvalidityDate.php | 26 + .../File/ASN1/Maps/IssuerAltName.php | 24 + .../ASN1/Maps/IssuingDistributionPoint.php | 68 + .../File/ASN1/Maps/KeyIdentifier.php | 26 + .../phpseclib/File/ASN1/Maps/KeyPurposeId.php | 26 + .../phpseclib/File/ASN1/Maps/KeyUsage.php | 39 + .../File/ASN1/Maps/MaskGenAlgorithm.php | 24 + .../phpseclib/File/ASN1/Maps/Name.php | 31 + .../File/ASN1/Maps/NameConstraints.php | 40 + .../File/ASN1/Maps/NetworkAddress.php | 26 + .../File/ASN1/Maps/NoticeReference.php | 37 + .../File/ASN1/Maps/NumericUserIdentifier.php | 26 + .../phpseclib/File/ASN1/Maps/ORAddress.php | 33 + .../File/ASN1/Maps/OneAsymmetricKey.php | 48 + .../File/ASN1/Maps/OrganizationName.php | 26 + .../ASN1/Maps/OrganizationalUnitNames.php | 31 + .../File/ASN1/Maps/OtherPrimeInfo.php | 34 + .../File/ASN1/Maps/OtherPrimeInfos.php | 32 + .../phpseclib/File/ASN1/Maps/PBEParameter.php | 34 + .../phpseclib/File/ASN1/Maps/PBES2params.php | 34 + .../phpseclib/File/ASN1/Maps/PBKDF2params.php | 41 + .../phpseclib/File/ASN1/Maps/PBMAC1params.php | 34 + .../phpseclib/File/ASN1/Maps/PKCS9String.php | 32 + .../phpseclib/File/ASN1/Maps/Pentanomial.php | 33 + .../phpseclib/File/ASN1/Maps/PersonalName.php | 54 + .../File/ASN1/Maps/PolicyInformation.php | 38 + .../File/ASN1/Maps/PolicyMappings.php | 37 + .../File/ASN1/Maps/PolicyQualifierId.php | 26 + .../File/ASN1/Maps/PolicyQualifierInfo.php | 32 + .../File/ASN1/Maps/PostalAddress.php | 32 + .../phpseclib/File/ASN1/Maps/Prime_p.php | 26 + .../File/ASN1/Maps/PrivateDomainName.php | 32 + .../phpseclib/File/ASN1/Maps/PrivateKey.php | 26 + .../File/ASN1/Maps/PrivateKeyInfo.php | 41 + .../File/ASN1/Maps/PrivateKeyUsagePeriod.php | 40 + .../phpseclib/File/ASN1/Maps/PublicKey.php | 26 + .../File/ASN1/Maps/PublicKeyAndChallenge.php | 32 + .../File/ASN1/Maps/PublicKeyInfo.php | 35 + .../File/ASN1/Maps/RC2CBCParameter.php | 37 + .../phpseclib/File/ASN1/Maps/RDNSequence.php | 38 + .../File/ASN1/Maps/RSAPrivateKey.php | 44 + .../phpseclib/File/ASN1/Maps/RSAPublicKey.php | 32 + .../File/ASN1/Maps/RSASSA_PSS_params.php | 58 + .../phpseclib/File/ASN1/Maps/ReasonFlags.php | 39 + .../ASN1/Maps/RelativeDistinguishedName.php | 37 + .../File/ASN1/Maps/RevokedCertificate.php | 35 + .../ASN1/Maps/SignedPublicKeyAndChallenge.php | 33 + .../File/ASN1/Maps/SpecifiedECDomain.php | 45 + .../File/ASN1/Maps/SubjectAltName.php | 24 + .../ASN1/Maps/SubjectDirectoryAttributes.php | 31 + .../ASN1/Maps/SubjectInfoAccessSyntax.php | 31 + .../File/ASN1/Maps/SubjectPublicKeyInfo.php | 32 + .../phpseclib/File/ASN1/Maps/TBSCertList.php | 54 + .../File/ASN1/Maps/TBSCertificate.php | 65 + .../File/ASN1/Maps/TerminalIdentifier.php | 26 + .../phpseclib/File/ASN1/Maps/Time.php | 32 + .../phpseclib/File/ASN1/Maps/Trinomial.php | 26 + .../File/ASN1/Maps/UniqueIdentifier.php | 26 + .../phpseclib/File/ASN1/Maps/UserNotice.php | 38 + .../phpseclib/File/ASN1/Maps/Validity.php | 32 + .../File/ASN1/Maps/netscape_ca_policy_url.php | 26 + .../File/ASN1/Maps/netscape_cert_type.php | 40 + .../File/ASN1/Maps/netscape_comment.php | 26 + .../phpseclib/phpseclib/File/X509.php | 4006 ++++++++++++ .../phpseclib/phpseclib/Math/BigInteger.php | 892 +++ .../Math/BigInteger/Engines/BCMath.php | 697 +++ .../Math/BigInteger/Engines/BCMath/Base.php | 110 + .../BigInteger/Engines/BCMath/BuiltIn.php | 40 + .../Engines/BCMath/DefaultEngine.php | 25 + .../BigInteger/Engines/BCMath/OpenSSL.php | 25 + .../Engines/BCMath/Reductions/Barrett.php | 187 + .../Engines/BCMath/Reductions/EvalBarrett.php | 108 + .../Math/BigInteger/Engines/Engine.php | 1285 ++++ .../phpseclib/Math/BigInteger/Engines/GMP.php | 694 +++ .../BigInteger/Engines/GMP/DefaultEngine.php | 40 + .../Math/BigInteger/Engines/OpenSSL.php | 68 + .../phpseclib/Math/BigInteger/Engines/PHP.php | 1344 ++++ .../Math/BigInteger/Engines/PHP/Base.php | 143 + .../BigInteger/Engines/PHP/DefaultEngine.php | 25 + .../BigInteger/Engines/PHP/Montgomery.php | 89 + .../Math/BigInteger/Engines/PHP/OpenSSL.php | 25 + .../Engines/PHP/Reductions/Barrett.php | 281 + .../Engines/PHP/Reductions/Classic.php | 42 + .../Engines/PHP/Reductions/EvalBarrett.php | 484 ++ .../Engines/PHP/Reductions/Montgomery.php | 126 + .../Engines/PHP/Reductions/MontgomeryMult.php | 76 + .../Engines/PHP/Reductions/PowerOfTwo.php | 59 + .../Math/BigInteger/Engines/PHP32.php | 371 ++ .../Math/BigInteger/Engines/PHP64.php | 372 ++ .../phpseclib/phpseclib/Math/BinaryField.php | 203 + .../phpseclib/Math/BinaryField/Integer.php | 516 ++ .../phpseclib/Math/Common/FiniteField.php | 22 + .../Math/Common/FiniteField/Integer.php | 44 + .../phpseclib/phpseclib/Math/PrimeField.php | 118 + .../phpseclib/Math/PrimeField/Integer.php | 419 ++ .../phpseclib/phpseclib/Net/SFTP.php | 3547 +++++++++++ .../phpseclib/phpseclib/Net/SFTP/Stream.php | 756 +++ .../phpseclib/phpseclib/Net/SSH2.php | 5397 +++++++++++++++++ .../phpseclib/phpseclib/System/SSH/Agent.php | 286 + .../phpseclib/System/SSH/Agent/Identity.php | 320 + .../System/SSH/Common/Traits/ReadBytes.php | 37 + .../phpseclib/phpseclib/bootstrap.php | 22 + .../phpseclib/phpseclib/phpseclib/openssl.cnf | 6 + .../php/vendor/sop/asn1/LICENSE | 21 + .../php/vendor/sop/asn1/README.md | 103 + .../php/vendor/sop/asn1/composer.json | 34 + .../asn1/lib/ASN1/Component/Identifier.php | 290 + .../sop/asn1/lib/ASN1/Component/Length.php | 225 + .../php/vendor/sop/asn1/lib/ASN1/DERData.php | 89 + .../php/vendor/sop/asn1/lib/ASN1/Element.php | 465 ++ .../lib/ASN1/Exception/DecodeException.php | 12 + .../sop/asn1/lib/ASN1/Feature/ElementBase.php | 84 + .../sop/asn1/lib/ASN1/Feature/Encodable.php | 16 + .../sop/asn1/lib/ASN1/Feature/Stringable.php | 21 + .../sop/asn1/lib/ASN1/Type/BaseString.php | 59 + .../sop/asn1/lib/ASN1/Type/BaseTime.php | 107 + .../Type/Constructed/ConstructedString.php | 131 + .../lib/ASN1/Type/Constructed/Sequence.php | 25 + .../asn1/lib/ASN1/Type/Constructed/Set.php | 63 + .../lib/ASN1/Type/Primitive/BMPString.php | 40 + .../lib/ASN1/Type/Primitive/BitString.php | 201 + .../asn1/lib/ASN1/Type/Primitive/Boolean.php | 73 + .../ASN1/Type/Primitive/CharacterString.php | 25 + .../sop/asn1/lib/ASN1/Type/Primitive/EOC.php | 54 + .../lib/ASN1/Type/Primitive/Enumerated.php | 22 + .../lib/ASN1/Type/Primitive/GeneralString.php | 34 + .../ASN1/Type/Primitive/GeneralizedTime.php | 125 + .../lib/ASN1/Type/Primitive/GraphicString.php | 34 + .../lib/ASN1/Type/Primitive/IA5String.php | 33 + .../asn1/lib/ASN1/Type/Primitive/Integer.php | 105 + .../asn1/lib/ASN1/Type/Primitive/NullType.php | 54 + .../lib/ASN1/Type/Primitive/NumericString.php | 33 + .../ASN1/Type/Primitive/ObjectDescriptor.php | 33 + .../ASN1/Type/Primitive/ObjectIdentifier.php | 207 + .../lib/ASN1/Type/Primitive/OctetString.php | 25 + .../ASN1/Type/Primitive/PrintableString.php | 34 + .../sop/asn1/lib/ASN1/Type/Primitive/Real.php | 698 +++ .../lib/ASN1/Type/Primitive/RelativeOID.php | 48 + .../lib/ASN1/Type/Primitive/T61String.php | 35 + .../asn1/lib/ASN1/Type/Primitive/UTCTime.php | 83 + .../lib/ASN1/Type/Primitive/UTF8String.php | 35 + .../ASN1/Type/Primitive/UniversalString.php | 39 + .../ASN1/Type/Primitive/VideotexString.php | 34 + .../lib/ASN1/Type/Primitive/VisibleString.php | 33 + .../asn1/lib/ASN1/Type/PrimitiveString.php | 53 + .../sop/asn1/lib/ASN1/Type/PrimitiveType.php | 19 + .../sop/asn1/lib/ASN1/Type/StringType.php | 16 + .../sop/asn1/lib/ASN1/Type/Structure.php | 384 ++ .../lib/ASN1/Type/Tagged/ApplicationType.php | 12 + .../ASN1/Type/Tagged/ContextSpecificType.php | 12 + .../lib/ASN1/Type/Tagged/DERTaggedType.php | 156 + .../lib/ASN1/Type/Tagged/ExplicitTagging.php | 19 + .../ASN1/Type/Tagged/ExplicitlyTaggedType.php | 58 + .../lib/ASN1/Type/Tagged/ImplicitTagging.php | 25 + .../ASN1/Type/Tagged/ImplicitlyTaggedType.php | 68 + .../asn1/lib/ASN1/Type/Tagged/PrivateType.php | 12 + .../lib/ASN1/Type/Tagged/TaggedTypeWrap.php | 35 + .../sop/asn1/lib/ASN1/Type/TaggedType.php | 84 + .../sop/asn1/lib/ASN1/Type/TimeType.php | 16 + .../sop/asn1/lib/ASN1/Type/UniversalClass.php | 21 + .../asn1/lib/ASN1/Type/UnspecifiedType.php | 674 ++ .../vendor/sop/asn1/lib/ASN1/Util/BigInt.php | 218 + .../vendor/sop/asn1/lib/ASN1/Util/Flags.php | 144 + .../php/vendor/sop/crypto-encoding/LICENSE | 21 + .../php/vendor/sop/crypto-encoding/README.md | 24 + .../vendor/sop/crypto-encoding/composer.json | 31 + .../lib/CryptoEncoding/PEM.php | 145 + .../lib/CryptoEncoding/PEMBundle.php | 173 + .../php/vendor/sop/crypto-types/LICENSE | 21 + .../php/vendor/sop/crypto-types/README.md | 42 + .../php/vendor/sop/crypto-types/composer.json | 39 + .../AlgorithmIdentifier.php | 116 + .../AlgorithmIdentifierFactory.php | 119 + .../AlgorithmIdentifierProvider.php | 35 + .../ECPublicKeyAlgorithmIdentifier.php | 303 + .../Asymmetric/Ed25519AlgorithmIdentifier.php | 44 + .../Asymmetric/Ed448AlgorithmIdentifier.php | 44 + .../RFC8410EdAlgorithmIdentifier.php | 59 + .../RFC8410XAlgorithmIdentifier.php | 53 + .../RSAEncryptionAlgorithmIdentifier.php | 68 + .../Asymmetric/X25519AlgorithmIdentifier.php | 29 + .../Asymmetric/X448AlgorithmIdentifier.php | 29 + .../Cipher/AES128CBCAlgorithmIdentifier.php | 42 + .../Cipher/AES192CBCAlgorithmIdentifier.php | 42 + .../Cipher/AES256CBCAlgorithmIdentifier.php | 42 + .../Cipher/AESCBCAlgorithmIdentifier.php | 82 + .../Cipher/BlockCipherAlgorithmIdentifier.php | 16 + .../Cipher/CipherAlgorithmIdentifier.php | 65 + .../Cipher/DESCBCAlgorithmIdentifier.php | 98 + .../Cipher/DESEDE3CBCAlgorithmIdentifier.php | 99 + .../Cipher/RC2CBCAlgorithmIdentifier.php | 215 + .../Feature/AlgorithmIdentifierType.php | 30 + .../AsymmetricCryptoAlgorithmIdentifier.php | 12 + .../Feature/EncryptionAlgorithmIdentifier.php | 12 + .../Feature/HashAlgorithmIdentifier.php | 12 + .../Feature/PRFAlgorithmIdentifier.php | 12 + .../Feature/SignatureAlgorithmIdentifier.php | 18 + .../GenericAlgorithmIdentifier.php | 57 + .../Hash/HMACWithSHA1AlgorithmIdentifier.php | 66 + .../HMACWithSHA224AlgorithmIdentifier.php | 29 + .../HMACWithSHA256AlgorithmIdentifier.php | 29 + .../HMACWithSHA384AlgorithmIdentifier.php | 29 + .../HMACWithSHA512AlgorithmIdentifier.php | 29 + .../Hash/MD5AlgorithmIdentifier.php | 85 + .../Hash/RFC4231HMACAlgorithmIdentifier.php | 56 + .../Hash/SHA1AlgorithmIdentifier.php | 81 + .../Hash/SHA224AlgorithmIdentifier.php | 33 + .../Hash/SHA256AlgorithmIdentifier.php | 32 + .../Hash/SHA2AlgorithmIdentifier.php | 71 + .../Hash/SHA384AlgorithmIdentifier.php | 32 + .../Hash/SHA512AlgorithmIdentifier.php | 32 + .../ECDSAWithSHA1AlgorithmIdentifier.php | 29 + .../ECDSAWithSHA224AlgorithmIdentifier.php | 29 + .../ECDSAWithSHA256AlgorithmIdentifier.php | 29 + .../ECDSAWithSHA384AlgorithmIdentifier.php | 29 + .../ECDSAWithSHA512AlgorithmIdentifier.php | 29 + .../ECSignatureAlgorithmIdentifier.php | 59 + ...D2WithRSAEncryptionAlgorithmIdentifier.php | 29 + ...D4WithRSAEncryptionAlgorithmIdentifier.php | 29 + ...D5WithRSAEncryptionAlgorithmIdentifier.php | 29 + ...RFC3279RSASignatureAlgorithmIdentifier.php | 51 + ...RFC4055RSASignatureAlgorithmIdentifier.php | 65 + .../RSASignatureAlgorithmIdentifier.php | 23 + ...A1WithRSAEncryptionAlgorithmIdentifier.php | 29 + ...24WithRSAEncryptionAlgorithmIdentifier.php | 30 + ...56WithRSAEncryptionAlgorithmIdentifier.php | 30 + ...84WithRSAEncryptionAlgorithmIdentifier.php | 30 + ...12WithRSAEncryptionAlgorithmIdentifier.php | 30 + .../SignatureAlgorithmIdentifierFactory.php | 105 + .../SpecificAlgorithmIdentifier.php | 30 + .../Attribute/OneAsymmetricKeyAttributes.php | 15 + .../Asymmetric/EC/ECConversion.php | 112 + .../Asymmetric/EC/ECPrivateKey.php | 223 + .../CryptoTypes/Asymmetric/EC/ECPublicKey.php | 222 + .../Asymmetric/OneAsymmetricKey.php | 359 ++ .../lib/CryptoTypes/Asymmetric/PrivateKey.php | 74 + .../CryptoTypes/Asymmetric/PrivateKeyInfo.php | 33 + .../lib/CryptoTypes/Asymmetric/PublicKey.php | 60 + .../CryptoTypes/Asymmetric/PublicKeyInfo.php | 197 + .../Curve25519/Curve25519PrivateKey.php | 34 + .../Curve25519/Curve25519PublicKey.php | 29 + .../RFC8410/Curve25519/Ed25519PrivateKey.php | 36 + .../RFC8410/Curve25519/Ed25519PublicKey.php | 24 + .../RFC8410/Curve25519/X25519PrivateKey.php | 36 + .../RFC8410/Curve25519/X25519PublicKey.php | 24 + .../RFC8410/Curve448/Ed448PrivateKey.php | 56 + .../RFC8410/Curve448/Ed448PublicKey.php | 39 + .../RFC8410/Curve448/X448PrivateKey.php | 56 + .../RFC8410/Curve448/X448PublicKey.php | 39 + .../Asymmetric/RFC8410/RFC8410PrivateKey.php | 142 + .../Asymmetric/RFC8410/RFC8410PublicKey.php | 52 + .../Asymmetric/RSA/RSAPrivateKey.php | 286 + .../Asymmetric/RSA/RSAPublicKey.php | 147 + .../lib/CryptoTypes/Signature/ECSignature.php | 108 + .../Signature/Ed25519Signature.php | 44 + .../CryptoTypes/Signature/Ed448Signature.php | 44 + .../Signature/GenericSignature.php | 56 + .../CryptoTypes/Signature/RSASignature.php | 58 + .../lib/CryptoTypes/Signature/Signature.php | 49 + .../php/vendor/sop/x501/LICENSE | 21 + .../php/vendor/sop/x501/README.md | 26 + .../php/vendor/sop/x501/composer.json | 38 + .../sop/x501/lib/X501/ASN1/Attribute.php | 176 + .../sop/x501/lib/X501/ASN1/AttributeType.php | 457 ++ .../lib/X501/ASN1/AttributeTypeAndValue.php | 128 + .../ASN1/AttributeValue/AttributeValue.php | 174 + .../ASN1/AttributeValue/CommonNameValue.php | 29 + .../ASN1/AttributeValue/CountryNameValue.php | 27 + .../ASN1/AttributeValue/DescriptionValue.php | 29 + .../Feature/DirectoryString.php | 179 + .../Feature/PrintableStringValue.php | 88 + .../ASN1/AttributeValue/GivenNameValue.php | 29 + .../ASN1/AttributeValue/LocalityNameValue.php | 29 + .../X501/ASN1/AttributeValue/NameValue.php | 29 + .../AttributeValue/OrganizationNameValue.php | 29 + .../OrganizationalUnitNameValue.php | 29 + .../ASN1/AttributeValue/PseudonymValue.php | 29 + .../ASN1/AttributeValue/SerialNumberValue.php | 27 + .../StateOrProvinceNameValue.php | 29 + .../X501/ASN1/AttributeValue/SurnameValue.php | 29 + .../X501/ASN1/AttributeValue/TitleValue.php | 29 + .../AttributeValue/UnknownAttributeValue.php | 75 + .../ASN1/Collection/AttributeCollection.php | 221 + .../ASN1/Collection/SequenceOfAttributes.php | 44 + .../X501/ASN1/Collection/SetOfAttributes.php | 45 + .../lib/X501/ASN1/Feature/TypedAttribute.php | 40 + .../vendor/sop/x501/lib/X501/ASN1/Name.php | 227 + .../php/vendor/sop/x501/lib/X501/ASN1/RDN.php | 187 + .../vendor/sop/x501/lib/X501/DN/DNParser.php | 428 ++ .../lib/X501/MatchingRule/BinaryMatch.php | 21 + .../lib/X501/MatchingRule/CaseExactMatch.php | 25 + .../lib/X501/MatchingRule/CaseIgnoreMatch.php | 26 + .../lib/X501/MatchingRule/MatchingRule.php | 24 + .../MatchingRule/StringPrepMatchingRule.php | 40 + .../lib/X501/StringPrep/CheckBidiStep.php | 25 + .../InsignificantNonSubstringSpaceStep.php | 35 + .../sop/x501/lib/X501/StringPrep/MapStep.php | 45 + .../lib/X501/StringPrep/NormalizeStep.php | 24 + .../x501/lib/X501/StringPrep/PrepareStep.php | 23 + .../x501/lib/X501/StringPrep/ProhibitStep.php | 27 + .../lib/X501/StringPrep/StringPreparer.php | 87 + .../lib/X501/StringPrep/TranscodeStep.php | 66 + .../vendor/symfony/polyfill-ctype/Ctype.php | 232 + .../php/vendor/symfony/polyfill-ctype/LICENSE | 19 + .../vendor/symfony/polyfill-ctype/README.md | 12 + .../symfony/polyfill-ctype/bootstrap.php | 50 + .../symfony/polyfill-ctype/bootstrap80.php | 46 + .../symfony/polyfill-ctype/composer.json | 41 + .../vendor/symfony/polyfill-mbstring/LICENSE | 19 + .../symfony/polyfill-mbstring/Mbstring.php | 947 +++ .../symfony/polyfill-mbstring/README.md | 13 + .../Resources/unidata/caseFolding.php | 119 + .../Resources/unidata/lowerCase.php | 1397 +++++ .../Resources/unidata/titleCaseRegexp.php | 5 + .../Resources/unidata/upperCase.php | 1489 +++++ .../symfony/polyfill-mbstring/bootstrap.php | 151 + .../symfony/polyfill-mbstring/bootstrap80.php | 147 + .../symfony/polyfill-mbstring/composer.json | 41 + .../php/vendor/symfony/polyfill-php80/LICENSE | 19 + .../vendor/symfony/polyfill-php80/Php80.php | 115 + .../symfony/polyfill-php80/PhpToken.php | 103 + .../vendor/symfony/polyfill-php80/README.md | 25 + .../Resources/stubs/Attribute.php | 31 + .../Resources/stubs/PhpToken.php | 16 + .../Resources/stubs/Stringable.php | 20 + .../Resources/stubs/UnhandledMatchError.php | 16 + .../Resources/stubs/ValueError.php | 16 + .../symfony/polyfill-php80/bootstrap.php | 42 + .../symfony/polyfill-php80/composer.json | 40 + .../php/vendor/vlucas/phpdotenv/LICENSE | 30 + .../php/vendor/vlucas/phpdotenv/composer.json | 60 + .../vendor/vlucas/phpdotenv/src/Dotenv.php | 267 + .../src/Exception/ExceptionInterface.php | 12 + .../Exception/InvalidEncodingException.php | 12 + .../src/Exception/InvalidFileException.php | 12 + .../src/Exception/InvalidPathException.php | 12 + .../src/Exception/ValidationException.php | 12 + .../vlucas/phpdotenv/src/Loader/Loader.php | 47 + .../phpdotenv/src/Loader/LoaderInterface.php | 20 + .../vlucas/phpdotenv/src/Loader/Resolver.php | 65 + .../vlucas/phpdotenv/src/Parser/Entry.php | 59 + .../phpdotenv/src/Parser/EntryParser.php | 300 + .../vlucas/phpdotenv/src/Parser/Lexer.php | 58 + .../vlucas/phpdotenv/src/Parser/Lines.php | 127 + .../vlucas/phpdotenv/src/Parser/Parser.php | 53 + .../phpdotenv/src/Parser/ParserInterface.php | 19 + .../vlucas/phpdotenv/src/Parser/Value.php | 88 + .../Repository/Adapter/AdapterInterface.php | 15 + .../src/Repository/Adapter/ApacheAdapter.php | 89 + .../src/Repository/Adapter/ArrayAdapter.php | 80 + .../Repository/Adapter/EnvConstAdapter.php | 89 + .../src/Repository/Adapter/GuardedWriter.php | 85 + .../Repository/Adapter/ImmutableWriter.php | 110 + .../src/Repository/Adapter/MultiReader.php | 48 + .../src/Repository/Adapter/MultiWriter.php | 64 + .../src/Repository/Adapter/PutenvAdapter.php | 91 + .../Repository/Adapter/ReaderInterface.php | 17 + .../Repository/Adapter/ReplacingWriter.php | 104 + .../Repository/Adapter/ServerConstAdapter.php | 89 + .../Repository/Adapter/WriterInterface.php | 27 + .../src/Repository/AdapterRepository.php | 107 + .../src/Repository/RepositoryBuilder.php | 272 + .../src/Repository/RepositoryInterface.php | 51 + .../vlucas/phpdotenv/src/Store/File/Paths.php | 44 + .../phpdotenv/src/Store/File/Reader.php | 81 + .../vlucas/phpdotenv/src/Store/FileStore.php | 72 + .../phpdotenv/src/Store/StoreBuilder.php | 141 + .../phpdotenv/src/Store/StoreInterface.php | 17 + .../phpdotenv/src/Store/StringStore.php | 37 + .../vlucas/phpdotenv/src/Util/Regex.php | 112 + .../vendor/vlucas/phpdotenv/src/Util/Str.php | 98 + .../vendor/vlucas/phpdotenv/src/Validator.php | 209 + 661 files changed, 91364 insertions(+) create mode 100644 utilities/signing_and_verification/php/.gitignore create mode 100644 utilities/signing_and_verification/php/composer.json create mode 100644 utilities/signing_and_verification/php/composer.lock create mode 100644 utilities/signing_and_verification/php/src/.env create mode 100644 utilities/signing_and_verification/php/src/index.php create mode 100644 utilities/signing_and_verification/php/vendor/autoload.php create mode 100644 utilities/signing_and_verification/php/vendor/composer/ClassLoader.php create mode 100644 utilities/signing_and_verification/php/vendor/composer/InstalledVersions.php create mode 100644 utilities/signing_and_verification/php/vendor/composer/LICENSE create mode 100644 utilities/signing_and_verification/php/vendor/composer/autoload_classmap.php create mode 100644 utilities/signing_and_verification/php/vendor/composer/autoload_files.php create mode 100644 utilities/signing_and_verification/php/vendor/composer/autoload_namespaces.php create mode 100644 utilities/signing_and_verification/php/vendor/composer/autoload_psr4.php create mode 100644 utilities/signing_and_verification/php/vendor/composer/autoload_real.php create mode 100644 utilities/signing_and_verification/php/vendor/composer/autoload_static.php create mode 100644 utilities/signing_and_verification/php/vendor/composer/installed.json create mode 100644 utilities/signing_and_verification/php/vendor/composer/installed.php create mode 100644 utilities/signing_and_verification/php/vendor/composer/platform_check.php create mode 100644 utilities/signing_and_verification/php/vendor/graham-campbell/result-type/LICENSE create mode 100644 utilities/signing_and_verification/php/vendor/graham-campbell/result-type/composer.json create mode 100644 utilities/signing_and_verification/php/vendor/graham-campbell/result-type/src/Error.php create mode 100644 utilities/signing_and_verification/php/vendor/graham-campbell/result-type/src/Result.php create mode 100644 utilities/signing_and_verification/php/vendor/graham-campbell/result-type/src/Success.php create mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/LICENSE.txt create mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/README.md create mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/composer.json create mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base32.php create mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base32Hex.php create mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64.php create mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64DotSlash.php create mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64DotSlashOrdered.php create mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64UrlSafe.php create mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Binary.php create mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/EncoderInterface.php create mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Encoding.php create mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Hex.php create mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/RFC4648.php create mode 100644 utilities/signing_and_verification/php/vendor/paragonie/random_compat/LICENSE create mode 100755 utilities/signing_and_verification/php/vendor/paragonie/random_compat/build-phar.sh create mode 100644 utilities/signing_and_verification/php/vendor/paragonie/random_compat/composer.json create mode 100644 utilities/signing_and_verification/php/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey create mode 100644 utilities/signing_and_verification/php/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey.asc create mode 100644 utilities/signing_and_verification/php/vendor/paragonie/random_compat/lib/random.php create mode 100644 utilities/signing_and_verification/php/vendor/paragonie/random_compat/other/build_phar.php create mode 100644 utilities/signing_and_verification/php/vendor/paragonie/random_compat/psalm-autoload.php create mode 100644 utilities/signing_and_verification/php/vendor/paragonie/random_compat/psalm.xml create mode 100644 utilities/signing_and_verification/php/vendor/phpoption/phpoption/LICENSE create mode 100644 utilities/signing_and_verification/php/vendor/phpoption/phpoption/composer.json create mode 100644 utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/LazyOption.php create mode 100644 utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/None.php create mode 100644 utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/Option.php create mode 100644 utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/Some.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/AUTHORS create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/BACKERS.md create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/LICENSE create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/README.md create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/composer.json create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Common/Functions/Strings.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/AES.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Blowfish.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/ChaCha20.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/AsymmetricKey.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/BlockCipher.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/JWK.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/OpenSSH.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PuTTY.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Signature/Raw.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/PrivateKey.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/PublicKey.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/StreamCipher.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/SymmetricKey.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Traits/Fingerprint.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Traits/PasswordProtected.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DES.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/Formats/Keys/PKCS1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/Formats/Keys/PKCS8.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/Parameters.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/PrivateKey.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/PublicKey.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/OpenSSH.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PKCS1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PKCS8.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PuTTY.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/Raw.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/XML.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/ASN1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/Raw.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/SSH2.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Parameters.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/PrivateKey.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/PublicKey.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Base.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Binary.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/KoblitzPrime.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Montgomery.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Prime.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/TwistedEdwards.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Curve25519.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Curve448.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Ed25519.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Ed448.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP160r1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP160t1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP192r1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP192t1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP224r1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP224t1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP256r1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP256t1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP320r1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP320t1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP384r1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP384t1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP512r1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP512t1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistb233.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistb409.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk163.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk233.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk283.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk409.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp192.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp224.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp256.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp384.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp521.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistt571.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime192v1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime192v2.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime192v3.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime239v1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime239v2.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime239v3.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime256v1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp112r1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp112r2.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp128r1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp128r2.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp160k1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp160r1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp160r2.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp192k1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp192r1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp224k1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp224r1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp256k1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp256r1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp384r1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp521r1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect113r1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect113r2.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect131r1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect131r2.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect163k1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect163r1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect163r2.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect193r1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect193r2.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect233k1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect233r1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect239k1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect283k1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect283r1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect409k1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect409r1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/Common.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/JWK.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPrivate.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPublic.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/OpenSSH.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS8.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PuTTY.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/XML.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/libsodium.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/ASN1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/IEEE.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/Raw.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/SSH2.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Parameters.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/PrivateKey.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/PublicKey.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Hash.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/PublicKeyLoader.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RC2.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RC4.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/JWK.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/MSBLOB.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/OpenSSH.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PKCS1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PKCS8.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PSS.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PuTTY.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/Raw.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/XML.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/PrivateKey.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/PublicKey.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Random.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Rijndael.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Salsa20.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/TripleDES.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Twofish.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/BadConfigurationException.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/BadDecryptionException.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/BadModeException.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/ConnectionClosedException.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/FileNotFoundException.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/InconsistentSetupException.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/InsufficientSetupException.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/NoKeyLoadedException.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/NoSupportedAlgorithmsException.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnableToConnectException.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedAlgorithmException.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedCurveException.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedFormatException.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedOperationException.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ANSI.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Element.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AccessDescription.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AdministrationDomainName.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AnotherName.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Attribute.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AttributeType.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AttributeTypeAndValue.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AttributeValue.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Attributes.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AuthorityInfoAccessSyntax.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AuthorityKeyIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BaseDistance.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BasicConstraints.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BuiltInDomainDefinedAttribute.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BuiltInDomainDefinedAttributes.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BuiltInStandardAttributes.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CPSuri.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CRLDistributionPoints.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CRLNumber.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CRLReason.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertPolicyId.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Certificate.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificateIssuer.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificateList.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificatePolicies.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificateSerialNumber.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificationRequest.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificationRequestInfo.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Characteristic_two.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CountryName.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Curve.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DHParameter.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DSAParams.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DSAPrivateKey.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DSAPublicKey.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DigestInfo.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DirectoryString.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DisplayText.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DistributionPoint.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DistributionPointName.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DssSigValue.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ECParameters.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ECPoint.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ECPrivateKey.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EDIPartyName.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EcdsaSigValue.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EncryptedData.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EncryptedPrivateKeyInfo.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ExtKeyUsageSyntax.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Extension.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ExtensionAttribute.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ExtensionAttributes.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Extensions.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/FieldElement.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/FieldID.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralName.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralNames.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralSubtree.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralSubtrees.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/HashAlgorithm.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/HoldInstructionCode.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/InvalidityDate.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/IssuerAltName.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/IssuingDistributionPoint.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/KeyIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/KeyPurposeId.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/KeyUsage.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/MaskGenAlgorithm.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Name.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NameConstraints.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NetworkAddress.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NoticeReference.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NumericUserIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ORAddress.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OneAsymmetricKey.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OrganizationName.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OrganizationalUnitNames.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OtherPrimeInfo.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OtherPrimeInfos.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBEParameter.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBES2params.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBKDF2params.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBMAC1params.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PKCS9String.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Pentanomial.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PersonalName.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyInformation.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyMappings.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyQualifierId.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyQualifierInfo.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PostalAddress.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Prime_p.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateDomainName.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateKey.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateKeyInfo.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateKeyUsagePeriod.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PublicKey.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PublicKeyAndChallenge.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PublicKeyInfo.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RC2CBCParameter.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RDNSequence.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RSAPrivateKey.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RSAPublicKey.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RSASSA_PSS_params.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ReasonFlags.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RelativeDistinguishedName.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RevokedCertificate.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SignedPublicKeyAndChallenge.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SpecifiedECDomain.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectAltName.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectDirectoryAttributes.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectInfoAccessSyntax.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectPublicKeyInfo.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TBSCertList.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TBSCertificate.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TerminalIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Time.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Trinomial.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/UniqueIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/UserNotice.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Validity.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/netscape_ca_policy_url.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/netscape_cert_type.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/netscape_comment.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/X509.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Base.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/BuiltIn.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/DefaultEngine.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/OpenSSL.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/Barrett.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/EvalBarrett.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/Engine.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/GMP.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/GMP/DefaultEngine.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/OpenSSL.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Base.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/DefaultEngine.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Montgomery.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/OpenSSL.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Barrett.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Classic.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/EvalBarrett.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Montgomery.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/MontgomeryMult.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/PowerOfTwo.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP32.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP64.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BinaryField.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BinaryField/Integer.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/Common/FiniteField.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/Common/FiniteField/Integer.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/PrimeField.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/PrimeField/Integer.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Net/SFTP.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Net/SFTP/Stream.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Net/SSH2.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Agent.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Agent/Identity.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Common/Traits/ReadBytes.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/bootstrap.php create mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/openssl.cnf create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/LICENSE create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/README.md create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/composer.json create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Component/Identifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Component/Length.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/DERData.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Element.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Exception/DecodeException.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Feature/ElementBase.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Feature/Encodable.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Feature/Stringable.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/BaseString.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/BaseTime.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Constructed/ConstructedString.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Constructed/Sequence.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Constructed/Set.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/BMPString.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/BitString.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Boolean.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/CharacterString.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/EOC.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Enumerated.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/GeneralString.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/GeneralizedTime.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/GraphicString.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/IA5String.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Integer.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/NullType.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/NumericString.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/ObjectDescriptor.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/ObjectIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/OctetString.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/PrintableString.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Real.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/RelativeOID.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/T61String.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/UTCTime.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/UTF8String.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/UniversalString.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/VideotexString.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/VisibleString.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/PrimitiveString.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/PrimitiveType.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/StringType.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Structure.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ApplicationType.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ContextSpecificType.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/DERTaggedType.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ExplicitTagging.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ExplicitlyTaggedType.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ImplicitTagging.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ImplicitlyTaggedType.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/PrivateType.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/TaggedTypeWrap.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/TaggedType.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/TimeType.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/UniversalClass.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/UnspecifiedType.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Util/BigInt.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Util/Flags.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-encoding/LICENSE create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-encoding/README.md create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-encoding/composer.json create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-encoding/lib/CryptoEncoding/PEM.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-encoding/lib/CryptoEncoding/PEMBundle.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/LICENSE create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/README.md create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/composer.json create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/AlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/AlgorithmIdentifierFactory.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/AlgorithmIdentifierProvider.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/ECPublicKeyAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/Ed25519AlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/Ed448AlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/RFC8410EdAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/RFC8410XAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/RSAEncryptionAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/X25519AlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/X448AlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AES128CBCAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AES192CBCAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AES256CBCAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AESCBCAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/BlockCipherAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/CipherAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/DESCBCAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/DESEDE3CBCAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/RC2CBCAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Feature/AlgorithmIdentifierType.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Feature/AsymmetricCryptoAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Feature/EncryptionAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Feature/HashAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Feature/PRFAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Feature/SignatureAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/GenericAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA1AlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA224AlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA256AlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA384AlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA512AlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/MD5AlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/RFC4231HMACAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA1AlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA224AlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA256AlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA2AlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA384AlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA512AlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA1AlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA224AlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA256AlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA384AlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA512AlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECSignatureAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/MD2WithRSAEncryptionAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/MD4WithRSAEncryptionAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/MD5WithRSAEncryptionAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/RFC3279RSASignatureAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/RFC4055RSASignatureAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/RSASignatureAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA1WithRSAEncryptionAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA224WithRSAEncryptionAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA256WithRSAEncryptionAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA384WithRSAEncryptionAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA512WithRSAEncryptionAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SignatureAlgorithmIdentifierFactory.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/SpecificAlgorithmIdentifier.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/Attribute/OneAsymmetricKeyAttributes.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/EC/ECConversion.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/EC/ECPrivateKey.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/EC/ECPublicKey.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/OneAsymmetricKey.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PrivateKey.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PrivateKeyInfo.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PublicKey.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PublicKeyInfo.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/Curve25519PrivateKey.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/Curve25519PublicKey.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/Ed25519PrivateKey.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/Ed25519PublicKey.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/X25519PrivateKey.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/X25519PublicKey.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve448/Ed448PrivateKey.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve448/Ed448PublicKey.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve448/X448PrivateKey.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve448/X448PublicKey.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/RFC8410PrivateKey.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/RFC8410PublicKey.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RSA/RSAPrivateKey.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RSA/RSAPublicKey.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/ECSignature.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/Ed25519Signature.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/Ed448Signature.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/GenericSignature.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/RSASignature.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/Signature.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/LICENSE create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/README.md create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/composer.json create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Attribute.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeType.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeTypeAndValue.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/AttributeValue.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/CommonNameValue.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/CountryNameValue.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/DescriptionValue.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/Feature/DirectoryString.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/Feature/PrintableStringValue.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/GivenNameValue.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/LocalityNameValue.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/NameValue.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/OrganizationNameValue.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/OrganizationalUnitNameValue.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/PseudonymValue.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/SerialNumberValue.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/StateOrProvinceNameValue.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/SurnameValue.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/TitleValue.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/UnknownAttributeValue.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Collection/AttributeCollection.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Collection/SequenceOfAttributes.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Collection/SetOfAttributes.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Feature/TypedAttribute.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Name.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/RDN.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/DN/DNParser.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/MatchingRule/BinaryMatch.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/MatchingRule/CaseExactMatch.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/MatchingRule/CaseIgnoreMatch.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/MatchingRule/MatchingRule.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/MatchingRule/StringPrepMatchingRule.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/CheckBidiStep.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/InsignificantNonSubstringSpaceStep.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/MapStep.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/NormalizeStep.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/PrepareStep.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/ProhibitStep.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/StringPreparer.php create mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/TranscodeStep.php create mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/Ctype.php create mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/LICENSE create mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/README.md create mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/bootstrap.php create mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/bootstrap80.php create mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/composer.json create mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/LICENSE create mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Mbstring.php create mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/README.md create mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Resources/unidata/caseFolding.php create mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Resources/unidata/lowerCase.php create mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Resources/unidata/titleCaseRegexp.php create mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Resources/unidata/upperCase.php create mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/bootstrap.php create mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/bootstrap80.php create mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/composer.json create mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/LICENSE create mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Php80.php create mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/PhpToken.php create mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/README.md create mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/Attribute.php create mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/PhpToken.php create mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/Stringable.php create mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/UnhandledMatchError.php create mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/ValueError.php create mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/bootstrap.php create mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/composer.json create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/LICENSE create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/composer.json create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Dotenv.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Exception/ExceptionInterface.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Exception/InvalidEncodingException.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Exception/InvalidFileException.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Exception/InvalidPathException.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Exception/ValidationException.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Loader/Loader.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Loader/LoaderInterface.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Loader/Resolver.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Entry.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/EntryParser.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Lexer.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Lines.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Parser.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/ParserInterface.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Value.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/AdapterInterface.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ApacheAdapter.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ArrayAdapter.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/EnvConstAdapter.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/GuardedWriter.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ImmutableWriter.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/MultiReader.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/MultiWriter.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/PutenvAdapter.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ReaderInterface.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ReplacingWriter.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ServerConstAdapter.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/WriterInterface.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/AdapterRepository.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/RepositoryBuilder.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/RepositoryInterface.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/File/Paths.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/File/Reader.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/FileStore.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/StoreBuilder.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/StoreInterface.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/StringStore.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Util/Regex.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Util/Str.php create mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Validator.php diff --git a/utilities/signing_and_verification/php/.gitignore b/utilities/signing_and_verification/php/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/utilities/signing_and_verification/php/composer.json b/utilities/signing_and_verification/php/composer.json new file mode 100644 index 0000000..3e6e13a --- /dev/null +++ b/utilities/signing_and_verification/php/composer.json @@ -0,0 +1,14 @@ +{ + "name": "charnpreet/signver", + "type": "project", + "autoload": { + "psr-4": { + "Charnpreet\\Signver\\": "src/" + } + }, + "require": { + "vlucas/phpdotenv": "^5.6", + "sop/crypto-types": "dev-master", + "phpseclib/phpseclib": "^3.0" + } +} diff --git a/utilities/signing_and_verification/php/composer.lock b/utilities/signing_and_verification/php/composer.lock new file mode 100644 index 0000000..1b0e924 --- /dev/null +++ b/utilities/signing_and_verification/php/composer.lock @@ -0,0 +1,940 @@ +{ + "_readme": [ + "This file locks the dependencies of your project to a known state", + "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", + "This file is @generated automatically" + ], + "content-hash": "eec5a6c56eb5dcc64208c9c65fac635b", + "packages": [ + { + "name": "graham-campbell/result-type", + "version": "v1.1.2", + "source": { + "type": "git", + "url": "https://github.com/GrahamCampbell/Result-Type.git", + "reference": "fbd48bce38f73f8a4ec8583362e732e4095e5862" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/GrahamCampbell/Result-Type/zipball/fbd48bce38f73f8a4ec8583362e732e4095e5862", + "reference": "fbd48bce38f73f8a4ec8583362e732e4095e5862", + "shasum": "" + }, + "require": { + "php": "^7.2.5 || ^8.0", + "phpoption/phpoption": "^1.9.2" + }, + "require-dev": { + "phpunit/phpunit": "^8.5.34 || ^9.6.13 || ^10.4.2" + }, + "type": "library", + "autoload": { + "psr-4": { + "GrahamCampbell\\ResultType\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Graham Campbell", + "email": "hello@gjcampbell.co.uk", + "homepage": "https://github.com/GrahamCampbell" + } + ], + "description": "An Implementation Of The Result Type", + "keywords": [ + "Graham Campbell", + "GrahamCampbell", + "Result Type", + "Result-Type", + "result" + ], + "support": { + "issues": "https://github.com/GrahamCampbell/Result-Type/issues", + "source": "https://github.com/GrahamCampbell/Result-Type/tree/v1.1.2" + }, + "funding": [ + { + "url": "https://github.com/GrahamCampbell", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/graham-campbell/result-type", + "type": "tidelift" + } + ], + "time": "2023-11-12T22:16:48+00:00" + }, + { + "name": "paragonie/constant_time_encoding", + "version": "v2.6.3", + "source": { + "type": "git", + "url": "https://github.com/paragonie/constant_time_encoding.git", + "reference": "58c3f47f650c94ec05a151692652a868995d2938" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/paragonie/constant_time_encoding/zipball/58c3f47f650c94ec05a151692652a868995d2938", + "reference": "58c3f47f650c94ec05a151692652a868995d2938", + "shasum": "" + }, + "require": { + "php": "^7|^8" + }, + "require-dev": { + "phpunit/phpunit": "^6|^7|^8|^9", + "vimeo/psalm": "^1|^2|^3|^4" + }, + "type": "library", + "autoload": { + "psr-4": { + "ParagonIE\\ConstantTime\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Paragon Initiative Enterprises", + "email": "security@paragonie.com", + "homepage": "https://paragonie.com", + "role": "Maintainer" + }, + { + "name": "Steve 'Sc00bz' Thomas", + "email": "steve@tobtu.com", + "homepage": "https://www.tobtu.com", + "role": "Original Developer" + } + ], + "description": "Constant-time Implementations of RFC 4648 Encoding (Base-64, Base-32, Base-16)", + "keywords": [ + "base16", + "base32", + "base32_decode", + "base32_encode", + "base64", + "base64_decode", + "base64_encode", + "bin2hex", + "encoding", + "hex", + "hex2bin", + "rfc4648" + ], + "support": { + "email": "info@paragonie.com", + "issues": "https://github.com/paragonie/constant_time_encoding/issues", + "source": "https://github.com/paragonie/constant_time_encoding" + }, + "time": "2022-06-14T06:56:20+00:00" + }, + { + "name": "paragonie/random_compat", + "version": "v9.99.100", + "source": { + "type": "git", + "url": "https://github.com/paragonie/random_compat.git", + "reference": "996434e5492cb4c3edcb9168db6fbb1359ef965a" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/paragonie/random_compat/zipball/996434e5492cb4c3edcb9168db6fbb1359ef965a", + "reference": "996434e5492cb4c3edcb9168db6fbb1359ef965a", + "shasum": "" + }, + "require": { + "php": ">= 7" + }, + "require-dev": { + "phpunit/phpunit": "4.*|5.*", + "vimeo/psalm": "^1" + }, + "suggest": { + "ext-libsodium": "Provides a modern crypto API that can be used to generate random bytes." + }, + "type": "library", + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Paragon Initiative Enterprises", + "email": "security@paragonie.com", + "homepage": "https://paragonie.com" + } + ], + "description": "PHP 5.x polyfill for random_bytes() and random_int() from PHP 7", + "keywords": [ + "csprng", + "polyfill", + "pseudorandom", + "random" + ], + "support": { + "email": "info@paragonie.com", + "issues": "https://github.com/paragonie/random_compat/issues", + "source": "https://github.com/paragonie/random_compat" + }, + "time": "2020-10-15T08:29:30+00:00" + }, + { + "name": "phpoption/phpoption", + "version": "1.9.2", + "source": { + "type": "git", + "url": "https://github.com/schmittjoh/php-option.git", + "reference": "80735db690fe4fc5c76dfa7f9b770634285fa820" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/schmittjoh/php-option/zipball/80735db690fe4fc5c76dfa7f9b770634285fa820", + "reference": "80735db690fe4fc5c76dfa7f9b770634285fa820", + "shasum": "" + }, + "require": { + "php": "^7.2.5 || ^8.0" + }, + "require-dev": { + "bamarni/composer-bin-plugin": "^1.8.2", + "phpunit/phpunit": "^8.5.34 || ^9.6.13 || ^10.4.2" + }, + "type": "library", + "extra": { + "bamarni-bin": { + "bin-links": true, + "forward-command": true + }, + "branch-alias": { + "dev-master": "1.9-dev" + } + }, + "autoload": { + "psr-4": { + "PhpOption\\": "src/PhpOption/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "Apache-2.0" + ], + "authors": [ + { + "name": "Johannes M. Schmitt", + "email": "schmittjoh@gmail.com", + "homepage": "https://github.com/schmittjoh" + }, + { + "name": "Graham Campbell", + "email": "hello@gjcampbell.co.uk", + "homepage": "https://github.com/GrahamCampbell" + } + ], + "description": "Option Type for PHP", + "keywords": [ + "language", + "option", + "php", + "type" + ], + "support": { + "issues": "https://github.com/schmittjoh/php-option/issues", + "source": "https://github.com/schmittjoh/php-option/tree/1.9.2" + }, + "funding": [ + { + "url": "https://github.com/GrahamCampbell", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/phpoption/phpoption", + "type": "tidelift" + } + ], + "time": "2023-11-12T21:59:55+00:00" + }, + { + "name": "phpseclib/phpseclib", + "version": "3.0.35", + "source": { + "type": "git", + "url": "https://github.com/phpseclib/phpseclib.git", + "reference": "4b1827beabce71953ca479485c0ae9c51287f2fe" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/4b1827beabce71953ca479485c0ae9c51287f2fe", + "reference": "4b1827beabce71953ca479485c0ae9c51287f2fe", + "shasum": "" + }, + "require": { + "paragonie/constant_time_encoding": "^1|^2", + "paragonie/random_compat": "^1.4|^2.0|^9.99.99", + "php": ">=5.6.1" + }, + "require-dev": { + "phpunit/phpunit": "*" + }, + "suggest": { + "ext-dom": "Install the DOM extension to load XML formatted public keys.", + "ext-gmp": "Install the GMP (GNU Multiple Precision) extension in order to speed up arbitrary precision integer arithmetic operations.", + "ext-libsodium": "SSH2/SFTP can make use of some algorithms provided by the libsodium-php extension.", + "ext-mcrypt": "Install the Mcrypt extension in order to speed up a few other cryptographic operations.", + "ext-openssl": "Install the OpenSSL extension in order to speed up a wide variety of cryptographic operations." + }, + "type": "library", + "autoload": { + "files": [ + "phpseclib/bootstrap.php" + ], + "psr-4": { + "phpseclib3\\": "phpseclib/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Jim Wigginton", + "email": "terrafrost@php.net", + "role": "Lead Developer" + }, + { + "name": "Patrick Monnerat", + "email": "pm@datasphere.ch", + "role": "Developer" + }, + { + "name": "Andreas Fischer", + "email": "bantu@phpbb.com", + "role": "Developer" + }, + { + "name": "Hans-Jürgen Petrich", + "email": "petrich@tronic-media.com", + "role": "Developer" + }, + { + "name": "Graham Campbell", + "email": "graham@alt-three.com", + "role": "Developer" + } + ], + "description": "PHP Secure Communications Library - Pure-PHP implementations of RSA, AES, SSH2, SFTP, X.509 etc.", + "homepage": "http://phpseclib.sourceforge.net", + "keywords": [ + "BigInteger", + "aes", + "asn.1", + "asn1", + "blowfish", + "crypto", + "cryptography", + "encryption", + "rsa", + "security", + "sftp", + "signature", + "signing", + "ssh", + "twofish", + "x.509", + "x509" + ], + "support": { + "issues": "https://github.com/phpseclib/phpseclib/issues", + "source": "https://github.com/phpseclib/phpseclib/tree/3.0.35" + }, + "funding": [ + { + "url": "https://github.com/terrafrost", + "type": "github" + }, + { + "url": "https://www.patreon.com/phpseclib", + "type": "patreon" + }, + { + "url": "https://tidelift.com/funding/github/packagist/phpseclib/phpseclib", + "type": "tidelift" + } + ], + "time": "2023-12-29T01:59:53+00:00" + }, + { + "name": "sop/asn1", + "version": "4.1.1", + "source": { + "type": "git", + "url": "https://github.com/sop/asn1.git", + "reference": "074efe8f7c353c54edc809ac3d74efda83edd776" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sop/asn1/zipball/074efe8f7c353c54edc809ac3d74efda83edd776", + "reference": "074efe8f7c353c54edc809ac3d74efda83edd776", + "shasum": "" + }, + "require": { + "ext-gmp": "*", + "ext-mbstring": "*", + "php": ">=7.2" + }, + "require-dev": { + "phpunit/phpunit": "^8.1" + }, + "type": "library", + "autoload": { + "psr-4": { + "Sop\\ASN1\\": "lib/ASN1/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Joni Eskelinen", + "email": "jonieske@gmail.com", + "role": "Developer" + } + ], + "description": "A PHP library for X.690 ASN.1 DER encoding and decoding.", + "homepage": "https://github.com/sop/asn1", + "keywords": [ + "DER", + "asn.1", + "asn1", + "x.690", + "x690" + ], + "support": { + "issues": "https://github.com/sop/asn1/issues", + "source": "https://github.com/sop/asn1/tree/4.1.1" + }, + "time": "2022-02-17T07:08:51+00:00" + }, + { + "name": "sop/crypto-encoding", + "version": "0.3.0", + "source": { + "type": "git", + "url": "https://github.com/sop/crypto-encoding.git", + "reference": "07537353e1b0e76c382a58a9c6e041b7c7dc9052" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sop/crypto-encoding/zipball/07537353e1b0e76c382a58a9c6e041b7c7dc9052", + "reference": "07537353e1b0e76c382a58a9c6e041b7c7dc9052", + "shasum": "" + }, + "require": { + "php": ">=7.2" + }, + "require-dev": { + "phpunit/phpunit": "^8.1" + }, + "type": "library", + "autoload": { + "psr-4": { + "Sop\\CryptoEncoding\\": "lib/CryptoEncoding/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Joni Eskelinen", + "email": "jonieske@gmail.com", + "role": "Developer" + } + ], + "description": "A PHP implementation of textual encodings of cryptographic structures.", + "homepage": "https://github.com/sop/crypto-encoding", + "keywords": [ + "Private Key", + "certificate", + "pem", + "public key" + ], + "support": { + "issues": "https://github.com/sop/crypto-encoding/issues", + "source": "https://github.com/sop/crypto-encoding/tree/master" + }, + "time": "2019-05-22T11:46:12+00:00" + }, + { + "name": "sop/crypto-types", + "version": "dev-master", + "source": { + "type": "git", + "url": "https://github.com/sop/crypto-types.git", + "reference": "92fd19ebd5d9aecdaef919e08296a2ef79a2e80f" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sop/crypto-types/zipball/92fd19ebd5d9aecdaef919e08296a2ef79a2e80f", + "reference": "92fd19ebd5d9aecdaef919e08296a2ef79a2e80f", + "shasum": "" + }, + "require": { + "ext-gmp": "*", + "php": ">=7.2", + "sop/asn1": "^4.0.0", + "sop/crypto-encoding": "^0.3.0", + "sop/x501": "0.6.1" + }, + "require-dev": { + "phpunit/phpunit": "^8.1" + }, + "default-branch": true, + "type": "library", + "autoload": { + "psr-4": { + "Sop\\CryptoTypes\\": "lib/CryptoTypes/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Joni Eskelinen", + "email": "jonieske@gmail.com", + "role": "Developer" + } + ], + "description": "A PHP library of various ASN.1 types for cryptographic applications.", + "homepage": "https://github.com/sop/crypto-types", + "keywords": [ + "Private Key", + "algorithm identifier", + "asn1", + "cryptography", + "ec", + "public key", + "rsa", + "signature" + ], + "support": { + "issues": "https://github.com/sop/crypto-types/issues", + "source": "https://github.com/sop/crypto-types/tree/master" + }, + "time": "2021-08-11T06:56:21+00:00" + }, + { + "name": "sop/x501", + "version": "0.6.1", + "source": { + "type": "git", + "url": "https://github.com/sop/x501.git", + "reference": "7978bfac25ff73c4c20bed0794d4d88cca8f6895" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sop/x501/zipball/7978bfac25ff73c4c20bed0794d4d88cca8f6895", + "reference": "7978bfac25ff73c4c20bed0794d4d88cca8f6895", + "shasum": "" + }, + "require": { + "ext-intl": "*", + "ext-mbstring": "*", + "php": ">=7.2", + "sop/asn1": "^4.0.0" + }, + "require-dev": { + "phpunit/phpunit": "^8.1" + }, + "type": "library", + "autoload": { + "psr-4": { + "Sop\\X501\\": "lib/X501/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Joni Eskelinen", + "email": "jonieske@gmail.com", + "role": "Developer" + } + ], + "description": "A PHP library for X.501 ASN.1 types, X.520 attributes and DN parsing.", + "homepage": "https://github.com/sop/x501", + "keywords": [ + "attribute", + "dn", + "ldap", + "rdn", + "x.501", + "x.520", + "x501", + "x520" + ], + "support": { + "issues": "https://github.com/sop/x501/issues", + "source": "https://github.com/sop/x501/tree/0.6.1" + }, + "time": "2019-06-27T10:30:28+00:00" + }, + { + "name": "symfony/polyfill-ctype", + "version": "v1.28.0", + "source": { + "type": "git", + "url": "https://github.com/symfony/polyfill-ctype.git", + "reference": "ea208ce43cbb04af6867b4fdddb1bdbf84cc28cb" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/ea208ce43cbb04af6867b4fdddb1bdbf84cc28cb", + "reference": "ea208ce43cbb04af6867b4fdddb1bdbf84cc28cb", + "shasum": "" + }, + "require": { + "php": ">=7.1" + }, + "provide": { + "ext-ctype": "*" + }, + "suggest": { + "ext-ctype": "For best performance" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-main": "1.28-dev" + }, + "thanks": { + "name": "symfony/polyfill", + "url": "https://github.com/symfony/polyfill" + } + }, + "autoload": { + "files": [ + "bootstrap.php" + ], + "psr-4": { + "Symfony\\Polyfill\\Ctype\\": "" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Gert de Pagter", + "email": "BackEndTea@gmail.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony polyfill for ctype functions", + "homepage": "https://symfony.com", + "keywords": [ + "compatibility", + "ctype", + "polyfill", + "portable" + ], + "support": { + "source": "https://github.com/symfony/polyfill-ctype/tree/v1.28.0" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2023-01-26T09:26:14+00:00" + }, + { + "name": "symfony/polyfill-mbstring", + "version": "v1.28.0", + "source": { + "type": "git", + "url": "https://github.com/symfony/polyfill-mbstring.git", + "reference": "42292d99c55abe617799667f454222c54c60e229" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/42292d99c55abe617799667f454222c54c60e229", + "reference": "42292d99c55abe617799667f454222c54c60e229", + "shasum": "" + }, + "require": { + "php": ">=7.1" + }, + "provide": { + "ext-mbstring": "*" + }, + "suggest": { + "ext-mbstring": "For best performance" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-main": "1.28-dev" + }, + "thanks": { + "name": "symfony/polyfill", + "url": "https://github.com/symfony/polyfill" + } + }, + "autoload": { + "files": [ + "bootstrap.php" + ], + "psr-4": { + "Symfony\\Polyfill\\Mbstring\\": "" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Nicolas Grekas", + "email": "p@tchwork.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony polyfill for the Mbstring extension", + "homepage": "https://symfony.com", + "keywords": [ + "compatibility", + "mbstring", + "polyfill", + "portable", + "shim" + ], + "support": { + "source": "https://github.com/symfony/polyfill-mbstring/tree/v1.28.0" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2023-07-28T09:04:16+00:00" + }, + { + "name": "symfony/polyfill-php80", + "version": "v1.28.0", + "source": { + "type": "git", + "url": "https://github.com/symfony/polyfill-php80.git", + "reference": "6caa57379c4aec19c0a12a38b59b26487dcfe4b5" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/6caa57379c4aec19c0a12a38b59b26487dcfe4b5", + "reference": "6caa57379c4aec19c0a12a38b59b26487dcfe4b5", + "shasum": "" + }, + "require": { + "php": ">=7.1" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-main": "1.28-dev" + }, + "thanks": { + "name": "symfony/polyfill", + "url": "https://github.com/symfony/polyfill" + } + }, + "autoload": { + "files": [ + "bootstrap.php" + ], + "psr-4": { + "Symfony\\Polyfill\\Php80\\": "" + }, + "classmap": [ + "Resources/stubs" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Ion Bazan", + "email": "ion.bazan@gmail.com" + }, + { + "name": "Nicolas Grekas", + "email": "p@tchwork.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony polyfill backporting some PHP 8.0+ features to lower PHP versions", + "homepage": "https://symfony.com", + "keywords": [ + "compatibility", + "polyfill", + "portable", + "shim" + ], + "support": { + "source": "https://github.com/symfony/polyfill-php80/tree/v1.28.0" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2023-01-26T09:26:14+00:00" + }, + { + "name": "vlucas/phpdotenv", + "version": "v5.6.0", + "source": { + "type": "git", + "url": "https://github.com/vlucas/phpdotenv.git", + "reference": "2cf9fb6054c2bb1d59d1f3817706ecdb9d2934c4" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/vlucas/phpdotenv/zipball/2cf9fb6054c2bb1d59d1f3817706ecdb9d2934c4", + "reference": "2cf9fb6054c2bb1d59d1f3817706ecdb9d2934c4", + "shasum": "" + }, + "require": { + "ext-pcre": "*", + "graham-campbell/result-type": "^1.1.2", + "php": "^7.2.5 || ^8.0", + "phpoption/phpoption": "^1.9.2", + "symfony/polyfill-ctype": "^1.24", + "symfony/polyfill-mbstring": "^1.24", + "symfony/polyfill-php80": "^1.24" + }, + "require-dev": { + "bamarni/composer-bin-plugin": "^1.8.2", + "ext-filter": "*", + "phpunit/phpunit": "^8.5.34 || ^9.6.13 || ^10.4.2" + }, + "suggest": { + "ext-filter": "Required to use the boolean validator." + }, + "type": "library", + "extra": { + "bamarni-bin": { + "bin-links": true, + "forward-command": true + }, + "branch-alias": { + "dev-master": "5.6-dev" + } + }, + "autoload": { + "psr-4": { + "Dotenv\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Graham Campbell", + "email": "hello@gjcampbell.co.uk", + "homepage": "https://github.com/GrahamCampbell" + }, + { + "name": "Vance Lucas", + "email": "vance@vancelucas.com", + "homepage": "https://github.com/vlucas" + } + ], + "description": "Loads environment variables from `.env` to `getenv()`, `$_ENV` and `$_SERVER` automagically.", + "keywords": [ + "dotenv", + "env", + "environment" + ], + "support": { + "issues": "https://github.com/vlucas/phpdotenv/issues", + "source": "https://github.com/vlucas/phpdotenv/tree/v5.6.0" + }, + "funding": [ + { + "url": "https://github.com/GrahamCampbell", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/vlucas/phpdotenv", + "type": "tidelift" + } + ], + "time": "2023-11-12T22:43:29+00:00" + } + ], + "packages-dev": [], + "aliases": [], + "minimum-stability": "stable", + "stability-flags": { + "sop/crypto-types": 20 + }, + "prefer-stable": false, + "prefer-lowest": false, + "platform": [], + "platform-dev": [], + "plugin-api-version": "2.6.0" +} diff --git a/utilities/signing_and_verification/php/src/.env b/utilities/signing_and_verification/php/src/.env new file mode 100644 index 0000000..0bb1ff8 --- /dev/null +++ b/utilities/signing_and_verification/php/src/.env @@ -0,0 +1,4 @@ +PRIVATE_KEY="3LFlZAAuAMyppOq35pGz1b6ujlX4PAcEuGmMe6ONGuqyx2kXoC1/oh/VzDUzVSMdCqx2yZ3wtqTuoAvN58U5xg==" +PUBLIC_KEY="ssdpF6Atf6If1cw1M1UjHQqsdsmd8Lak7qALzefFOcY=" +SUBSCRIBER_ID="subscriber_id" +UNIQUE_KEY_ID="ukid" \ No newline at end of file diff --git a/utilities/signing_and_verification/php/src/index.php b/utilities/signing_and_verification/php/src/index.php new file mode 100644 index 0000000..fe84563 --- /dev/null +++ b/utilities/signing_and_verification/php/src/index.php @@ -0,0 +1,135 @@ +load(); + +function hash_msg(string $msg): string{ + return base64_encode(sodium_crypto_generichash($msg,"",64)); +} + +function create_signing_string(string $digest_base64, string $created=null, string $expires=null): string { + $now = new DateTime(); + $one_hour = new DateInterval("PT1H"); + + + if ($created == null) { + $created = $now->getTimestamp(); + } + + if ($expires == null) { + $expires = $now->add($one_hour)->getTimestamp(); + } + + $signing_string = "(created): $created\n(expires): $expires\ndigest: BLAKE-512=$digest_base64"; + return $signing_string; +} + +function sign_response(string $signing_key, string $private_key): string { + return base64_encode(sodium_crypto_sign_detached($signing_key, base64_decode($private_key))); +} + +function verify_response(string $signature, string $signing_key, string $public_key): bool { + return sodium_crypto_sign_verify_detached(base64_decode($signature), $signing_key, base64_decode($public_key)); +} + +function create_authorisation_header(string $request_body, string $created=null, string $expires=null) { + $now = new DateTime(); + $one_hour = new DateInterval("PT1H"); + + if($created == null) { + $created = $now->getTimestamp(); + } + + if($expires == null) { + $expires = $now->add($one_hour)->getTimeStamp(); + } + + $signing_key = create_signing_string(hash_msg($request_body), $created, $expires); + $signature = sign_response($signing_key, $_ENV['PRIVATE_KEY']); + + $subscriber_id = $_ENV['SUBSCRIBER_ID']; + $unique_key_id = $_ENV['UNIQUE_KEY_ID']; + + $header = "Signature keyId=\"$subscriber_id|$unique_key_id|ed25519\",algorithm=\"ed25519\",created=\"$created\",expires=\"$expires\",headers=\"($created) ($expires) digest\",signature=\"$signature\""; + return $header; +} + +// util +function get_filter_dict(string $filter_string) { + $filter_string_list = preg_split("/,/", $filter_string); + $filter_string_list = array_map(function($item) { return trim($item, " \n\r\t\v\0\""); }, $filter_string_list); + $filter_string_dict = []; + foreach($filter_string_list as $item) { + $split_item = preg_split("/=/", $item, 2); + $filter_string_dict[$split_item[0]] = trim($split_item[1], " \n\r\t\v\0\""); + } + return $filter_string_dict; +} + +function verify_authorisation_header(string $auth_header, string $request_body_str, string $public_key): bool { + $auth_header = str_replace("Signature ", "", $auth_header); + $header_parts = get_filter_dict($auth_header); + $created = (int) $header_parts["created"]; + $expires = (int) $header_parts["expires"]; + + $now = new DateTime(); + if ($created <= $now->getTimestamp() && $expires >= $now->getTimestamp()) { + $signing_key = create_signing_string(hash_msg($request_body_str), $created, $expires); + return verify_response($header_parts['signature'], $signing_key, $public_key); + } + return false; +} + +function gen_keys() { + $signkeypair = sodium_crypto_sign_keypair(); + $signprivkey = sodium_crypto_sign_secretkey($signkeypair); + $signpubkey = sodium_crypto_sign_publickey($signkeypair); + + // using libsodium + $enckeypair = sodium_crypto_box_keypair(); + $encprivkey = sodium_crypto_box_secretkey($enckeypair); + $encpubkey = sodium_crypto_box_publickey($enckeypair); + + // $openssl = openssl_pkey_get_private($encprivkey); + + echo "Encryption priv key: ", base64_encode($encprivkey), "\n"; + $encprivkey = new OneAsymmetricKey(new X25519AlgorithmIdentifier(), "\x04\x20".$encprivkey); + $encpubkey = new PublicKeyInfo(new X25519AlgorithmIdentifier(), new BitString($encpubkey)); + + echo "Signing priv key: ", base64_encode($signprivkey), "\n"; + echo "Signing pub key: ", base64_encode($signpubkey), "\n"; + echo "Encryption priv key: ", base64_encode($encprivkey->toDER()), "\n"; + echo "Encryption pub key: ", base64_encode($encpubkey->toDER()), "\n"; +} + +function encrypt(string $crypto_private_key, string $crypto_public_key, ?string $message=null): string { + $pkey = OneAsymmetricKey::fromDER(base64_decode($crypto_private_key)); + $pubkey = PublicKeyInfo::fromDER(base64_decode($crypto_public_key)); + $pkey = hex2bin(str_replace("0420","", bin2hex($pkey->privateKeyData()))); + $shkey = sodium_crypto_box_keypair_from_secretkey_and_publickey($pkey, $pubkey->publicKeyData()); + $shpkey = sodium_crypto_box_secretkey($shkey); + + $cipher = new AES('ecb'); + $cipher->setKey($shpkey); + return base64_encode($cipher->encrypt($message == null ? 'ONDC is a great initiative!':$message)); +} + +function decrypt(string $crypto_private_key, string $crypto_public_key, string $cipher_text): string { + $pkey = OneAsymmetricKey::fromDER(base64_decode($crypto_private_key)); + $pubkey = PublicKeyInfo::fromDER(base64_decode($crypto_public_key)); + $pkey = hex2bin(str_replace("0420","", bin2hex($pkey->privateKeyData()))); + $shkey = sodium_crypto_box_keypair_from_secretkey_and_publickey($pkey, $pubkey->publicKeyData()); + $shpkey = sodium_crypto_box_secretkey($shkey); + + $cipher = new AES('ecb'); + $cipher->setKey($shpkey); + return ($cipher->decrypt(base64_decode($cipher_text))); +} \ No newline at end of file diff --git a/utilities/signing_and_verification/php/vendor/autoload.php b/utilities/signing_and_verification/php/vendor/autoload.php new file mode 100644 index 0000000..e8ac887 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/autoload.php @@ -0,0 +1,25 @@ + + * Jordi Boggiano + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Composer\Autoload; + +/** + * ClassLoader implements a PSR-0, PSR-4 and classmap class loader. + * + * $loader = new \Composer\Autoload\ClassLoader(); + * + * // register classes with namespaces + * $loader->add('Symfony\Component', __DIR__.'/component'); + * $loader->add('Symfony', __DIR__.'/framework'); + * + * // activate the autoloader + * $loader->register(); + * + * // to enable searching the include path (eg. for PEAR packages) + * $loader->setUseIncludePath(true); + * + * In this example, if you try to use a class in the Symfony\Component + * namespace or one of its children (Symfony\Component\Console for instance), + * the autoloader will first look for the class under the component/ + * directory, and it will then fallback to the framework/ directory if not + * found before giving up. + * + * This class is loosely based on the Symfony UniversalClassLoader. + * + * @author Fabien Potencier + * @author Jordi Boggiano + * @see https://www.php-fig.org/psr/psr-0/ + * @see https://www.php-fig.org/psr/psr-4/ + */ +class ClassLoader +{ + /** @var \Closure(string):void */ + private static $includeFile; + + /** @var string|null */ + private $vendorDir; + + // PSR-4 + /** + * @var array> + */ + private $prefixLengthsPsr4 = array(); + /** + * @var array> + */ + private $prefixDirsPsr4 = array(); + /** + * @var list + */ + private $fallbackDirsPsr4 = array(); + + // PSR-0 + /** + * List of PSR-0 prefixes + * + * Structured as array('F (first letter)' => array('Foo\Bar (full prefix)' => array('path', 'path2'))) + * + * @var array>> + */ + private $prefixesPsr0 = array(); + /** + * @var list + */ + private $fallbackDirsPsr0 = array(); + + /** @var bool */ + private $useIncludePath = false; + + /** + * @var array + */ + private $classMap = array(); + + /** @var bool */ + private $classMapAuthoritative = false; + + /** + * @var array + */ + private $missingClasses = array(); + + /** @var string|null */ + private $apcuPrefix; + + /** + * @var array + */ + private static $registeredLoaders = array(); + + /** + * @param string|null $vendorDir + */ + public function __construct($vendorDir = null) + { + $this->vendorDir = $vendorDir; + self::initializeIncludeClosure(); + } + + /** + * @return array> + */ + public function getPrefixes() + { + if (!empty($this->prefixesPsr0)) { + return call_user_func_array('array_merge', array_values($this->prefixesPsr0)); + } + + return array(); + } + + /** + * @return array> + */ + public function getPrefixesPsr4() + { + return $this->prefixDirsPsr4; + } + + /** + * @return list + */ + public function getFallbackDirs() + { + return $this->fallbackDirsPsr0; + } + + /** + * @return list + */ + public function getFallbackDirsPsr4() + { + return $this->fallbackDirsPsr4; + } + + /** + * @return array Array of classname => path + */ + public function getClassMap() + { + return $this->classMap; + } + + /** + * @param array $classMap Class to filename map + * + * @return void + */ + public function addClassMap(array $classMap) + { + if ($this->classMap) { + $this->classMap = array_merge($this->classMap, $classMap); + } else { + $this->classMap = $classMap; + } + } + + /** + * Registers a set of PSR-0 directories for a given prefix, either + * appending or prepending to the ones previously set for this prefix. + * + * @param string $prefix The prefix + * @param list|string $paths The PSR-0 root directories + * @param bool $prepend Whether to prepend the directories + * + * @return void + */ + public function add($prefix, $paths, $prepend = false) + { + $paths = (array) $paths; + if (!$prefix) { + if ($prepend) { + $this->fallbackDirsPsr0 = array_merge( + $paths, + $this->fallbackDirsPsr0 + ); + } else { + $this->fallbackDirsPsr0 = array_merge( + $this->fallbackDirsPsr0, + $paths + ); + } + + return; + } + + $first = $prefix[0]; + if (!isset($this->prefixesPsr0[$first][$prefix])) { + $this->prefixesPsr0[$first][$prefix] = $paths; + + return; + } + if ($prepend) { + $this->prefixesPsr0[$first][$prefix] = array_merge( + $paths, + $this->prefixesPsr0[$first][$prefix] + ); + } else { + $this->prefixesPsr0[$first][$prefix] = array_merge( + $this->prefixesPsr0[$first][$prefix], + $paths + ); + } + } + + /** + * Registers a set of PSR-4 directories for a given namespace, either + * appending or prepending to the ones previously set for this namespace. + * + * @param string $prefix The prefix/namespace, with trailing '\\' + * @param list|string $paths The PSR-4 base directories + * @param bool $prepend Whether to prepend the directories + * + * @throws \InvalidArgumentException + * + * @return void + */ + public function addPsr4($prefix, $paths, $prepend = false) + { + $paths = (array) $paths; + if (!$prefix) { + // Register directories for the root namespace. + if ($prepend) { + $this->fallbackDirsPsr4 = array_merge( + $paths, + $this->fallbackDirsPsr4 + ); + } else { + $this->fallbackDirsPsr4 = array_merge( + $this->fallbackDirsPsr4, + $paths + ); + } + } elseif (!isset($this->prefixDirsPsr4[$prefix])) { + // Register directories for a new namespace. + $length = strlen($prefix); + if ('\\' !== $prefix[$length - 1]) { + throw new \InvalidArgumentException("A non-empty PSR-4 prefix must end with a namespace separator."); + } + $this->prefixLengthsPsr4[$prefix[0]][$prefix] = $length; + $this->prefixDirsPsr4[$prefix] = $paths; + } elseif ($prepend) { + // Prepend directories for an already registered namespace. + $this->prefixDirsPsr4[$prefix] = array_merge( + $paths, + $this->prefixDirsPsr4[$prefix] + ); + } else { + // Append directories for an already registered namespace. + $this->prefixDirsPsr4[$prefix] = array_merge( + $this->prefixDirsPsr4[$prefix], + $paths + ); + } + } + + /** + * Registers a set of PSR-0 directories for a given prefix, + * replacing any others previously set for this prefix. + * + * @param string $prefix The prefix + * @param list|string $paths The PSR-0 base directories + * + * @return void + */ + public function set($prefix, $paths) + { + if (!$prefix) { + $this->fallbackDirsPsr0 = (array) $paths; + } else { + $this->prefixesPsr0[$prefix[0]][$prefix] = (array) $paths; + } + } + + /** + * Registers a set of PSR-4 directories for a given namespace, + * replacing any others previously set for this namespace. + * + * @param string $prefix The prefix/namespace, with trailing '\\' + * @param list|string $paths The PSR-4 base directories + * + * @throws \InvalidArgumentException + * + * @return void + */ + public function setPsr4($prefix, $paths) + { + if (!$prefix) { + $this->fallbackDirsPsr4 = (array) $paths; + } else { + $length = strlen($prefix); + if ('\\' !== $prefix[$length - 1]) { + throw new \InvalidArgumentException("A non-empty PSR-4 prefix must end with a namespace separator."); + } + $this->prefixLengthsPsr4[$prefix[0]][$prefix] = $length; + $this->prefixDirsPsr4[$prefix] = (array) $paths; + } + } + + /** + * Turns on searching the include path for class files. + * + * @param bool $useIncludePath + * + * @return void + */ + public function setUseIncludePath($useIncludePath) + { + $this->useIncludePath = $useIncludePath; + } + + /** + * Can be used to check if the autoloader uses the include path to check + * for classes. + * + * @return bool + */ + public function getUseIncludePath() + { + return $this->useIncludePath; + } + + /** + * Turns off searching the prefix and fallback directories for classes + * that have not been registered with the class map. + * + * @param bool $classMapAuthoritative + * + * @return void + */ + public function setClassMapAuthoritative($classMapAuthoritative) + { + $this->classMapAuthoritative = $classMapAuthoritative; + } + + /** + * Should class lookup fail if not found in the current class map? + * + * @return bool + */ + public function isClassMapAuthoritative() + { + return $this->classMapAuthoritative; + } + + /** + * APCu prefix to use to cache found/not-found classes, if the extension is enabled. + * + * @param string|null $apcuPrefix + * + * @return void + */ + public function setApcuPrefix($apcuPrefix) + { + $this->apcuPrefix = function_exists('apcu_fetch') && filter_var(ini_get('apc.enabled'), FILTER_VALIDATE_BOOLEAN) ? $apcuPrefix : null; + } + + /** + * The APCu prefix in use, or null if APCu caching is not enabled. + * + * @return string|null + */ + public function getApcuPrefix() + { + return $this->apcuPrefix; + } + + /** + * Registers this instance as an autoloader. + * + * @param bool $prepend Whether to prepend the autoloader or not + * + * @return void + */ + public function register($prepend = false) + { + spl_autoload_register(array($this, 'loadClass'), true, $prepend); + + if (null === $this->vendorDir) { + return; + } + + if ($prepend) { + self::$registeredLoaders = array($this->vendorDir => $this) + self::$registeredLoaders; + } else { + unset(self::$registeredLoaders[$this->vendorDir]); + self::$registeredLoaders[$this->vendorDir] = $this; + } + } + + /** + * Unregisters this instance as an autoloader. + * + * @return void + */ + public function unregister() + { + spl_autoload_unregister(array($this, 'loadClass')); + + if (null !== $this->vendorDir) { + unset(self::$registeredLoaders[$this->vendorDir]); + } + } + + /** + * Loads the given class or interface. + * + * @param string $class The name of the class + * @return true|null True if loaded, null otherwise + */ + public function loadClass($class) + { + if ($file = $this->findFile($class)) { + $includeFile = self::$includeFile; + $includeFile($file); + + return true; + } + + return null; + } + + /** + * Finds the path to the file where the class is defined. + * + * @param string $class The name of the class + * + * @return string|false The path if found, false otherwise + */ + public function findFile($class) + { + // class map lookup + if (isset($this->classMap[$class])) { + return $this->classMap[$class]; + } + if ($this->classMapAuthoritative || isset($this->missingClasses[$class])) { + return false; + } + if (null !== $this->apcuPrefix) { + $file = apcu_fetch($this->apcuPrefix.$class, $hit); + if ($hit) { + return $file; + } + } + + $file = $this->findFileWithExtension($class, '.php'); + + // Search for Hack files if we are running on HHVM + if (false === $file && defined('HHVM_VERSION')) { + $file = $this->findFileWithExtension($class, '.hh'); + } + + if (null !== $this->apcuPrefix) { + apcu_add($this->apcuPrefix.$class, $file); + } + + if (false === $file) { + // Remember that this class does not exist. + $this->missingClasses[$class] = true; + } + + return $file; + } + + /** + * Returns the currently registered loaders keyed by their corresponding vendor directories. + * + * @return array + */ + public static function getRegisteredLoaders() + { + return self::$registeredLoaders; + } + + /** + * @param string $class + * @param string $ext + * @return string|false + */ + private function findFileWithExtension($class, $ext) + { + // PSR-4 lookup + $logicalPathPsr4 = strtr($class, '\\', DIRECTORY_SEPARATOR) . $ext; + + $first = $class[0]; + if (isset($this->prefixLengthsPsr4[$first])) { + $subPath = $class; + while (false !== $lastPos = strrpos($subPath, '\\')) { + $subPath = substr($subPath, 0, $lastPos); + $search = $subPath . '\\'; + if (isset($this->prefixDirsPsr4[$search])) { + $pathEnd = DIRECTORY_SEPARATOR . substr($logicalPathPsr4, $lastPos + 1); + foreach ($this->prefixDirsPsr4[$search] as $dir) { + if (file_exists($file = $dir . $pathEnd)) { + return $file; + } + } + } + } + } + + // PSR-4 fallback dirs + foreach ($this->fallbackDirsPsr4 as $dir) { + if (file_exists($file = $dir . DIRECTORY_SEPARATOR . $logicalPathPsr4)) { + return $file; + } + } + + // PSR-0 lookup + if (false !== $pos = strrpos($class, '\\')) { + // namespaced class name + $logicalPathPsr0 = substr($logicalPathPsr4, 0, $pos + 1) + . strtr(substr($logicalPathPsr4, $pos + 1), '_', DIRECTORY_SEPARATOR); + } else { + // PEAR-like class name + $logicalPathPsr0 = strtr($class, '_', DIRECTORY_SEPARATOR) . $ext; + } + + if (isset($this->prefixesPsr0[$first])) { + foreach ($this->prefixesPsr0[$first] as $prefix => $dirs) { + if (0 === strpos($class, $prefix)) { + foreach ($dirs as $dir) { + if (file_exists($file = $dir . DIRECTORY_SEPARATOR . $logicalPathPsr0)) { + return $file; + } + } + } + } + } + + // PSR-0 fallback dirs + foreach ($this->fallbackDirsPsr0 as $dir) { + if (file_exists($file = $dir . DIRECTORY_SEPARATOR . $logicalPathPsr0)) { + return $file; + } + } + + // PSR-0 include paths. + if ($this->useIncludePath && $file = stream_resolve_include_path($logicalPathPsr0)) { + return $file; + } + + return false; + } + + /** + * @return void + */ + private static function initializeIncludeClosure() + { + if (self::$includeFile !== null) { + return; + } + + /** + * Scope isolated include. + * + * Prevents access to $this/self from included files. + * + * @param string $file + * @return void + */ + self::$includeFile = \Closure::bind(static function($file) { + include $file; + }, null, null); + } +} diff --git a/utilities/signing_and_verification/php/vendor/composer/InstalledVersions.php b/utilities/signing_and_verification/php/vendor/composer/InstalledVersions.php new file mode 100644 index 0000000..51e734a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/composer/InstalledVersions.php @@ -0,0 +1,359 @@ + + * Jordi Boggiano + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Composer; + +use Composer\Autoload\ClassLoader; +use Composer\Semver\VersionParser; + +/** + * This class is copied in every Composer installed project and available to all + * + * See also https://getcomposer.org/doc/07-runtime.md#installed-versions + * + * To require its presence, you can require `composer-runtime-api ^2.0` + * + * @final + */ +class InstalledVersions +{ + /** + * @var mixed[]|null + * @psalm-var array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array}|array{}|null + */ + private static $installed; + + /** + * @var bool|null + */ + private static $canGetVendors; + + /** + * @var array[] + * @psalm-var array}> + */ + private static $installedByVendor = array(); + + /** + * Returns a list of all package names which are present, either by being installed, replaced or provided + * + * @return string[] + * @psalm-return list + */ + public static function getInstalledPackages() + { + $packages = array(); + foreach (self::getInstalled() as $installed) { + $packages[] = array_keys($installed['versions']); + } + + if (1 === \count($packages)) { + return $packages[0]; + } + + return array_keys(array_flip(\call_user_func_array('array_merge', $packages))); + } + + /** + * Returns a list of all package names with a specific type e.g. 'library' + * + * @param string $type + * @return string[] + * @psalm-return list + */ + public static function getInstalledPackagesByType($type) + { + $packagesByType = array(); + + foreach (self::getInstalled() as $installed) { + foreach ($installed['versions'] as $name => $package) { + if (isset($package['type']) && $package['type'] === $type) { + $packagesByType[] = $name; + } + } + } + + return $packagesByType; + } + + /** + * Checks whether the given package is installed + * + * This also returns true if the package name is provided or replaced by another package + * + * @param string $packageName + * @param bool $includeDevRequirements + * @return bool + */ + public static function isInstalled($packageName, $includeDevRequirements = true) + { + foreach (self::getInstalled() as $installed) { + if (isset($installed['versions'][$packageName])) { + return $includeDevRequirements || !isset($installed['versions'][$packageName]['dev_requirement']) || $installed['versions'][$packageName]['dev_requirement'] === false; + } + } + + return false; + } + + /** + * Checks whether the given package satisfies a version constraint + * + * e.g. If you want to know whether version 2.3+ of package foo/bar is installed, you would call: + * + * Composer\InstalledVersions::satisfies(new VersionParser, 'foo/bar', '^2.3') + * + * @param VersionParser $parser Install composer/semver to have access to this class and functionality + * @param string $packageName + * @param string|null $constraint A version constraint to check for, if you pass one you have to make sure composer/semver is required by your package + * @return bool + */ + public static function satisfies(VersionParser $parser, $packageName, $constraint) + { + $constraint = $parser->parseConstraints((string) $constraint); + $provided = $parser->parseConstraints(self::getVersionRanges($packageName)); + + return $provided->matches($constraint); + } + + /** + * Returns a version constraint representing all the range(s) which are installed for a given package + * + * It is easier to use this via isInstalled() with the $constraint argument if you need to check + * whether a given version of a package is installed, and not just whether it exists + * + * @param string $packageName + * @return string Version constraint usable with composer/semver + */ + public static function getVersionRanges($packageName) + { + foreach (self::getInstalled() as $installed) { + if (!isset($installed['versions'][$packageName])) { + continue; + } + + $ranges = array(); + if (isset($installed['versions'][$packageName]['pretty_version'])) { + $ranges[] = $installed['versions'][$packageName]['pretty_version']; + } + if (array_key_exists('aliases', $installed['versions'][$packageName])) { + $ranges = array_merge($ranges, $installed['versions'][$packageName]['aliases']); + } + if (array_key_exists('replaced', $installed['versions'][$packageName])) { + $ranges = array_merge($ranges, $installed['versions'][$packageName]['replaced']); + } + if (array_key_exists('provided', $installed['versions'][$packageName])) { + $ranges = array_merge($ranges, $installed['versions'][$packageName]['provided']); + } + + return implode(' || ', $ranges); + } + + throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed'); + } + + /** + * @param string $packageName + * @return string|null If the package is being replaced or provided but is not really installed, null will be returned as version, use satisfies or getVersionRanges if you need to know if a given version is present + */ + public static function getVersion($packageName) + { + foreach (self::getInstalled() as $installed) { + if (!isset($installed['versions'][$packageName])) { + continue; + } + + if (!isset($installed['versions'][$packageName]['version'])) { + return null; + } + + return $installed['versions'][$packageName]['version']; + } + + throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed'); + } + + /** + * @param string $packageName + * @return string|null If the package is being replaced or provided but is not really installed, null will be returned as version, use satisfies or getVersionRanges if you need to know if a given version is present + */ + public static function getPrettyVersion($packageName) + { + foreach (self::getInstalled() as $installed) { + if (!isset($installed['versions'][$packageName])) { + continue; + } + + if (!isset($installed['versions'][$packageName]['pretty_version'])) { + return null; + } + + return $installed['versions'][$packageName]['pretty_version']; + } + + throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed'); + } + + /** + * @param string $packageName + * @return string|null If the package is being replaced or provided but is not really installed, null will be returned as reference + */ + public static function getReference($packageName) + { + foreach (self::getInstalled() as $installed) { + if (!isset($installed['versions'][$packageName])) { + continue; + } + + if (!isset($installed['versions'][$packageName]['reference'])) { + return null; + } + + return $installed['versions'][$packageName]['reference']; + } + + throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed'); + } + + /** + * @param string $packageName + * @return string|null If the package is being replaced or provided but is not really installed, null will be returned as install path. Packages of type metapackages also have a null install path. + */ + public static function getInstallPath($packageName) + { + foreach (self::getInstalled() as $installed) { + if (!isset($installed['versions'][$packageName])) { + continue; + } + + return isset($installed['versions'][$packageName]['install_path']) ? $installed['versions'][$packageName]['install_path'] : null; + } + + throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed'); + } + + /** + * @return array + * @psalm-return array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool} + */ + public static function getRootPackage() + { + $installed = self::getInstalled(); + + return $installed[0]['root']; + } + + /** + * Returns the raw installed.php data for custom implementations + * + * @deprecated Use getAllRawData() instead which returns all datasets for all autoloaders present in the process. getRawData only returns the first dataset loaded, which may not be what you expect. + * @return array[] + * @psalm-return array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array} + */ + public static function getRawData() + { + @trigger_error('getRawData only returns the first dataset loaded, which may not be what you expect. Use getAllRawData() instead which returns all datasets for all autoloaders present in the process.', E_USER_DEPRECATED); + + if (null === self::$installed) { + // only require the installed.php file if this file is loaded from its dumped location, + // and not from its source location in the composer/composer package, see https://github.com/composer/composer/issues/9937 + if (substr(__DIR__, -8, 1) !== 'C') { + self::$installed = include __DIR__ . '/installed.php'; + } else { + self::$installed = array(); + } + } + + return self::$installed; + } + + /** + * Returns the raw data of all installed.php which are currently loaded for custom implementations + * + * @return array[] + * @psalm-return list}> + */ + public static function getAllRawData() + { + return self::getInstalled(); + } + + /** + * Lets you reload the static array from another file + * + * This is only useful for complex integrations in which a project needs to use + * this class but then also needs to execute another project's autoloader in process, + * and wants to ensure both projects have access to their version of installed.php. + * + * A typical case would be PHPUnit, where it would need to make sure it reads all + * the data it needs from this class, then call reload() with + * `require $CWD/vendor/composer/installed.php` (or similar) as input to make sure + * the project in which it runs can then also use this class safely, without + * interference between PHPUnit's dependencies and the project's dependencies. + * + * @param array[] $data A vendor/composer/installed.php data set + * @return void + * + * @psalm-param array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array} $data + */ + public static function reload($data) + { + self::$installed = $data; + self::$installedByVendor = array(); + } + + /** + * @return array[] + * @psalm-return list}> + */ + private static function getInstalled() + { + if (null === self::$canGetVendors) { + self::$canGetVendors = method_exists('Composer\Autoload\ClassLoader', 'getRegisteredLoaders'); + } + + $installed = array(); + + if (self::$canGetVendors) { + foreach (ClassLoader::getRegisteredLoaders() as $vendorDir => $loader) { + if (isset(self::$installedByVendor[$vendorDir])) { + $installed[] = self::$installedByVendor[$vendorDir]; + } elseif (is_file($vendorDir.'/composer/installed.php')) { + /** @var array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array} $required */ + $required = require $vendorDir.'/composer/installed.php'; + $installed[] = self::$installedByVendor[$vendorDir] = $required; + if (null === self::$installed && strtr($vendorDir.'/composer', '\\', '/') === strtr(__DIR__, '\\', '/')) { + self::$installed = $installed[count($installed) - 1]; + } + } + } + } + + if (null === self::$installed) { + // only require the installed.php file if this file is loaded from its dumped location, + // and not from its source location in the composer/composer package, see https://github.com/composer/composer/issues/9937 + if (substr(__DIR__, -8, 1) !== 'C') { + /** @var array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array} $required */ + $required = require __DIR__ . '/installed.php'; + self::$installed = $required; + } else { + self::$installed = array(); + } + } + + if (self::$installed !== array()) { + $installed[] = self::$installed; + } + + return $installed; + } +} diff --git a/utilities/signing_and_verification/php/vendor/composer/LICENSE b/utilities/signing_and_verification/php/vendor/composer/LICENSE new file mode 100644 index 0000000..f27399a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/composer/LICENSE @@ -0,0 +1,21 @@ + +Copyright (c) Nils Adermann, Jordi Boggiano + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is furnished +to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. + diff --git a/utilities/signing_and_verification/php/vendor/composer/autoload_classmap.php b/utilities/signing_and_verification/php/vendor/composer/autoload_classmap.php new file mode 100644 index 0000000..5490b88 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/composer/autoload_classmap.php @@ -0,0 +1,15 @@ + $vendorDir . '/symfony/polyfill-php80/Resources/stubs/Attribute.php', + 'Composer\\InstalledVersions' => $vendorDir . '/composer/InstalledVersions.php', + 'PhpToken' => $vendorDir . '/symfony/polyfill-php80/Resources/stubs/PhpToken.php', + 'Stringable' => $vendorDir . '/symfony/polyfill-php80/Resources/stubs/Stringable.php', + 'UnhandledMatchError' => $vendorDir . '/symfony/polyfill-php80/Resources/stubs/UnhandledMatchError.php', + 'ValueError' => $vendorDir . '/symfony/polyfill-php80/Resources/stubs/ValueError.php', +); diff --git a/utilities/signing_and_verification/php/vendor/composer/autoload_files.php b/utilities/signing_and_verification/php/vendor/composer/autoload_files.php new file mode 100644 index 0000000..0ad6121 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/composer/autoload_files.php @@ -0,0 +1,13 @@ + $vendorDir . '/symfony/polyfill-ctype/bootstrap.php', + '0e6d7bf4a5811bfa5cf40c5ccd6fae6a' => $vendorDir . '/symfony/polyfill-mbstring/bootstrap.php', + 'a4a119a56e50fbb293281d9a48007e0e' => $vendorDir . '/symfony/polyfill-php80/bootstrap.php', + 'decc78cc4436b1292c6c0d151b19445c' => $vendorDir . '/phpseclib/phpseclib/phpseclib/bootstrap.php', +); diff --git a/utilities/signing_and_verification/php/vendor/composer/autoload_namespaces.php b/utilities/signing_and_verification/php/vendor/composer/autoload_namespaces.php new file mode 100644 index 0000000..15a2ff3 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/composer/autoload_namespaces.php @@ -0,0 +1,9 @@ + array($vendorDir . '/phpseclib/phpseclib/phpseclib'), + 'Symfony\\Polyfill\\Php80\\' => array($vendorDir . '/symfony/polyfill-php80'), + 'Symfony\\Polyfill\\Mbstring\\' => array($vendorDir . '/symfony/polyfill-mbstring'), + 'Symfony\\Polyfill\\Ctype\\' => array($vendorDir . '/symfony/polyfill-ctype'), + 'Sop\\X501\\' => array($vendorDir . '/sop/x501/lib/X501'), + 'Sop\\CryptoTypes\\' => array($vendorDir . '/sop/crypto-types/lib/CryptoTypes'), + 'Sop\\CryptoEncoding\\' => array($vendorDir . '/sop/crypto-encoding/lib/CryptoEncoding'), + 'Sop\\ASN1\\' => array($vendorDir . '/sop/asn1/lib/ASN1'), + 'PhpOption\\' => array($vendorDir . '/phpoption/phpoption/src/PhpOption'), + 'ParagonIE\\ConstantTime\\' => array($vendorDir . '/paragonie/constant_time_encoding/src'), + 'GrahamCampbell\\ResultType\\' => array($vendorDir . '/graham-campbell/result-type/src'), + 'Dotenv\\' => array($vendorDir . '/vlucas/phpdotenv/src'), + 'Charnpreet\\Signver\\' => array($baseDir . '/src'), +); diff --git a/utilities/signing_and_verification/php/vendor/composer/autoload_real.php b/utilities/signing_and_verification/php/vendor/composer/autoload_real.php new file mode 100644 index 0000000..a97b0eb --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/composer/autoload_real.php @@ -0,0 +1,50 @@ +register(true); + + $filesToLoad = \Composer\Autoload\ComposerStaticInitf7682c1514c4862053b25ac22e268c1b::$files; + $requireFile = \Closure::bind(static function ($fileIdentifier, $file) { + if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) { + $GLOBALS['__composer_autoload_files'][$fileIdentifier] = true; + + require $file; + } + }, null, null); + foreach ($filesToLoad as $fileIdentifier => $file) { + $requireFile($fileIdentifier, $file); + } + + return $loader; + } +} diff --git a/utilities/signing_and_verification/php/vendor/composer/autoload_static.php b/utilities/signing_and_verification/php/vendor/composer/autoload_static.php new file mode 100644 index 0000000..d811dba --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/composer/autoload_static.php @@ -0,0 +1,123 @@ + __DIR__ . '/..' . '/symfony/polyfill-ctype/bootstrap.php', + '0e6d7bf4a5811bfa5cf40c5ccd6fae6a' => __DIR__ . '/..' . '/symfony/polyfill-mbstring/bootstrap.php', + 'a4a119a56e50fbb293281d9a48007e0e' => __DIR__ . '/..' . '/symfony/polyfill-php80/bootstrap.php', + 'decc78cc4436b1292c6c0d151b19445c' => __DIR__ . '/..' . '/phpseclib/phpseclib/phpseclib/bootstrap.php', + ); + + public static $prefixLengthsPsr4 = array ( + 'p' => + array ( + 'phpseclib3\\' => 11, + ), + 'S' => + array ( + 'Symfony\\Polyfill\\Php80\\' => 23, + 'Symfony\\Polyfill\\Mbstring\\' => 26, + 'Symfony\\Polyfill\\Ctype\\' => 23, + 'Sop\\X501\\' => 9, + 'Sop\\CryptoTypes\\' => 16, + 'Sop\\CryptoEncoding\\' => 19, + 'Sop\\ASN1\\' => 9, + ), + 'P' => + array ( + 'PhpOption\\' => 10, + 'ParagonIE\\ConstantTime\\' => 23, + ), + 'G' => + array ( + 'GrahamCampbell\\ResultType\\' => 26, + ), + 'D' => + array ( + 'Dotenv\\' => 7, + ), + 'C' => + array ( + 'Charnpreet\\Signver\\' => 19, + ), + ); + + public static $prefixDirsPsr4 = array ( + 'phpseclib3\\' => + array ( + 0 => __DIR__ . '/..' . '/phpseclib/phpseclib/phpseclib', + ), + 'Symfony\\Polyfill\\Php80\\' => + array ( + 0 => __DIR__ . '/..' . '/symfony/polyfill-php80', + ), + 'Symfony\\Polyfill\\Mbstring\\' => + array ( + 0 => __DIR__ . '/..' . '/symfony/polyfill-mbstring', + ), + 'Symfony\\Polyfill\\Ctype\\' => + array ( + 0 => __DIR__ . '/..' . '/symfony/polyfill-ctype', + ), + 'Sop\\X501\\' => + array ( + 0 => __DIR__ . '/..' . '/sop/x501/lib/X501', + ), + 'Sop\\CryptoTypes\\' => + array ( + 0 => __DIR__ . '/..' . '/sop/crypto-types/lib/CryptoTypes', + ), + 'Sop\\CryptoEncoding\\' => + array ( + 0 => __DIR__ . '/..' . '/sop/crypto-encoding/lib/CryptoEncoding', + ), + 'Sop\\ASN1\\' => + array ( + 0 => __DIR__ . '/..' . '/sop/asn1/lib/ASN1', + ), + 'PhpOption\\' => + array ( + 0 => __DIR__ . '/..' . '/phpoption/phpoption/src/PhpOption', + ), + 'ParagonIE\\ConstantTime\\' => + array ( + 0 => __DIR__ . '/..' . '/paragonie/constant_time_encoding/src', + ), + 'GrahamCampbell\\ResultType\\' => + array ( + 0 => __DIR__ . '/..' . '/graham-campbell/result-type/src', + ), + 'Dotenv\\' => + array ( + 0 => __DIR__ . '/..' . '/vlucas/phpdotenv/src', + ), + 'Charnpreet\\Signver\\' => + array ( + 0 => __DIR__ . '/../..' . '/src', + ), + ); + + public static $classMap = array ( + 'Attribute' => __DIR__ . '/..' . '/symfony/polyfill-php80/Resources/stubs/Attribute.php', + 'Composer\\InstalledVersions' => __DIR__ . '/..' . '/composer/InstalledVersions.php', + 'PhpToken' => __DIR__ . '/..' . '/symfony/polyfill-php80/Resources/stubs/PhpToken.php', + 'Stringable' => __DIR__ . '/..' . '/symfony/polyfill-php80/Resources/stubs/Stringable.php', + 'UnhandledMatchError' => __DIR__ . '/..' . '/symfony/polyfill-php80/Resources/stubs/UnhandledMatchError.php', + 'ValueError' => __DIR__ . '/..' . '/symfony/polyfill-php80/Resources/stubs/ValueError.php', + ); + + public static function getInitializer(ClassLoader $loader) + { + return \Closure::bind(function () use ($loader) { + $loader->prefixLengthsPsr4 = ComposerStaticInitf7682c1514c4862053b25ac22e268c1b::$prefixLengthsPsr4; + $loader->prefixDirsPsr4 = ComposerStaticInitf7682c1514c4862053b25ac22e268c1b::$prefixDirsPsr4; + $loader->classMap = ComposerStaticInitf7682c1514c4862053b25ac22e268c1b::$classMap; + + }, null, ClassLoader::class); + } +} diff --git a/utilities/signing_and_verification/php/vendor/composer/installed.json b/utilities/signing_and_verification/php/vendor/composer/installed.json new file mode 100644 index 0000000..a462cb6 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/composer/installed.json @@ -0,0 +1,964 @@ +{ + "packages": [ + { + "name": "graham-campbell/result-type", + "version": "v1.1.2", + "version_normalized": "1.1.2.0", + "source": { + "type": "git", + "url": "https://github.com/GrahamCampbell/Result-Type.git", + "reference": "fbd48bce38f73f8a4ec8583362e732e4095e5862" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/GrahamCampbell/Result-Type/zipball/fbd48bce38f73f8a4ec8583362e732e4095e5862", + "reference": "fbd48bce38f73f8a4ec8583362e732e4095e5862", + "shasum": "" + }, + "require": { + "php": "^7.2.5 || ^8.0", + "phpoption/phpoption": "^1.9.2" + }, + "require-dev": { + "phpunit/phpunit": "^8.5.34 || ^9.6.13 || ^10.4.2" + }, + "time": "2023-11-12T22:16:48+00:00", + "type": "library", + "installation-source": "dist", + "autoload": { + "psr-4": { + "GrahamCampbell\\ResultType\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Graham Campbell", + "email": "hello@gjcampbell.co.uk", + "homepage": "https://github.com/GrahamCampbell" + } + ], + "description": "An Implementation Of The Result Type", + "keywords": [ + "Graham Campbell", + "GrahamCampbell", + "Result Type", + "Result-Type", + "result" + ], + "support": { + "issues": "https://github.com/GrahamCampbell/Result-Type/issues", + "source": "https://github.com/GrahamCampbell/Result-Type/tree/v1.1.2" + }, + "funding": [ + { + "url": "https://github.com/GrahamCampbell", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/graham-campbell/result-type", + "type": "tidelift" + } + ], + "install-path": "../graham-campbell/result-type" + }, + { + "name": "paragonie/constant_time_encoding", + "version": "v2.6.3", + "version_normalized": "2.6.3.0", + "source": { + "type": "git", + "url": "https://github.com/paragonie/constant_time_encoding.git", + "reference": "58c3f47f650c94ec05a151692652a868995d2938" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/paragonie/constant_time_encoding/zipball/58c3f47f650c94ec05a151692652a868995d2938", + "reference": "58c3f47f650c94ec05a151692652a868995d2938", + "shasum": "" + }, + "require": { + "php": "^7|^8" + }, + "require-dev": { + "phpunit/phpunit": "^6|^7|^8|^9", + "vimeo/psalm": "^1|^2|^3|^4" + }, + "time": "2022-06-14T06:56:20+00:00", + "type": "library", + "installation-source": "dist", + "autoload": { + "psr-4": { + "ParagonIE\\ConstantTime\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Paragon Initiative Enterprises", + "email": "security@paragonie.com", + "homepage": "https://paragonie.com", + "role": "Maintainer" + }, + { + "name": "Steve 'Sc00bz' Thomas", + "email": "steve@tobtu.com", + "homepage": "https://www.tobtu.com", + "role": "Original Developer" + } + ], + "description": "Constant-time Implementations of RFC 4648 Encoding (Base-64, Base-32, Base-16)", + "keywords": [ + "base16", + "base32", + "base32_decode", + "base32_encode", + "base64", + "base64_decode", + "base64_encode", + "bin2hex", + "encoding", + "hex", + "hex2bin", + "rfc4648" + ], + "support": { + "email": "info@paragonie.com", + "issues": "https://github.com/paragonie/constant_time_encoding/issues", + "source": "https://github.com/paragonie/constant_time_encoding" + }, + "install-path": "../paragonie/constant_time_encoding" + }, + { + "name": "paragonie/random_compat", + "version": "v9.99.100", + "version_normalized": "9.99.100.0", + "source": { + "type": "git", + "url": "https://github.com/paragonie/random_compat.git", + "reference": "996434e5492cb4c3edcb9168db6fbb1359ef965a" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/paragonie/random_compat/zipball/996434e5492cb4c3edcb9168db6fbb1359ef965a", + "reference": "996434e5492cb4c3edcb9168db6fbb1359ef965a", + "shasum": "" + }, + "require": { + "php": ">= 7" + }, + "require-dev": { + "phpunit/phpunit": "4.*|5.*", + "vimeo/psalm": "^1" + }, + "suggest": { + "ext-libsodium": "Provides a modern crypto API that can be used to generate random bytes." + }, + "time": "2020-10-15T08:29:30+00:00", + "type": "library", + "installation-source": "dist", + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Paragon Initiative Enterprises", + "email": "security@paragonie.com", + "homepage": "https://paragonie.com" + } + ], + "description": "PHP 5.x polyfill for random_bytes() and random_int() from PHP 7", + "keywords": [ + "csprng", + "polyfill", + "pseudorandom", + "random" + ], + "support": { + "email": "info@paragonie.com", + "issues": "https://github.com/paragonie/random_compat/issues", + "source": "https://github.com/paragonie/random_compat" + }, + "install-path": "../paragonie/random_compat" + }, + { + "name": "phpoption/phpoption", + "version": "1.9.2", + "version_normalized": "1.9.2.0", + "source": { + "type": "git", + "url": "https://github.com/schmittjoh/php-option.git", + "reference": "80735db690fe4fc5c76dfa7f9b770634285fa820" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/schmittjoh/php-option/zipball/80735db690fe4fc5c76dfa7f9b770634285fa820", + "reference": "80735db690fe4fc5c76dfa7f9b770634285fa820", + "shasum": "" + }, + "require": { + "php": "^7.2.5 || ^8.0" + }, + "require-dev": { + "bamarni/composer-bin-plugin": "^1.8.2", + "phpunit/phpunit": "^8.5.34 || ^9.6.13 || ^10.4.2" + }, + "time": "2023-11-12T21:59:55+00:00", + "type": "library", + "extra": { + "bamarni-bin": { + "bin-links": true, + "forward-command": true + }, + "branch-alias": { + "dev-master": "1.9-dev" + } + }, + "installation-source": "dist", + "autoload": { + "psr-4": { + "PhpOption\\": "src/PhpOption/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "Apache-2.0" + ], + "authors": [ + { + "name": "Johannes M. Schmitt", + "email": "schmittjoh@gmail.com", + "homepage": "https://github.com/schmittjoh" + }, + { + "name": "Graham Campbell", + "email": "hello@gjcampbell.co.uk", + "homepage": "https://github.com/GrahamCampbell" + } + ], + "description": "Option Type for PHP", + "keywords": [ + "language", + "option", + "php", + "type" + ], + "support": { + "issues": "https://github.com/schmittjoh/php-option/issues", + "source": "https://github.com/schmittjoh/php-option/tree/1.9.2" + }, + "funding": [ + { + "url": "https://github.com/GrahamCampbell", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/phpoption/phpoption", + "type": "tidelift" + } + ], + "install-path": "../phpoption/phpoption" + }, + { + "name": "phpseclib/phpseclib", + "version": "3.0.35", + "version_normalized": "3.0.35.0", + "source": { + "type": "git", + "url": "https://github.com/phpseclib/phpseclib.git", + "reference": "4b1827beabce71953ca479485c0ae9c51287f2fe" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/4b1827beabce71953ca479485c0ae9c51287f2fe", + "reference": "4b1827beabce71953ca479485c0ae9c51287f2fe", + "shasum": "" + }, + "require": { + "paragonie/constant_time_encoding": "^1|^2", + "paragonie/random_compat": "^1.4|^2.0|^9.99.99", + "php": ">=5.6.1" + }, + "require-dev": { + "phpunit/phpunit": "*" + }, + "suggest": { + "ext-dom": "Install the DOM extension to load XML formatted public keys.", + "ext-gmp": "Install the GMP (GNU Multiple Precision) extension in order to speed up arbitrary precision integer arithmetic operations.", + "ext-libsodium": "SSH2/SFTP can make use of some algorithms provided by the libsodium-php extension.", + "ext-mcrypt": "Install the Mcrypt extension in order to speed up a few other cryptographic operations.", + "ext-openssl": "Install the OpenSSL extension in order to speed up a wide variety of cryptographic operations." + }, + "time": "2023-12-29T01:59:53+00:00", + "type": "library", + "installation-source": "dist", + "autoload": { + "files": [ + "phpseclib/bootstrap.php" + ], + "psr-4": { + "phpseclib3\\": "phpseclib/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Jim Wigginton", + "email": "terrafrost@php.net", + "role": "Lead Developer" + }, + { + "name": "Patrick Monnerat", + "email": "pm@datasphere.ch", + "role": "Developer" + }, + { + "name": "Andreas Fischer", + "email": "bantu@phpbb.com", + "role": "Developer" + }, + { + "name": "Hans-Jürgen Petrich", + "email": "petrich@tronic-media.com", + "role": "Developer" + }, + { + "name": "Graham Campbell", + "email": "graham@alt-three.com", + "role": "Developer" + } + ], + "description": "PHP Secure Communications Library - Pure-PHP implementations of RSA, AES, SSH2, SFTP, X.509 etc.", + "homepage": "http://phpseclib.sourceforge.net", + "keywords": [ + "BigInteger", + "aes", + "asn.1", + "asn1", + "blowfish", + "crypto", + "cryptography", + "encryption", + "rsa", + "security", + "sftp", + "signature", + "signing", + "ssh", + "twofish", + "x.509", + "x509" + ], + "support": { + "issues": "https://github.com/phpseclib/phpseclib/issues", + "source": "https://github.com/phpseclib/phpseclib/tree/3.0.35" + }, + "funding": [ + { + "url": "https://github.com/terrafrost", + "type": "github" + }, + { + "url": "https://www.patreon.com/phpseclib", + "type": "patreon" + }, + { + "url": "https://tidelift.com/funding/github/packagist/phpseclib/phpseclib", + "type": "tidelift" + } + ], + "install-path": "../phpseclib/phpseclib" + }, + { + "name": "sop/asn1", + "version": "4.1.1", + "version_normalized": "4.1.1.0", + "source": { + "type": "git", + "url": "https://github.com/sop/asn1.git", + "reference": "074efe8f7c353c54edc809ac3d74efda83edd776" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sop/asn1/zipball/074efe8f7c353c54edc809ac3d74efda83edd776", + "reference": "074efe8f7c353c54edc809ac3d74efda83edd776", + "shasum": "" + }, + "require": { + "ext-gmp": "*", + "ext-mbstring": "*", + "php": ">=7.2" + }, + "require-dev": { + "phpunit/phpunit": "^8.1" + }, + "time": "2022-02-17T07:08:51+00:00", + "type": "library", + "installation-source": "dist", + "autoload": { + "psr-4": { + "Sop\\ASN1\\": "lib/ASN1/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Joni Eskelinen", + "email": "jonieske@gmail.com", + "role": "Developer" + } + ], + "description": "A PHP library for X.690 ASN.1 DER encoding and decoding.", + "homepage": "https://github.com/sop/asn1", + "keywords": [ + "DER", + "asn.1", + "asn1", + "x.690", + "x690" + ], + "support": { + "issues": "https://github.com/sop/asn1/issues", + "source": "https://github.com/sop/asn1/tree/4.1.1" + }, + "install-path": "../sop/asn1" + }, + { + "name": "sop/crypto-encoding", + "version": "0.3.0", + "version_normalized": "0.3.0.0", + "source": { + "type": "git", + "url": "https://github.com/sop/crypto-encoding.git", + "reference": "07537353e1b0e76c382a58a9c6e041b7c7dc9052" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sop/crypto-encoding/zipball/07537353e1b0e76c382a58a9c6e041b7c7dc9052", + "reference": "07537353e1b0e76c382a58a9c6e041b7c7dc9052", + "shasum": "" + }, + "require": { + "php": ">=7.2" + }, + "require-dev": { + "phpunit/phpunit": "^8.1" + }, + "time": "2019-05-22T11:46:12+00:00", + "type": "library", + "installation-source": "dist", + "autoload": { + "psr-4": { + "Sop\\CryptoEncoding\\": "lib/CryptoEncoding/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Joni Eskelinen", + "email": "jonieske@gmail.com", + "role": "Developer" + } + ], + "description": "A PHP implementation of textual encodings of cryptographic structures.", + "homepage": "https://github.com/sop/crypto-encoding", + "keywords": [ + "Private Key", + "certificate", + "pem", + "public key" + ], + "support": { + "issues": "https://github.com/sop/crypto-encoding/issues", + "source": "https://github.com/sop/crypto-encoding/tree/master" + }, + "install-path": "../sop/crypto-encoding" + }, + { + "name": "sop/crypto-types", + "version": "dev-master", + "version_normalized": "dev-master", + "source": { + "type": "git", + "url": "https://github.com/sop/crypto-types.git", + "reference": "92fd19ebd5d9aecdaef919e08296a2ef79a2e80f" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sop/crypto-types/zipball/92fd19ebd5d9aecdaef919e08296a2ef79a2e80f", + "reference": "92fd19ebd5d9aecdaef919e08296a2ef79a2e80f", + "shasum": "" + }, + "require": { + "ext-gmp": "*", + "php": ">=7.2", + "sop/asn1": "^4.0.0", + "sop/crypto-encoding": "^0.3.0", + "sop/x501": "0.6.1" + }, + "require-dev": { + "phpunit/phpunit": "^8.1" + }, + "time": "2021-08-11T06:56:21+00:00", + "default-branch": true, + "type": "library", + "installation-source": "dist", + "autoload": { + "psr-4": { + "Sop\\CryptoTypes\\": "lib/CryptoTypes/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Joni Eskelinen", + "email": "jonieske@gmail.com", + "role": "Developer" + } + ], + "description": "A PHP library of various ASN.1 types for cryptographic applications.", + "homepage": "https://github.com/sop/crypto-types", + "keywords": [ + "Private Key", + "algorithm identifier", + "asn1", + "cryptography", + "ec", + "public key", + "rsa", + "signature" + ], + "support": { + "issues": "https://github.com/sop/crypto-types/issues", + "source": "https://github.com/sop/crypto-types/tree/master" + }, + "install-path": "../sop/crypto-types" + }, + { + "name": "sop/x501", + "version": "0.6.1", + "version_normalized": "0.6.1.0", + "source": { + "type": "git", + "url": "https://github.com/sop/x501.git", + "reference": "7978bfac25ff73c4c20bed0794d4d88cca8f6895" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sop/x501/zipball/7978bfac25ff73c4c20bed0794d4d88cca8f6895", + "reference": "7978bfac25ff73c4c20bed0794d4d88cca8f6895", + "shasum": "" + }, + "require": { + "ext-intl": "*", + "ext-mbstring": "*", + "php": ">=7.2", + "sop/asn1": "^4.0.0" + }, + "require-dev": { + "phpunit/phpunit": "^8.1" + }, + "time": "2019-06-27T10:30:28+00:00", + "type": "library", + "installation-source": "dist", + "autoload": { + "psr-4": { + "Sop\\X501\\": "lib/X501/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Joni Eskelinen", + "email": "jonieske@gmail.com", + "role": "Developer" + } + ], + "description": "A PHP library for X.501 ASN.1 types, X.520 attributes and DN parsing.", + "homepage": "https://github.com/sop/x501", + "keywords": [ + "attribute", + "dn", + "ldap", + "rdn", + "x.501", + "x.520", + "x501", + "x520" + ], + "support": { + "issues": "https://github.com/sop/x501/issues", + "source": "https://github.com/sop/x501/tree/0.6.1" + }, + "install-path": "../sop/x501" + }, + { + "name": "symfony/polyfill-ctype", + "version": "v1.28.0", + "version_normalized": "1.28.0.0", + "source": { + "type": "git", + "url": "https://github.com/symfony/polyfill-ctype.git", + "reference": "ea208ce43cbb04af6867b4fdddb1bdbf84cc28cb" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/ea208ce43cbb04af6867b4fdddb1bdbf84cc28cb", + "reference": "ea208ce43cbb04af6867b4fdddb1bdbf84cc28cb", + "shasum": "" + }, + "require": { + "php": ">=7.1" + }, + "provide": { + "ext-ctype": "*" + }, + "suggest": { + "ext-ctype": "For best performance" + }, + "time": "2023-01-26T09:26:14+00:00", + "type": "library", + "extra": { + "branch-alias": { + "dev-main": "1.28-dev" + }, + "thanks": { + "name": "symfony/polyfill", + "url": "https://github.com/symfony/polyfill" + } + }, + "installation-source": "dist", + "autoload": { + "files": [ + "bootstrap.php" + ], + "psr-4": { + "Symfony\\Polyfill\\Ctype\\": "" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Gert de Pagter", + "email": "BackEndTea@gmail.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony polyfill for ctype functions", + "homepage": "https://symfony.com", + "keywords": [ + "compatibility", + "ctype", + "polyfill", + "portable" + ], + "support": { + "source": "https://github.com/symfony/polyfill-ctype/tree/v1.28.0" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "install-path": "../symfony/polyfill-ctype" + }, + { + "name": "symfony/polyfill-mbstring", + "version": "v1.28.0", + "version_normalized": "1.28.0.0", + "source": { + "type": "git", + "url": "https://github.com/symfony/polyfill-mbstring.git", + "reference": "42292d99c55abe617799667f454222c54c60e229" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/42292d99c55abe617799667f454222c54c60e229", + "reference": "42292d99c55abe617799667f454222c54c60e229", + "shasum": "" + }, + "require": { + "php": ">=7.1" + }, + "provide": { + "ext-mbstring": "*" + }, + "suggest": { + "ext-mbstring": "For best performance" + }, + "time": "2023-07-28T09:04:16+00:00", + "type": "library", + "extra": { + "branch-alias": { + "dev-main": "1.28-dev" + }, + "thanks": { + "name": "symfony/polyfill", + "url": "https://github.com/symfony/polyfill" + } + }, + "installation-source": "dist", + "autoload": { + "files": [ + "bootstrap.php" + ], + "psr-4": { + "Symfony\\Polyfill\\Mbstring\\": "" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Nicolas Grekas", + "email": "p@tchwork.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony polyfill for the Mbstring extension", + "homepage": "https://symfony.com", + "keywords": [ + "compatibility", + "mbstring", + "polyfill", + "portable", + "shim" + ], + "support": { + "source": "https://github.com/symfony/polyfill-mbstring/tree/v1.28.0" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "install-path": "../symfony/polyfill-mbstring" + }, + { + "name": "symfony/polyfill-php80", + "version": "v1.28.0", + "version_normalized": "1.28.0.0", + "source": { + "type": "git", + "url": "https://github.com/symfony/polyfill-php80.git", + "reference": "6caa57379c4aec19c0a12a38b59b26487dcfe4b5" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/6caa57379c4aec19c0a12a38b59b26487dcfe4b5", + "reference": "6caa57379c4aec19c0a12a38b59b26487dcfe4b5", + "shasum": "" + }, + "require": { + "php": ">=7.1" + }, + "time": "2023-01-26T09:26:14+00:00", + "type": "library", + "extra": { + "branch-alias": { + "dev-main": "1.28-dev" + }, + "thanks": { + "name": "symfony/polyfill", + "url": "https://github.com/symfony/polyfill" + } + }, + "installation-source": "dist", + "autoload": { + "files": [ + "bootstrap.php" + ], + "psr-4": { + "Symfony\\Polyfill\\Php80\\": "" + }, + "classmap": [ + "Resources/stubs" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Ion Bazan", + "email": "ion.bazan@gmail.com" + }, + { + "name": "Nicolas Grekas", + "email": "p@tchwork.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony polyfill backporting some PHP 8.0+ features to lower PHP versions", + "homepage": "https://symfony.com", + "keywords": [ + "compatibility", + "polyfill", + "portable", + "shim" + ], + "support": { + "source": "https://github.com/symfony/polyfill-php80/tree/v1.28.0" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "install-path": "../symfony/polyfill-php80" + }, + { + "name": "vlucas/phpdotenv", + "version": "v5.6.0", + "version_normalized": "5.6.0.0", + "source": { + "type": "git", + "url": "https://github.com/vlucas/phpdotenv.git", + "reference": "2cf9fb6054c2bb1d59d1f3817706ecdb9d2934c4" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/vlucas/phpdotenv/zipball/2cf9fb6054c2bb1d59d1f3817706ecdb9d2934c4", + "reference": "2cf9fb6054c2bb1d59d1f3817706ecdb9d2934c4", + "shasum": "" + }, + "require": { + "ext-pcre": "*", + "graham-campbell/result-type": "^1.1.2", + "php": "^7.2.5 || ^8.0", + "phpoption/phpoption": "^1.9.2", + "symfony/polyfill-ctype": "^1.24", + "symfony/polyfill-mbstring": "^1.24", + "symfony/polyfill-php80": "^1.24" + }, + "require-dev": { + "bamarni/composer-bin-plugin": "^1.8.2", + "ext-filter": "*", + "phpunit/phpunit": "^8.5.34 || ^9.6.13 || ^10.4.2" + }, + "suggest": { + "ext-filter": "Required to use the boolean validator." + }, + "time": "2023-11-12T22:43:29+00:00", + "type": "library", + "extra": { + "bamarni-bin": { + "bin-links": true, + "forward-command": true + }, + "branch-alias": { + "dev-master": "5.6-dev" + } + }, + "installation-source": "dist", + "autoload": { + "psr-4": { + "Dotenv\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Graham Campbell", + "email": "hello@gjcampbell.co.uk", + "homepage": "https://github.com/GrahamCampbell" + }, + { + "name": "Vance Lucas", + "email": "vance@vancelucas.com", + "homepage": "https://github.com/vlucas" + } + ], + "description": "Loads environment variables from `.env` to `getenv()`, `$_ENV` and `$_SERVER` automagically.", + "keywords": [ + "dotenv", + "env", + "environment" + ], + "support": { + "issues": "https://github.com/vlucas/phpdotenv/issues", + "source": "https://github.com/vlucas/phpdotenv/tree/v5.6.0" + }, + "funding": [ + { + "url": "https://github.com/GrahamCampbell", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/vlucas/phpdotenv", + "type": "tidelift" + } + ], + "install-path": "../vlucas/phpdotenv" + } + ], + "dev": true, + "dev-package-names": [] +} diff --git a/utilities/signing_and_verification/php/vendor/composer/installed.php b/utilities/signing_and_verification/php/vendor/composer/installed.php new file mode 100644 index 0000000..0b0a521 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/composer/installed.php @@ -0,0 +1,142 @@ + array( + 'name' => 'charnpreet/signver', + 'pretty_version' => '1.0.0+no-version-set', + 'version' => '1.0.0.0', + 'reference' => NULL, + 'type' => 'project', + 'install_path' => __DIR__ . '/../../', + 'aliases' => array(), + 'dev' => true, + ), + 'versions' => array( + 'charnpreet/signver' => array( + 'pretty_version' => '1.0.0+no-version-set', + 'version' => '1.0.0.0', + 'reference' => NULL, + 'type' => 'project', + 'install_path' => __DIR__ . '/../../', + 'aliases' => array(), + 'dev_requirement' => false, + ), + 'graham-campbell/result-type' => array( + 'pretty_version' => 'v1.1.2', + 'version' => '1.1.2.0', + 'reference' => 'fbd48bce38f73f8a4ec8583362e732e4095e5862', + 'type' => 'library', + 'install_path' => __DIR__ . '/../graham-campbell/result-type', + 'aliases' => array(), + 'dev_requirement' => false, + ), + 'paragonie/constant_time_encoding' => array( + 'pretty_version' => 'v2.6.3', + 'version' => '2.6.3.0', + 'reference' => '58c3f47f650c94ec05a151692652a868995d2938', + 'type' => 'library', + 'install_path' => __DIR__ . '/../paragonie/constant_time_encoding', + 'aliases' => array(), + 'dev_requirement' => false, + ), + 'paragonie/random_compat' => array( + 'pretty_version' => 'v9.99.100', + 'version' => '9.99.100.0', + 'reference' => '996434e5492cb4c3edcb9168db6fbb1359ef965a', + 'type' => 'library', + 'install_path' => __DIR__ . '/../paragonie/random_compat', + 'aliases' => array(), + 'dev_requirement' => false, + ), + 'phpoption/phpoption' => array( + 'pretty_version' => '1.9.2', + 'version' => '1.9.2.0', + 'reference' => '80735db690fe4fc5c76dfa7f9b770634285fa820', + 'type' => 'library', + 'install_path' => __DIR__ . '/../phpoption/phpoption', + 'aliases' => array(), + 'dev_requirement' => false, + ), + 'phpseclib/phpseclib' => array( + 'pretty_version' => '3.0.35', + 'version' => '3.0.35.0', + 'reference' => '4b1827beabce71953ca479485c0ae9c51287f2fe', + 'type' => 'library', + 'install_path' => __DIR__ . '/../phpseclib/phpseclib', + 'aliases' => array(), + 'dev_requirement' => false, + ), + 'sop/asn1' => array( + 'pretty_version' => '4.1.1', + 'version' => '4.1.1.0', + 'reference' => '074efe8f7c353c54edc809ac3d74efda83edd776', + 'type' => 'library', + 'install_path' => __DIR__ . '/../sop/asn1', + 'aliases' => array(), + 'dev_requirement' => false, + ), + 'sop/crypto-encoding' => array( + 'pretty_version' => '0.3.0', + 'version' => '0.3.0.0', + 'reference' => '07537353e1b0e76c382a58a9c6e041b7c7dc9052', + 'type' => 'library', + 'install_path' => __DIR__ . '/../sop/crypto-encoding', + 'aliases' => array(), + 'dev_requirement' => false, + ), + 'sop/crypto-types' => array( + 'pretty_version' => 'dev-master', + 'version' => 'dev-master', + 'reference' => '92fd19ebd5d9aecdaef919e08296a2ef79a2e80f', + 'type' => 'library', + 'install_path' => __DIR__ . '/../sop/crypto-types', + 'aliases' => array( + 0 => '9999999-dev', + ), + 'dev_requirement' => false, + ), + 'sop/x501' => array( + 'pretty_version' => '0.6.1', + 'version' => '0.6.1.0', + 'reference' => '7978bfac25ff73c4c20bed0794d4d88cca8f6895', + 'type' => 'library', + 'install_path' => __DIR__ . '/../sop/x501', + 'aliases' => array(), + 'dev_requirement' => false, + ), + 'symfony/polyfill-ctype' => array( + 'pretty_version' => 'v1.28.0', + 'version' => '1.28.0.0', + 'reference' => 'ea208ce43cbb04af6867b4fdddb1bdbf84cc28cb', + 'type' => 'library', + 'install_path' => __DIR__ . '/../symfony/polyfill-ctype', + 'aliases' => array(), + 'dev_requirement' => false, + ), + 'symfony/polyfill-mbstring' => array( + 'pretty_version' => 'v1.28.0', + 'version' => '1.28.0.0', + 'reference' => '42292d99c55abe617799667f454222c54c60e229', + 'type' => 'library', + 'install_path' => __DIR__ . '/../symfony/polyfill-mbstring', + 'aliases' => array(), + 'dev_requirement' => false, + ), + 'symfony/polyfill-php80' => array( + 'pretty_version' => 'v1.28.0', + 'version' => '1.28.0.0', + 'reference' => '6caa57379c4aec19c0a12a38b59b26487dcfe4b5', + 'type' => 'library', + 'install_path' => __DIR__ . '/../symfony/polyfill-php80', + 'aliases' => array(), + 'dev_requirement' => false, + ), + 'vlucas/phpdotenv' => array( + 'pretty_version' => 'v5.6.0', + 'version' => '5.6.0.0', + 'reference' => '2cf9fb6054c2bb1d59d1f3817706ecdb9d2934c4', + 'type' => 'library', + 'install_path' => __DIR__ . '/../vlucas/phpdotenv', + 'aliases' => array(), + 'dev_requirement' => false, + ), + ), +); diff --git a/utilities/signing_and_verification/php/vendor/composer/platform_check.php b/utilities/signing_and_verification/php/vendor/composer/platform_check.php new file mode 100644 index 0000000..a8b98d5 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/composer/platform_check.php @@ -0,0 +1,26 @@ += 70205)) { + $issues[] = 'Your Composer dependencies require a PHP version ">= 7.2.5". You are running ' . PHP_VERSION . '.'; +} + +if ($issues) { + if (!headers_sent()) { + header('HTTP/1.1 500 Internal Server Error'); + } + if (!ini_get('display_errors')) { + if (PHP_SAPI === 'cli' || PHP_SAPI === 'phpdbg') { + fwrite(STDERR, 'Composer detected issues in your platform:' . PHP_EOL.PHP_EOL . implode(PHP_EOL, $issues) . PHP_EOL.PHP_EOL); + } elseif (!headers_sent()) { + echo 'Composer detected issues in your platform:' . PHP_EOL.PHP_EOL . str_replace('You are running '.PHP_VERSION.'.', '', implode(PHP_EOL, $issues)) . PHP_EOL.PHP_EOL; + } + } + trigger_error( + 'Composer detected issues in your platform: ' . implode(' ', $issues), + E_USER_ERROR + ); +} diff --git a/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/LICENSE b/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/LICENSE new file mode 100644 index 0000000..bbd75d1 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2020-2023 Graham Campbell + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/composer.json b/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/composer.json new file mode 100644 index 0000000..b1ba15a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/composer.json @@ -0,0 +1,33 @@ +{ + "name": "graham-campbell/result-type", + "description": "An Implementation Of The Result Type", + "keywords": ["result", "result-type", "Result", "Result Type", "Result-Type", "Graham Campbell", "GrahamCampbell"], + "license": "MIT", + "authors": [ + { + "name": "Graham Campbell", + "email": "hello@gjcampbell.co.uk", + "homepage": "https://github.com/GrahamCampbell" + } + ], + "require": { + "php": "^7.2.5 || ^8.0", + "phpoption/phpoption": "^1.9.2" + }, + "require-dev": { + "phpunit/phpunit": "^8.5.34 || ^9.6.13 || ^10.4.2" + }, + "autoload": { + "psr-4": { + "GrahamCampbell\\ResultType\\": "src/" + } + }, + "autoload-dev": { + "psr-4": { + "GrahamCampbell\\Tests\\ResultType\\": "tests/" + } + }, + "config": { + "preferred-install": "dist" + } +} diff --git a/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/src/Error.php b/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/src/Error.php new file mode 100644 index 0000000..2c37c3e --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/src/Error.php @@ -0,0 +1,121 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace GrahamCampbell\ResultType; + +use PhpOption\None; +use PhpOption\Some; + +/** + * @template T + * @template E + * + * @extends \GrahamCampbell\ResultType\Result + */ +final class Error extends Result +{ + /** + * @var E + */ + private $value; + + /** + * Internal constructor for an error value. + * + * @param E $value + * + * @return void + */ + private function __construct($value) + { + $this->value = $value; + } + + /** + * Create a new error value. + * + * @template F + * + * @param F $value + * + * @return \GrahamCampbell\ResultType\Result + */ + public static function create($value) + { + return new self($value); + } + + /** + * Get the success option value. + * + * @return \PhpOption\Option + */ + public function success() + { + return None::create(); + } + + /** + * Map over the success value. + * + * @template S + * + * @param callable(T):S $f + * + * @return \GrahamCampbell\ResultType\Result + */ + public function map(callable $f) + { + return self::create($this->value); + } + + /** + * Flat map over the success value. + * + * @template S + * @template F + * + * @param callable(T):\GrahamCampbell\ResultType\Result $f + * + * @return \GrahamCampbell\ResultType\Result + */ + public function flatMap(callable $f) + { + /** @var \GrahamCampbell\ResultType\Result */ + return self::create($this->value); + } + + /** + * Get the error option value. + * + * @return \PhpOption\Option + */ + public function error() + { + return Some::create($this->value); + } + + /** + * Map over the error value. + * + * @template F + * + * @param callable(E):F $f + * + * @return \GrahamCampbell\ResultType\Result + */ + public function mapError(callable $f) + { + return self::create($f($this->value)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/src/Result.php b/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/src/Result.php new file mode 100644 index 0000000..8c67bcd --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/src/Result.php @@ -0,0 +1,69 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace GrahamCampbell\ResultType; + +/** + * @template T + * @template E + */ +abstract class Result +{ + /** + * Get the success option value. + * + * @return \PhpOption\Option + */ + abstract public function success(); + + /** + * Map over the success value. + * + * @template S + * + * @param callable(T):S $f + * + * @return \GrahamCampbell\ResultType\Result + */ + abstract public function map(callable $f); + + /** + * Flat map over the success value. + * + * @template S + * @template F + * + * @param callable(T):\GrahamCampbell\ResultType\Result $f + * + * @return \GrahamCampbell\ResultType\Result + */ + abstract public function flatMap(callable $f); + + /** + * Get the error option value. + * + * @return \PhpOption\Option + */ + abstract public function error(); + + /** + * Map over the error value. + * + * @template F + * + * @param callable(E):F $f + * + * @return \GrahamCampbell\ResultType\Result + */ + abstract public function mapError(callable $f); +} diff --git a/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/src/Success.php b/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/src/Success.php new file mode 100644 index 0000000..27cd85e --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/src/Success.php @@ -0,0 +1,120 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace GrahamCampbell\ResultType; + +use PhpOption\None; +use PhpOption\Some; + +/** + * @template T + * @template E + * + * @extends \GrahamCampbell\ResultType\Result + */ +final class Success extends Result +{ + /** + * @var T + */ + private $value; + + /** + * Internal constructor for a success value. + * + * @param T $value + * + * @return void + */ + private function __construct($value) + { + $this->value = $value; + } + + /** + * Create a new error value. + * + * @template S + * + * @param S $value + * + * @return \GrahamCampbell\ResultType\Result + */ + public static function create($value) + { + return new self($value); + } + + /** + * Get the success option value. + * + * @return \PhpOption\Option + */ + public function success() + { + return Some::create($this->value); + } + + /** + * Map over the success value. + * + * @template S + * + * @param callable(T):S $f + * + * @return \GrahamCampbell\ResultType\Result + */ + public function map(callable $f) + { + return self::create($f($this->value)); + } + + /** + * Flat map over the success value. + * + * @template S + * @template F + * + * @param callable(T):\GrahamCampbell\ResultType\Result $f + * + * @return \GrahamCampbell\ResultType\Result + */ + public function flatMap(callable $f) + { + return $f($this->value); + } + + /** + * Get the error option value. + * + * @return \PhpOption\Option + */ + public function error() + { + return None::create(); + } + + /** + * Map over the error value. + * + * @template F + * + * @param callable(E):F $f + * + * @return \GrahamCampbell\ResultType\Result + */ + public function mapError(callable $f) + { + return self::create($this->value); + } +} diff --git a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/LICENSE.txt b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/LICENSE.txt new file mode 100644 index 0000000..91acaca --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/LICENSE.txt @@ -0,0 +1,48 @@ +The MIT License (MIT) + +Copyright (c) 2016 - 2022 Paragon Initiative Enterprises + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. + +------------------------------------------------------------------------------ +This library was based on the work of Steve "Sc00bz" Thomas. +------------------------------------------------------------------------------ + +The MIT License (MIT) + +Copyright (c) 2014 Steve Thomas + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. + diff --git a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/README.md b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/README.md new file mode 100644 index 0000000..cedddd8 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/README.md @@ -0,0 +1,84 @@ +# Constant-Time Encoding + +[![Build Status](https://github.com/paragonie/constant_time_encoding/actions/workflows/ci.yml/badge.svg)](https://github.com/paragonie/constant_time_encoding/actions) +[![Latest Stable Version](https://poser.pugx.org/paragonie/constant_time_encoding/v/stable)](https://packagist.org/packages/paragonie/constant_time_encoding) +[![Latest Unstable Version](https://poser.pugx.org/paragonie/constant_time_encoding/v/unstable)](https://packagist.org/packages/paragonie/constant_time_encoding) +[![License](https://poser.pugx.org/paragonie/constant_time_encoding/license)](https://packagist.org/packages/paragonie/constant_time_encoding) +[![Downloads](https://img.shields.io/packagist/dt/paragonie/constant_time_encoding.svg)](https://packagist.org/packages/paragonie/constant_time_encoding) + +Based on the [constant-time base64 implementation made by Steve "Sc00bz" Thomas](https://github.com/Sc00bz/ConstTimeEncoding), +this library aims to offer character encoding functions that do not leak +information about what you are encoding/decoding via processor cache +misses. Further reading on [cache-timing attacks](http://blog.ircmaxell.com/2014/11/its-all-about-time.html). + +Our fork offers the following enchancements: + +* `mbstring.func_overload` resistance +* Unit tests +* Composer- and Packagist-ready +* Base16 encoding +* Base32 encoding +* Uses `pack()` and `unpack()` instead of `chr()` and `ord()` + +## PHP Version Requirements + +Version 2 of this library should work on **PHP 7** or newer. For PHP 5 +support, see [the v1.x branch](https://github.com/paragonie/constant_time_encoding/tree/v1.x). + +If you are adding this as a dependency to a project intended to work on both PHP 5 and PHP 7, please set the required version to `^1|^2` instead of just `^1` or `^2`. + +## How to Install + +```sh +composer require paragonie/constant_time_encoding +``` + +## How to Use + +```php +use ParagonIE\ConstantTime\Encoding; + +// possibly (if applicable): +// require 'vendor/autoload.php'; + +$data = random_bytes(32); +echo Encoding::base64Encode($data), "\n"; +echo Encoding::base32EncodeUpper($data), "\n"; +echo Encoding::base32Encode($data), "\n"; +echo Encoding::hexEncode($data), "\n"; +echo Encoding::hexEncodeUpper($data), "\n"; +``` + +Example output: + +``` +1VilPkeVqirlPifk5scbzcTTbMT2clp+Zkyv9VFFasE= +2VMKKPSHSWVCVZJ6E7SONRY3ZXCNG3GE6ZZFU7TGJSX7KUKFNLAQ==== +2vmkkpshswvcvzj6e7sonry3zxcng3ge6zzfu7tgjsx7kukfnlaq==== +d558a53e4795aa2ae53e27e4e6c71bcdc4d36cc4f6725a7e664caff551456ac1 +D558A53E4795AA2AE53E27E4E6C71BDCC4D36CC4F6725A7E664CAFF551456AC1 +``` + +If you only need a particular variant, you can just reference the +required class like so: + +```php +use ParagonIE\ConstantTime\Base64; +use ParagonIE\ConstantTime\Base32; + +$data = random_bytes(32); +echo Base64::encode($data), "\n"; +echo Base32::encode($data), "\n"; +``` + +Example output: + +``` +1VilPkeVqirlPifk5scbzcTTbMT2clp+Zkyv9VFFasE= +2vmkkpshswvcvzj6e7sonry3zxcng3ge6zzfu7tgjsx7kukfnlaq==== +``` + +## Support Contracts + +If your company uses this library in their products or services, you may be +interested in [purchasing a support contract from Paragon Initiative Enterprises](https://paragonie.com/enterprise). diff --git a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/composer.json b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/composer.json new file mode 100644 index 0000000..2fe9717 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/composer.json @@ -0,0 +1,56 @@ +{ + "name": "paragonie/constant_time_encoding", + "description": "Constant-time Implementations of RFC 4648 Encoding (Base-64, Base-32, Base-16)", + "keywords": [ + "base64", + "encoding", + "rfc4648", + "base32", + "base16", + "hex", + "bin2hex", + "hex2bin", + "base64_encode", + "base64_decode", + "base32_encode", + "base32_decode" + ], + "license": "MIT", + "type": "library", + "authors": [ + { + "name": "Paragon Initiative Enterprises", + "email": "security@paragonie.com", + "homepage": "https://paragonie.com", + "role": "Maintainer" + }, + { + "name": "Steve 'Sc00bz' Thomas", + "email": "steve@tobtu.com", + "homepage": "https://www.tobtu.com", + "role": "Original Developer" + } + ], + "support": { + "issues": "https://github.com/paragonie/constant_time_encoding/issues", + "email": "info@paragonie.com", + "source": "https://github.com/paragonie/constant_time_encoding" + }, + "require": { + "php": "^7|^8" + }, + "require-dev": { + "phpunit/phpunit": "^6|^7|^8|^9", + "vimeo/psalm": "^1|^2|^3|^4" + }, + "autoload": { + "psr-4": { + "ParagonIE\\ConstantTime\\": "src/" + } + }, + "autoload-dev": { + "psr-4": { + "ParagonIE\\ConstantTime\\Tests\\": "tests/" + } + } +} diff --git a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base32.php b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base32.php new file mode 100644 index 0000000..7508b3d --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base32.php @@ -0,0 +1,519 @@ + 96 && $src < 123) $ret += $src - 97 + 1; // -64 + $ret += (((0x60 - $src) & ($src - 0x7b)) >> 8) & ($src - 96); + + // if ($src > 0x31 && $src < 0x38) $ret += $src - 24 + 1; // -23 + $ret += (((0x31 - $src) & ($src - 0x38)) >> 8) & ($src - 23); + + return $ret; + } + + /** + * Uses bitwise operators instead of table-lookups to turn 5-bit integers + * into 8-bit integers. + * + * Uppercase variant. + * + * @param int $src + * @return int + */ + protected static function decode5BitsUpper(int $src): int + { + $ret = -1; + + // if ($src > 64 && $src < 91) $ret += $src - 65 + 1; // -64 + $ret += (((0x40 - $src) & ($src - 0x5b)) >> 8) & ($src - 64); + + // if ($src > 0x31 && $src < 0x38) $ret += $src - 24 + 1; // -23 + $ret += (((0x31 - $src) & ($src - 0x38)) >> 8) & ($src - 23); + + return $ret; + } + + /** + * Uses bitwise operators instead of table-lookups to turn 8-bit integers + * into 5-bit integers. + * + * @param int $src + * @return string + */ + protected static function encode5Bits(int $src): string + { + $diff = 0x61; + + // if ($src > 25) $ret -= 72; + $diff -= ((25 - $src) >> 8) & 73; + + return \pack('C', $src + $diff); + } + + /** + * Uses bitwise operators instead of table-lookups to turn 8-bit integers + * into 5-bit integers. + * + * Uppercase variant. + * + * @param int $src + * @return string + */ + protected static function encode5BitsUpper(int $src): string + { + $diff = 0x41; + + // if ($src > 25) $ret -= 40; + $diff -= ((25 - $src) >> 8) & 41; + + return \pack('C', $src + $diff); + } + + /** + * @param string $encodedString + * @param bool $upper + * @return string + */ + public static function decodeNoPadding(string $encodedString, bool $upper = false): string + { + $srcLen = Binary::safeStrlen($encodedString); + if ($srcLen === 0) { + return ''; + } + if (($srcLen & 7) === 0) { + for ($j = 0; $j < 7 && $j < $srcLen; ++$j) { + if ($encodedString[$srcLen - $j - 1] === '=') { + throw new InvalidArgumentException( + "decodeNoPadding() doesn't tolerate padding" + ); + } + } + } + return static::doDecode( + $encodedString, + $upper, + true + ); + } + + /** + * Base32 decoding + * + * @param string $src + * @param bool $upper + * @param bool $strictPadding + * @return string + * + * @throws TypeError + * @psalm-suppress RedundantCondition + */ + protected static function doDecode( + string $src, + bool $upper = false, + bool $strictPadding = false + ): string { + // We do this to reduce code duplication: + $method = $upper + ? 'decode5BitsUpper' + : 'decode5Bits'; + + // Remove padding + $srcLen = Binary::safeStrlen($src); + if ($srcLen === 0) { + return ''; + } + if ($strictPadding) { + if (($srcLen & 7) === 0) { + for ($j = 0; $j < 7; ++$j) { + if ($src[$srcLen - 1] === '=') { + $srcLen--; + } else { + break; + } + } + } + if (($srcLen & 7) === 1) { + throw new RangeException( + 'Incorrect padding' + ); + } + } else { + $src = \rtrim($src, '='); + $srcLen = Binary::safeStrlen($src); + } + + $err = 0; + $dest = ''; + // Main loop (no padding): + for ($i = 0; $i + 8 <= $srcLen; $i += 8) { + /** @var array $chunk */ + $chunk = \unpack('C*', Binary::safeSubstr($src, $i, 8)); + /** @var int $c0 */ + $c0 = static::$method($chunk[1]); + /** @var int $c1 */ + $c1 = static::$method($chunk[2]); + /** @var int $c2 */ + $c2 = static::$method($chunk[3]); + /** @var int $c3 */ + $c3 = static::$method($chunk[4]); + /** @var int $c4 */ + $c4 = static::$method($chunk[5]); + /** @var int $c5 */ + $c5 = static::$method($chunk[6]); + /** @var int $c6 */ + $c6 = static::$method($chunk[7]); + /** @var int $c7 */ + $c7 = static::$method($chunk[8]); + + $dest .= \pack( + 'CCCCC', + (($c0 << 3) | ($c1 >> 2) ) & 0xff, + (($c1 << 6) | ($c2 << 1) | ($c3 >> 4)) & 0xff, + (($c3 << 4) | ($c4 >> 1) ) & 0xff, + (($c4 << 7) | ($c5 << 2) | ($c6 >> 3)) & 0xff, + (($c6 << 5) | ($c7 ) ) & 0xff + ); + $err |= ($c0 | $c1 | $c2 | $c3 | $c4 | $c5 | $c6 | $c7) >> 8; + } + // The last chunk, which may have padding: + if ($i < $srcLen) { + /** @var array $chunk */ + $chunk = \unpack('C*', Binary::safeSubstr($src, $i, $srcLen - $i)); + /** @var int $c0 */ + $c0 = static::$method($chunk[1]); + + if ($i + 6 < $srcLen) { + /** @var int $c1 */ + $c1 = static::$method($chunk[2]); + /** @var int $c2 */ + $c2 = static::$method($chunk[3]); + /** @var int $c3 */ + $c3 = static::$method($chunk[4]); + /** @var int $c4 */ + $c4 = static::$method($chunk[5]); + /** @var int $c5 */ + $c5 = static::$method($chunk[6]); + /** @var int $c6 */ + $c6 = static::$method($chunk[7]); + + $dest .= \pack( + 'CCCC', + (($c0 << 3) | ($c1 >> 2) ) & 0xff, + (($c1 << 6) | ($c2 << 1) | ($c3 >> 4)) & 0xff, + (($c3 << 4) | ($c4 >> 1) ) & 0xff, + (($c4 << 7) | ($c5 << 2) | ($c6 >> 3)) & 0xff + ); + $err |= ($c0 | $c1 | $c2 | $c3 | $c4 | $c5 | $c6) >> 8; + if ($strictPadding) { + $err |= ($c6 << 5) & 0xff; + } + } elseif ($i + 5 < $srcLen) { + /** @var int $c1 */ + $c1 = static::$method($chunk[2]); + /** @var int $c2 */ + $c2 = static::$method($chunk[3]); + /** @var int $c3 */ + $c3 = static::$method($chunk[4]); + /** @var int $c4 */ + $c4 = static::$method($chunk[5]); + /** @var int $c5 */ + $c5 = static::$method($chunk[6]); + + $dest .= \pack( + 'CCCC', + (($c0 << 3) | ($c1 >> 2) ) & 0xff, + (($c1 << 6) | ($c2 << 1) | ($c3 >> 4)) & 0xff, + (($c3 << 4) | ($c4 >> 1) ) & 0xff, + (($c4 << 7) | ($c5 << 2) ) & 0xff + ); + $err |= ($c0 | $c1 | $c2 | $c3 | $c4 | $c5) >> 8; + } elseif ($i + 4 < $srcLen) { + /** @var int $c1 */ + $c1 = static::$method($chunk[2]); + /** @var int $c2 */ + $c2 = static::$method($chunk[3]); + /** @var int $c3 */ + $c3 = static::$method($chunk[4]); + /** @var int $c4 */ + $c4 = static::$method($chunk[5]); + + $dest .= \pack( + 'CCC', + (($c0 << 3) | ($c1 >> 2) ) & 0xff, + (($c1 << 6) | ($c2 << 1) | ($c3 >> 4)) & 0xff, + (($c3 << 4) | ($c4 >> 1) ) & 0xff + ); + $err |= ($c0 | $c1 | $c2 | $c3 | $c4) >> 8; + if ($strictPadding) { + $err |= ($c4 << 7) & 0xff; + } + } elseif ($i + 3 < $srcLen) { + /** @var int $c1 */ + $c1 = static::$method($chunk[2]); + /** @var int $c2 */ + $c2 = static::$method($chunk[3]); + /** @var int $c3 */ + $c3 = static::$method($chunk[4]); + + $dest .= \pack( + 'CC', + (($c0 << 3) | ($c1 >> 2) ) & 0xff, + (($c1 << 6) | ($c2 << 1) | ($c3 >> 4)) & 0xff + ); + $err |= ($c0 | $c1 | $c2 | $c3) >> 8; + if ($strictPadding) { + $err |= ($c3 << 4) & 0xff; + } + } elseif ($i + 2 < $srcLen) { + /** @var int $c1 */ + $c1 = static::$method($chunk[2]); + /** @var int $c2 */ + $c2 = static::$method($chunk[3]); + + $dest .= \pack( + 'CC', + (($c0 << 3) | ($c1 >> 2) ) & 0xff, + (($c1 << 6) | ($c2 << 1) ) & 0xff + ); + $err |= ($c0 | $c1 | $c2) >> 8; + if ($strictPadding) { + $err |= ($c2 << 6) & 0xff; + } + } elseif ($i + 1 < $srcLen) { + /** @var int $c1 */ + $c1 = static::$method($chunk[2]); + + $dest .= \pack( + 'C', + (($c0 << 3) | ($c1 >> 2) ) & 0xff + ); + $err |= ($c0 | $c1) >> 8; + if ($strictPadding) { + $err |= ($c1 << 6) & 0xff; + } + } else { + $dest .= \pack( + 'C', + (($c0 << 3) ) & 0xff + ); + $err |= ($c0) >> 8; + } + } + $check = ($err === 0); + if (!$check) { + throw new RangeException( + 'Base32::doDecode() only expects characters in the correct base32 alphabet' + ); + } + return $dest; + } + + /** + * Base32 Encoding + * + * @param string $src + * @param bool $upper + * @param bool $pad + * @return string + * @throws TypeError + */ + protected static function doEncode(string $src, bool $upper = false, $pad = true): string + { + // We do this to reduce code duplication: + $method = $upper + ? 'encode5BitsUpper' + : 'encode5Bits'; + + $dest = ''; + $srcLen = Binary::safeStrlen($src); + + // Main loop (no padding): + for ($i = 0; $i + 5 <= $srcLen; $i += 5) { + /** @var array $chunk */ + $chunk = \unpack('C*', Binary::safeSubstr($src, $i, 5)); + $b0 = $chunk[1]; + $b1 = $chunk[2]; + $b2 = $chunk[3]; + $b3 = $chunk[4]; + $b4 = $chunk[5]; + $dest .= + static::$method( ($b0 >> 3) & 31) . + static::$method((($b0 << 2) | ($b1 >> 6)) & 31) . + static::$method((($b1 >> 1) ) & 31) . + static::$method((($b1 << 4) | ($b2 >> 4)) & 31) . + static::$method((($b2 << 1) | ($b3 >> 7)) & 31) . + static::$method((($b3 >> 2) ) & 31) . + static::$method((($b3 << 3) | ($b4 >> 5)) & 31) . + static::$method( $b4 & 31); + } + // The last chunk, which may have padding: + if ($i < $srcLen) { + /** @var array $chunk */ + $chunk = \unpack('C*', Binary::safeSubstr($src, $i, $srcLen - $i)); + $b0 = $chunk[1]; + if ($i + 3 < $srcLen) { + $b1 = $chunk[2]; + $b2 = $chunk[3]; + $b3 = $chunk[4]; + $dest .= + static::$method( ($b0 >> 3) & 31) . + static::$method((($b0 << 2) | ($b1 >> 6)) & 31) . + static::$method((($b1 >> 1) ) & 31) . + static::$method((($b1 << 4) | ($b2 >> 4)) & 31) . + static::$method((($b2 << 1) | ($b3 >> 7)) & 31) . + static::$method((($b3 >> 2) ) & 31) . + static::$method((($b3 << 3) ) & 31); + if ($pad) { + $dest .= '='; + } + } elseif ($i + 2 < $srcLen) { + $b1 = $chunk[2]; + $b2 = $chunk[3]; + $dest .= + static::$method( ($b0 >> 3) & 31) . + static::$method((($b0 << 2) | ($b1 >> 6)) & 31) . + static::$method((($b1 >> 1) ) & 31) . + static::$method((($b1 << 4) | ($b2 >> 4)) & 31) . + static::$method((($b2 << 1) ) & 31); + if ($pad) { + $dest .= '==='; + } + } elseif ($i + 1 < $srcLen) { + $b1 = $chunk[2]; + $dest .= + static::$method( ($b0 >> 3) & 31) . + static::$method((($b0 << 2) | ($b1 >> 6)) & 31) . + static::$method((($b1 >> 1) ) & 31) . + static::$method((($b1 << 4) ) & 31); + if ($pad) { + $dest .= '===='; + } + } else { + $dest .= + static::$method( ($b0 >> 3) & 31) . + static::$method( ($b0 << 2) & 31); + if ($pad) { + $dest .= '======'; + } + } + } + return $dest; + } +} diff --git a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base32Hex.php b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base32Hex.php new file mode 100644 index 0000000..b868dd0 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base32Hex.php @@ -0,0 +1,111 @@ + 0x30 && $src < 0x3a) ret += $src - 0x2e + 1; // -47 + $ret += (((0x2f - $src) & ($src - 0x3a)) >> 8) & ($src - 47); + + // if ($src > 0x60 && $src < 0x77) ret += $src - 0x61 + 10 + 1; // -86 + $ret += (((0x60 - $src) & ($src - 0x77)) >> 8) & ($src - 86); + + return $ret; + } + + /** + * Uses bitwise operators instead of table-lookups to turn 5-bit integers + * into 8-bit integers. + * + * @param int $src + * @return int + */ + protected static function decode5BitsUpper(int $src): int + { + $ret = -1; + + // if ($src > 0x30 && $src < 0x3a) ret += $src - 0x2e + 1; // -47 + $ret += (((0x2f - $src) & ($src - 0x3a)) >> 8) & ($src - 47); + + // if ($src > 0x40 && $src < 0x57) ret += $src - 0x41 + 10 + 1; // -54 + $ret += (((0x40 - $src) & ($src - 0x57)) >> 8) & ($src - 54); + + return $ret; + } + + /** + * Uses bitwise operators instead of table-lookups to turn 8-bit integers + * into 5-bit integers. + * + * @param int $src + * @return string + */ + protected static function encode5Bits(int $src): string + { + $src += 0x30; + + // if ($src > 0x39) $src += 0x61 - 0x3a; // 39 + $src += ((0x39 - $src) >> 8) & 39; + + return \pack('C', $src); + } + + /** + * Uses bitwise operators instead of table-lookups to turn 8-bit integers + * into 5-bit integers. + * + * Uppercase variant. + * + * @param int $src + * @return string + */ + protected static function encode5BitsUpper(int $src): string + { + $src += 0x30; + + // if ($src > 0x39) $src += 0x41 - 0x3a; // 7 + $src += ((0x39 - $src) >> 8) & 7; + + return \pack('C', $src); + } +} \ No newline at end of file diff --git a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64.php b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64.php new file mode 100644 index 0000000..f571617 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64.php @@ -0,0 +1,314 @@ + $chunk */ + $chunk = \unpack('C*', Binary::safeSubstr($src, $i, 3)); + $b0 = $chunk[1]; + $b1 = $chunk[2]; + $b2 = $chunk[3]; + + $dest .= + static::encode6Bits( $b0 >> 2 ) . + static::encode6Bits((($b0 << 4) | ($b1 >> 4)) & 63) . + static::encode6Bits((($b1 << 2) | ($b2 >> 6)) & 63) . + static::encode6Bits( $b2 & 63); + } + // The last chunk, which may have padding: + if ($i < $srcLen) { + /** @var array $chunk */ + $chunk = \unpack('C*', Binary::safeSubstr($src, $i, $srcLen - $i)); + $b0 = $chunk[1]; + if ($i + 1 < $srcLen) { + $b1 = $chunk[2]; + $dest .= + static::encode6Bits($b0 >> 2) . + static::encode6Bits((($b0 << 4) | ($b1 >> 4)) & 63) . + static::encode6Bits(($b1 << 2) & 63); + if ($pad) { + $dest .= '='; + } + } else { + $dest .= + static::encode6Bits( $b0 >> 2) . + static::encode6Bits(($b0 << 4) & 63); + if ($pad) { + $dest .= '=='; + } + } + } + return $dest; + } + + /** + * decode from base64 into binary + * + * Base64 character set "./[A-Z][a-z][0-9]" + * + * @param string $encodedString + * @param bool $strictPadding + * @return string + * + * @throws RangeException + * @throws TypeError + * @psalm-suppress RedundantCondition + */ + public static function decode(string $encodedString, bool $strictPadding = false): string + { + // Remove padding + $srcLen = Binary::safeStrlen($encodedString); + if ($srcLen === 0) { + return ''; + } + + if ($strictPadding) { + if (($srcLen & 3) === 0) { + if ($encodedString[$srcLen - 1] === '=') { + $srcLen--; + if ($encodedString[$srcLen - 1] === '=') { + $srcLen--; + } + } + } + if (($srcLen & 3) === 1) { + throw new RangeException( + 'Incorrect padding' + ); + } + if ($encodedString[$srcLen - 1] === '=') { + throw new RangeException( + 'Incorrect padding' + ); + } + } else { + $encodedString = \rtrim($encodedString, '='); + $srcLen = Binary::safeStrlen($encodedString); + } + + $err = 0; + $dest = ''; + // Main loop (no padding): + for ($i = 0; $i + 4 <= $srcLen; $i += 4) { + /** @var array $chunk */ + $chunk = \unpack('C*', Binary::safeSubstr($encodedString, $i, 4)); + $c0 = static::decode6Bits($chunk[1]); + $c1 = static::decode6Bits($chunk[2]); + $c2 = static::decode6Bits($chunk[3]); + $c3 = static::decode6Bits($chunk[4]); + + $dest .= \pack( + 'CCC', + ((($c0 << 2) | ($c1 >> 4)) & 0xff), + ((($c1 << 4) | ($c2 >> 2)) & 0xff), + ((($c2 << 6) | $c3 ) & 0xff) + ); + $err |= ($c0 | $c1 | $c2 | $c3) >> 8; + } + // The last chunk, which may have padding: + if ($i < $srcLen) { + /** @var array $chunk */ + $chunk = \unpack('C*', Binary::safeSubstr($encodedString, $i, $srcLen - $i)); + $c0 = static::decode6Bits($chunk[1]); + + if ($i + 2 < $srcLen) { + $c1 = static::decode6Bits($chunk[2]); + $c2 = static::decode6Bits($chunk[3]); + $dest .= \pack( + 'CC', + ((($c0 << 2) | ($c1 >> 4)) & 0xff), + ((($c1 << 4) | ($c2 >> 2)) & 0xff) + ); + $err |= ($c0 | $c1 | $c2) >> 8; + if ($strictPadding) { + $err |= ($c2 << 6) & 0xff; + } + } elseif ($i + 1 < $srcLen) { + $c1 = static::decode6Bits($chunk[2]); + $dest .= \pack( + 'C', + ((($c0 << 2) | ($c1 >> 4)) & 0xff) + ); + $err |= ($c0 | $c1) >> 8; + if ($strictPadding) { + $err |= ($c1 << 4) & 0xff; + } + } elseif ($strictPadding) { + $err |= 1; + } + } + $check = ($err === 0); + if (!$check) { + throw new RangeException( + 'Base64::decode() only expects characters in the correct base64 alphabet' + ); + } + return $dest; + } + + /** + * @param string $encodedString + * @return string + */ + public static function decodeNoPadding(string $encodedString): string + { + $srcLen = Binary::safeStrlen($encodedString); + if ($srcLen === 0) { + return ''; + } + if (($srcLen & 3) === 0) { + if ($encodedString[$srcLen - 1] === '=') { + throw new InvalidArgumentException( + "decodeNoPadding() doesn't tolerate padding" + ); + } + if (($srcLen & 3) > 1) { + if ($encodedString[$srcLen - 2] === '=') { + throw new InvalidArgumentException( + "decodeNoPadding() doesn't tolerate padding" + ); + } + } + } + return static::decode( + $encodedString, + true + ); + } + + /** + * Uses bitwise operators instead of table-lookups to turn 6-bit integers + * into 8-bit integers. + * + * Base64 character set: + * [A-Z] [a-z] [0-9] + / + * 0x41-0x5a, 0x61-0x7a, 0x30-0x39, 0x2b, 0x2f + * + * @param int $src + * @return int + */ + protected static function decode6Bits(int $src): int + { + $ret = -1; + + // if ($src > 0x40 && $src < 0x5b) $ret += $src - 0x41 + 1; // -64 + $ret += (((0x40 - $src) & ($src - 0x5b)) >> 8) & ($src - 64); + + // if ($src > 0x60 && $src < 0x7b) $ret += $src - 0x61 + 26 + 1; // -70 + $ret += (((0x60 - $src) & ($src - 0x7b)) >> 8) & ($src - 70); + + // if ($src > 0x2f && $src < 0x3a) $ret += $src - 0x30 + 52 + 1; // 5 + $ret += (((0x2f - $src) & ($src - 0x3a)) >> 8) & ($src + 5); + + // if ($src == 0x2b) $ret += 62 + 1; + $ret += (((0x2a - $src) & ($src - 0x2c)) >> 8) & 63; + + // if ($src == 0x2f) ret += 63 + 1; + $ret += (((0x2e - $src) & ($src - 0x30)) >> 8) & 64; + + return $ret; + } + + /** + * Uses bitwise operators instead of table-lookups to turn 8-bit integers + * into 6-bit integers. + * + * @param int $src + * @return string + */ + protected static function encode6Bits(int $src): string + { + $diff = 0x41; + + // if ($src > 25) $diff += 0x61 - 0x41 - 26; // 6 + $diff += ((25 - $src) >> 8) & 6; + + // if ($src > 51) $diff += 0x30 - 0x61 - 26; // -75 + $diff -= ((51 - $src) >> 8) & 75; + + // if ($src > 61) $diff += 0x2b - 0x30 - 10; // -15 + $diff -= ((61 - $src) >> 8) & 15; + + // if ($src > 62) $diff += 0x2f - 0x2b - 1; // 3 + $diff += ((62 - $src) >> 8) & 3; + + return \pack('C', $src + $diff); + } +} diff --git a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64DotSlash.php b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64DotSlash.php new file mode 100644 index 0000000..5e98a8f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64DotSlash.php @@ -0,0 +1,88 @@ + 0x2d && $src < 0x30) ret += $src - 0x2e + 1; // -45 + $ret += (((0x2d - $src) & ($src - 0x30)) >> 8) & ($src - 45); + + // if ($src > 0x40 && $src < 0x5b) ret += $src - 0x41 + 2 + 1; // -62 + $ret += (((0x40 - $src) & ($src - 0x5b)) >> 8) & ($src - 62); + + // if ($src > 0x60 && $src < 0x7b) ret += $src - 0x61 + 28 + 1; // -68 + $ret += (((0x60 - $src) & ($src - 0x7b)) >> 8) & ($src - 68); + + // if ($src > 0x2f && $src < 0x3a) ret += $src - 0x30 + 54 + 1; // 7 + $ret += (((0x2f - $src) & ($src - 0x3a)) >> 8) & ($src + 7); + + return $ret; + } + + /** + * Uses bitwise operators instead of table-lookups to turn 8-bit integers + * into 6-bit integers. + * + * @param int $src + * @return string + */ + protected static function encode6Bits(int $src): string + { + $src += 0x2e; + + // if ($src > 0x2f) $src += 0x41 - 0x30; // 17 + $src += ((0x2f - $src) >> 8) & 17; + + // if ($src > 0x5a) $src += 0x61 - 0x5b; // 6 + $src += ((0x5a - $src) >> 8) & 6; + + // if ($src > 0x7a) $src += 0x30 - 0x7b; // -75 + $src -= ((0x7a - $src) >> 8) & 75; + + return \pack('C', $src); + } +} diff --git a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64DotSlashOrdered.php b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64DotSlashOrdered.php new file mode 100644 index 0000000..9780b14 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64DotSlashOrdered.php @@ -0,0 +1,82 @@ + 0x2d && $src < 0x3a) ret += $src - 0x2e + 1; // -45 + $ret += (((0x2d - $src) & ($src - 0x3a)) >> 8) & ($src - 45); + + // if ($src > 0x40 && $src < 0x5b) ret += $src - 0x41 + 12 + 1; // -52 + $ret += (((0x40 - $src) & ($src - 0x5b)) >> 8) & ($src - 52); + + // if ($src > 0x60 && $src < 0x7b) ret += $src - 0x61 + 38 + 1; // -58 + $ret += (((0x60 - $src) & ($src - 0x7b)) >> 8) & ($src - 58); + + return $ret; + } + + /** + * Uses bitwise operators instead of table-lookups to turn 8-bit integers + * into 6-bit integers. + * + * @param int $src + * @return string + */ + protected static function encode6Bits(int $src): string + { + $src += 0x2e; + + // if ($src > 0x39) $src += 0x41 - 0x3a; // 7 + $src += ((0x39 - $src) >> 8) & 7; + + // if ($src > 0x5a) $src += 0x61 - 0x5b; // 6 + $src += ((0x5a - $src) >> 8) & 6; + + return \pack('C', $src); + } +} diff --git a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64UrlSafe.php b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64UrlSafe.php new file mode 100644 index 0000000..8192c63 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64UrlSafe.php @@ -0,0 +1,95 @@ + 0x40 && $src < 0x5b) $ret += $src - 0x41 + 1; // -64 + $ret += (((0x40 - $src) & ($src - 0x5b)) >> 8) & ($src - 64); + + // if ($src > 0x60 && $src < 0x7b) $ret += $src - 0x61 + 26 + 1; // -70 + $ret += (((0x60 - $src) & ($src - 0x7b)) >> 8) & ($src - 70); + + // if ($src > 0x2f && $src < 0x3a) $ret += $src - 0x30 + 52 + 1; // 5 + $ret += (((0x2f - $src) & ($src - 0x3a)) >> 8) & ($src + 5); + + // if ($src == 0x2c) $ret += 62 + 1; + $ret += (((0x2c - $src) & ($src - 0x2e)) >> 8) & 63; + + // if ($src == 0x5f) ret += 63 + 1; + $ret += (((0x5e - $src) & ($src - 0x60)) >> 8) & 64; + + return $ret; + } + + /** + * Uses bitwise operators instead of table-lookups to turn 8-bit integers + * into 6-bit integers. + * + * @param int $src + * @return string + */ + protected static function encode6Bits(int $src): string + { + $diff = 0x41; + + // if ($src > 25) $diff += 0x61 - 0x41 - 26; // 6 + $diff += ((25 - $src) >> 8) & 6; + + // if ($src > 51) $diff += 0x30 - 0x61 - 26; // -75 + $diff -= ((51 - $src) >> 8) & 75; + + // if ($src > 61) $diff += 0x2d - 0x30 - 10; // -13 + $diff -= ((61 - $src) >> 8) & 13; + + // if ($src > 62) $diff += 0x5f - 0x2b - 1; // 3 + $diff += ((62 - $src) >> 8) & 49; + + return \pack('C', $src + $diff); + } +} diff --git a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Binary.php b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Binary.php new file mode 100644 index 0000000..828f3e0 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Binary.php @@ -0,0 +1,90 @@ + $chunk */ + $chunk = \unpack('C', $binString[$i]); + $c = $chunk[1] & 0xf; + $b = $chunk[1] >> 4; + + $hex .= \pack( + 'CC', + (87 + $b + ((($b - 10) >> 8) & ~38)), + (87 + $c + ((($c - 10) >> 8) & ~38)) + ); + } + return $hex; + } + + /** + * Convert a binary string into a hexadecimal string without cache-timing + * leaks, returning uppercase letters (as per RFC 4648) + * + * @param string $binString (raw binary) + * @return string + * @throws TypeError + */ + public static function encodeUpper(string $binString): string + { + $hex = ''; + $len = Binary::safeStrlen($binString); + + for ($i = 0; $i < $len; ++$i) { + /** @var array $chunk */ + $chunk = \unpack('C', $binString[$i]); + $c = $chunk[1] & 0xf; + $b = $chunk[1] >> 4; + + $hex .= \pack( + 'CC', + (55 + $b + ((($b - 10) >> 8) & ~6)), + (55 + $c + ((($c - 10) >> 8) & ~6)) + ); + } + return $hex; + } + + /** + * Convert a hexadecimal string into a binary string without cache-timing + * leaks + * + * @param string $encodedString + * @param bool $strictPadding + * @return string (raw binary) + * @throws RangeException + */ + public static function decode( + string $encodedString, + bool $strictPadding = false + ): string { + $hex_pos = 0; + $bin = ''; + $c_acc = 0; + $hex_len = Binary::safeStrlen($encodedString); + $state = 0; + if (($hex_len & 1) !== 0) { + if ($strictPadding) { + throw new RangeException( + 'Expected an even number of hexadecimal characters' + ); + } else { + $encodedString = '0' . $encodedString; + ++$hex_len; + } + } + + /** @var array $chunk */ + $chunk = \unpack('C*', $encodedString); + while ($hex_pos < $hex_len) { + ++$hex_pos; + $c = $chunk[$hex_pos]; + $c_num = $c ^ 48; + $c_num0 = ($c_num - 10) >> 8; + $c_alpha = ($c & ~32) - 55; + $c_alpha0 = (($c_alpha - 10) ^ ($c_alpha - 16)) >> 8; + + if (($c_num0 | $c_alpha0) === 0) { + throw new RangeException( + 'Expected hexadecimal character' + ); + } + $c_val = ($c_num0 & $c_num) | ($c_alpha & $c_alpha0); + if ($state === 0) { + $c_acc = $c_val * 16; + } else { + $bin .= \pack('C', $c_acc | $c_val); + } + $state ^= 1; + } + return $bin; + } +} diff --git a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/RFC4648.php b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/RFC4648.php new file mode 100644 index 0000000..f124d65 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/RFC4648.php @@ -0,0 +1,186 @@ + "Zm9v" + * + * @param string $str + * @return string + * + * @throws TypeError + */ + public static function base64Encode(string $str): string + { + return Base64::encode($str); + } + + /** + * RFC 4648 Base64 decoding + * + * "Zm9v" -> "foo" + * + * @param string $str + * @return string + * + * @throws TypeError + */ + public static function base64Decode(string $str): string + { + return Base64::decode($str, true); + } + + /** + * RFC 4648 Base64 (URL Safe) encoding + * + * "foo" -> "Zm9v" + * + * @param string $str + * @return string + * + * @throws TypeError + */ + public static function base64UrlSafeEncode(string $str): string + { + return Base64UrlSafe::encode($str); + } + + /** + * RFC 4648 Base64 (URL Safe) decoding + * + * "Zm9v" -> "foo" + * + * @param string $str + * @return string + * + * @throws TypeError + */ + public static function base64UrlSafeDecode(string $str): string + { + return Base64UrlSafe::decode($str, true); + } + + /** + * RFC 4648 Base32 encoding + * + * "foo" -> "MZXW6===" + * + * @param string $str + * @return string + * + * @throws TypeError + */ + public static function base32Encode(string $str): string + { + return Base32::encodeUpper($str); + } + + /** + * RFC 4648 Base32 encoding + * + * "MZXW6===" -> "foo" + * + * @param string $str + * @return string + * + * @throws TypeError + */ + public static function base32Decode(string $str): string + { + return Base32::decodeUpper($str, true); + } + + /** + * RFC 4648 Base32-Hex encoding + * + * "foo" -> "CPNMU===" + * + * @param string $str + * @return string + * + * @throws TypeError + */ + public static function base32HexEncode(string $str): string + { + return Base32::encodeUpper($str); + } + + /** + * RFC 4648 Base32-Hex decoding + * + * "CPNMU===" -> "foo" + * + * @param string $str + * @return string + * + * @throws TypeError + */ + public static function base32HexDecode(string $str): string + { + return Base32::decodeUpper($str, true); + } + + /** + * RFC 4648 Base16 decoding + * + * "foo" -> "666F6F" + * + * @param string $str + * @return string + * + * @throws TypeError + */ + public static function base16Encode(string $str): string + { + return Hex::encodeUpper($str); + } + + /** + * RFC 4648 Base16 decoding + * + * "666F6F" -> "foo" + * + * @param string $str + * @return string + */ + public static function base16Decode(string $str): string + { + return Hex::decode($str, true); + } +} \ No newline at end of file diff --git a/utilities/signing_and_verification/php/vendor/paragonie/random_compat/LICENSE b/utilities/signing_and_verification/php/vendor/paragonie/random_compat/LICENSE new file mode 100644 index 0000000..45c7017 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/paragonie/random_compat/LICENSE @@ -0,0 +1,22 @@ +The MIT License (MIT) + +Copyright (c) 2015 Paragon Initiative Enterprises + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. + diff --git a/utilities/signing_and_verification/php/vendor/paragonie/random_compat/build-phar.sh b/utilities/signing_and_verification/php/vendor/paragonie/random_compat/build-phar.sh new file mode 100755 index 0000000..b4a5ba3 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/paragonie/random_compat/build-phar.sh @@ -0,0 +1,5 @@ +#!/usr/bin/env bash + +basedir=$( dirname $( readlink -f ${BASH_SOURCE[0]} ) ) + +php -dphar.readonly=0 "$basedir/other/build_phar.php" $* \ No newline at end of file diff --git a/utilities/signing_and_verification/php/vendor/paragonie/random_compat/composer.json b/utilities/signing_and_verification/php/vendor/paragonie/random_compat/composer.json new file mode 100644 index 0000000..f2b9c4e --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/paragonie/random_compat/composer.json @@ -0,0 +1,34 @@ +{ + "name": "paragonie/random_compat", + "description": "PHP 5.x polyfill for random_bytes() and random_int() from PHP 7", + "keywords": [ + "csprng", + "random", + "polyfill", + "pseudorandom" + ], + "license": "MIT", + "type": "library", + "authors": [ + { + "name": "Paragon Initiative Enterprises", + "email": "security@paragonie.com", + "homepage": "https://paragonie.com" + } + ], + "support": { + "issues": "https://github.com/paragonie/random_compat/issues", + "email": "info@paragonie.com", + "source": "https://github.com/paragonie/random_compat" + }, + "require": { + "php": ">= 7" + }, + "require-dev": { + "vimeo/psalm": "^1", + "phpunit/phpunit": "4.*|5.*" + }, + "suggest": { + "ext-libsodium": "Provides a modern crypto API that can be used to generate random bytes." + } +} diff --git a/utilities/signing_and_verification/php/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey b/utilities/signing_and_verification/php/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey new file mode 100644 index 0000000..eb50ebf --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey @@ -0,0 +1,5 @@ +-----BEGIN PUBLIC KEY----- +MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEEd+wCqJDrx5B4OldM0dQE0ZMX+lx1ZWm +pui0SUqD4G29L3NGsz9UhJ/0HjBdbnkhIK5xviT0X5vtjacF6ajgcCArbTB+ds+p ++h7Q084NuSuIpNb6YPfoUFgC/CL9kAoc +-----END PUBLIC KEY----- diff --git a/utilities/signing_and_verification/php/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey.asc b/utilities/signing_and_verification/php/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey.asc new file mode 100644 index 0000000..6a1d7f3 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.22 (MingW32) + +iQEcBAABAgAGBQJWtW1hAAoJEGuXocKCZATaJf0H+wbZGgskK1dcRTsuVJl9IWip +QwGw/qIKI280SD6/ckoUMxKDCJiFuPR14zmqnS36k7N5UNPnpdTJTS8T11jttSpg +1LCmgpbEIpgaTah+cELDqFCav99fS+bEiAL5lWDAHBTE/XPjGVCqeehyPYref4IW +NDBIEsvnHPHPLsn6X5jq4+Yj5oUixgxaMPiR+bcO4Sh+RzOVB6i2D0upWfRXBFXA +NNnsg9/zjvoC7ZW73y9uSH+dPJTt/Vgfeiv52/v41XliyzbUyLalf02GNPY+9goV +JHG1ulEEBJOCiUD9cE1PUIJwHA/HqyhHIvV350YoEFiHl8iSwm7SiZu5kPjaq74= +=B6+8 +-----END PGP SIGNATURE----- diff --git a/utilities/signing_and_verification/php/vendor/paragonie/random_compat/lib/random.php b/utilities/signing_and_verification/php/vendor/paragonie/random_compat/lib/random.php new file mode 100644 index 0000000..c7731a5 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/paragonie/random_compat/lib/random.php @@ -0,0 +1,32 @@ +buildFromDirectory(dirname(__DIR__).'/lib'); +rename( + dirname(__DIR__).'/lib/index.php', + dirname(__DIR__).'/lib/random.php' +); + +/** + * If we pass an (optional) path to a private key as a second argument, we will + * sign the Phar with OpenSSL. + * + * If you leave this out, it will produce an unsigned .phar! + */ +if ($argc > 1) { + if (!@is_readable($argv[1])) { + echo 'Could not read the private key file:', $argv[1], "\n"; + exit(255); + } + $pkeyFile = file_get_contents($argv[1]); + + $private = openssl_get_privatekey($pkeyFile); + if ($private !== false) { + $pkey = ''; + openssl_pkey_export($private, $pkey); + $phar->setSignatureAlgorithm(Phar::OPENSSL, $pkey); + + /** + * Save the corresponding public key to the file + */ + if (!@is_readable($dist.'/random_compat.phar.pubkey')) { + $details = openssl_pkey_get_details($private); + file_put_contents( + $dist.'/random_compat.phar.pubkey', + $details['key'] + ); + } + } else { + echo 'An error occurred reading the private key from OpenSSL.', "\n"; + exit(255); + } +} diff --git a/utilities/signing_and_verification/php/vendor/paragonie/random_compat/psalm-autoload.php b/utilities/signing_and_verification/php/vendor/paragonie/random_compat/psalm-autoload.php new file mode 100644 index 0000000..d71d1b8 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/paragonie/random_compat/psalm-autoload.php @@ -0,0 +1,9 @@ + + + + + + + + + + + + + + + diff --git a/utilities/signing_and_verification/php/vendor/phpoption/phpoption/LICENSE b/utilities/signing_and_verification/php/vendor/phpoption/phpoption/LICENSE new file mode 100644 index 0000000..f49a4e1 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpoption/phpoption/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. \ No newline at end of file diff --git a/utilities/signing_and_verification/php/vendor/phpoption/phpoption/composer.json b/utilities/signing_and_verification/php/vendor/phpoption/phpoption/composer.json new file mode 100644 index 0000000..77f50a3 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpoption/phpoption/composer.json @@ -0,0 +1,52 @@ +{ + "name": "phpoption/phpoption", + "description": "Option Type for PHP", + "keywords": ["php", "option", "language", "type"], + "license": "Apache-2.0", + "authors": [ + { + "name": "Johannes M. Schmitt", + "email": "schmittjoh@gmail.com", + "homepage": "https://github.com/schmittjoh" + }, + { + "name": "Graham Campbell", + "email": "hello@gjcampbell.co.uk", + "homepage": "https://github.com/GrahamCampbell" + } + ], + "require": { + "php": "^7.2.5 || ^8.0" + }, + "require-dev": { + "bamarni/composer-bin-plugin": "^1.8.2", + "phpunit/phpunit": "^8.5.34 || ^9.6.13 || ^10.4.2" + }, + "autoload": { + "psr-4": { + "PhpOption\\": "src/PhpOption/" + } + }, + "autoload-dev": { + "psr-4": { + "PhpOption\\Tests\\": "tests/PhpOption/Tests/" + } + }, + "config": { + "allow-plugins": { + "bamarni/composer-bin-plugin": true + }, + "preferred-install": "dist" + }, + "extra": { + "bamarni-bin": { + "bin-links": true, + "forward-command": true + }, + "branch-alias": { + "dev-master": "1.9-dev" + } + }, + "minimum-stability": "dev", + "prefer-stable": true +} diff --git a/utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/LazyOption.php b/utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/LazyOption.php new file mode 100644 index 0000000..9cb77c8 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/LazyOption.php @@ -0,0 +1,175 @@ + + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +namespace PhpOption; + +use Traversable; + +/** + * @template T + * + * @extends Option + */ +final class LazyOption extends Option +{ + /** @var callable(mixed...):(Option) */ + private $callback; + + /** @var array */ + private $arguments; + + /** @var Option|null */ + private $option; + + /** + * @template S + * @param callable(mixed...):(Option) $callback + * @param array $arguments + * + * @return LazyOption + */ + public static function create($callback, array $arguments = []): self + { + return new self($callback, $arguments); + } + + /** + * @param callable(mixed...):(Option) $callback + * @param array $arguments + */ + public function __construct($callback, array $arguments = []) + { + if (!is_callable($callback)) { + throw new \InvalidArgumentException('Invalid callback given'); + } + + $this->callback = $callback; + $this->arguments = $arguments; + } + + public function isDefined(): bool + { + return $this->option()->isDefined(); + } + + public function isEmpty(): bool + { + return $this->option()->isEmpty(); + } + + public function get() + { + return $this->option()->get(); + } + + public function getOrElse($default) + { + return $this->option()->getOrElse($default); + } + + public function getOrCall($callable) + { + return $this->option()->getOrCall($callable); + } + + public function getOrThrow(\Exception $ex) + { + return $this->option()->getOrThrow($ex); + } + + public function orElse(Option $else) + { + return $this->option()->orElse($else); + } + + public function ifDefined($callable) + { + $this->option()->forAll($callable); + } + + public function forAll($callable) + { + return $this->option()->forAll($callable); + } + + public function map($callable) + { + return $this->option()->map($callable); + } + + public function flatMap($callable) + { + return $this->option()->flatMap($callable); + } + + public function filter($callable) + { + return $this->option()->filter($callable); + } + + public function filterNot($callable) + { + return $this->option()->filterNot($callable); + } + + public function select($value) + { + return $this->option()->select($value); + } + + public function reject($value) + { + return $this->option()->reject($value); + } + + /** + * @return Traversable + */ + public function getIterator(): Traversable + { + return $this->option()->getIterator(); + } + + public function foldLeft($initialValue, $callable) + { + return $this->option()->foldLeft($initialValue, $callable); + } + + public function foldRight($initialValue, $callable) + { + return $this->option()->foldRight($initialValue, $callable); + } + + /** + * @return Option + */ + private function option(): Option + { + if (null === $this->option) { + /** @var mixed */ + $option = call_user_func_array($this->callback, $this->arguments); + if ($option instanceof Option) { + $this->option = $option; + } else { + throw new \RuntimeException(sprintf('Expected instance of %s', Option::class)); + } + } + + return $this->option; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/None.php b/utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/None.php new file mode 100644 index 0000000..4b85d22 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/None.php @@ -0,0 +1,136 @@ + + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +namespace PhpOption; + +use EmptyIterator; + +/** + * @extends Option + */ +final class None extends Option +{ + /** @var None|null */ + private static $instance; + + /** + * @return None + */ + public static function create(): self + { + if (null === self::$instance) { + self::$instance = new self(); + } + + return self::$instance; + } + + public function get() + { + throw new \RuntimeException('None has no value.'); + } + + public function getOrCall($callable) + { + return $callable(); + } + + public function getOrElse($default) + { + return $default; + } + + public function getOrThrow(\Exception $ex) + { + throw $ex; + } + + public function isEmpty(): bool + { + return true; + } + + public function isDefined(): bool + { + return false; + } + + public function orElse(Option $else) + { + return $else; + } + + public function ifDefined($callable) + { + // Just do nothing in that case. + } + + public function forAll($callable) + { + return $this; + } + + public function map($callable) + { + return $this; + } + + public function flatMap($callable) + { + return $this; + } + + public function filter($callable) + { + return $this; + } + + public function filterNot($callable) + { + return $this; + } + + public function select($value) + { + return $this; + } + + public function reject($value) + { + return $this; + } + + public function getIterator(): EmptyIterator + { + return new EmptyIterator(); + } + + public function foldLeft($initialValue, $callable) + { + return $initialValue; + } + + public function foldRight($initialValue, $callable) + { + return $initialValue; + } + + private function __construct() + { + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/Option.php b/utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/Option.php new file mode 100644 index 0000000..172924c --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/Option.php @@ -0,0 +1,434 @@ + + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +namespace PhpOption; + +use ArrayAccess; +use IteratorAggregate; + +/** + * @template T + * + * @implements IteratorAggregate + */ +abstract class Option implements IteratorAggregate +{ + /** + * Creates an option given a return value. + * + * This is intended for consuming existing APIs and allows you to easily + * convert them to an option. By default, we treat ``null`` as the None + * case, and everything else as Some. + * + * @template S + * + * @param S $value The actual return value. + * @param S $noneValue The value which should be considered "None"; null by + * default. + * + * @return Option + */ + public static function fromValue($value, $noneValue = null) + { + if ($value === $noneValue) { + return None::create(); + } + + return new Some($value); + } + + /** + * Creates an option from an array's value. + * + * If the key does not exist in the array, the array is not actually an + * array, or the array's value at the given key is null, None is returned. + * Otherwise, Some is returned wrapping the value at the given key. + * + * @template S + * + * @param array|ArrayAccess|null $array A potential array or \ArrayAccess value. + * @param string $key The key to check. + * + * @return Option + */ + public static function fromArraysValue($array, $key) + { + if (!(is_array($array) || $array instanceof ArrayAccess) || !isset($array[$key])) { + return None::create(); + } + + return new Some($array[$key]); + } + + /** + * Creates a lazy-option with the given callback. + * + * This is also a helper constructor for lazy-consuming existing APIs where + * the return value is not yet an option. By default, we treat ``null`` as + * None case, and everything else as Some. + * + * @template S + * + * @param callable $callback The callback to evaluate. + * @param array $arguments The arguments for the callback. + * @param S $noneValue The value which should be considered "None"; + * null by default. + * + * @return LazyOption + */ + public static function fromReturn($callback, array $arguments = [], $noneValue = null) + { + return new LazyOption(static function () use ($callback, $arguments, $noneValue) { + /** @var mixed */ + $return = call_user_func_array($callback, $arguments); + + if ($return === $noneValue) { + return None::create(); + } + + return new Some($return); + }); + } + + /** + * Option factory, which creates new option based on passed value. + * + * If value is already an option, it simply returns. If value is callable, + * LazyOption with passed callback created and returned. If Option + * returned from callback, it returns directly. On other case value passed + * to Option::fromValue() method. + * + * @template S + * + * @param Option|callable|S $value + * @param S $noneValue Used when $value is mixed or + * callable, for None-check. + * + * @return Option|LazyOption + */ + public static function ensure($value, $noneValue = null) + { + if ($value instanceof self) { + return $value; + } elseif (is_callable($value)) { + return new LazyOption(static function () use ($value, $noneValue) { + /** @var mixed */ + $return = $value(); + + if ($return instanceof self) { + return $return; + } else { + return self::fromValue($return, $noneValue); + } + }); + } else { + return self::fromValue($value, $noneValue); + } + } + + /** + * Lift a function so that it accepts Option as parameters. + * + * We return a new closure that wraps the original callback. If any of the + * parameters passed to the lifted function is empty, the function will + * return a value of None. Otherwise, we will pass all parameters to the + * original callback and return the value inside a new Option, unless an + * Option is returned from the function, in which case, we use that. + * + * @template S + * + * @param callable $callback + * @param mixed $noneValue + * + * @return callable + */ + public static function lift($callback, $noneValue = null) + { + return static function () use ($callback, $noneValue) { + /** @var array */ + $args = func_get_args(); + + $reduced_args = array_reduce( + $args, + /** @param bool $status */ + static function ($status, self $o) { + return $o->isEmpty() ? true : $status; + }, + false + ); + // if at least one parameter is empty, return None + if ($reduced_args) { + return None::create(); + } + + $args = array_map( + /** @return T */ + static function (self $o) { + // it is safe to do so because the fold above checked + // that all arguments are of type Some + /** @var T */ + return $o->get(); + }, + $args + ); + + return self::ensure(call_user_func_array($callback, $args), $noneValue); + }; + } + + /** + * Returns the value if available, or throws an exception otherwise. + * + * @throws \RuntimeException If value is not available. + * + * @return T + */ + abstract public function get(); + + /** + * Returns the value if available, or the default value if not. + * + * @template S + * + * @param S $default + * + * @return T|S + */ + abstract public function getOrElse($default); + + /** + * Returns the value if available, or the results of the callable. + * + * This is preferable over ``getOrElse`` if the computation of the default + * value is expensive. + * + * @template S + * + * @param callable():S $callable + * + * @return T|S + */ + abstract public function getOrCall($callable); + + /** + * Returns the value if available, or throws the passed exception. + * + * @param \Exception $ex + * + * @return T + */ + abstract public function getOrThrow(\Exception $ex); + + /** + * Returns true if no value is available, false otherwise. + * + * @return bool + */ + abstract public function isEmpty(); + + /** + * Returns true if a value is available, false otherwise. + * + * @return bool + */ + abstract public function isDefined(); + + /** + * Returns this option if non-empty, or the passed option otherwise. + * + * This can be used to try multiple alternatives, and is especially useful + * with lazy evaluating options: + * + * ```php + * $repo->findSomething() + * ->orElse(new LazyOption(array($repo, 'findSomethingElse'))) + * ->orElse(new LazyOption(array($repo, 'createSomething'))); + * ``` + * + * @param Option $else + * + * @return Option + */ + abstract public function orElse(self $else); + + /** + * This is similar to map() below except that the return value has no meaning; + * the passed callable is simply executed if the option is non-empty, and + * ignored if the option is empty. + * + * In all cases, the return value of the callable is discarded. + * + * ```php + * $comment->getMaybeFile()->ifDefined(function($file) { + * // Do something with $file here. + * }); + * ``` + * + * If you're looking for something like ``ifEmpty``, you can use ``getOrCall`` + * and ``getOrElse`` in these cases. + * + * @deprecated Use forAll() instead. + * + * @param callable(T):mixed $callable + * + * @return void + */ + abstract public function ifDefined($callable); + + /** + * This is similar to map() except that the return value of the callable has no meaning. + * + * The passed callable is simply executed if the option is non-empty, and ignored if the + * option is empty. This method is preferred for callables with side-effects, while map() + * is intended for callables without side-effects. + * + * @param callable(T):mixed $callable + * + * @return Option + */ + abstract public function forAll($callable); + + /** + * Applies the callable to the value of the option if it is non-empty, + * and returns the return value of the callable wrapped in Some(). + * + * If the option is empty, then the callable is not applied. + * + * ```php + * (new Some("foo"))->map('strtoupper')->get(); // "FOO" + * ``` + * + * @template S + * + * @param callable(T):S $callable + * + * @return Option + */ + abstract public function map($callable); + + /** + * Applies the callable to the value of the option if it is non-empty, and + * returns the return value of the callable directly. + * + * In contrast to ``map``, the return value of the callable is expected to + * be an Option itself; it is not automatically wrapped in Some(). + * + * @template S + * + * @param callable(T):Option $callable must return an Option + * + * @return Option + */ + abstract public function flatMap($callable); + + /** + * If the option is empty, it is returned immediately without applying the callable. + * + * If the option is non-empty, the callable is applied, and if it returns true, + * the option itself is returned; otherwise, None is returned. + * + * @param callable(T):bool $callable + * + * @return Option + */ + abstract public function filter($callable); + + /** + * If the option is empty, it is returned immediately without applying the callable. + * + * If the option is non-empty, the callable is applied, and if it returns false, + * the option itself is returned; otherwise, None is returned. + * + * @param callable(T):bool $callable + * + * @return Option + */ + abstract public function filterNot($callable); + + /** + * If the option is empty, it is returned immediately. + * + * If the option is non-empty, and its value does not equal the passed value + * (via a shallow comparison ===), then None is returned. Otherwise, the + * Option is returned. + * + * In other words, this will filter all but the passed value. + * + * @param T $value + * + * @return Option + */ + abstract public function select($value); + + /** + * If the option is empty, it is returned immediately. + * + * If the option is non-empty, and its value does equal the passed value (via + * a shallow comparison ===), then None is returned; otherwise, the Option is + * returned. + * + * In other words, this will let all values through except the passed value. + * + * @param T $value + * + * @return Option + */ + abstract public function reject($value); + + /** + * Binary operator for the initial value and the option's value. + * + * If empty, the initial value is returned. If non-empty, the callable + * receives the initial value and the option's value as arguments. + * + * ```php + * + * $some = new Some(5); + * $none = None::create(); + * $result = $some->foldLeft(1, function($a, $b) { return $a + $b; }); // int(6) + * $result = $none->foldLeft(1, function($a, $b) { return $a + $b; }); // int(1) + * + * // This can be used instead of something like the following: + * $option = Option::fromValue($integerOrNull); + * $result = 1; + * if ( ! $option->isEmpty()) { + * $result += $option->get(); + * } + * ``` + * + * @template S + * + * @param S $initialValue + * @param callable(S, T):S $callable + * + * @return S + */ + abstract public function foldLeft($initialValue, $callable); + + /** + * foldLeft() but with reversed arguments for the callable. + * + * @template S + * + * @param S $initialValue + * @param callable(T, S):S $callable + * + * @return S + */ + abstract public function foldRight($initialValue, $callable); +} diff --git a/utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/Some.php b/utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/Some.php new file mode 100644 index 0000000..032632e --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/Some.php @@ -0,0 +1,169 @@ + + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +namespace PhpOption; + +use ArrayIterator; + +/** + * @template T + * + * @extends Option + */ +final class Some extends Option +{ + /** @var T */ + private $value; + + /** + * @param T $value + */ + public function __construct($value) + { + $this->value = $value; + } + + /** + * @template U + * + * @param U $value + * + * @return Some + */ + public static function create($value): self + { + return new self($value); + } + + public function isDefined(): bool + { + return true; + } + + public function isEmpty(): bool + { + return false; + } + + public function get() + { + return $this->value; + } + + public function getOrElse($default) + { + return $this->value; + } + + public function getOrCall($callable) + { + return $this->value; + } + + public function getOrThrow(\Exception $ex) + { + return $this->value; + } + + public function orElse(Option $else) + { + return $this; + } + + public function ifDefined($callable) + { + $this->forAll($callable); + } + + public function forAll($callable) + { + $callable($this->value); + + return $this; + } + + public function map($callable) + { + return new self($callable($this->value)); + } + + public function flatMap($callable) + { + /** @var mixed */ + $rs = $callable($this->value); + if (!$rs instanceof Option) { + throw new \RuntimeException('Callables passed to flatMap() must return an Option. Maybe you should use map() instead?'); + } + + return $rs; + } + + public function filter($callable) + { + if (true === $callable($this->value)) { + return $this; + } + + return None::create(); + } + + public function filterNot($callable) + { + if (false === $callable($this->value)) { + return $this; + } + + return None::create(); + } + + public function select($value) + { + if ($this->value === $value) { + return $this; + } + + return None::create(); + } + + public function reject($value) + { + if ($this->value === $value) { + return None::create(); + } + + return $this; + } + + /** + * @return ArrayIterator + */ + public function getIterator(): ArrayIterator + { + return new ArrayIterator([$this->value]); + } + + public function foldLeft($initialValue, $callable) + { + return $callable($initialValue, $this->value); + } + + public function foldRight($initialValue, $callable) + { + return $callable($this->value, $initialValue); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/AUTHORS b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/AUTHORS new file mode 100644 index 0000000..9f10d26 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/AUTHORS @@ -0,0 +1,7 @@ +phpseclib Lead Developer: TerraFrost (Jim Wigginton) + +phpseclib Developers: monnerat (Patrick Monnerat) + bantu (Andreas Fischer) + petrich (Hans-Jürgen Petrich) + GrahamCampbell (Graham Campbell) + hc-jworman \ No newline at end of file diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/BACKERS.md b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/BACKERS.md new file mode 100644 index 0000000..4ee6a4f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/BACKERS.md @@ -0,0 +1,16 @@ +# Backers + +phpseclib ongoing development is made possible by [Tidelift](https://tidelift.com/subscription/pkg/packagist-phpseclib-phpseclib?utm_source=packagist-phpseclib-phpseclib&utm_medium=referral&utm_campaign=readme) and by contributions by users like you. Thank you. + +## Backers + +- Allan Simon +- [ChargeOver](https://chargeover.com/) +- Raghu Veer Dendukuri +- Zane Hooper +- [Setasign](https://www.setasign.com/) +- [Charles Severance](https://github.com/csev) +- [Rachel Fish](https://github.com/itsrachelfish) +- Tharyrok +- [cjhaas](https://github.com/cjhaas) +- [istiak-tridip](https://github.com/istiak-tridip) \ No newline at end of file diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/LICENSE b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/LICENSE new file mode 100644 index 0000000..e7214eb --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/LICENSE @@ -0,0 +1,20 @@ +Copyright (c) 2011-2019 TerraFrost and other contributors + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. \ No newline at end of file diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/README.md b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/README.md new file mode 100644 index 0000000..98e5796 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/README.md @@ -0,0 +1,97 @@ +# phpseclib - PHP Secure Communications Library + +[![CI Status](https://github.com/phpseclib/phpseclib/actions/workflows/ci.yml/badge.svg?branch=3.0&event=push "CI Status")](https://github.com/phpseclib/phpseclib) + +## Supporting phpseclib + +- [Become a backer or sponsor on Patreon](https://www.patreon.com/phpseclib) +- [One-time donation via PayPal or crypto-currencies](http://sourceforge.net/donate/index.php?group_id=198487) +- [Subscribe to Tidelift](https://tidelift.com/subscription/pkg/packagist-phpseclib-phpseclib?utm_source=packagist-phpseclib-phpseclib&utm_medium=referral&utm_campaign=readme) + +## Introduction + +MIT-licensed pure-PHP implementations of the following: + +SSH-2, SFTP, X.509, an arbitrary-precision integer arithmetic library, Ed25519 / Ed449 / Curve25519 / Curve449, ECDSA / ECDH (with support for 66 curves), RSA (PKCS#1 v2.2 compliant), DSA / DH, DES / 3DES / RC4 / Rijndael / AES / Blowfish / Twofish / Salsa20 / ChaCha20, GCM / Poly1305 + +* [Browse Git](https://github.com/phpseclib/phpseclib) + +## Documentation + +* [Documentation / Manual](https://phpseclib.com/) +* [API Documentation](https://api.phpseclib.com/3.0/) (generated by Doctum) + +## Branches + +### master + +* Development Branch +* Unstable API +* Do not use in production + +### 3.0 + +* Long term support (LTS) release +* Major expansion of cryptographic primitives +* Minimum PHP version: 5.6.1 +* PSR-4 autoloading with namespace rooted at `\phpseclib3` +* Install via Composer: `composer require phpseclib/phpseclib:~3.0` + +### 2.0 + +* Long term support (LTS) release +* Modernized version of 1.0 +* Minimum PHP version: 5.3.3 +* PSR-4 autoloading with namespace rooted at `\phpseclib` +* Install via Composer: `composer require phpseclib/phpseclib:~2.0` + +### 1.0 + +* Long term support (LTS) release +* PHP4 compatible +* Composer compatible (PSR-0 autoloading) +* Install using Composer: `composer require phpseclib/phpseclib:~1.0` +* [Download 1.0.22 as ZIP](http://sourceforge.net/projects/phpseclib/files/phpseclib1.0.22.zip/download) + +## Security contact information + +To report a security vulnerability, please use the [Tidelift security contact](https://tidelift.com/security). Tidelift will coordinate the fix and disclosure. + +## Support + +Need Support? + +* [Checkout Questions and Answers on Stack Overflow](http://stackoverflow.com/questions/tagged/phpseclib) +* [Create a Support Ticket on GitHub](https://github.com/phpseclib/phpseclib/issues/new) +* [Browse the Support Forum](http://www.frostjedi.com/phpbb/viewforum.php?f=46) (no longer in use) + +## Special Thanks + +Special Thanks to our $50+ sponsors!: + +- Allan Simon +- [ChargeOver](https://chargeover.com/) + +## Contributing + +1. Fork the Project + +2. Ensure you have Composer installed (see [Composer Download Instructions](https://getcomposer.org/download/)) + +3. Install Development Dependencies + ```sh + composer install + ``` + +4. Create a Feature Branch + +5. Run continuous integration checks: + ```sh + composer global require php:^8.1 squizlabs/php_codesniffer friendsofphp/php-cs-fixer vimeo/psalm + phpcs --standard=build/php_codesniffer.xml + php-cs-fixer fix --config=build/php-cs-fixer.php --diff --dry-run --using-cache=no + psalm --config=build/psalm.xml --no-cache --long-progress --report-show-info=false --output-format=text + vendor/bin/phpunit --verbose --configuration tests/phpunit.xml + ``` + +6. Send us a Pull Request diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/composer.json b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/composer.json new file mode 100644 index 0000000..5052d5f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/composer.json @@ -0,0 +1,84 @@ +{ + "name": "phpseclib/phpseclib", + "type": "library", + "description": "PHP Secure Communications Library - Pure-PHP implementations of RSA, AES, SSH2, SFTP, X.509 etc.", + "keywords": [ + "security", + "crypto", + "cryptography", + "encryption", + "signature", + "signing", + "rsa", + "aes", + "blowfish", + "twofish", + "ssh", + "sftp", + "x509", + "x.509", + "asn1", + "asn.1", + "BigInteger" + ], + "homepage": "http://phpseclib.sourceforge.net", + "license": "MIT", + "authors": [ + { + "name": "Jim Wigginton", + "email": "terrafrost@php.net", + "role": "Lead Developer" + }, + { + "name": "Patrick Monnerat", + "email": "pm@datasphere.ch", + "role": "Developer" + }, + { + "name": "Andreas Fischer", + "email": "bantu@phpbb.com", + "role": "Developer" + }, + { + "name": "Hans-Jürgen Petrich", + "email": "petrich@tronic-media.com", + "role": "Developer" + }, + { + "name": "Graham Campbell", + "email": "graham@alt-three.com", + "role": "Developer" + } + ], + "require": { + "php": ">=5.6.1", + "paragonie/constant_time_encoding": "^1|^2", + "paragonie/random_compat": "^1.4|^2.0|^9.99.99" + }, + "require-dev": { + "phpunit/phpunit": "*" + }, + "suggest": { + "ext-libsodium": "SSH2/SFTP can make use of some algorithms provided by the libsodium-php extension.", + "ext-openssl": "Install the OpenSSL extension in order to speed up a wide variety of cryptographic operations.", + "ext-mcrypt": "Install the Mcrypt extension in order to speed up a few other cryptographic operations.", + "ext-gmp": "Install the GMP (GNU Multiple Precision) extension in order to speed up arbitrary precision integer arithmetic operations.", + "ext-dom": "Install the DOM extension to load XML formatted public keys." + }, + "autoload": { + "files": [ + "phpseclib/bootstrap.php" + ], + "psr-4": { + "phpseclib3\\": "phpseclib/" + } + }, + "autoload-dev": { + "psr-4": { + "phpseclib3\\Tests\\": "tests/" + } + }, + "config": { + "sort-packages": true + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Common/Functions/Strings.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Common/Functions/Strings.php new file mode 100644 index 0000000..eac793a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Common/Functions/Strings.php @@ -0,0 +1,505 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Common\Functions; + +use ParagonIE\ConstantTime\Base64; +use ParagonIE\ConstantTime\Base64UrlSafe; +use ParagonIE\ConstantTime\Hex; +use phpseclib3\Math\BigInteger; +use phpseclib3\Math\Common\FiniteField; + +/** + * Common String Functions + * + * @author Jim Wigginton + */ +abstract class Strings +{ + /** + * String Shift + * + * Inspired by array_shift + * + * @param string $string + * @param int $index + * @return string + */ + public static function shift(&$string, $index = 1) + { + $substr = substr($string, 0, $index); + $string = substr($string, $index); + return $substr; + } + + /** + * String Pop + * + * Inspired by array_pop + * + * @param string $string + * @param int $index + * @return string + */ + public static function pop(&$string, $index = 1) + { + $substr = substr($string, -$index); + $string = substr($string, 0, -$index); + return $substr; + } + + /** + * Parse SSH2-style string + * + * Returns either an array or a boolean if $data is malformed. + * + * Valid characters for $format are as follows: + * + * C = byte + * b = boolean (true/false) + * N = uint32 + * Q = uint64 + * s = string + * i = mpint + * L = name-list + * + * uint64 is not supported. + * + * @param string $format + * @param string $data + * @return mixed + */ + public static function unpackSSH2($format, &$data) + { + $format = self::formatPack($format); + $result = []; + for ($i = 0; $i < strlen($format); $i++) { + switch ($format[$i]) { + case 'C': + case 'b': + if (!strlen($data)) { + throw new \LengthException('At least one byte needs to be present for successful C / b decodes'); + } + break; + case 'N': + case 'i': + case 's': + case 'L': + if (strlen($data) < 4) { + throw new \LengthException('At least four byte needs to be present for successful N / i / s / L decodes'); + } + break; + case 'Q': + if (strlen($data) < 8) { + throw new \LengthException('At least eight byte needs to be present for successful N / i / s / L decodes'); + } + break; + + default: + throw new \InvalidArgumentException('$format contains an invalid character'); + } + switch ($format[$i]) { + case 'C': + $result[] = ord(self::shift($data)); + continue 2; + case 'b': + $result[] = ord(self::shift($data)) != 0; + continue 2; + case 'N': + list(, $temp) = unpack('N', self::shift($data, 4)); + $result[] = $temp; + continue 2; + case 'Q': + // pack() added support for Q in PHP 5.6.3 and PHP 5.6 is phpseclib 3's minimum version + // so in theory we could support this BUT, "64-bit format codes are not available for + // 32-bit versions" and phpseclib works on 32-bit installs. on 32-bit installs + // 64-bit floats can be used to get larger numbers then 32-bit signed ints would allow + // for. sure, you're not gonna get the full precision of 64-bit numbers but just because + // you need > 32-bit precision doesn't mean you need the full 64-bit precision + extract(unpack('Nupper/Nlower', self::shift($data, 8))); + $temp = $upper ? 4294967296 * $upper : 0; + $temp += $lower < 0 ? ($lower & 0x7FFFFFFFF) + 0x80000000 : $lower; + // $temp = hexdec(bin2hex(self::shift($data, 8))); + $result[] = $temp; + continue 2; + } + list(, $length) = unpack('N', self::shift($data, 4)); + if (strlen($data) < $length) { + throw new \LengthException("$length bytes needed; " . strlen($data) . ' bytes available'); + } + $temp = self::shift($data, $length); + switch ($format[$i]) { + case 'i': + $result[] = new BigInteger($temp, -256); + break; + case 's': + $result[] = $temp; + break; + case 'L': + $result[] = explode(',', $temp); + } + } + + return $result; + } + + /** + * Create SSH2-style string + * + * @param string $format + * @param string|int|float|array|bool ...$elements + * @return string + */ + public static function packSSH2($format, ...$elements) + { + $format = self::formatPack($format); + if (strlen($format) != count($elements)) { + throw new \InvalidArgumentException('There must be as many arguments as there are characters in the $format string'); + } + $result = ''; + for ($i = 0; $i < strlen($format); $i++) { + $element = $elements[$i]; + switch ($format[$i]) { + case 'C': + if (!is_int($element)) { + throw new \InvalidArgumentException('Bytes must be represented as an integer between 0 and 255, inclusive.'); + } + $result .= pack('C', $element); + break; + case 'b': + if (!is_bool($element)) { + throw new \InvalidArgumentException('A boolean parameter was expected.'); + } + $result .= $element ? "\1" : "\0"; + break; + case 'Q': + if (!is_int($element) && !is_float($element)) { + throw new \InvalidArgumentException('An integer was expected.'); + } + // 4294967296 == 1 << 32 + $result .= pack('NN', $element / 4294967296, $element); + break; + case 'N': + if (is_float($element)) { + $element = (int) $element; + } + if (!is_int($element)) { + throw new \InvalidArgumentException('An integer was expected.'); + } + $result .= pack('N', $element); + break; + case 's': + if (!self::is_stringable($element)) { + throw new \InvalidArgumentException('A string was expected.'); + } + $result .= pack('Na*', strlen($element), $element); + break; + case 'i': + if (!$element instanceof BigInteger && !$element instanceof FiniteField\Integer) { + throw new \InvalidArgumentException('A phpseclib3\Math\BigInteger or phpseclib3\Math\Common\FiniteField\Integer object was expected.'); + } + $element = $element->toBytes(true); + $result .= pack('Na*', strlen($element), $element); + break; + case 'L': + if (!is_array($element)) { + throw new \InvalidArgumentException('An array was expected.'); + } + $element = implode(',', $element); + $result .= pack('Na*', strlen($element), $element); + break; + default: + throw new \InvalidArgumentException('$format contains an invalid character'); + } + } + return $result; + } + + /** + * Expand a pack string + * + * Converts C5 to CCCCC, for example. + * + * @param string $format + * @return string + */ + private static function formatPack($format) + { + $parts = preg_split('#(\d+)#', $format, -1, PREG_SPLIT_DELIM_CAPTURE); + $format = ''; + for ($i = 1; $i < count($parts); $i += 2) { + $format .= substr($parts[$i - 1], 0, -1) . str_repeat(substr($parts[$i - 1], -1), $parts[$i]); + } + $format .= $parts[$i - 1]; + + return $format; + } + + /** + * Convert binary data into bits + * + * bin2hex / hex2bin refer to base-256 encoded data as binary, whilst + * decbin / bindec refer to base-2 encoded data as binary. For the purposes + * of this function, bin refers to base-256 encoded data whilst bits refers + * to base-2 encoded data + * + * @param string $x + * @return string + */ + public static function bits2bin($x) + { + /* + // the pure-PHP approach is faster than the GMP approach + if (function_exists('gmp_export')) { + return strlen($x) ? gmp_export(gmp_init($x, 2)) : gmp_init(0); + } + */ + + if (preg_match('#[^01]#', $x)) { + throw new \RuntimeException('The only valid characters are 0 and 1'); + } + + if (!defined('PHP_INT_MIN')) { + define('PHP_INT_MIN', ~PHP_INT_MAX); + } + + $length = strlen($x); + if (!$length) { + return ''; + } + $block_size = PHP_INT_SIZE << 3; + $pad = $block_size - ($length % $block_size); + if ($pad != $block_size) { + $x = str_repeat('0', $pad) . $x; + } + + $parts = str_split($x, $block_size); + $str = ''; + foreach ($parts as $part) { + $xor = $part[0] == '1' ? PHP_INT_MIN : 0; + $part[0] = '0'; + $str .= pack( + PHP_INT_SIZE == 4 ? 'N' : 'J', + $xor ^ eval('return 0b' . $part . ';') + ); + } + return ltrim($str, "\0"); + } + + /** + * Convert bits to binary data + * + * @param string $x + * @return string + */ + public static function bin2bits($x, $trim = true) + { + /* + // the pure-PHP approach is slower than the GMP approach BUT + // i want to the pure-PHP version to be easily unit tested as well + if (function_exists('gmp_import')) { + return gmp_strval(gmp_import($x), 2); + } + */ + + $len = strlen($x); + $mod = $len % PHP_INT_SIZE; + if ($mod) { + $x = str_pad($x, $len + PHP_INT_SIZE - $mod, "\0", STR_PAD_LEFT); + } + + $bits = ''; + if (PHP_INT_SIZE == 4) { + $digits = unpack('N*', $x); + foreach ($digits as $digit) { + $bits .= sprintf('%032b', $digit); + } + } else { + $digits = unpack('J*', $x); + foreach ($digits as $digit) { + $bits .= sprintf('%064b', $digit); + } + } + + return $trim ? ltrim($bits, '0') : $bits; + } + + /** + * Switch Endianness Bit Order + * + * @param string $x + * @return string + */ + public static function switchEndianness($x) + { + $r = ''; + for ($i = strlen($x) - 1; $i >= 0; $i--) { + $b = ord($x[$i]); + if (PHP_INT_SIZE === 8) { + // 3 operations + // from http://graphics.stanford.edu/~seander/bithacks.html#ReverseByteWith64BitsDiv + $r .= chr((($b * 0x0202020202) & 0x010884422010) % 1023); + } else { + // 7 operations + // from http://graphics.stanford.edu/~seander/bithacks.html#ReverseByteWith32Bits + $p1 = ($b * 0x0802) & 0x22110; + $p2 = ($b * 0x8020) & 0x88440; + $r .= chr( + (($p1 | $p2) * 0x10101) >> 16 + ); + } + } + return $r; + } + + /** + * Increment the current string + * + * @param string $var + * @return string + */ + public static function increment_str(&$var) + { + if (function_exists('sodium_increment')) { + $var = strrev($var); + sodium_increment($var); + $var = strrev($var); + return $var; + } + + for ($i = 4; $i <= strlen($var); $i += 4) { + $temp = substr($var, -$i, 4); + switch ($temp) { + case "\xFF\xFF\xFF\xFF": + $var = substr_replace($var, "\x00\x00\x00\x00", -$i, 4); + break; + case "\x7F\xFF\xFF\xFF": + $var = substr_replace($var, "\x80\x00\x00\x00", -$i, 4); + return $var; + default: + $temp = unpack('Nnum', $temp); + $var = substr_replace($var, pack('N', $temp['num'] + 1), -$i, 4); + return $var; + } + } + + $remainder = strlen($var) % 4; + + if ($remainder == 0) { + return $var; + } + + $temp = unpack('Nnum', str_pad(substr($var, 0, $remainder), 4, "\0", STR_PAD_LEFT)); + $temp = substr(pack('N', $temp['num'] + 1), -$remainder); + $var = substr_replace($var, $temp, 0, $remainder); + + return $var; + } + + /** + * Find whether the type of a variable is string (or could be converted to one) + * + * @param mixed $var + * @return bool + * @psalm-assert-if-true string|\Stringable $var + */ + public static function is_stringable($var) + { + return is_string($var) || (is_object($var) && method_exists($var, '__toString')); + } + + /** + * Constant Time Base64-decoding + * + * ParagoneIE\ConstantTime doesn't use libsodium if it's available so we'll do so + * ourselves. see https://github.com/paragonie/constant_time_encoding/issues/39 + * + * @param string $data + * @return string + */ + public static function base64_decode($data) + { + return function_exists('sodium_base642bin') ? + sodium_base642bin($data, SODIUM_BASE64_VARIANT_ORIGINAL_NO_PADDING, '=') : + Base64::decode($data); + } + + /** + * Constant Time Base64-decoding (URL safe) + * + * @param string $data + * @return string + */ + public static function base64url_decode($data) + { + // return self::base64_decode(str_replace(['-', '_'], ['+', '/'], $data)); + + return function_exists('sodium_base642bin') ? + sodium_base642bin($data, SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING, '=') : + Base64UrlSafe::decode($data); + } + + /** + * Constant Time Base64-encoding + * + * @param string $data + * @return string + */ + public static function base64_encode($data) + { + return function_exists('sodium_bin2base64') ? + sodium_bin2base64($data, SODIUM_BASE64_VARIANT_ORIGINAL) : + Base64::encode($data); + } + + /** + * Constant Time Base64-encoding (URL safe) + * + * @param string $data + * @return string + */ + public static function base64url_encode($data) + { + // return str_replace(['+', '/'], ['-', '_'], self::base64_encode($data)); + + return function_exists('sodium_bin2base64') ? + sodium_bin2base64($data, SODIUM_BASE64_VARIANT_URLSAFE) : + Base64UrlSafe::encode($data); + } + + /** + * Constant Time Hex Decoder + * + * @param string $data + * @return string + */ + public static function hex2bin($data) + { + return function_exists('sodium_hex2bin') ? + sodium_hex2bin($data) : + Hex::decode($data); + } + + /** + * Constant Time Hex Encoder + * + * @param string $data + * @return string + */ + public static function bin2hex($data) + { + return function_exists('sodium_bin2hex') ? + sodium_bin2hex($data) : + Hex::encode($data); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/AES.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/AES.php new file mode 100644 index 0000000..4038716 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/AES.php @@ -0,0 +1,116 @@ + + * setKey('abcdefghijklmnop'); + * + * $size = 10 * 1024; + * $plaintext = ''; + * for ($i = 0; $i < $size; $i++) { + * $plaintext.= 'a'; + * } + * + * echo $aes->decrypt($aes->encrypt($plaintext)); + * ?> + * + * + * @author Jim Wigginton + * @copyright 2008 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt; + +/** + * Pure-PHP implementation of AES. + * + * @author Jim Wigginton + */ +class AES extends Rijndael +{ + /** + * Dummy function + * + * Since \phpseclib3\Crypt\AES extends \phpseclib3\Crypt\Rijndael, this function is, technically, available, but it doesn't do anything. + * + * @see \phpseclib3\Crypt\Rijndael::setBlockLength() + * @param int $length + * @throws \BadMethodCallException anytime it's called + */ + public function setBlockLength($length) + { + throw new \BadMethodCallException('The block length cannot be set for AES.'); + } + + /** + * Sets the key length + * + * Valid key lengths are 128, 192, and 256. Set the link to bool(false) to disable a fixed key length + * + * @see \phpseclib3\Crypt\Rijndael:setKeyLength() + * @param int $length + * @throws \LengthException if the key length isn't supported + */ + public function setKeyLength($length) + { + switch ($length) { + case 128: + case 192: + case 256: + break; + default: + throw new \LengthException('Key of size ' . $length . ' not supported by this algorithm. Only keys of sizes 128, 192 or 256 supported'); + } + parent::setKeyLength($length); + } + + /** + * Sets the key. + * + * Rijndael supports five different key lengths, AES only supports three. + * + * @see \phpseclib3\Crypt\Rijndael:setKey() + * @see setKeyLength() + * @param string $key + * @throws \LengthException if the key length isn't supported + */ + public function setKey($key) + { + switch (strlen($key)) { + case 16: + case 24: + case 32: + break; + default: + throw new \LengthException('Key of size ' . strlen($key) . ' not supported by this algorithm. Only keys of sizes 16, 24 or 32 supported'); + } + + parent::setKey($key); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Blowfish.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Blowfish.php new file mode 100644 index 0000000..1225070 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Blowfish.php @@ -0,0 +1,918 @@ + unpack('N*', $x), $blocks); it jumps up by an additional + * ~90MB, yielding a 106x increase in memory usage. Consequently, it bcrypt calls a different + * _encryptBlock() then the regular Blowfish does. That said, the Blowfish _encryptBlock() is + * basically just a thin wrapper around the bcrypt _encryptBlock(), so there's that. + * + * This explains 3 of the 4 _encryptBlock() implementations. the last _encryptBlock() + * implementation can best be understood by doing Ctrl + F and searching for where + * self::$use_reg_intval is defined. + * + * # phpseclib's three different _setupKey() implementations + * + * Every bcrypt round is the equivalent of encrypting 512KB of data. Since OpenSSH uses 16 + * rounds by default that's ~8MB of data that's essentially being encrypted whenever + * you use bcrypt. That's a lot of data, however, bcrypt operates within tighter constraints + * than regular Blowfish, so we can use that to our advantage. In particular, whereas Blowfish + * supports variable length keys, in bcrypt, the initial "key" is the sha512 hash of the + * password. sha512 hashes are 512 bits or 64 bytes long and thus the bcrypt keys are of a + * fixed length whereas Blowfish keys are not of a fixed length. + * + * bcrypt actually has two different key expansion steps. The first one (expandstate) is + * constantly XOR'ing every _encryptBlock() parameter against the salt prior _encryptBlock()'s + * being called. The second one (expand0state) is more similar to Blowfish's _setupKey() + * but it can still use the fixed length key optimization discussed above and can do away with + * the pack() / unpack() calls. + * + * I suppose _setupKey() could be made to be a thin wrapper around expandstate() but idk it's + * just a lot of work for very marginal benefits as _setupKey() is only called once for + * regular Blowfish vs the 128 times it's called --per round-- with bcrypt. + * + * # blowfish + bcrypt in the same class + * + * Altho there's a lot of Blowfish code that bcrypt doesn't re-use, bcrypt does re-use the + * initial S-boxes, the initial P-array and the int-only _encryptBlock() implementation. + * + * # Credit + * + * phpseclib's bcrypt implementation is based losely off of OpenSSH's implementation: + * + * https://github.com/openssh/openssh-portable/blob/master/openbsd-compat/bcrypt_pbkdf.c + * + * Here's a short example of how to use this library: + * + * setKey('12345678901234567890123456789012'); + * + * $plaintext = str_repeat('a', 1024); + * + * echo $blowfish->decrypt($blowfish->encrypt($plaintext)); + * ?> + * + * + * @author Jim Wigginton + * @author Hans-Juergen Petrich + * @copyright 2007 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt; + +use phpseclib3\Crypt\Common\BlockCipher; + +/** + * Pure-PHP implementation of Blowfish. + * + * @author Jim Wigginton + * @author Hans-Juergen Petrich + */ +class Blowfish extends BlockCipher +{ + /** + * Block Length of the cipher + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::block_size + * @var int + */ + protected $block_size = 8; + + /** + * The mcrypt specific name of the cipher + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::cipher_name_mcrypt + * @var string + */ + protected $cipher_name_mcrypt = 'blowfish'; + + /** + * Optimizing value while CFB-encrypting + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::cfb_init_len + * @var int + */ + protected $cfb_init_len = 500; + + /** + * The fixed subkeys boxes ($sbox0 - $sbox3) with 256 entries each + * + * S-Box 0 + * + * @var array + */ + private static $sbox0 = [ + 0xd1310ba6, 0x98dfb5ac, 0x2ffd72db, 0xd01adfb7, 0xb8e1afed, 0x6a267e96, 0xba7c9045, 0xf12c7f99, + 0x24a19947, 0xb3916cf7, 0x0801f2e2, 0x858efc16, 0x636920d8, 0x71574e69, 0xa458fea3, 0xf4933d7e, + 0x0d95748f, 0x728eb658, 0x718bcd58, 0x82154aee, 0x7b54a41d, 0xc25a59b5, 0x9c30d539, 0x2af26013, + 0xc5d1b023, 0x286085f0, 0xca417918, 0xb8db38ef, 0x8e79dcb0, 0x603a180e, 0x6c9e0e8b, 0xb01e8a3e, + 0xd71577c1, 0xbd314b27, 0x78af2fda, 0x55605c60, 0xe65525f3, 0xaa55ab94, 0x57489862, 0x63e81440, + 0x55ca396a, 0x2aab10b6, 0xb4cc5c34, 0x1141e8ce, 0xa15486af, 0x7c72e993, 0xb3ee1411, 0x636fbc2a, + 0x2ba9c55d, 0x741831f6, 0xce5c3e16, 0x9b87931e, 0xafd6ba33, 0x6c24cf5c, 0x7a325381, 0x28958677, + 0x3b8f4898, 0x6b4bb9af, 0xc4bfe81b, 0x66282193, 0x61d809cc, 0xfb21a991, 0x487cac60, 0x5dec8032, + 0xef845d5d, 0xe98575b1, 0xdc262302, 0xeb651b88, 0x23893e81, 0xd396acc5, 0x0f6d6ff3, 0x83f44239, + 0x2e0b4482, 0xa4842004, 0x69c8f04a, 0x9e1f9b5e, 0x21c66842, 0xf6e96c9a, 0x670c9c61, 0xabd388f0, + 0x6a51a0d2, 0xd8542f68, 0x960fa728, 0xab5133a3, 0x6eef0b6c, 0x137a3be4, 0xba3bf050, 0x7efb2a98, + 0xa1f1651d, 0x39af0176, 0x66ca593e, 0x82430e88, 0x8cee8619, 0x456f9fb4, 0x7d84a5c3, 0x3b8b5ebe, + 0xe06f75d8, 0x85c12073, 0x401a449f, 0x56c16aa6, 0x4ed3aa62, 0x363f7706, 0x1bfedf72, 0x429b023d, + 0x37d0d724, 0xd00a1248, 0xdb0fead3, 0x49f1c09b, 0x075372c9, 0x80991b7b, 0x25d479d8, 0xf6e8def7, + 0xe3fe501a, 0xb6794c3b, 0x976ce0bd, 0x04c006ba, 0xc1a94fb6, 0x409f60c4, 0x5e5c9ec2, 0x196a2463, + 0x68fb6faf, 0x3e6c53b5, 0x1339b2eb, 0x3b52ec6f, 0x6dfc511f, 0x9b30952c, 0xcc814544, 0xaf5ebd09, + 0xbee3d004, 0xde334afd, 0x660f2807, 0x192e4bb3, 0xc0cba857, 0x45c8740f, 0xd20b5f39, 0xb9d3fbdb, + 0x5579c0bd, 0x1a60320a, 0xd6a100c6, 0x402c7279, 0x679f25fe, 0xfb1fa3cc, 0x8ea5e9f8, 0xdb3222f8, + 0x3c7516df, 0xfd616b15, 0x2f501ec8, 0xad0552ab, 0x323db5fa, 0xfd238760, 0x53317b48, 0x3e00df82, + 0x9e5c57bb, 0xca6f8ca0, 0x1a87562e, 0xdf1769db, 0xd542a8f6, 0x287effc3, 0xac6732c6, 0x8c4f5573, + 0x695b27b0, 0xbbca58c8, 0xe1ffa35d, 0xb8f011a0, 0x10fa3d98, 0xfd2183b8, 0x4afcb56c, 0x2dd1d35b, + 0x9a53e479, 0xb6f84565, 0xd28e49bc, 0x4bfb9790, 0xe1ddf2da, 0xa4cb7e33, 0x62fb1341, 0xcee4c6e8, + 0xef20cada, 0x36774c01, 0xd07e9efe, 0x2bf11fb4, 0x95dbda4d, 0xae909198, 0xeaad8e71, 0x6b93d5a0, + 0xd08ed1d0, 0xafc725e0, 0x8e3c5b2f, 0x8e7594b7, 0x8ff6e2fb, 0xf2122b64, 0x8888b812, 0x900df01c, + 0x4fad5ea0, 0x688fc31c, 0xd1cff191, 0xb3a8c1ad, 0x2f2f2218, 0xbe0e1777, 0xea752dfe, 0x8b021fa1, + 0xe5a0cc0f, 0xb56f74e8, 0x18acf3d6, 0xce89e299, 0xb4a84fe0, 0xfd13e0b7, 0x7cc43b81, 0xd2ada8d9, + 0x165fa266, 0x80957705, 0x93cc7314, 0x211a1477, 0xe6ad2065, 0x77b5fa86, 0xc75442f5, 0xfb9d35cf, + 0xebcdaf0c, 0x7b3e89a0, 0xd6411bd3, 0xae1e7e49, 0x00250e2d, 0x2071b35e, 0x226800bb, 0x57b8e0af, + 0x2464369b, 0xf009b91e, 0x5563911d, 0x59dfa6aa, 0x78c14389, 0xd95a537f, 0x207d5ba2, 0x02e5b9c5, + 0x83260376, 0x6295cfa9, 0x11c81968, 0x4e734a41, 0xb3472dca, 0x7b14a94a, 0x1b510052, 0x9a532915, + 0xd60f573f, 0xbc9bc6e4, 0x2b60a476, 0x81e67400, 0x08ba6fb5, 0x571be91f, 0xf296ec6b, 0x2a0dd915, + 0xb6636521, 0xe7b9f9b6, 0xff34052e, 0xc5855664, 0x53b02d5d, 0xa99f8fa1, 0x08ba4799, 0x6e85076a + ]; + + /** + * S-Box 1 + * + * @var array + */ + private static $sbox1 = [ + 0x4b7a70e9, 0xb5b32944, 0xdb75092e, 0xc4192623, 0xad6ea6b0, 0x49a7df7d, 0x9cee60b8, 0x8fedb266, + 0xecaa8c71, 0x699a17ff, 0x5664526c, 0xc2b19ee1, 0x193602a5, 0x75094c29, 0xa0591340, 0xe4183a3e, + 0x3f54989a, 0x5b429d65, 0x6b8fe4d6, 0x99f73fd6, 0xa1d29c07, 0xefe830f5, 0x4d2d38e6, 0xf0255dc1, + 0x4cdd2086, 0x8470eb26, 0x6382e9c6, 0x021ecc5e, 0x09686b3f, 0x3ebaefc9, 0x3c971814, 0x6b6a70a1, + 0x687f3584, 0x52a0e286, 0xb79c5305, 0xaa500737, 0x3e07841c, 0x7fdeae5c, 0x8e7d44ec, 0x5716f2b8, + 0xb03ada37, 0xf0500c0d, 0xf01c1f04, 0x0200b3ff, 0xae0cf51a, 0x3cb574b2, 0x25837a58, 0xdc0921bd, + 0xd19113f9, 0x7ca92ff6, 0x94324773, 0x22f54701, 0x3ae5e581, 0x37c2dadc, 0xc8b57634, 0x9af3dda7, + 0xa9446146, 0x0fd0030e, 0xecc8c73e, 0xa4751e41, 0xe238cd99, 0x3bea0e2f, 0x3280bba1, 0x183eb331, + 0x4e548b38, 0x4f6db908, 0x6f420d03, 0xf60a04bf, 0x2cb81290, 0x24977c79, 0x5679b072, 0xbcaf89af, + 0xde9a771f, 0xd9930810, 0xb38bae12, 0xdccf3f2e, 0x5512721f, 0x2e6b7124, 0x501adde6, 0x9f84cd87, + 0x7a584718, 0x7408da17, 0xbc9f9abc, 0xe94b7d8c, 0xec7aec3a, 0xdb851dfa, 0x63094366, 0xc464c3d2, + 0xef1c1847, 0x3215d908, 0xdd433b37, 0x24c2ba16, 0x12a14d43, 0x2a65c451, 0x50940002, 0x133ae4dd, + 0x71dff89e, 0x10314e55, 0x81ac77d6, 0x5f11199b, 0x043556f1, 0xd7a3c76b, 0x3c11183b, 0x5924a509, + 0xf28fe6ed, 0x97f1fbfa, 0x9ebabf2c, 0x1e153c6e, 0x86e34570, 0xeae96fb1, 0x860e5e0a, 0x5a3e2ab3, + 0x771fe71c, 0x4e3d06fa, 0x2965dcb9, 0x99e71d0f, 0x803e89d6, 0x5266c825, 0x2e4cc978, 0x9c10b36a, + 0xc6150eba, 0x94e2ea78, 0xa5fc3c53, 0x1e0a2df4, 0xf2f74ea7, 0x361d2b3d, 0x1939260f, 0x19c27960, + 0x5223a708, 0xf71312b6, 0xebadfe6e, 0xeac31f66, 0xe3bc4595, 0xa67bc883, 0xb17f37d1, 0x018cff28, + 0xc332ddef, 0xbe6c5aa5, 0x65582185, 0x68ab9802, 0xeecea50f, 0xdb2f953b, 0x2aef7dad, 0x5b6e2f84, + 0x1521b628, 0x29076170, 0xecdd4775, 0x619f1510, 0x13cca830, 0xeb61bd96, 0x0334fe1e, 0xaa0363cf, + 0xb5735c90, 0x4c70a239, 0xd59e9e0b, 0xcbaade14, 0xeecc86bc, 0x60622ca7, 0x9cab5cab, 0xb2f3846e, + 0x648b1eaf, 0x19bdf0ca, 0xa02369b9, 0x655abb50, 0x40685a32, 0x3c2ab4b3, 0x319ee9d5, 0xc021b8f7, + 0x9b540b19, 0x875fa099, 0x95f7997e, 0x623d7da8, 0xf837889a, 0x97e32d77, 0x11ed935f, 0x16681281, + 0x0e358829, 0xc7e61fd6, 0x96dedfa1, 0x7858ba99, 0x57f584a5, 0x1b227263, 0x9b83c3ff, 0x1ac24696, + 0xcdb30aeb, 0x532e3054, 0x8fd948e4, 0x6dbc3128, 0x58ebf2ef, 0x34c6ffea, 0xfe28ed61, 0xee7c3c73, + 0x5d4a14d9, 0xe864b7e3, 0x42105d14, 0x203e13e0, 0x45eee2b6, 0xa3aaabea, 0xdb6c4f15, 0xfacb4fd0, + 0xc742f442, 0xef6abbb5, 0x654f3b1d, 0x41cd2105, 0xd81e799e, 0x86854dc7, 0xe44b476a, 0x3d816250, + 0xcf62a1f2, 0x5b8d2646, 0xfc8883a0, 0xc1c7b6a3, 0x7f1524c3, 0x69cb7492, 0x47848a0b, 0x5692b285, + 0x095bbf00, 0xad19489d, 0x1462b174, 0x23820e00, 0x58428d2a, 0x0c55f5ea, 0x1dadf43e, 0x233f7061, + 0x3372f092, 0x8d937e41, 0xd65fecf1, 0x6c223bdb, 0x7cde3759, 0xcbee7460, 0x4085f2a7, 0xce77326e, + 0xa6078084, 0x19f8509e, 0xe8efd855, 0x61d99735, 0xa969a7aa, 0xc50c06c2, 0x5a04abfc, 0x800bcadc, + 0x9e447a2e, 0xc3453484, 0xfdd56705, 0x0e1e9ec9, 0xdb73dbd3, 0x105588cd, 0x675fda79, 0xe3674340, + 0xc5c43465, 0x713e38d8, 0x3d28f89e, 0xf16dff20, 0x153e21e7, 0x8fb03d4a, 0xe6e39f2b, 0xdb83adf7 + ]; + + /** + * S-Box 2 + * + * @var array + */ + private static $sbox2 = [ + 0xe93d5a68, 0x948140f7, 0xf64c261c, 0x94692934, 0x411520f7, 0x7602d4f7, 0xbcf46b2e, 0xd4a20068, + 0xd4082471, 0x3320f46a, 0x43b7d4b7, 0x500061af, 0x1e39f62e, 0x97244546, 0x14214f74, 0xbf8b8840, + 0x4d95fc1d, 0x96b591af, 0x70f4ddd3, 0x66a02f45, 0xbfbc09ec, 0x03bd9785, 0x7fac6dd0, 0x31cb8504, + 0x96eb27b3, 0x55fd3941, 0xda2547e6, 0xabca0a9a, 0x28507825, 0x530429f4, 0x0a2c86da, 0xe9b66dfb, + 0x68dc1462, 0xd7486900, 0x680ec0a4, 0x27a18dee, 0x4f3ffea2, 0xe887ad8c, 0xb58ce006, 0x7af4d6b6, + 0xaace1e7c, 0xd3375fec, 0xce78a399, 0x406b2a42, 0x20fe9e35, 0xd9f385b9, 0xee39d7ab, 0x3b124e8b, + 0x1dc9faf7, 0x4b6d1856, 0x26a36631, 0xeae397b2, 0x3a6efa74, 0xdd5b4332, 0x6841e7f7, 0xca7820fb, + 0xfb0af54e, 0xd8feb397, 0x454056ac, 0xba489527, 0x55533a3a, 0x20838d87, 0xfe6ba9b7, 0xd096954b, + 0x55a867bc, 0xa1159a58, 0xcca92963, 0x99e1db33, 0xa62a4a56, 0x3f3125f9, 0x5ef47e1c, 0x9029317c, + 0xfdf8e802, 0x04272f70, 0x80bb155c, 0x05282ce3, 0x95c11548, 0xe4c66d22, 0x48c1133f, 0xc70f86dc, + 0x07f9c9ee, 0x41041f0f, 0x404779a4, 0x5d886e17, 0x325f51eb, 0xd59bc0d1, 0xf2bcc18f, 0x41113564, + 0x257b7834, 0x602a9c60, 0xdff8e8a3, 0x1f636c1b, 0x0e12b4c2, 0x02e1329e, 0xaf664fd1, 0xcad18115, + 0x6b2395e0, 0x333e92e1, 0x3b240b62, 0xeebeb922, 0x85b2a20e, 0xe6ba0d99, 0xde720c8c, 0x2da2f728, + 0xd0127845, 0x95b794fd, 0x647d0862, 0xe7ccf5f0, 0x5449a36f, 0x877d48fa, 0xc39dfd27, 0xf33e8d1e, + 0x0a476341, 0x992eff74, 0x3a6f6eab, 0xf4f8fd37, 0xa812dc60, 0xa1ebddf8, 0x991be14c, 0xdb6e6b0d, + 0xc67b5510, 0x6d672c37, 0x2765d43b, 0xdcd0e804, 0xf1290dc7, 0xcc00ffa3, 0xb5390f92, 0x690fed0b, + 0x667b9ffb, 0xcedb7d9c, 0xa091cf0b, 0xd9155ea3, 0xbb132f88, 0x515bad24, 0x7b9479bf, 0x763bd6eb, + 0x37392eb3, 0xcc115979, 0x8026e297, 0xf42e312d, 0x6842ada7, 0xc66a2b3b, 0x12754ccc, 0x782ef11c, + 0x6a124237, 0xb79251e7, 0x06a1bbe6, 0x4bfb6350, 0x1a6b1018, 0x11caedfa, 0x3d25bdd8, 0xe2e1c3c9, + 0x44421659, 0x0a121386, 0xd90cec6e, 0xd5abea2a, 0x64af674e, 0xda86a85f, 0xbebfe988, 0x64e4c3fe, + 0x9dbc8057, 0xf0f7c086, 0x60787bf8, 0x6003604d, 0xd1fd8346, 0xf6381fb0, 0x7745ae04, 0xd736fccc, + 0x83426b33, 0xf01eab71, 0xb0804187, 0x3c005e5f, 0x77a057be, 0xbde8ae24, 0x55464299, 0xbf582e61, + 0x4e58f48f, 0xf2ddfda2, 0xf474ef38, 0x8789bdc2, 0x5366f9c3, 0xc8b38e74, 0xb475f255, 0x46fcd9b9, + 0x7aeb2661, 0x8b1ddf84, 0x846a0e79, 0x915f95e2, 0x466e598e, 0x20b45770, 0x8cd55591, 0xc902de4c, + 0xb90bace1, 0xbb8205d0, 0x11a86248, 0x7574a99e, 0xb77f19b6, 0xe0a9dc09, 0x662d09a1, 0xc4324633, + 0xe85a1f02, 0x09f0be8c, 0x4a99a025, 0x1d6efe10, 0x1ab93d1d, 0x0ba5a4df, 0xa186f20f, 0x2868f169, + 0xdcb7da83, 0x573906fe, 0xa1e2ce9b, 0x4fcd7f52, 0x50115e01, 0xa70683fa, 0xa002b5c4, 0x0de6d027, + 0x9af88c27, 0x773f8641, 0xc3604c06, 0x61a806b5, 0xf0177a28, 0xc0f586e0, 0x006058aa, 0x30dc7d62, + 0x11e69ed7, 0x2338ea63, 0x53c2dd94, 0xc2c21634, 0xbbcbee56, 0x90bcb6de, 0xebfc7da1, 0xce591d76, + 0x6f05e409, 0x4b7c0188, 0x39720a3d, 0x7c927c24, 0x86e3725f, 0x724d9db9, 0x1ac15bb4, 0xd39eb8fc, + 0xed545578, 0x08fca5b5, 0xd83d7cd3, 0x4dad0fc4, 0x1e50ef5e, 0xb161e6f8, 0xa28514d9, 0x6c51133c, + 0x6fd5c7e7, 0x56e14ec4, 0x362abfce, 0xddc6c837, 0xd79a3234, 0x92638212, 0x670efa8e, 0x406000e0 + ]; + + /** + * S-Box 3 + * + * @var array + */ + private static $sbox3 = [ + 0x3a39ce37, 0xd3faf5cf, 0xabc27737, 0x5ac52d1b, 0x5cb0679e, 0x4fa33742, 0xd3822740, 0x99bc9bbe, + 0xd5118e9d, 0xbf0f7315, 0xd62d1c7e, 0xc700c47b, 0xb78c1b6b, 0x21a19045, 0xb26eb1be, 0x6a366eb4, + 0x5748ab2f, 0xbc946e79, 0xc6a376d2, 0x6549c2c8, 0x530ff8ee, 0x468dde7d, 0xd5730a1d, 0x4cd04dc6, + 0x2939bbdb, 0xa9ba4650, 0xac9526e8, 0xbe5ee304, 0xa1fad5f0, 0x6a2d519a, 0x63ef8ce2, 0x9a86ee22, + 0xc089c2b8, 0x43242ef6, 0xa51e03aa, 0x9cf2d0a4, 0x83c061ba, 0x9be96a4d, 0x8fe51550, 0xba645bd6, + 0x2826a2f9, 0xa73a3ae1, 0x4ba99586, 0xef5562e9, 0xc72fefd3, 0xf752f7da, 0x3f046f69, 0x77fa0a59, + 0x80e4a915, 0x87b08601, 0x9b09e6ad, 0x3b3ee593, 0xe990fd5a, 0x9e34d797, 0x2cf0b7d9, 0x022b8b51, + 0x96d5ac3a, 0x017da67d, 0xd1cf3ed6, 0x7c7d2d28, 0x1f9f25cf, 0xadf2b89b, 0x5ad6b472, 0x5a88f54c, + 0xe029ac71, 0xe019a5e6, 0x47b0acfd, 0xed93fa9b, 0xe8d3c48d, 0x283b57cc, 0xf8d56629, 0x79132e28, + 0x785f0191, 0xed756055, 0xf7960e44, 0xe3d35e8c, 0x15056dd4, 0x88f46dba, 0x03a16125, 0x0564f0bd, + 0xc3eb9e15, 0x3c9057a2, 0x97271aec, 0xa93a072a, 0x1b3f6d9b, 0x1e6321f5, 0xf59c66fb, 0x26dcf319, + 0x7533d928, 0xb155fdf5, 0x03563482, 0x8aba3cbb, 0x28517711, 0xc20ad9f8, 0xabcc5167, 0xccad925f, + 0x4de81751, 0x3830dc8e, 0x379d5862, 0x9320f991, 0xea7a90c2, 0xfb3e7bce, 0x5121ce64, 0x774fbe32, + 0xa8b6e37e, 0xc3293d46, 0x48de5369, 0x6413e680, 0xa2ae0810, 0xdd6db224, 0x69852dfd, 0x09072166, + 0xb39a460a, 0x6445c0dd, 0x586cdecf, 0x1c20c8ae, 0x5bbef7dd, 0x1b588d40, 0xccd2017f, 0x6bb4e3bb, + 0xdda26a7e, 0x3a59ff45, 0x3e350a44, 0xbcb4cdd5, 0x72eacea8, 0xfa6484bb, 0x8d6612ae, 0xbf3c6f47, + 0xd29be463, 0x542f5d9e, 0xaec2771b, 0xf64e6370, 0x740e0d8d, 0xe75b1357, 0xf8721671, 0xaf537d5d, + 0x4040cb08, 0x4eb4e2cc, 0x34d2466a, 0x0115af84, 0xe1b00428, 0x95983a1d, 0x06b89fb4, 0xce6ea048, + 0x6f3f3b82, 0x3520ab82, 0x011a1d4b, 0x277227f8, 0x611560b1, 0xe7933fdc, 0xbb3a792b, 0x344525bd, + 0xa08839e1, 0x51ce794b, 0x2f32c9b7, 0xa01fbac9, 0xe01cc87e, 0xbcc7d1f6, 0xcf0111c3, 0xa1e8aac7, + 0x1a908749, 0xd44fbd9a, 0xd0dadecb, 0xd50ada38, 0x0339c32a, 0xc6913667, 0x8df9317c, 0xe0b12b4f, + 0xf79e59b7, 0x43f5bb3a, 0xf2d519ff, 0x27d9459c, 0xbf97222c, 0x15e6fc2a, 0x0f91fc71, 0x9b941525, + 0xfae59361, 0xceb69ceb, 0xc2a86459, 0x12baa8d1, 0xb6c1075e, 0xe3056a0c, 0x10d25065, 0xcb03a442, + 0xe0ec6e0e, 0x1698db3b, 0x4c98a0be, 0x3278e964, 0x9f1f9532, 0xe0d392df, 0xd3a0342b, 0x8971f21e, + 0x1b0a7441, 0x4ba3348c, 0xc5be7120, 0xc37632d8, 0xdf359f8d, 0x9b992f2e, 0xe60b6f47, 0x0fe3f11d, + 0xe54cda54, 0x1edad891, 0xce6279cf, 0xcd3e7e6f, 0x1618b166, 0xfd2c1d05, 0x848fd2c5, 0xf6fb2299, + 0xf523f357, 0xa6327623, 0x93a83531, 0x56cccd02, 0xacf08162, 0x5a75ebb5, 0x6e163697, 0x88d273cc, + 0xde966292, 0x81b949d0, 0x4c50901b, 0x71c65614, 0xe6c6c7bd, 0x327a140a, 0x45e1d006, 0xc3f27b9a, + 0xc9aa53fd, 0x62a80f00, 0xbb25bfe2, 0x35bdd2f6, 0x71126905, 0xb2040222, 0xb6cbcf7c, 0xcd769c2b, + 0x53113ec0, 0x1640e3d3, 0x38abbd60, 0x2547adf0, 0xba38209c, 0xf746ce76, 0x77afa1c5, 0x20756060, + 0x85cbfe4e, 0x8ae88dd8, 0x7aaaf9b0, 0x4cf9aa7e, 0x1948c25c, 0x02fb8a8c, 0x01c36ae4, 0xd6ebe1f9, + 0x90d4f869, 0xa65cdea0, 0x3f09252d, 0xc208e69f, 0xb74e6132, 0xce77e25b, 0x578fdfe3, 0x3ac372e6 + ]; + + /** + * P-Array consists of 18 32-bit subkeys + * + * @var array + */ + private static $parray = [ + 0x243f6a88, 0x85a308d3, 0x13198a2e, 0x03707344, 0xa4093822, 0x299f31d0, + 0x082efa98, 0xec4e6c89, 0x452821e6, 0x38d01377, 0xbe5466cf, 0x34e90c6c, + 0xc0ac29b7, 0xc97c50dd, 0x3f84d5b5, 0xb5470917, 0x9216d5d9, 0x8979fb1b + ]; + + /** + * The BCTX-working Array + * + * Holds the expanded key [p] and the key-depended s-boxes [sb] + * + * @var array + */ + private $bctx; + + /** + * Holds the last used key + * + * @var array + */ + private $kl; + + /** + * The Key Length (in bytes) + * {@internal The max value is 256 / 8 = 32, the min value is 128 / 8 = 16. Exists in conjunction with $Nk + * because the encryption / decryption / key schedule creation requires this number and not $key_length. We could + * derive this from $key_length or vice versa, but that'd mean we'd have to do multiple shift operations, so in lieu + * of that, we'll just precompute it once.} + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::setKeyLength() + * @var int + */ + protected $key_length = 16; + + /** + * Default Constructor. + * + * @param string $mode + * @throws \InvalidArgumentException if an invalid / unsupported mode is provided + */ + public function __construct($mode) + { + parent::__construct($mode); + + if ($this->mode == self::MODE_STREAM) { + throw new \InvalidArgumentException('Block ciphers cannot be ran in stream mode'); + } + } + + /** + * Sets the key length. + * + * Key lengths can be between 32 and 448 bits. + * + * @param int $length + */ + public function setKeyLength($length) + { + if ($length < 32 || $length > 448) { + throw new \LengthException('Key size of ' . $length . ' bits is not supported by this algorithm. Only keys of sizes between 32 and 448 bits are supported'); + } + + $this->key_length = $length >> 3; + + parent::setKeyLength($length); + } + + /** + * Test for engine validity + * + * This is mainly just a wrapper to set things up for \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine() + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine() + * @param int $engine + * @return bool + */ + protected function isValidEngineHelper($engine) + { + if ($engine == self::ENGINE_OPENSSL) { + if ($this->key_length < 16) { + return false; + } + // quoting https://www.openssl.org/news/openssl-3.0-notes.html, OpenSSL 3.0.1 + // "Moved all variations of the EVP ciphers CAST5, BF, IDEA, SEED, RC2, RC4, RC5, and DES to the legacy provider" + // in theory openssl_get_cipher_methods() should catch this but, on GitHub Actions, at least, it does not + if (defined('OPENSSL_VERSION_TEXT') && version_compare(preg_replace('#OpenSSL (\d+\.\d+\.\d+) .*#', '$1', OPENSSL_VERSION_TEXT), '3.0.1', '>=')) { + return false; + } + $this->cipher_name_openssl_ecb = 'bf-ecb'; + $this->cipher_name_openssl = 'bf-' . $this->openssl_translate_mode(); + } + + return parent::isValidEngineHelper($engine); + } + + /** + * Setup the key (expansion) + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::_setupKey() + */ + protected function setupKey() + { + if (isset($this->kl['key']) && $this->key === $this->kl['key']) { + // already expanded + return; + } + $this->kl = ['key' => $this->key]; + + /* key-expanding p[] and S-Box building sb[] */ + $this->bctx = [ + 'p' => [], + 'sb' => [ + self::$sbox0, + self::$sbox1, + self::$sbox2, + self::$sbox3 + ] + ]; + + // unpack binary string in unsigned chars + $key = array_values(unpack('C*', $this->key)); + $keyl = count($key); + // with bcrypt $keyl will always be 16 (because the key is the sha512 of the key you provide) + for ($j = 0, $i = 0; $i < 18; ++$i) { + // xor P1 with the first 32-bits of the key, xor P2 with the second 32-bits ... + for ($data = 0, $k = 0; $k < 4; ++$k) { + $data = ($data << 8) | $key[$j]; + if (++$j >= $keyl) { + $j = 0; + } + } + $this->bctx['p'][] = self::$parray[$i] ^ intval($data); + } + + // encrypt the zero-string, replace P1 and P2 with the encrypted data, + // encrypt P3 and P4 with the new P1 and P2, do it with all P-array and subkeys + $data = "\0\0\0\0\0\0\0\0"; + for ($i = 0; $i < 18; $i += 2) { + list($l, $r) = array_values(unpack('N*', $data = $this->encryptBlock($data))); + $this->bctx['p'][$i ] = $l; + $this->bctx['p'][$i + 1] = $r; + } + for ($i = 0; $i < 4; ++$i) { + for ($j = 0; $j < 256; $j += 2) { + list($l, $r) = array_values(unpack('N*', $data = $this->encryptBlock($data))); + $this->bctx['sb'][$i][$j ] = $l; + $this->bctx['sb'][$i][$j + 1] = $r; + } + } + } + + /** + * Initialize Static Variables + */ + protected static function initialize_static_variables() + { + if (is_float(self::$sbox2[0])) { + self::$sbox0 = array_map('intval', self::$sbox0); + self::$sbox1 = array_map('intval', self::$sbox1); + self::$sbox2 = array_map('intval', self::$sbox2); + self::$sbox3 = array_map('intval', self::$sbox3); + self::$parray = array_map('intval', self::$parray); + } + + parent::initialize_static_variables(); + } + + /** + * bcrypt + * + * @param string $sha2pass + * @param string $sha2salt + * @access private + * @return string + */ + private static function bcrypt_hash($sha2pass, $sha2salt) + { + $p = self::$parray; + $sbox0 = self::$sbox0; + $sbox1 = self::$sbox1; + $sbox2 = self::$sbox2; + $sbox3 = self::$sbox3; + + $cdata = array_values(unpack('N*', 'OxychromaticBlowfishSwatDynamite')); + $sha2pass = array_values(unpack('N*', $sha2pass)); + $sha2salt = array_values(unpack('N*', $sha2salt)); + + self::expandstate($sha2salt, $sha2pass, $sbox0, $sbox1, $sbox2, $sbox3, $p); + for ($i = 0; $i < 64; $i++) { + self::expand0state($sha2salt, $sbox0, $sbox1, $sbox2, $sbox3, $p); + self::expand0state($sha2pass, $sbox0, $sbox1, $sbox2, $sbox3, $p); + } + + for ($i = 0; $i < 64; $i++) { + for ($j = 0; $j < 8; $j += 2) { // count($cdata) == 8 + list($cdata[$j], $cdata[$j + 1]) = self::encryptBlockHelperFast($cdata[$j], $cdata[$j + 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); + } + } + + return pack('L*', ...$cdata); + } + + /** + * Performs OpenSSH-style bcrypt + * + * @param string $pass + * @param string $salt + * @param int $keylen + * @param int $rounds + * @access public + * @return string + */ + public static function bcrypt_pbkdf($pass, $salt, $keylen, $rounds) + { + self::initialize_static_variables(); + + if (PHP_INT_SIZE == 4) { + throw new \RuntimeException('bcrypt is far too slow to be practical on 32-bit versions of PHP'); + } + + $sha2pass = hash('sha512', $pass, true); + $results = []; + $count = 1; + while (32 * count($results) < $keylen) { + $countsalt = $salt . pack('N', $count++); + $sha2salt = hash('sha512', $countsalt, true); + $out = $tmpout = self::bcrypt_hash($sha2pass, $sha2salt); + for ($i = 1; $i < $rounds; $i++) { + $sha2salt = hash('sha512', $tmpout, true); + $tmpout = self::bcrypt_hash($sha2pass, $sha2salt); + $out ^= $tmpout; + } + $results[] = $out; + } + $output = ''; + for ($i = 0; $i < 32; $i++) { + foreach ($results as $result) { + $output .= $result[$i]; + } + } + return substr($output, 0, $keylen); + } + + /** + * Key expansion without salt + * + * @access private + * @param int[] $key + * @param int[] $sbox0 + * @param int[] $sbox1 + * @param int[] $sbox2 + * @param int[] $sbox3 + * @param int[] $p + * @see self::_bcrypt_hash() + */ + private static function expand0state(array $key, array &$sbox0, array &$sbox1, array &$sbox2, array &$sbox3, array &$p) + { + // expand0state is basically the same thing as this: + //return self::expandstate(array_fill(0, 16, 0), $key); + // but this separate function eliminates a bunch of XORs and array lookups + + $p = [ + $p[0] ^ $key[0], + $p[1] ^ $key[1], + $p[2] ^ $key[2], + $p[3] ^ $key[3], + $p[4] ^ $key[4], + $p[5] ^ $key[5], + $p[6] ^ $key[6], + $p[7] ^ $key[7], + $p[8] ^ $key[8], + $p[9] ^ $key[9], + $p[10] ^ $key[10], + $p[11] ^ $key[11], + $p[12] ^ $key[12], + $p[13] ^ $key[13], + $p[14] ^ $key[14], + $p[15] ^ $key[15], + $p[16] ^ $key[0], + $p[17] ^ $key[1] + ]; + + // @codingStandardsIgnoreStart + list( $p[0], $p[1]) = self::encryptBlockHelperFast( 0, 0, $sbox0, $sbox1, $sbox2, $sbox3, $p); + list( $p[2], $p[3]) = self::encryptBlockHelperFast($p[ 0], $p[ 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); + list( $p[4], $p[5]) = self::encryptBlockHelperFast($p[ 2], $p[ 3], $sbox0, $sbox1, $sbox2, $sbox3, $p); + list( $p[6], $p[7]) = self::encryptBlockHelperFast($p[ 4], $p[ 5], $sbox0, $sbox1, $sbox2, $sbox3, $p); + list( $p[8], $p[9]) = self::encryptBlockHelperFast($p[ 6], $p[ 7], $sbox0, $sbox1, $sbox2, $sbox3, $p); + list($p[10], $p[11]) = self::encryptBlockHelperFast($p[ 8], $p[ 9], $sbox0, $sbox1, $sbox2, $sbox3, $p); + list($p[12], $p[13]) = self::encryptBlockHelperFast($p[10], $p[11], $sbox0, $sbox1, $sbox2, $sbox3, $p); + list($p[14], $p[15]) = self::encryptBlockHelperFast($p[12], $p[13], $sbox0, $sbox1, $sbox2, $sbox3, $p); + list($p[16], $p[17]) = self::encryptBlockHelperFast($p[14], $p[15], $sbox0, $sbox1, $sbox2, $sbox3, $p); + // @codingStandardsIgnoreEnd + + list($sbox0[0], $sbox0[1]) = self::encryptBlockHelperFast($p[16], $p[17], $sbox0, $sbox1, $sbox2, $sbox3, $p); + for ($i = 2; $i < 256; $i += 2) { + list($sbox0[$i], $sbox0[$i + 1]) = self::encryptBlockHelperFast($sbox0[$i - 2], $sbox0[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); + } + + list($sbox1[0], $sbox1[1]) = self::encryptBlockHelperFast($sbox0[254], $sbox0[255], $sbox0, $sbox1, $sbox2, $sbox3, $p); + for ($i = 2; $i < 256; $i += 2) { + list($sbox1[$i], $sbox1[$i + 1]) = self::encryptBlockHelperFast($sbox1[$i - 2], $sbox1[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); + } + + list($sbox2[0], $sbox2[1]) = self::encryptBlockHelperFast($sbox1[254], $sbox1[255], $sbox0, $sbox1, $sbox2, $sbox3, $p); + for ($i = 2; $i < 256; $i += 2) { + list($sbox2[$i], $sbox2[$i + 1]) = self::encryptBlockHelperFast($sbox2[$i - 2], $sbox2[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); + } + + list($sbox3[0], $sbox3[1]) = self::encryptBlockHelperFast($sbox2[254], $sbox2[255], $sbox0, $sbox1, $sbox2, $sbox3, $p); + for ($i = 2; $i < 256; $i += 2) { + list($sbox3[$i], $sbox3[$i + 1]) = self::encryptBlockHelperFast($sbox3[$i - 2], $sbox3[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); + } + } + + /** + * Key expansion with salt + * + * @access private + * @param int[] $data + * @param int[] $key + * @param int[] $sbox0 + * @param int[] $sbox1 + * @param int[] $sbox2 + * @param int[] $sbox3 + * @param int[] $p + * @see self::_bcrypt_hash() + */ + private static function expandstate(array $data, array $key, array &$sbox0, array &$sbox1, array &$sbox2, array &$sbox3, array &$p) + { + $p = [ + $p[0] ^ $key[0], + $p[1] ^ $key[1], + $p[2] ^ $key[2], + $p[3] ^ $key[3], + $p[4] ^ $key[4], + $p[5] ^ $key[5], + $p[6] ^ $key[6], + $p[7] ^ $key[7], + $p[8] ^ $key[8], + $p[9] ^ $key[9], + $p[10] ^ $key[10], + $p[11] ^ $key[11], + $p[12] ^ $key[12], + $p[13] ^ $key[13], + $p[14] ^ $key[14], + $p[15] ^ $key[15], + $p[16] ^ $key[0], + $p[17] ^ $key[1] + ]; + + // @codingStandardsIgnoreStart + list( $p[0], $p[1]) = self::encryptBlockHelperFast($data[ 0] , $data[ 1] , $sbox0, $sbox1, $sbox2, $sbox3, $p); + list( $p[2], $p[3]) = self::encryptBlockHelperFast($data[ 2] ^ $p[ 0], $data[ 3] ^ $p[ 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); + list( $p[4], $p[5]) = self::encryptBlockHelperFast($data[ 4] ^ $p[ 2], $data[ 5] ^ $p[ 3], $sbox0, $sbox1, $sbox2, $sbox3, $p); + list( $p[6], $p[7]) = self::encryptBlockHelperFast($data[ 6] ^ $p[ 4], $data[ 7] ^ $p[ 5], $sbox0, $sbox1, $sbox2, $sbox3, $p); + list( $p[8], $p[9]) = self::encryptBlockHelperFast($data[ 8] ^ $p[ 6], $data[ 9] ^ $p[ 7], $sbox0, $sbox1, $sbox2, $sbox3, $p); + list($p[10], $p[11]) = self::encryptBlockHelperFast($data[10] ^ $p[ 8], $data[11] ^ $p[ 9], $sbox0, $sbox1, $sbox2, $sbox3, $p); + list($p[12], $p[13]) = self::encryptBlockHelperFast($data[12] ^ $p[10], $data[13] ^ $p[11], $sbox0, $sbox1, $sbox2, $sbox3, $p); + list($p[14], $p[15]) = self::encryptBlockHelperFast($data[14] ^ $p[12], $data[15] ^ $p[13], $sbox0, $sbox1, $sbox2, $sbox3, $p); + list($p[16], $p[17]) = self::encryptBlockHelperFast($data[ 0] ^ $p[14], $data[ 1] ^ $p[15], $sbox0, $sbox1, $sbox2, $sbox3, $p); + // @codingStandardsIgnoreEnd + + list($sbox0[0], $sbox0[1]) = self::encryptBlockHelperFast($data[2] ^ $p[16], $data[3] ^ $p[17], $sbox0, $sbox1, $sbox2, $sbox3, $p); + for ($i = 2, $j = 4; $i < 256; $i += 2, $j = ($j + 2) % 16) { // instead of 16 maybe count($data) would be better? + list($sbox0[$i], $sbox0[$i + 1]) = self::encryptBlockHelperFast($data[$j] ^ $sbox0[$i - 2], $data[$j + 1] ^ $sbox0[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); + } + + list($sbox1[0], $sbox1[1]) = self::encryptBlockHelperFast($data[2] ^ $sbox0[254], $data[3] ^ $sbox0[255], $sbox0, $sbox1, $sbox2, $sbox3, $p); + for ($i = 2, $j = 4; $i < 256; $i += 2, $j = ($j + 2) % 16) { + list($sbox1[$i], $sbox1[$i + 1]) = self::encryptBlockHelperFast($data[$j] ^ $sbox1[$i - 2], $data[$j + 1] ^ $sbox1[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); + } + + list($sbox2[0], $sbox2[1]) = self::encryptBlockHelperFast($data[2] ^ $sbox1[254], $data[3] ^ $sbox1[255], $sbox0, $sbox1, $sbox2, $sbox3, $p); + for ($i = 2, $j = 4; $i < 256; $i += 2, $j = ($j + 2) % 16) { + list($sbox2[$i], $sbox2[$i + 1]) = self::encryptBlockHelperFast($data[$j] ^ $sbox2[$i - 2], $data[$j + 1] ^ $sbox2[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); + } + + list($sbox3[0], $sbox3[1]) = self::encryptBlockHelperFast($data[2] ^ $sbox2[254], $data[3] ^ $sbox2[255], $sbox0, $sbox1, $sbox2, $sbox3, $p); + for ($i = 2, $j = 4; $i < 256; $i += 2, $j = ($j + 2) % 16) { + list($sbox3[$i], $sbox3[$i + 1]) = self::encryptBlockHelperFast($data[$j] ^ $sbox3[$i - 2], $data[$j + 1] ^ $sbox3[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); + } + } + + /** + * Encrypts a block + * + * @param string $in + * @return string + */ + protected function encryptBlock($in) + { + $p = $this->bctx['p']; + // extract($this->bctx['sb'], EXTR_PREFIX_ALL, 'sb'); // slower + $sb_0 = $this->bctx['sb'][0]; + $sb_1 = $this->bctx['sb'][1]; + $sb_2 = $this->bctx['sb'][2]; + $sb_3 = $this->bctx['sb'][3]; + + $in = unpack('N*', $in); + $l = $in[1]; + $r = $in[2]; + + list($r, $l) = PHP_INT_SIZE == 4 ? + self::encryptBlockHelperSlow($l, $r, $sb_0, $sb_1, $sb_2, $sb_3, $p) : + self::encryptBlockHelperFast($l, $r, $sb_0, $sb_1, $sb_2, $sb_3, $p); + + return pack("N*", $r, $l); + } + + /** + * Fast helper function for block encryption + * + * @access private + * @param int $x0 + * @param int $x1 + * @param int[] $sbox0 + * @param int[] $sbox1 + * @param int[] $sbox2 + * @param int[] $sbox3 + * @param int[] $p + * @return int[] + */ + private static function encryptBlockHelperFast($x0, $x1, array $sbox0, array $sbox1, array $sbox2, array $sbox3, array $p) + { + $x0 ^= $p[0]; + $x1 ^= ((($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[1]; + $x0 ^= ((($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[2]; + $x1 ^= ((($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[3]; + $x0 ^= ((($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[4]; + $x1 ^= ((($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[5]; + $x0 ^= ((($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[6]; + $x1 ^= ((($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[7]; + $x0 ^= ((($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[8]; + $x1 ^= ((($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[9]; + $x0 ^= ((($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[10]; + $x1 ^= ((($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[11]; + $x0 ^= ((($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[12]; + $x1 ^= ((($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[13]; + $x0 ^= ((($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[14]; + $x1 ^= ((($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[15]; + $x0 ^= ((($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[16]; + + return [$x1 & 0xFFFFFFFF ^ $p[17], $x0 & 0xFFFFFFFF]; + } + + /** + * Slow helper function for block encryption + * + * @access private + * @param int $x0 + * @param int $x1 + * @param int[] $sbox0 + * @param int[] $sbox1 + * @param int[] $sbox2 + * @param int[] $sbox3 + * @param int[] $p + * @return int[] + */ + private static function encryptBlockHelperSlow($x0, $x1, array $sbox0, array $sbox1, array $sbox2, array $sbox3, array $p) + { + // -16777216 == intval(0xFF000000) on 32-bit PHP installs + $x0 ^= $p[0]; + $x1 ^= self::safe_intval((self::safe_intval($sbox0[(($x0 & -16777216) >> 24) & 0xFF] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[1]; + $x0 ^= self::safe_intval((self::safe_intval($sbox0[(($x1 & -16777216) >> 24) & 0xFF] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[2]; + $x1 ^= self::safe_intval((self::safe_intval($sbox0[(($x0 & -16777216) >> 24) & 0xFF] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[3]; + $x0 ^= self::safe_intval((self::safe_intval($sbox0[(($x1 & -16777216) >> 24) & 0xFF] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[4]; + $x1 ^= self::safe_intval((self::safe_intval($sbox0[(($x0 & -16777216) >> 24) & 0xFF] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[5]; + $x0 ^= self::safe_intval((self::safe_intval($sbox0[(($x1 & -16777216) >> 24) & 0xFF] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[6]; + $x1 ^= self::safe_intval((self::safe_intval($sbox0[(($x0 & -16777216) >> 24) & 0xFF] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[7]; + $x0 ^= self::safe_intval((self::safe_intval($sbox0[(($x1 & -16777216) >> 24) & 0xFF] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[8]; + $x1 ^= self::safe_intval((self::safe_intval($sbox0[(($x0 & -16777216) >> 24) & 0xFF] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[9]; + $x0 ^= self::safe_intval((self::safe_intval($sbox0[(($x1 & -16777216) >> 24) & 0xFF] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[10]; + $x1 ^= self::safe_intval((self::safe_intval($sbox0[(($x0 & -16777216) >> 24) & 0xFF] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[11]; + $x0 ^= self::safe_intval((self::safe_intval($sbox0[(($x1 & -16777216) >> 24) & 0xFF] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[12]; + $x1 ^= self::safe_intval((self::safe_intval($sbox0[(($x0 & -16777216) >> 24) & 0xFF] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[13]; + $x0 ^= self::safe_intval((self::safe_intval($sbox0[(($x1 & -16777216) >> 24) & 0xFF] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[14]; + $x1 ^= self::safe_intval((self::safe_intval($sbox0[(($x0 & -16777216) >> 24) & 0xFF] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[15]; + $x0 ^= self::safe_intval((self::safe_intval($sbox0[(($x1 & -16777216) >> 24) & 0xFF] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[16]; + + return [$x1 ^ $p[17], $x0]; + } + + /** + * Decrypts a block + * + * @param string $in + * @return string + */ + protected function decryptBlock($in) + { + $p = $this->bctx['p']; + $sb_0 = $this->bctx['sb'][0]; + $sb_1 = $this->bctx['sb'][1]; + $sb_2 = $this->bctx['sb'][2]; + $sb_3 = $this->bctx['sb'][3]; + + $in = unpack('N*', $in); + $l = $in[1]; + $r = $in[2]; + + for ($i = 17; $i > 2; $i -= 2) { + $l ^= $p[$i]; + $r ^= self::safe_intval((self::safe_intval($sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff]) ^ + $sb_2[$l >> 8 & 0xff]) + + $sb_3[$l & 0xff]); + + $r ^= $p[$i - 1]; + $l ^= self::safe_intval((self::safe_intval($sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff]) ^ + $sb_2[$r >> 8 & 0xff]) + + $sb_3[$r & 0xff]); + } + return pack('N*', $r ^ $p[0], $l ^ $p[1]); + } + + /** + * Setup the performance-optimized function for de/encrypt() + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::_setupInlineCrypt() + */ + protected function setupInlineCrypt() + { + $p = $this->bctx['p']; + $init_crypt = ' + static $sb_0, $sb_1, $sb_2, $sb_3; + if (!$sb_0) { + $sb_0 = $this->bctx["sb"][0]; + $sb_1 = $this->bctx["sb"][1]; + $sb_2 = $this->bctx["sb"][2]; + $sb_3 = $this->bctx["sb"][3]; + } + '; + + $safeint = self::safe_intval_inline(); + + // Generating encrypt code: + $encrypt_block = ' + $in = unpack("N*", $in); + $l = $in[1]; + $r = $in[2]; + '; + for ($i = 0; $i < 16; $i += 2) { + $encrypt_block .= ' + $l^= ' . $p[$i] . '; + $r^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff]') . ' ^ + $sb_2[$l >> 8 & 0xff]) + + $sb_3[$l & 0xff]') . '; + + $r^= ' . $p[$i + 1] . '; + $l^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff]') . ' ^ + $sb_2[$r >> 8 & 0xff]) + + $sb_3[$r & 0xff]') . '; + '; + } + $encrypt_block .= ' + $in = pack("N*", + $r ^ ' . $p[17] . ', + $l ^ ' . $p[16] . ' + ); + '; + // Generating decrypt code: + $decrypt_block = ' + $in = unpack("N*", $in); + $l = $in[1]; + $r = $in[2]; + '; + + for ($i = 17; $i > 2; $i -= 2) { + $decrypt_block .= ' + $l^= ' . $p[$i] . '; + $r^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff]') . ' ^ + $sb_2[$l >> 8 & 0xff]) + + $sb_3[$l & 0xff]') . '; + + $r^= ' . $p[$i - 1] . '; + $l^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff]') . ' ^ + $sb_2[$r >> 8 & 0xff]) + + $sb_3[$r & 0xff]') . '; + '; + } + + $decrypt_block .= ' + $in = pack("N*", + $r ^ ' . $p[0] . ', + $l ^ ' . $p[1] . ' + ); + '; + + $this->inline_crypt = $this->createInlineCryptFunction( + [ + 'init_crypt' => $init_crypt, + 'init_encrypt' => '', + 'init_decrypt' => '', + 'encrypt_block' => $encrypt_block, + 'decrypt_block' => $decrypt_block + ] + ); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/ChaCha20.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/ChaCha20.php new file mode 100644 index 0000000..b2691b5 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/ChaCha20.php @@ -0,0 +1,799 @@ + + * @copyright 2019 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt; + +use phpseclib3\Exception\BadDecryptionException; +use phpseclib3\Exception\InsufficientSetupException; + +/** + * Pure-PHP implementation of ChaCha20. + * + * @author Jim Wigginton + */ +class ChaCha20 extends Salsa20 +{ + /** + * The OpenSSL specific name of the cipher + * + * @var string + */ + protected $cipher_name_openssl = 'chacha20'; + + /** + * Test for engine validity + * + * This is mainly just a wrapper to set things up for \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine() + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() + * @param int $engine + * @return bool + */ + protected function isValidEngineHelper($engine) + { + switch ($engine) { + case self::ENGINE_LIBSODIUM: + // PHP 7.2.0 (30 Nov 2017) added support for libsodium + + // we could probably make it so that if $this->counter == 0 then the first block would be done with either OpenSSL + // or PHP and then subsequent blocks would then be done with libsodium but idk - it's not a high priority atm + + // we could also make it so that if $this->counter == 0 and $this->continuousBuffer then do the first string + // with libsodium and subsequent strings with openssl or pure-PHP but again not a high priority + return function_exists('sodium_crypto_aead_chacha20poly1305_ietf_encrypt') && + $this->key_length == 32 && + (($this->usePoly1305 && !isset($this->poly1305Key) && $this->counter == 0) || $this->counter == 1) && + !$this->continuousBuffer; + case self::ENGINE_OPENSSL: + // OpenSSL 1.1.0 (released 25 Aug 2016) added support for chacha20. + // PHP didn't support OpenSSL 1.1.0 until 7.0.19 (11 May 2017) + + // if you attempt to provide openssl with a 128 bit key (as opposed to a 256 bit key) openssl will null + // pad the key to 256 bits and still use the expansion constant for 256-bit keys. the fact that + // openssl treats the IV as both the counter and nonce, however, let's us use openssl in continuous mode + // whereas libsodium does not + if ($this->key_length != 32) { + return false; + } + } + + return parent::isValidEngineHelper($engine); + } + + /** + * Encrypts a message. + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() + * @see self::crypt() + * @param string $plaintext + * @return string $ciphertext + */ + public function encrypt($plaintext) + { + $this->setup(); + + if ($this->engine == self::ENGINE_LIBSODIUM) { + return $this->encrypt_with_libsodium($plaintext); + } + + return parent::encrypt($plaintext); + } + + /** + * Decrypts a message. + * + * $this->decrypt($this->encrypt($plaintext)) == $this->encrypt($this->encrypt($plaintext)). + * At least if the continuous buffer is disabled. + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() + * @see self::crypt() + * @param string $ciphertext + * @return string $plaintext + */ + public function decrypt($ciphertext) + { + $this->setup(); + + if ($this->engine == self::ENGINE_LIBSODIUM) { + return $this->decrypt_with_libsodium($ciphertext); + } + + return parent::decrypt($ciphertext); + } + + /** + * Encrypts a message with libsodium + * + * @see self::encrypt() + * @param string $plaintext + * @return string $text + */ + private function encrypt_with_libsodium($plaintext) + { + $params = [$plaintext, $this->aad, $this->nonce, $this->key]; + $ciphertext = strlen($this->nonce) == 8 ? + sodium_crypto_aead_chacha20poly1305_encrypt(...$params) : + sodium_crypto_aead_chacha20poly1305_ietf_encrypt(...$params); + if (!$this->usePoly1305) { + return substr($ciphertext, 0, strlen($plaintext)); + } + + $newciphertext = substr($ciphertext, 0, strlen($plaintext)); + + $this->newtag = $this->usingGeneratedPoly1305Key && strlen($this->nonce) == 12 ? + substr($ciphertext, strlen($plaintext)) : + $this->poly1305($newciphertext); + + return $newciphertext; + } + + /** + * Decrypts a message with libsodium + * + * @see self::decrypt() + * @param string $ciphertext + * @return string $text + */ + private function decrypt_with_libsodium($ciphertext) + { + $params = [$ciphertext, $this->aad, $this->nonce, $this->key]; + + if (isset($this->poly1305Key)) { + if ($this->oldtag === false) { + throw new InsufficientSetupException('Authentication Tag has not been set'); + } + if ($this->usingGeneratedPoly1305Key && strlen($this->nonce) == 12) { + $plaintext = sodium_crypto_aead_chacha20poly1305_ietf_decrypt(...$params); + $this->oldtag = false; + if ($plaintext === false) { + throw new BadDecryptionException('Derived authentication tag and supplied authentication tag do not match'); + } + return $plaintext; + } + $newtag = $this->poly1305($ciphertext); + if ($this->oldtag != substr($newtag, 0, strlen($this->oldtag))) { + $this->oldtag = false; + throw new BadDecryptionException('Derived authentication tag and supplied authentication tag do not match'); + } + $this->oldtag = false; + } + + $plaintext = strlen($this->nonce) == 8 ? + sodium_crypto_aead_chacha20poly1305_encrypt(...$params) : + sodium_crypto_aead_chacha20poly1305_ietf_encrypt(...$params); + + return substr($plaintext, 0, strlen($ciphertext)); + } + + /** + * Sets the nonce. + * + * @param string $nonce + */ + public function setNonce($nonce) + { + if (!is_string($nonce)) { + throw new \UnexpectedValueException('The nonce should be a string'); + } + + /* + from https://tools.ietf.org/html/rfc7539#page-7 + + "Note also that the original ChaCha had a 64-bit nonce and 64-bit + block count. We have modified this here to be more consistent with + recommendations in Section 3.2 of [RFC5116]." + */ + switch (strlen($nonce)) { + case 8: // 64 bits + case 12: // 96 bits + break; + default: + throw new \LengthException('Nonce of size ' . strlen($nonce) . ' not supported by this algorithm. Only 64-bit nonces or 96-bit nonces are supported'); + } + + $this->nonce = $nonce; + $this->changed = true; + $this->setEngine(); + } + + /** + * Setup the self::ENGINE_INTERNAL $engine + * + * (re)init, if necessary, the internal cipher $engine + * + * _setup() will be called each time if $changed === true + * typically this happens when using one or more of following public methods: + * + * - setKey() + * + * - setNonce() + * + * - First run of encrypt() / decrypt() with no init-settings + * + * @see self::setKey() + * @see self::setNonce() + * @see self::disableContinuousBuffer() + */ + protected function setup() + { + if (!$this->changed) { + return; + } + + $this->enbuffer = $this->debuffer = ['ciphertext' => '', 'counter' => $this->counter]; + + $this->changed = $this->nonIVChanged = false; + + if ($this->nonce === false) { + throw new InsufficientSetupException('No nonce has been defined'); + } + + if ($this->key === false) { + throw new InsufficientSetupException('No key has been defined'); + } + + if ($this->usePoly1305 && !isset($this->poly1305Key)) { + $this->usingGeneratedPoly1305Key = true; + if ($this->engine == self::ENGINE_LIBSODIUM) { + return; + } + $this->createPoly1305Key(); + } + + $key = $this->key; + if (strlen($key) == 16) { + $constant = 'expand 16-byte k'; + $key .= $key; + } else { + $constant = 'expand 32-byte k'; + } + + $this->p1 = $constant . $key; + $this->p2 = $this->nonce; + if (strlen($this->nonce) == 8) { + $this->p2 = "\0\0\0\0" . $this->p2; + } + } + + /** + * The quarterround function + * + * @param int $a + * @param int $b + * @param int $c + * @param int $d + */ + protected static function quarterRound(&$a, &$b, &$c, &$d) + { + // in https://datatracker.ietf.org/doc/html/rfc7539#section-2.1 the addition, + // xor'ing and rotation are all on the same line so i'm keeping it on the same + // line here as well + // @codingStandardsIgnoreStart + $a+= $b; $d = self::leftRotate(intval($d) ^ intval($a), 16); + $c+= $d; $b = self::leftRotate(intval($b) ^ intval($c), 12); + $a+= $b; $d = self::leftRotate(intval($d) ^ intval($a), 8); + $c+= $d; $b = self::leftRotate(intval($b) ^ intval($c), 7); + // @codingStandardsIgnoreEnd + } + + /** + * The doubleround function + * + * @param int $x0 (by reference) + * @param int $x1 (by reference) + * @param int $x2 (by reference) + * @param int $x3 (by reference) + * @param int $x4 (by reference) + * @param int $x5 (by reference) + * @param int $x6 (by reference) + * @param int $x7 (by reference) + * @param int $x8 (by reference) + * @param int $x9 (by reference) + * @param int $x10 (by reference) + * @param int $x11 (by reference) + * @param int $x12 (by reference) + * @param int $x13 (by reference) + * @param int $x14 (by reference) + * @param int $x15 (by reference) + */ + protected static function doubleRound(&$x0, &$x1, &$x2, &$x3, &$x4, &$x5, &$x6, &$x7, &$x8, &$x9, &$x10, &$x11, &$x12, &$x13, &$x14, &$x15) + { + // columnRound + static::quarterRound($x0, $x4, $x8, $x12); + static::quarterRound($x1, $x5, $x9, $x13); + static::quarterRound($x2, $x6, $x10, $x14); + static::quarterRound($x3, $x7, $x11, $x15); + // rowRound + static::quarterRound($x0, $x5, $x10, $x15); + static::quarterRound($x1, $x6, $x11, $x12); + static::quarterRound($x2, $x7, $x8, $x13); + static::quarterRound($x3, $x4, $x9, $x14); + } + + /** + * The Salsa20 hash function function + * + * On my laptop this loop unrolled / function dereferenced version of parent::salsa20 encrypts 1mb of text in + * 0.65s vs the 0.85s that it takes with the parent method. + * + * If we were free to assume that the host OS would always be 64-bits then the if condition in leftRotate could + * be eliminated and we could knock this done to 0.60s. + * + * For comparison purposes, RC4 takes 0.16s and AES in CTR mode with the Eval engine takes 0.48s. + * AES in CTR mode with the PHP engine takes 1.19s. Salsa20 / ChaCha20 do not benefit as much from the Eval + * approach due to the fact that there are a lot less variables to de-reference, fewer loops to unroll, etc + * + * @param string $x + */ + protected static function salsa20($x) + { + list(, $x0, $x1, $x2, $x3, $x4, $x5, $x6, $x7, $x8, $x9, $x10, $x11, $x12, $x13, $x14, $x15) = unpack('V*', $x); + $z0 = $x0; + $z1 = $x1; + $z2 = $x2; + $z3 = $x3; + $z4 = $x4; + $z5 = $x5; + $z6 = $x6; + $z7 = $x7; + $z8 = $x8; + $z9 = $x9; + $z10 = $x10; + $z11 = $x11; + $z12 = $x12; + $z13 = $x13; + $z14 = $x14; + $z15 = $x15; + + // @codingStandardsIgnoreStart + // columnRound + $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); + $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); + $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); + $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); + + $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); + $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); + $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); + $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); + + $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); + $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); + $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); + $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); + + $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); + $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); + $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); + $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); + + // rowRound + $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); + $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); + $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); + $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); + + $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); + $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); + $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); + $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); + + $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); + $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); + $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); + $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); + + $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); + $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); + $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); + $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); + + // columnRound + $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); + $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); + $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); + $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); + + $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); + $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); + $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); + $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); + + $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); + $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); + $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); + $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); + + $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); + $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); + $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); + $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); + + // rowRound + $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); + $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); + $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); + $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); + + $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); + $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); + $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); + $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); + + $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); + $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); + $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); + $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); + + $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); + $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); + $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); + $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); + + // columnRound + $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); + $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); + $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); + $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); + + $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); + $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); + $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); + $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); + + $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); + $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); + $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); + $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); + + $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); + $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); + $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); + $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); + + // rowRound + $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); + $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); + $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); + $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); + + $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); + $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); + $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); + $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); + + $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); + $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); + $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); + $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); + + $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); + $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); + $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); + $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); + + // columnRound + $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); + $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); + $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); + $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); + + $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); + $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); + $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); + $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); + + $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); + $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); + $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); + $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); + + $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); + $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); + $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); + $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); + + // rowRound + $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); + $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); + $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); + $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); + + $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); + $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); + $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); + $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); + + $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); + $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); + $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); + $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); + + $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); + $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); + $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); + $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); + + // columnRound + $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); + $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); + $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); + $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); + + $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); + $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); + $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); + $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); + + $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); + $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); + $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); + $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); + + $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); + $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); + $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); + $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); + + // rowRound + $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); + $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); + $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); + $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); + + $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); + $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); + $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); + $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); + + $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); + $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); + $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); + $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); + + $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); + $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); + $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); + $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); + + // columnRound + $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); + $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); + $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); + $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); + + $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); + $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); + $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); + $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); + + $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); + $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); + $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); + $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); + + $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); + $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); + $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); + $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); + + // rowRound + $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); + $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); + $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); + $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); + + $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); + $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); + $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); + $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); + + $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); + $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); + $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); + $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); + + $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); + $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); + $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); + $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); + + // columnRound + $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); + $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); + $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); + $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); + + $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); + $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); + $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); + $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); + + $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); + $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); + $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); + $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); + + $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); + $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); + $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); + $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); + + // rowRound + $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); + $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); + $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); + $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); + + $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); + $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); + $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); + $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); + + $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); + $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); + $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); + $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); + + $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); + $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); + $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); + $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); + + // columnRound + $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); + $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); + $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); + $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); + + $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); + $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); + $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); + $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); + + $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); + $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); + $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); + $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); + + $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); + $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); + $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); + $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); + + // rowRound + $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); + $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); + $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); + $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); + + $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); + $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); + $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); + $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); + + $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); + $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); + $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); + $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); + + $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); + $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); + $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); + $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); + + // columnRound + $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); + $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); + $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); + $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); + + $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); + $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); + $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); + $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); + + $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); + $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); + $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); + $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); + + $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); + $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); + $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); + $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); + + // rowRound + $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); + $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); + $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); + $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); + + $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); + $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); + $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); + $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); + + $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); + $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); + $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); + $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); + + $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); + $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); + $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); + $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); + + // columnRound + $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); + $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); + $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); + $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); + + $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); + $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); + $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); + $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); + + $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); + $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); + $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); + $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); + + $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); + $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); + $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); + $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); + + // rowRound + $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); + $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); + $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); + $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); + + $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); + $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); + $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); + $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); + + $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); + $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); + $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); + $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); + + $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); + $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); + $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); + $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); + // @codingStandardsIgnoreEnd + + $x0 += $z0; + $x1 += $z1; + $x2 += $z2; + $x3 += $z3; + $x4 += $z4; + $x5 += $z5; + $x6 += $z6; + $x7 += $z7; + $x8 += $z8; + $x9 += $z9; + $x10 += $z10; + $x11 += $z11; + $x12 += $z12; + $x13 += $z13; + $x14 += $z14; + $x15 += $z15; + + return pack('V*', $x0, $x1, $x2, $x3, $x4, $x5, $x6, $x7, $x8, $x9, $x10, $x11, $x12, $x13, $x14, $x15); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/AsymmetricKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/AsymmetricKey.php new file mode 100644 index 0000000..09eb5b1 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/AsymmetricKey.php @@ -0,0 +1,581 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\Common; + +use phpseclib3\Crypt\DSA; +use phpseclib3\Crypt\Hash; +use phpseclib3\Crypt\RSA; +use phpseclib3\Exception\NoKeyLoadedException; +use phpseclib3\Exception\UnsupportedFormatException; +use phpseclib3\Math\BigInteger; + +/** + * Base Class for all asymmetric cipher classes + * + * @author Jim Wigginton + */ +abstract class AsymmetricKey +{ + /** + * Precomputed Zero + * + * @var \phpseclib3\Math\BigInteger + */ + protected static $zero; + + /** + * Precomputed One + * + * @var \phpseclib3\Math\BigInteger + */ + protected static $one; + + /** + * Format of the loaded key + * + * @var string + */ + protected $format; + + /** + * Hash function + * + * @var \phpseclib3\Crypt\Hash + */ + protected $hash; + + /** + * HMAC function + * + * @var \phpseclib3\Crypt\Hash + */ + private $hmac; + + /** + * Supported plugins (lower case) + * + * @see self::initialize_static_variables() + * @var array + */ + private static $plugins = []; + + /** + * Invisible plugins + * + * @see self::initialize_static_variables() + * @var array + */ + private static $invisiblePlugins = []; + + /** + * Available Engines + * + * @var boolean[] + */ + protected static $engines = []; + + /** + * Key Comment + * + * @var null|string + */ + private $comment; + + /** + * @param string $type + * @return array|string + */ + abstract public function toString($type, array $options = []); + + /** + * The constructor + */ + protected function __construct() + { + self::initialize_static_variables(); + + $this->hash = new Hash('sha256'); + $this->hmac = new Hash('sha256'); + } + + /** + * Initialize static variables + */ + protected static function initialize_static_variables() + { + if (!isset(self::$zero)) { + self::$zero = new BigInteger(0); + self::$one = new BigInteger(1); + } + + self::loadPlugins('Keys'); + if (static::ALGORITHM != 'RSA' && static::ALGORITHM != 'DH') { + self::loadPlugins('Signature'); + } + } + + /** + * Load the key + * + * @param string $key + * @param string $password optional + * @return \phpseclib3\Crypt\Common\PublicKey|\phpseclib3\Crypt\Common\PrivateKey + */ + public static function load($key, $password = false) + { + self::initialize_static_variables(); + + $class = new \ReflectionClass(static::class); + if ($class->isFinal()) { + throw new \RuntimeException('load() should not be called from final classes (' . static::class . ')'); + } + + $components = false; + foreach (self::$plugins[static::ALGORITHM]['Keys'] as $format) { + if (isset(self::$invisiblePlugins[static::ALGORITHM]) && in_array($format, self::$invisiblePlugins[static::ALGORITHM])) { + continue; + } + try { + $components = $format::load($key, $password); + } catch (\Exception $e) { + $components = false; + } + if ($components !== false) { + break; + } + } + + if ($components === false) { + throw new NoKeyLoadedException('Unable to read key'); + } + + $components['format'] = $format; + $components['secret'] = isset($components['secret']) ? $components['secret'] : ''; + $comment = isset($components['comment']) ? $components['comment'] : null; + $new = static::onLoad($components); + $new->format = $format; + $new->comment = $comment; + return $new instanceof PrivateKey ? + $new->withPassword($password) : + $new; + } + + /** + * Loads a private key + * + * @return PrivateKey + * @param string|array $key + * @param string $password optional + */ + public static function loadPrivateKey($key, $password = '') + { + $key = self::load($key, $password); + if (!$key instanceof PrivateKey) { + throw new NoKeyLoadedException('The key that was loaded was not a private key'); + } + return $key; + } + + /** + * Loads a public key + * + * @return PublicKey + * @param string|array $key + */ + public static function loadPublicKey($key) + { + $key = self::load($key); + if (!$key instanceof PublicKey) { + throw new NoKeyLoadedException('The key that was loaded was not a public key'); + } + return $key; + } + + /** + * Loads parameters + * + * @return AsymmetricKey + * @param string|array $key + */ + public static function loadParameters($key) + { + $key = self::load($key); + if (!$key instanceof PrivateKey && !$key instanceof PublicKey) { + throw new NoKeyLoadedException('The key that was loaded was not a parameter'); + } + return $key; + } + + /** + * Load the key, assuming a specific format + * + * @param string $type + * @param string $key + * @param string $password optional + * @return static + */ + public static function loadFormat($type, $key, $password = false) + { + self::initialize_static_variables(); + + $components = false; + $format = strtolower($type); + if (isset(self::$plugins[static::ALGORITHM]['Keys'][$format])) { + $format = self::$plugins[static::ALGORITHM]['Keys'][$format]; + $components = $format::load($key, $password); + } + + if ($components === false) { + throw new NoKeyLoadedException('Unable to read key'); + } + + $components['format'] = $format; + $components['secret'] = isset($components['secret']) ? $components['secret'] : ''; + + $new = static::onLoad($components); + $new->format = $format; + return $new instanceof PrivateKey ? + $new->withPassword($password) : + $new; + } + + /** + * Loads a private key + * + * @return PrivateKey + * @param string $type + * @param string $key + * @param string $password optional + */ + public static function loadPrivateKeyFormat($type, $key, $password = false) + { + $key = self::loadFormat($type, $key, $password); + if (!$key instanceof PrivateKey) { + throw new NoKeyLoadedException('The key that was loaded was not a private key'); + } + return $key; + } + + /** + * Loads a public key + * + * @return PublicKey + * @param string $type + * @param string $key + */ + public static function loadPublicKeyFormat($type, $key) + { + $key = self::loadFormat($type, $key); + if (!$key instanceof PublicKey) { + throw new NoKeyLoadedException('The key that was loaded was not a public key'); + } + return $key; + } + + /** + * Loads parameters + * + * @return AsymmetricKey + * @param string $type + * @param string|array $key + */ + public static function loadParametersFormat($type, $key) + { + $key = self::loadFormat($type, $key); + if (!$key instanceof PrivateKey && !$key instanceof PublicKey) { + throw new NoKeyLoadedException('The key that was loaded was not a parameter'); + } + return $key; + } + + /** + * Validate Plugin + * + * @param string $format + * @param string $type + * @param string $method optional + * @return mixed + */ + protected static function validatePlugin($format, $type, $method = null) + { + $type = strtolower($type); + if (!isset(self::$plugins[static::ALGORITHM][$format][$type])) { + throw new UnsupportedFormatException("$type is not a supported format"); + } + $type = self::$plugins[static::ALGORITHM][$format][$type]; + if (isset($method) && !method_exists($type, $method)) { + throw new UnsupportedFormatException("$type does not implement $method"); + } + + return $type; + } + + /** + * Load Plugins + * + * @param string $format + */ + private static function loadPlugins($format) + { + if (!isset(self::$plugins[static::ALGORITHM][$format])) { + self::$plugins[static::ALGORITHM][$format] = []; + foreach (new \DirectoryIterator(__DIR__ . '/../' . static::ALGORITHM . '/Formats/' . $format . '/') as $file) { + if ($file->getExtension() != 'php') { + continue; + } + $name = $file->getBasename('.php'); + if ($name[0] == '.') { + continue; + } + $type = 'phpseclib3\Crypt\\' . static::ALGORITHM . '\\Formats\\' . $format . '\\' . $name; + $reflect = new \ReflectionClass($type); + if ($reflect->isTrait()) { + continue; + } + self::$plugins[static::ALGORITHM][$format][strtolower($name)] = $type; + if ($reflect->hasConstant('IS_INVISIBLE')) { + self::$invisiblePlugins[static::ALGORITHM][] = $type; + } + } + } + } + + /** + * Returns a list of supported formats. + * + * @return array + */ + public static function getSupportedKeyFormats() + { + self::initialize_static_variables(); + + return self::$plugins[static::ALGORITHM]['Keys']; + } + + /** + * Add a fileformat plugin + * + * The plugin needs to either already be loaded or be auto-loadable. + * Loading a plugin whose shortname overwrite an existing shortname will overwrite the old plugin. + * + * @see self::load() + * @param string $fullname + * @return bool + */ + public static function addFileFormat($fullname) + { + self::initialize_static_variables(); + + if (class_exists($fullname)) { + $meta = new \ReflectionClass($fullname); + $shortname = $meta->getShortName(); + self::$plugins[static::ALGORITHM]['Keys'][strtolower($shortname)] = $fullname; + if ($meta->hasConstant('IS_INVISIBLE')) { + self::$invisiblePlugins[static::ALGORITHM][] = strtolower($shortname); + } + } + } + + /** + * Returns the format of the loaded key. + * + * If the key that was loaded wasn't in a valid or if the key was auto-generated + * with RSA::createKey() then this will throw an exception. + * + * @see self::load() + * @return mixed + */ + public function getLoadedFormat() + { + if (empty($this->format)) { + throw new NoKeyLoadedException('This key was created with createKey - it was not loaded with load. Therefore there is no "loaded format"'); + } + + $meta = new \ReflectionClass($this->format); + return $meta->getShortName(); + } + + /** + * Returns the key's comment + * + * Not all key formats support comments. If you want to set a comment use toString() + * + * @return null|string + */ + public function getComment() + { + return $this->comment; + } + + /** + * Tests engine validity + * + */ + public static function useBestEngine() + { + static::$engines = [ + 'PHP' => true, + 'OpenSSL' => extension_loaded('openssl'), + // this test can be satisfied by either of the following: + // http://php.net/manual/en/book.sodium.php + // https://github.com/paragonie/sodium_compat + 'libsodium' => function_exists('sodium_crypto_sign_keypair') + ]; + + return static::$engines; + } + + /** + * Flag to use internal engine only (useful for unit testing) + * + */ + public static function useInternalEngine() + { + static::$engines = [ + 'PHP' => true, + 'OpenSSL' => false, + 'libsodium' => false + ]; + } + + /** + * __toString() magic method + * + * @return string + */ + public function __toString() + { + return $this->toString('PKCS8'); + } + + /** + * Determines which hashing function should be used + * + * @param string $hash + */ + public function withHash($hash) + { + $new = clone $this; + + $new->hash = new Hash($hash); + $new->hmac = new Hash($hash); + + return $new; + } + + /** + * Returns the hash algorithm currently being used + * + */ + public function getHash() + { + return clone $this->hash; + } + + /** + * Compute the pseudorandom k for signature generation, + * using the process specified for deterministic DSA. + * + * @param string $h1 + * @return string + */ + protected function computek($h1) + { + $v = str_repeat("\1", strlen($h1)); + + $k = str_repeat("\0", strlen($h1)); + + $x = $this->int2octets($this->x); + $h1 = $this->bits2octets($h1); + + $this->hmac->setKey($k); + $k = $this->hmac->hash($v . "\0" . $x . $h1); + $this->hmac->setKey($k); + $v = $this->hmac->hash($v); + $k = $this->hmac->hash($v . "\1" . $x . $h1); + $this->hmac->setKey($k); + $v = $this->hmac->hash($v); + + $qlen = $this->q->getLengthInBytes(); + + while (true) { + $t = ''; + while (strlen($t) < $qlen) { + $v = $this->hmac->hash($v); + $t = $t . $v; + } + $k = $this->bits2int($t); + + if (!$k->equals(self::$zero) && $k->compare($this->q) < 0) { + break; + } + $k = $this->hmac->hash($v . "\0"); + $this->hmac->setKey($k); + $v = $this->hmac->hash($v); + } + + return $k; + } + + /** + * Integer to Octet String + * + * @param \phpseclib3\Math\BigInteger $v + * @return string + */ + private function int2octets($v) + { + $out = $v->toBytes(); + $rolen = $this->q->getLengthInBytes(); + if (strlen($out) < $rolen) { + return str_pad($out, $rolen, "\0", STR_PAD_LEFT); + } elseif (strlen($out) > $rolen) { + return substr($out, -$rolen); + } else { + return $out; + } + } + + /** + * Bit String to Integer + * + * @param string $in + * @return \phpseclib3\Math\BigInteger + */ + protected function bits2int($in) + { + $v = new BigInteger($in, 256); + $vlen = strlen($in) << 3; + $qlen = $this->q->getLength(); + if ($vlen > $qlen) { + return $v->bitwise_rightShift($vlen - $qlen); + } + return $v; + } + + /** + * Bit String to Octet String + * + * @param string $in + * @return string + */ + private function bits2octets($in) + { + $z1 = $this->bits2int($in); + $z2 = $z1->subtract($this->q); + return $z2->compare(self::$zero) < 0 ? + $this->int2octets($z1) : + $this->int2octets($z2); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/BlockCipher.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/BlockCipher.php new file mode 100644 index 0000000..b2642be --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/BlockCipher.php @@ -0,0 +1,24 @@ + + * @author Hans-Juergen Petrich + * @copyright 2007 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\Common; + +/** + * Base Class for all block cipher classes + * + * @author Jim Wigginton + */ +abstract class BlockCipher extends SymmetricKey +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/JWK.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/JWK.php new file mode 100644 index 0000000..4c761b8 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/JWK.php @@ -0,0 +1,69 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\Common\Formats\Keys; + +use phpseclib3\Common\Functions\Strings; + +/** + * JSON Web Key Formatted Key Handler + * + * @author Jim Wigginton + */ +abstract class JWK +{ + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password + * @return array + */ + public static function load($key, $password = '') + { + if (!Strings::is_stringable($key)) { + throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); + } + + $key = preg_replace('#\s#', '', $key); // remove whitespace + + if (PHP_VERSION_ID >= 73000) { + $key = json_decode($key, null, 512, JSON_THROW_ON_ERROR); + } else { + $key = json_decode($key); + if (!$key) { + throw new \RuntimeException('Unable to decode JSON'); + } + } + + if (isset($key->kty)) { + return $key; + } + + if (count($key->keys) != 1) { + throw new \RuntimeException('Although the JWK key format supports multiple keys phpseclib does not'); + } + + return $key->keys[0]; + } + + /** + * Wrap a key appropriately + * + * @return string + */ + protected static function wrapKey(array $key, array $options) + { + return json_encode(['keys' => [$key + $options]]); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/OpenSSH.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/OpenSSH.php new file mode 100644 index 0000000..fe3d85b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/OpenSSH.php @@ -0,0 +1,220 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\Common\Formats\Keys; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\AES; +use phpseclib3\Crypt\Random; + +/** + * OpenSSH Formatted RSA Key Handler + * + * @author Jim Wigginton + */ +abstract class OpenSSH +{ + /** + * Default comment + * + * @var string + */ + protected static $comment = 'phpseclib-generated-key'; + + /** + * Binary key flag + * + * @var bool + */ + protected static $binary = false; + + /** + * Sets the default comment + * + * @param string $comment + */ + public static function setComment($comment) + { + self::$comment = str_replace(["\r", "\n"], '', $comment); + } + + /** + * Break a public or private key down into its constituent components + * + * $type can be either ssh-dss or ssh-rsa + * + * @param string $key + * @param string $password + * @return array + */ + public static function load($key, $password = '') + { + if (!Strings::is_stringable($key)) { + throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); + } + + // key format is described here: + // https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.key?annotate=HEAD + + if (strpos($key, 'BEGIN OPENSSH PRIVATE KEY') !== false) { + $key = preg_replace('#(?:^-.*?-[\r\n]*$)|\s#ms', '', $key); + $key = Strings::base64_decode($key); + $magic = Strings::shift($key, 15); + if ($magic != "openssh-key-v1\0") { + throw new \RuntimeException('Expected openssh-key-v1'); + } + list($ciphername, $kdfname, $kdfoptions, $numKeys) = Strings::unpackSSH2('sssN', $key); + if ($numKeys != 1) { + // if we wanted to support multiple keys we could update PublicKeyLoader to preview what the # of keys + // would be; it'd then call Common\Keys\OpenSSH.php::load() and get the paddedKey. it'd then pass + // that to the appropriate key loading parser $numKey times or something + throw new \RuntimeException('Although the OpenSSH private key format supports multiple keys phpseclib does not'); + } + switch ($ciphername) { + case 'none': + break; + case 'aes256-ctr': + if ($kdfname != 'bcrypt') { + throw new \RuntimeException('Only the bcrypt kdf is supported (' . $kdfname . ' encountered)'); + } + list($salt, $rounds) = Strings::unpackSSH2('sN', $kdfoptions); + $crypto = new AES('ctr'); + //$crypto->setKeyLength(256); + //$crypto->disablePadding(); + $crypto->setPassword($password, 'bcrypt', $salt, $rounds, 32); + break; + default: + throw new \RuntimeException('The only supported cipherse are: none, aes256-ctr (' . $ciphername . ' is being used)'); + } + + list($publicKey, $paddedKey) = Strings::unpackSSH2('ss', $key); + list($type) = Strings::unpackSSH2('s', $publicKey); + if (isset($crypto)) { + $paddedKey = $crypto->decrypt($paddedKey); + } + list($checkint1, $checkint2) = Strings::unpackSSH2('NN', $paddedKey); + // any leftover bytes in $paddedKey are for padding? but they should be sequential bytes. eg. 1, 2, 3, etc. + if ($checkint1 != $checkint2) { + throw new \RuntimeException('The two checkints do not match'); + } + self::checkType($type); + + return compact('type', 'publicKey', 'paddedKey'); + } + + $parts = explode(' ', $key, 3); + + if (!isset($parts[1])) { + $key = base64_decode($parts[0]); + $comment = false; + } else { + $asciiType = $parts[0]; + self::checkType($parts[0]); + $key = base64_decode($parts[1]); + $comment = isset($parts[2]) ? $parts[2] : false; + } + if ($key === false) { + throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); + } + + list($type) = Strings::unpackSSH2('s', $key); + self::checkType($type); + if (isset($asciiType) && $asciiType != $type) { + throw new \RuntimeException('Two different types of keys are claimed: ' . $asciiType . ' and ' . $type); + } + if (strlen($key) <= 4) { + throw new \UnexpectedValueException('Key appears to be malformed'); + } + + $publicKey = $key; + + return compact('type', 'publicKey', 'comment'); + } + + /** + * Toggle between binary and printable keys + * + * Printable keys are what are generated by default. These are the ones that go in + * $HOME/.ssh/authorized_key. + * + * @param bool $enabled + */ + public static function setBinaryOutput($enabled) + { + self::$binary = $enabled; + } + + /** + * Checks to see if the type is valid + * + * @param string $candidate + */ + private static function checkType($candidate) + { + if (!in_array($candidate, static::$types)) { + throw new \RuntimeException("The key type ($candidate) is not equal to: " . implode(',', static::$types)); + } + } + + /** + * Wrap a private key appropriately + * + * @param string $publicKey + * @param string $privateKey + * @param string $password + * @param array $options + * @return string + */ + protected static function wrapPrivateKey($publicKey, $privateKey, $password, $options) + { + list(, $checkint) = unpack('N', Random::string(4)); + + $comment = isset($options['comment']) ? $options['comment'] : self::$comment; + $paddedKey = Strings::packSSH2('NN', $checkint, $checkint) . + $privateKey . + Strings::packSSH2('s', $comment); + + $usesEncryption = !empty($password) && is_string($password); + + /* + from http://tools.ietf.org/html/rfc4253#section-6 : + + Note that the length of the concatenation of 'packet_length', + 'padding_length', 'payload', and 'random padding' MUST be a multiple + of the cipher block size or 8, whichever is larger. + */ + $blockSize = $usesEncryption ? 16 : 8; + $paddingLength = (($blockSize - 1) * strlen($paddedKey)) % $blockSize; + for ($i = 1; $i <= $paddingLength; $i++) { + $paddedKey .= chr($i); + } + if (!$usesEncryption) { + $key = Strings::packSSH2('sssNss', 'none', 'none', '', 1, $publicKey, $paddedKey); + } else { + $rounds = isset($options['rounds']) ? $options['rounds'] : 16; + $salt = Random::string(16); + $kdfoptions = Strings::packSSH2('sN', $salt, $rounds); + $crypto = new AES('ctr'); + $crypto->setPassword($password, 'bcrypt', $salt, $rounds, 32); + $paddedKey = $crypto->encrypt($paddedKey); + $key = Strings::packSSH2('sssNss', 'aes256-ctr', 'bcrypt', $kdfoptions, 1, $publicKey, $paddedKey); + } + $key = "openssh-key-v1\0$key"; + + return "-----BEGIN OPENSSH PRIVATE KEY-----\n" . + chunk_split(Strings::base64_encode($key), 70, "\n") . + "-----END OPENSSH PRIVATE KEY-----\n"; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS.php new file mode 100644 index 0000000..0219400 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS.php @@ -0,0 +1,72 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\Common\Formats\Keys; + +/** + * PKCS1 Formatted Key Handler + * + * @author Jim Wigginton + */ +abstract class PKCS +{ + /** + * Auto-detect the format + */ + const MODE_ANY = 0; + /** + * Require base64-encoded PEM's be supplied + */ + const MODE_PEM = 1; + /** + * Require raw DER's be supplied + */ + const MODE_DER = 2; + /**#@-*/ + + /** + * Is the key a base-64 encoded PEM, DER or should it be auto-detected? + * + * @var int + */ + protected static $format = self::MODE_ANY; + + /** + * Require base64-encoded PEM's be supplied + * + */ + public static function requirePEM() + { + self::$format = self::MODE_PEM; + } + + /** + * Require raw DER's be supplied + * + */ + public static function requireDER() + { + self::$format = self::MODE_DER; + } + + /** + * Accept any format and auto detect the format + * + * This is the default setting + * + */ + public static function requireAny() + { + self::$format = self::MODE_ANY; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS1.php new file mode 100644 index 0000000..4c639c0 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS1.php @@ -0,0 +1,209 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\Common\Formats\Keys; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\AES; +use phpseclib3\Crypt\DES; +use phpseclib3\Crypt\Random; +use phpseclib3\Crypt\TripleDES; +use phpseclib3\Exception\UnsupportedAlgorithmException; +use phpseclib3\File\ASN1; + +/** + * PKCS1 Formatted Key Handler + * + * @author Jim Wigginton + */ +abstract class PKCS1 extends PKCS +{ + /** + * Default encryption algorithm + * + * @var string + */ + private static $defaultEncryptionAlgorithm = 'AES-128-CBC'; + + /** + * Sets the default encryption algorithm + * + * @param string $algo + */ + public static function setEncryptionAlgorithm($algo) + { + self::$defaultEncryptionAlgorithm = $algo; + } + + /** + * Returns the mode constant corresponding to the mode string + * + * @param string $mode + * @return int + * @throws \UnexpectedValueException if the block cipher mode is unsupported + */ + private static function getEncryptionMode($mode) + { + switch ($mode) { + case 'CBC': + case 'ECB': + case 'CFB': + case 'OFB': + case 'CTR': + return $mode; + } + throw new \UnexpectedValueException('Unsupported block cipher mode of operation'); + } + + /** + * Returns a cipher object corresponding to a string + * + * @param string $algo + * @return string + * @throws \UnexpectedValueException if the encryption algorithm is unsupported + */ + private static function getEncryptionObject($algo) + { + $modes = '(CBC|ECB|CFB|OFB|CTR)'; + switch (true) { + case preg_match("#^AES-(128|192|256)-$modes$#", $algo, $matches): + $cipher = new AES(self::getEncryptionMode($matches[2])); + $cipher->setKeyLength($matches[1]); + return $cipher; + case preg_match("#^DES-EDE3-$modes$#", $algo, $matches): + return new TripleDES(self::getEncryptionMode($matches[1])); + case preg_match("#^DES-$modes$#", $algo, $matches): + return new DES(self::getEncryptionMode($matches[1])); + default: + throw new UnsupportedAlgorithmException($algo . ' is not a supported algorithm'); + } + } + + /** + * Generate a symmetric key for PKCS#1 keys + * + * @param string $password + * @param string $iv + * @param int $length + * @return string + */ + private static function generateSymmetricKey($password, $iv, $length) + { + $symkey = ''; + $iv = substr($iv, 0, 8); + while (strlen($symkey) < $length) { + $symkey .= md5($symkey . $password . $iv, true); + } + return substr($symkey, 0, $length); + } + + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password optional + * @return array + */ + protected static function load($key, $password) + { + if (!Strings::is_stringable($key)) { + throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); + } + + /* Although PKCS#1 proposes a format that public and private keys can use, encrypting them is + "outside the scope" of PKCS#1. PKCS#1 then refers you to PKCS#12 and PKCS#15 if you're wanting to + protect private keys, however, that's not what OpenSSL* does. OpenSSL protects private keys by adding + two new "fields" to the key - DEK-Info and Proc-Type. These fields are discussed here: + + http://tools.ietf.org/html/rfc1421#section-4.6.1.1 + http://tools.ietf.org/html/rfc1421#section-4.6.1.3 + + DES-EDE3-CBC as an algorithm, however, is not discussed anywhere, near as I can tell. + DES-CBC and DES-EDE are discussed in RFC1423, however, DES-EDE3-CBC isn't, nor is its key derivation + function. As is, the definitive authority on this encoding scheme isn't the IETF but rather OpenSSL's + own implementation. ie. the implementation *is* the standard and any bugs that may exist in that + implementation are part of the standard, as well. + + * OpenSSL is the de facto standard. It's utilized by OpenSSH and other projects */ + if (preg_match('#DEK-Info: (.+),(.+)#', $key, $matches)) { + $iv = Strings::hex2bin(trim($matches[2])); + // remove the Proc-Type / DEK-Info sections as they're no longer needed + $key = preg_replace('#^(?:Proc-Type|DEK-Info): .*#m', '', $key); + $ciphertext = ASN1::extractBER($key); + if ($ciphertext === false) { + $ciphertext = $key; + } + $crypto = self::getEncryptionObject($matches[1]); + $crypto->setKey(self::generateSymmetricKey($password, $iv, $crypto->getKeyLength() >> 3)); + $crypto->setIV($iv); + $key = $crypto->decrypt($ciphertext); + } else { + if (self::$format != self::MODE_DER) { + $decoded = ASN1::extractBER($key); + if ($decoded !== false) { + $key = $decoded; + } elseif (self::$format == self::MODE_PEM) { + throw new \UnexpectedValueException('Expected base64-encoded PEM format but was unable to decode base64 text'); + } + } + } + + return $key; + } + + /** + * Wrap a private key appropriately + * + * @param string $key + * @param string $type + * @param string $password + * @param array $options optional + * @return string + */ + protected static function wrapPrivateKey($key, $type, $password, array $options = []) + { + if (empty($password) || !is_string($password)) { + return "-----BEGIN $type PRIVATE KEY-----\r\n" . + chunk_split(Strings::base64_encode($key), 64) . + "-----END $type PRIVATE KEY-----"; + } + + $encryptionAlgorithm = isset($options['encryptionAlgorithm']) ? $options['encryptionAlgorithm'] : self::$defaultEncryptionAlgorithm; + + $cipher = self::getEncryptionObject($encryptionAlgorithm); + $iv = Random::string($cipher->getBlockLength() >> 3); + $cipher->setKey(self::generateSymmetricKey($password, $iv, $cipher->getKeyLength() >> 3)); + $cipher->setIV($iv); + $iv = strtoupper(Strings::bin2hex($iv)); + return "-----BEGIN $type PRIVATE KEY-----\r\n" . + "Proc-Type: 4,ENCRYPTED\r\n" . + "DEK-Info: " . $encryptionAlgorithm . ",$iv\r\n" . + "\r\n" . + chunk_split(Strings::base64_encode($cipher->encrypt($key)), 64) . + "-----END $type PRIVATE KEY-----"; + } + + /** + * Wrap a public key appropriately + * + * @param string $key + * @param string $type + * @return string + */ + protected static function wrapPublicKey($key, $type) + { + return "-----BEGIN $type PUBLIC KEY-----\r\n" . + chunk_split(Strings::base64_encode($key), 64) . + "-----END $type PUBLIC KEY-----"; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php new file mode 100644 index 0000000..7aa5548 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php @@ -0,0 +1,725 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\Common\Formats\Keys; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\AES; +use phpseclib3\Crypt\DES; +use phpseclib3\Crypt\Random; +use phpseclib3\Crypt\RC2; +use phpseclib3\Crypt\RC4; +use phpseclib3\Crypt\TripleDES; +use phpseclib3\Exception\InsufficientSetupException; +use phpseclib3\Exception\UnsupportedAlgorithmException; +use phpseclib3\File\ASN1; +use phpseclib3\File\ASN1\Maps; + +/** + * PKCS#8 Formatted Key Handler + * + * @author Jim Wigginton + */ +abstract class PKCS8 extends PKCS +{ + /** + * Default encryption algorithm + * + * @var string + */ + private static $defaultEncryptionAlgorithm = 'id-PBES2'; + + /** + * Default encryption scheme + * + * Only used when defaultEncryptionAlgorithm is id-PBES2 + * + * @var string + */ + private static $defaultEncryptionScheme = 'aes128-CBC-PAD'; + + /** + * Default PRF + * + * Only used when defaultEncryptionAlgorithm is id-PBES2 + * + * @var string + */ + private static $defaultPRF = 'id-hmacWithSHA256'; + + /** + * Default Iteration Count + * + * @var int + */ + private static $defaultIterationCount = 2048; + + /** + * OIDs loaded + * + * @var bool + */ + private static $oidsLoaded = false; + + /** + * Sets the default encryption algorithm + * + * @param string $algo + */ + public static function setEncryptionAlgorithm($algo) + { + self::$defaultEncryptionAlgorithm = $algo; + } + + /** + * Sets the default encryption algorithm for PBES2 + * + * @param string $algo + */ + public static function setEncryptionScheme($algo) + { + self::$defaultEncryptionScheme = $algo; + } + + /** + * Sets the iteration count + * + * @param int $count + */ + public static function setIterationCount($count) + { + self::$defaultIterationCount = $count; + } + + /** + * Sets the PRF for PBES2 + * + * @param string $algo + */ + public static function setPRF($algo) + { + self::$defaultPRF = $algo; + } + + /** + * Returns a SymmetricKey object based on a PBES1 $algo + * + * @return \phpseclib3\Crypt\Common\SymmetricKey + * @param string $algo + */ + private static function getPBES1EncryptionObject($algo) + { + $algo = preg_match('#^pbeWith(?:MD2|MD5|SHA1|SHA)And(.*?)-CBC$#', $algo, $matches) ? + $matches[1] : + substr($algo, 13); // strlen('pbeWithSHAAnd') == 13 + + switch ($algo) { + case 'DES': + $cipher = new DES('cbc'); + break; + case 'RC2': + $cipher = new RC2('cbc'); + $cipher->setKeyLength(64); + break; + case '3-KeyTripleDES': + $cipher = new TripleDES('cbc'); + break; + case '2-KeyTripleDES': + $cipher = new TripleDES('cbc'); + $cipher->setKeyLength(128); + break; + case '128BitRC2': + $cipher = new RC2('cbc'); + $cipher->setKeyLength(128); + break; + case '40BitRC2': + $cipher = new RC2('cbc'); + $cipher->setKeyLength(40); + break; + case '128BitRC4': + $cipher = new RC4(); + $cipher->setKeyLength(128); + break; + case '40BitRC4': + $cipher = new RC4(); + $cipher->setKeyLength(40); + break; + default: + throw new UnsupportedAlgorithmException("$algo is not a supported algorithm"); + } + + return $cipher; + } + + /** + * Returns a hash based on a PBES1 $algo + * + * @return string + * @param string $algo + */ + private static function getPBES1Hash($algo) + { + if (preg_match('#^pbeWith(MD2|MD5|SHA1|SHA)And.*?-CBC$#', $algo, $matches)) { + return $matches[1] == 'SHA' ? 'sha1' : $matches[1]; + } + + return 'sha1'; + } + + /** + * Returns a KDF baesd on a PBES1 $algo + * + * @return string + * @param string $algo + */ + private static function getPBES1KDF($algo) + { + switch ($algo) { + case 'pbeWithMD2AndDES-CBC': + case 'pbeWithMD2AndRC2-CBC': + case 'pbeWithMD5AndDES-CBC': + case 'pbeWithMD5AndRC2-CBC': + case 'pbeWithSHA1AndDES-CBC': + case 'pbeWithSHA1AndRC2-CBC': + return 'pbkdf1'; + } + + return 'pkcs12'; + } + + /** + * Returns a SymmetricKey object baesd on a PBES2 $algo + * + * @return SymmetricKey + * @param string $algo + */ + private static function getPBES2EncryptionObject($algo) + { + switch ($algo) { + case 'desCBC': + $cipher = new DES('cbc'); + break; + case 'des-EDE3-CBC': + $cipher = new TripleDES('cbc'); + break; + case 'rc2CBC': + $cipher = new RC2('cbc'); + // in theory this can be changed + $cipher->setKeyLength(128); + break; + case 'rc5-CBC-PAD': + throw new UnsupportedAlgorithmException('rc5-CBC-PAD is not supported for PBES2 PKCS#8 keys'); + case 'aes128-CBC-PAD': + case 'aes192-CBC-PAD': + case 'aes256-CBC-PAD': + $cipher = new AES('cbc'); + $cipher->setKeyLength(substr($algo, 3, 3)); + break; + default: + throw new UnsupportedAlgorithmException("$algo is not supported"); + } + + return $cipher; + } + + /** + * Initialize static variables + * + */ + private static function initialize_static_variables() + { + if (!isset(static::$childOIDsLoaded)) { + throw new InsufficientSetupException('This class should not be called directly'); + } + + if (!static::$childOIDsLoaded) { + ASN1::loadOIDs(is_array(static::OID_NAME) ? + array_combine(static::OID_NAME, static::OID_VALUE) : + [static::OID_NAME => static::OID_VALUE]); + static::$childOIDsLoaded = true; + } + if (!self::$oidsLoaded) { + // from https://tools.ietf.org/html/rfc2898 + ASN1::loadOIDs([ + // PBES1 encryption schemes + 'pbeWithMD2AndDES-CBC' => '1.2.840.113549.1.5.1', + 'pbeWithMD2AndRC2-CBC' => '1.2.840.113549.1.5.4', + 'pbeWithMD5AndDES-CBC' => '1.2.840.113549.1.5.3', + 'pbeWithMD5AndRC2-CBC' => '1.2.840.113549.1.5.6', + 'pbeWithSHA1AndDES-CBC' => '1.2.840.113549.1.5.10', + 'pbeWithSHA1AndRC2-CBC' => '1.2.840.113549.1.5.11', + + // from PKCS#12: + // https://tools.ietf.org/html/rfc7292 + 'pbeWithSHAAnd128BitRC4' => '1.2.840.113549.1.12.1.1', + 'pbeWithSHAAnd40BitRC4' => '1.2.840.113549.1.12.1.2', + 'pbeWithSHAAnd3-KeyTripleDES-CBC' => '1.2.840.113549.1.12.1.3', + 'pbeWithSHAAnd2-KeyTripleDES-CBC' => '1.2.840.113549.1.12.1.4', + 'pbeWithSHAAnd128BitRC2-CBC' => '1.2.840.113549.1.12.1.5', + 'pbeWithSHAAnd40BitRC2-CBC' => '1.2.840.113549.1.12.1.6', + + 'id-PBKDF2' => '1.2.840.113549.1.5.12', + 'id-PBES2' => '1.2.840.113549.1.5.13', + 'id-PBMAC1' => '1.2.840.113549.1.5.14', + + // from PKCS#5 v2.1: + // http://www.rsa.com/rsalabs/pkcs/files/h11302-wp-pkcs5v2-1-password-based-cryptography-standard.pdf + 'id-hmacWithSHA1' => '1.2.840.113549.2.7', + 'id-hmacWithSHA224' => '1.2.840.113549.2.8', + 'id-hmacWithSHA256' => '1.2.840.113549.2.9', + 'id-hmacWithSHA384' => '1.2.840.113549.2.10', + 'id-hmacWithSHA512' => '1.2.840.113549.2.11', + 'id-hmacWithSHA512-224' => '1.2.840.113549.2.12', + 'id-hmacWithSHA512-256' => '1.2.840.113549.2.13', + + 'desCBC' => '1.3.14.3.2.7', + 'des-EDE3-CBC' => '1.2.840.113549.3.7', + 'rc2CBC' => '1.2.840.113549.3.2', + 'rc5-CBC-PAD' => '1.2.840.113549.3.9', + + 'aes128-CBC-PAD' => '2.16.840.1.101.3.4.1.2', + 'aes192-CBC-PAD' => '2.16.840.1.101.3.4.1.22', + 'aes256-CBC-PAD' => '2.16.840.1.101.3.4.1.42' + ]); + self::$oidsLoaded = true; + } + } + + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password optional + * @return array + */ + protected static function load($key, $password = '') + { + if (!Strings::is_stringable($key)) { + throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); + } + + $isPublic = strpos($key, 'PUBLIC') !== false; + $isPrivate = strpos($key, 'PRIVATE') !== false; + + $decoded = self::preParse($key); + + $meta = []; + + $decrypted = ASN1::asn1map($decoded[0], Maps\EncryptedPrivateKeyInfo::MAP); + if (strlen($password) && is_array($decrypted)) { + $algorithm = $decrypted['encryptionAlgorithm']['algorithm']; + switch ($algorithm) { + // PBES1 + case 'pbeWithMD2AndDES-CBC': + case 'pbeWithMD2AndRC2-CBC': + case 'pbeWithMD5AndDES-CBC': + case 'pbeWithMD5AndRC2-CBC': + case 'pbeWithSHA1AndDES-CBC': + case 'pbeWithSHA1AndRC2-CBC': + case 'pbeWithSHAAnd3-KeyTripleDES-CBC': + case 'pbeWithSHAAnd2-KeyTripleDES-CBC': + case 'pbeWithSHAAnd128BitRC2-CBC': + case 'pbeWithSHAAnd40BitRC2-CBC': + case 'pbeWithSHAAnd128BitRC4': + case 'pbeWithSHAAnd40BitRC4': + $cipher = self::getPBES1EncryptionObject($algorithm); + $hash = self::getPBES1Hash($algorithm); + $kdf = self::getPBES1KDF($algorithm); + + $meta['meta']['algorithm'] = $algorithm; + + $temp = ASN1::decodeBER($decrypted['encryptionAlgorithm']['parameters']); + if (!$temp) { + throw new \RuntimeException('Unable to decode BER'); + } + extract(ASN1::asn1map($temp[0], Maps\PBEParameter::MAP)); + $iterationCount = (int) $iterationCount->toString(); + $cipher->setPassword($password, $kdf, $hash, $salt, $iterationCount); + $key = $cipher->decrypt($decrypted['encryptedData']); + $decoded = ASN1::decodeBER($key); + if (!$decoded) { + throw new \RuntimeException('Unable to decode BER 2'); + } + + break; + case 'id-PBES2': + $meta['meta']['algorithm'] = $algorithm; + + $temp = ASN1::decodeBER($decrypted['encryptionAlgorithm']['parameters']); + if (!$temp) { + throw new \RuntimeException('Unable to decode BER'); + } + $temp = ASN1::asn1map($temp[0], Maps\PBES2params::MAP); + extract($temp); + + $cipher = self::getPBES2EncryptionObject($encryptionScheme['algorithm']); + $meta['meta']['cipher'] = $encryptionScheme['algorithm']; + + $temp = ASN1::decodeBER($decrypted['encryptionAlgorithm']['parameters']); + if (!$temp) { + throw new \RuntimeException('Unable to decode BER'); + } + $temp = ASN1::asn1map($temp[0], Maps\PBES2params::MAP); + extract($temp); + + if (!$cipher instanceof RC2) { + $cipher->setIV($encryptionScheme['parameters']['octetString']); + } else { + $temp = ASN1::decodeBER($encryptionScheme['parameters']); + if (!$temp) { + throw new \RuntimeException('Unable to decode BER'); + } + extract(ASN1::asn1map($temp[0], Maps\RC2CBCParameter::MAP)); + $effectiveKeyLength = (int) $rc2ParametersVersion->toString(); + switch ($effectiveKeyLength) { + case 160: + $effectiveKeyLength = 40; + break; + case 120: + $effectiveKeyLength = 64; + break; + case 58: + $effectiveKeyLength = 128; + break; + //default: // should be >= 256 + } + $cipher->setIV($iv); + $cipher->setKeyLength($effectiveKeyLength); + } + + $meta['meta']['keyDerivationFunc'] = $keyDerivationFunc['algorithm']; + switch ($keyDerivationFunc['algorithm']) { + case 'id-PBKDF2': + $temp = ASN1::decodeBER($keyDerivationFunc['parameters']); + if (!$temp) { + throw new \RuntimeException('Unable to decode BER'); + } + $prf = ['algorithm' => 'id-hmacWithSHA1']; + $params = ASN1::asn1map($temp[0], Maps\PBKDF2params::MAP); + extract($params); + $meta['meta']['prf'] = $prf['algorithm']; + $hash = str_replace('-', '/', substr($prf['algorithm'], 11)); + $params = [ + $password, + 'pbkdf2', + $hash, + $salt, + (int) $iterationCount->toString() + ]; + if (isset($keyLength)) { + $params[] = (int) $keyLength->toString(); + } + $cipher->setPassword(...$params); + $key = $cipher->decrypt($decrypted['encryptedData']); + $decoded = ASN1::decodeBER($key); + if (!$decoded) { + throw new \RuntimeException('Unable to decode BER 3'); + } + break; + default: + throw new UnsupportedAlgorithmException('Only PBKDF2 is supported for PBES2 PKCS#8 keys'); + } + break; + case 'id-PBMAC1': + //$temp = ASN1::decodeBER($decrypted['encryptionAlgorithm']['parameters']); + //$value = ASN1::asn1map($temp[0], Maps\PBMAC1params::MAP); + // since i can't find any implementation that does PBMAC1 it is unsupported + throw new UnsupportedAlgorithmException('Only PBES1 and PBES2 PKCS#8 keys are supported.'); + // at this point we'll assume that the key conforms to PublicKeyInfo + } + } + + $private = ASN1::asn1map($decoded[0], Maps\OneAsymmetricKey::MAP); + if (is_array($private)) { + if ($isPublic) { + throw new \UnexpectedValueException('Human readable string claims public key but DER encoded string claims private key'); + } + + if (isset($private['privateKeyAlgorithm']['parameters']) && !$private['privateKeyAlgorithm']['parameters'] instanceof ASN1\Element && isset($decoded[0]['content'][1]['content'][1])) { + $temp = $decoded[0]['content'][1]['content'][1]; + $private['privateKeyAlgorithm']['parameters'] = new ASN1\Element(substr($key, $temp['start'], $temp['length'])); + } + if (is_array(static::OID_NAME)) { + if (!in_array($private['privateKeyAlgorithm']['algorithm'], static::OID_NAME)) { + throw new UnsupportedAlgorithmException($private['privateKeyAlgorithm']['algorithm'] . ' is not a supported key type'); + } + } else { + if ($private['privateKeyAlgorithm']['algorithm'] != static::OID_NAME) { + throw new UnsupportedAlgorithmException('Only ' . static::OID_NAME . ' keys are supported; this is a ' . $private['privateKeyAlgorithm']['algorithm'] . ' key'); + } + } + if (isset($private['publicKey'])) { + if ($private['publicKey'][0] != "\0") { + throw new \UnexpectedValueException('The first byte of the public key should be null - not ' . bin2hex($private['publicKey'][0])); + } + $private['publicKey'] = substr($private['publicKey'], 1); + } + return $private + $meta; + } + + // EncryptedPrivateKeyInfo and PublicKeyInfo have largely identical "signatures". the only difference + // is that the former has an octet string and the later has a bit string. the first byte of a bit + // string represents the number of bits in the last byte that are to be ignored but, currently, + // bit strings wanting a non-zero amount of bits trimmed are not supported + $public = ASN1::asn1map($decoded[0], Maps\PublicKeyInfo::MAP); + + if (is_array($public)) { + if ($isPrivate) { + throw new \UnexpectedValueException('Human readable string claims private key but DER encoded string claims public key'); + } + + if ($public['publicKey'][0] != "\0") { + throw new \UnexpectedValueException('The first byte of the public key should be null - not ' . bin2hex($public['publicKey'][0])); + } + if (is_array(static::OID_NAME)) { + if (!in_array($public['publicKeyAlgorithm']['algorithm'], static::OID_NAME)) { + throw new UnsupportedAlgorithmException($public['publicKeyAlgorithm']['algorithm'] . ' is not a supported key type'); + } + } else { + if ($public['publicKeyAlgorithm']['algorithm'] != static::OID_NAME) { + throw new UnsupportedAlgorithmException('Only ' . static::OID_NAME . ' keys are supported; this is a ' . $public['publicKeyAlgorithm']['algorithm'] . ' key'); + } + } + if (isset($public['publicKeyAlgorithm']['parameters']) && !$public['publicKeyAlgorithm']['parameters'] instanceof ASN1\Element && isset($decoded[0]['content'][0]['content'][1])) { + $temp = $decoded[0]['content'][0]['content'][1]; + $public['publicKeyAlgorithm']['parameters'] = new ASN1\Element(substr($key, $temp['start'], $temp['length'])); + } + $public['publicKey'] = substr($public['publicKey'], 1); + return $public; + } + + throw new \RuntimeException('Unable to parse using either OneAsymmetricKey or PublicKeyInfo ASN1 maps'); + } + + /** + * Wrap a private key appropriately + * + * @param string $key + * @param string $attr + * @param mixed $params + * @param string $password + * @param string $oid optional + * @param string $publicKey optional + * @param array $options optional + * @return string + */ + protected static function wrapPrivateKey($key, $attr, $params, $password, $oid = null, $publicKey = '', array $options = []) + { + self::initialize_static_variables(); + + $key = [ + 'version' => 'v1', + 'privateKeyAlgorithm' => [ + 'algorithm' => is_string(static::OID_NAME) ? static::OID_NAME : $oid + ], + 'privateKey' => $key + ]; + if ($oid != 'id-Ed25519' && $oid != 'id-Ed448') { + $key['privateKeyAlgorithm']['parameters'] = $params; + } + if (!empty($attr)) { + $key['attributes'] = $attr; + } + if (!empty($publicKey)) { + $key['version'] = 'v2'; + $key['publicKey'] = $publicKey; + } + $key = ASN1::encodeDER($key, Maps\OneAsymmetricKey::MAP); + if (!empty($password) && is_string($password)) { + $salt = Random::string(8); + + $iterationCount = isset($options['iterationCount']) ? $options['iterationCount'] : self::$defaultIterationCount; + $encryptionAlgorithm = isset($options['encryptionAlgorithm']) ? $options['encryptionAlgorithm'] : self::$defaultEncryptionAlgorithm; + $encryptionScheme = isset($options['encryptionScheme']) ? $options['encryptionScheme'] : self::$defaultEncryptionScheme; + $prf = isset($options['PRF']) ? $options['PRF'] : self::$defaultPRF; + + if ($encryptionAlgorithm == 'id-PBES2') { + $crypto = self::getPBES2EncryptionObject($encryptionScheme); + $hash = str_replace('-', '/', substr($prf, 11)); + $kdf = 'pbkdf2'; + $iv = Random::string($crypto->getBlockLength() >> 3); + + $PBKDF2params = [ + 'salt' => $salt, + 'iterationCount' => $iterationCount, + 'prf' => ['algorithm' => $prf, 'parameters' => null] + ]; + $PBKDF2params = ASN1::encodeDER($PBKDF2params, Maps\PBKDF2params::MAP); + + if (!$crypto instanceof RC2) { + $params = ['octetString' => $iv]; + } else { + $params = [ + 'rc2ParametersVersion' => 58, + 'iv' => $iv + ]; + $params = ASN1::encodeDER($params, Maps\RC2CBCParameter::MAP); + $params = new ASN1\Element($params); + } + + $params = [ + 'keyDerivationFunc' => [ + 'algorithm' => 'id-PBKDF2', + 'parameters' => new ASN1\Element($PBKDF2params) + ], + 'encryptionScheme' => [ + 'algorithm' => $encryptionScheme, + 'parameters' => $params + ] + ]; + $params = ASN1::encodeDER($params, Maps\PBES2params::MAP); + + $crypto->setIV($iv); + } else { + $crypto = self::getPBES1EncryptionObject($encryptionAlgorithm); + $hash = self::getPBES1Hash($encryptionAlgorithm); + $kdf = self::getPBES1KDF($encryptionAlgorithm); + + $params = [ + 'salt' => $salt, + 'iterationCount' => $iterationCount + ]; + $params = ASN1::encodeDER($params, Maps\PBEParameter::MAP); + } + $crypto->setPassword($password, $kdf, $hash, $salt, $iterationCount); + $key = $crypto->encrypt($key); + + $key = [ + 'encryptionAlgorithm' => [ + 'algorithm' => $encryptionAlgorithm, + 'parameters' => new ASN1\Element($params) + ], + 'encryptedData' => $key + ]; + + $key = ASN1::encodeDER($key, Maps\EncryptedPrivateKeyInfo::MAP); + + return "-----BEGIN ENCRYPTED PRIVATE KEY-----\r\n" . + chunk_split(Strings::base64_encode($key), 64) . + "-----END ENCRYPTED PRIVATE KEY-----"; + } + + return "-----BEGIN PRIVATE KEY-----\r\n" . + chunk_split(Strings::base64_encode($key), 64) . + "-----END PRIVATE KEY-----"; + } + + /** + * Wrap a public key appropriately + * + * @param string $key + * @param mixed $params + * @param string $oid + * @return string + */ + protected static function wrapPublicKey($key, $params, $oid = null) + { + self::initialize_static_variables(); + + $key = [ + 'publicKeyAlgorithm' => [ + 'algorithm' => is_string(static::OID_NAME) ? static::OID_NAME : $oid + ], + 'publicKey' => "\0" . $key + ]; + + if ($oid != 'id-Ed25519' && $oid != 'id-Ed448') { + $key['publicKeyAlgorithm']['parameters'] = $params; + } + + $key = ASN1::encodeDER($key, Maps\PublicKeyInfo::MAP); + + return "-----BEGIN PUBLIC KEY-----\r\n" . + chunk_split(Strings::base64_encode($key), 64) . + "-----END PUBLIC KEY-----"; + } + + /** + * Perform some preliminary parsing of the key + * + * @param string $key + * @return array + */ + private static function preParse(&$key) + { + self::initialize_static_variables(); + + if (self::$format != self::MODE_DER) { + $decoded = ASN1::extractBER($key); + if ($decoded !== false) { + $key = $decoded; + } elseif (self::$format == self::MODE_PEM) { + throw new \UnexpectedValueException('Expected base64-encoded PEM format but was unable to decode base64 text'); + } + } + + $decoded = ASN1::decodeBER($key); + if (!$decoded) { + throw new \RuntimeException('Unable to decode BER'); + } + + return $decoded; + } + + /** + * Returns the encryption parameters used by the key + * + * @param string $key + * @return array + */ + public static function extractEncryptionAlgorithm($key) + { + if (!Strings::is_stringable($key)) { + throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); + } + + $decoded = self::preParse($key); + + $r = ASN1::asn1map($decoded[0], ASN1\Maps\EncryptedPrivateKeyInfo::MAP); + if (!is_array($r)) { + throw new \RuntimeException('Unable to parse using EncryptedPrivateKeyInfo map'); + } + + if ($r['encryptionAlgorithm']['algorithm'] == 'id-PBES2') { + $decoded = ASN1::decodeBER($r['encryptionAlgorithm']['parameters']->element); + if (!$decoded) { + throw new \RuntimeException('Unable to decode BER'); + } + $r['encryptionAlgorithm']['parameters'] = ASN1::asn1map($decoded[0], ASN1\Maps\PBES2params::MAP); + + $kdf = &$r['encryptionAlgorithm']['parameters']['keyDerivationFunc']; + switch ($kdf['algorithm']) { + case 'id-PBKDF2': + $decoded = ASN1::decodeBER($kdf['parameters']->element); + if (!$decoded) { + throw new \RuntimeException('Unable to decode BER'); + } + $kdf['parameters'] = ASN1::asn1map($decoded[0], Maps\PBKDF2params::MAP); + } + } + + return $r['encryptionAlgorithm']; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PuTTY.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PuTTY.php new file mode 100644 index 0000000..85da83a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PuTTY.php @@ -0,0 +1,374 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\Common\Formats\Keys; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\AES; +use phpseclib3\Crypt\Hash; +use phpseclib3\Crypt\Random; +use phpseclib3\Exception\UnsupportedAlgorithmException; + +/** + * PuTTY Formatted Key Handler + * + * @author Jim Wigginton + */ +abstract class PuTTY +{ + /** + * Default comment + * + * @var string + */ + private static $comment = 'phpseclib-generated-key'; + + /** + * Default version + * + * @var int + */ + private static $version = 2; + + /** + * Sets the default comment + * + * @param string $comment + */ + public static function setComment($comment) + { + self::$comment = str_replace(["\r", "\n"], '', $comment); + } + + /** + * Sets the default version + * + * @param int $version + */ + public static function setVersion($version) + { + if ($version != 2 && $version != 3) { + throw new \RuntimeException('Only supported versions are 2 and 3'); + } + self::$version = $version; + } + + /** + * Generate a symmetric key for PuTTY v2 keys + * + * @param string $password + * @param int $length + * @return string + */ + private static function generateV2Key($password, $length) + { + $symkey = ''; + $sequence = 0; + while (strlen($symkey) < $length) { + $temp = pack('Na*', $sequence++, $password); + $symkey .= Strings::hex2bin(sha1($temp)); + } + return substr($symkey, 0, $length); + } + + /** + * Generate a symmetric key for PuTTY v3 keys + * + * @param string $password + * @param string $flavour + * @param int $memory + * @param int $passes + * @param string $salt + * @return array + */ + private static function generateV3Key($password, $flavour, $memory, $passes, $salt) + { + if (!function_exists('sodium_crypto_pwhash')) { + throw new \RuntimeException('sodium_crypto_pwhash needs to exist for Argon2 password hasing'); + } + + switch ($flavour) { + case 'Argon2i': + $flavour = SODIUM_CRYPTO_PWHASH_ALG_ARGON2I13; + break; + case 'Argon2id': + $flavour = SODIUM_CRYPTO_PWHASH_ALG_ARGON2ID13; + break; + default: + throw new UnsupportedAlgorithmException('Only Argon2i and Argon2id are supported'); + } + + $length = 80; // keylen + ivlen + mac_keylen + $temp = sodium_crypto_pwhash($length, $password, $salt, $passes, $memory << 10, $flavour); + + $symkey = substr($temp, 0, 32); + $symiv = substr($temp, 32, 16); + $hashkey = substr($temp, -32); + + return compact('symkey', 'symiv', 'hashkey'); + } + + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password + * @return array + */ + public static function load($key, $password) + { + if (!Strings::is_stringable($key)) { + throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); + } + + if (strpos($key, 'BEGIN SSH2 PUBLIC KEY') !== false) { + $lines = preg_split('#[\r\n]+#', $key); + switch (true) { + case $lines[0] != '---- BEGIN SSH2 PUBLIC KEY ----': + throw new \UnexpectedValueException('Key doesn\'t start with ---- BEGIN SSH2 PUBLIC KEY ----'); + case $lines[count($lines) - 1] != '---- END SSH2 PUBLIC KEY ----': + throw new \UnexpectedValueException('Key doesn\'t end with ---- END SSH2 PUBLIC KEY ----'); + } + $lines = array_splice($lines, 1, -1); + $lines = array_map(function ($line) { + return rtrim($line, "\r\n"); + }, $lines); + $data = $current = ''; + $values = []; + $in_value = false; + foreach ($lines as $line) { + switch (true) { + case preg_match('#^(.*?): (.*)#', $line, $match): + $in_value = $line[strlen($line) - 1] == '\\'; + $current = strtolower($match[1]); + $values[$current] = $in_value ? substr($match[2], 0, -1) : $match[2]; + break; + case $in_value: + $in_value = $line[strlen($line) - 1] == '\\'; + $values[$current] .= $in_value ? substr($line, 0, -1) : $line; + break; + default: + $data .= $line; + } + } + + $components = call_user_func([static::PUBLIC_HANDLER, 'load'], $data); + if ($components === false) { + throw new \UnexpectedValueException('Unable to decode public key'); + } + $components += $values; + $components['comment'] = str_replace(['\\\\', '\"'], ['\\', '"'], $values['comment']); + + return $components; + } + + $components = []; + + $key = preg_split('#\r\n|\r|\n#', trim($key)); + if (Strings::shift($key[0], strlen('PuTTY-User-Key-File-')) != 'PuTTY-User-Key-File-') { + return false; + } + $version = (int) Strings::shift($key[0], 3); // should be either "2: " or "3: 0" prior to int casting + if ($version != 2 && $version != 3) { + throw new \RuntimeException('Only v2 and v3 PuTTY private keys are supported'); + } + $components['type'] = $type = rtrim($key[0]); + if (!in_array($type, static::$types)) { + $error = count(static::$types) == 1 ? + 'Only ' . static::$types[0] . ' keys are supported. ' : + ''; + throw new UnsupportedAlgorithmException($error . 'This is an unsupported ' . $type . ' key'); + } + $encryption = trim(preg_replace('#Encryption: (.+)#', '$1', $key[1])); + $components['comment'] = trim(preg_replace('#Comment: (.+)#', '$1', $key[2])); + + $publicLength = trim(preg_replace('#Public-Lines: (\d+)#', '$1', $key[3])); + $public = Strings::base64_decode(implode('', array_map('trim', array_slice($key, 4, $publicLength)))); + + $source = Strings::packSSH2('ssss', $type, $encryption, $components['comment'], $public); + + extract(unpack('Nlength', Strings::shift($public, 4))); + $newtype = Strings::shift($public, $length); + if ($newtype != $type) { + throw new \RuntimeException('The binary type does not match the human readable type field'); + } + + $components['public'] = $public; + + switch ($version) { + case 3: + $hashkey = ''; + break; + case 2: + $hashkey = 'putty-private-key-file-mac-key'; + } + + $offset = $publicLength + 4; + switch ($encryption) { + case 'aes256-cbc': + $crypto = new AES('cbc'); + switch ($version) { + case 3: + $flavour = trim(preg_replace('#Key-Derivation: (.*)#', '$1', $key[$offset++])); + $memory = trim(preg_replace('#Argon2-Memory: (\d+)#', '$1', $key[$offset++])); + $passes = trim(preg_replace('#Argon2-Passes: (\d+)#', '$1', $key[$offset++])); + $parallelism = trim(preg_replace('#Argon2-Parallelism: (\d+)#', '$1', $key[$offset++])); + $salt = Strings::hex2bin(trim(preg_replace('#Argon2-Salt: ([0-9a-f]+)#', '$1', $key[$offset++]))); + + extract(self::generateV3Key($password, $flavour, $memory, $passes, $salt)); + + break; + case 2: + $symkey = self::generateV2Key($password, 32); + $symiv = str_repeat("\0", $crypto->getBlockLength() >> 3); + $hashkey .= $password; + } + } + + switch ($version) { + case 3: + $hash = new Hash('sha256'); + $hash->setKey($hashkey); + break; + case 2: + $hash = new Hash('sha1'); + $hash->setKey(sha1($hashkey, true)); + } + + $privateLength = trim(preg_replace('#Private-Lines: (\d+)#', '$1', $key[$offset++])); + $private = Strings::base64_decode(implode('', array_map('trim', array_slice($key, $offset, $privateLength)))); + + if ($encryption != 'none') { + $crypto->setKey($symkey); + $crypto->setIV($symiv); + $crypto->disablePadding(); + $private = $crypto->decrypt($private); + } + + $source .= Strings::packSSH2('s', $private); + + $hmac = trim(preg_replace('#Private-MAC: (.+)#', '$1', $key[$offset + $privateLength])); + $hmac = Strings::hex2bin($hmac); + + if (!hash_equals($hash->hash($source), $hmac)) { + throw new \UnexpectedValueException('MAC validation error'); + } + + $components['private'] = $private; + + return $components; + } + + /** + * Wrap a private key appropriately + * + * @param string $public + * @param string $private + * @param string $type + * @param string $password + * @param array $options optional + * @return string + */ + protected static function wrapPrivateKey($public, $private, $type, $password, array $options = []) + { + $encryption = (!empty($password) || is_string($password)) ? 'aes256-cbc' : 'none'; + $comment = isset($options['comment']) ? $options['comment'] : self::$comment; + $version = isset($options['version']) ? $options['version'] : self::$version; + + $key = "PuTTY-User-Key-File-$version: $type\r\n"; + $key .= "Encryption: $encryption\r\n"; + $key .= "Comment: $comment\r\n"; + + $public = Strings::packSSH2('s', $type) . $public; + + $source = Strings::packSSH2('ssss', $type, $encryption, $comment, $public); + + $public = Strings::base64_encode($public); + $key .= "Public-Lines: " . ((strlen($public) + 63) >> 6) . "\r\n"; + $key .= chunk_split($public, 64); + + if (empty($password) && !is_string($password)) { + $source .= Strings::packSSH2('s', $private); + switch ($version) { + case 3: + $hash = new Hash('sha256'); + $hash->setKey(''); + break; + case 2: + $hash = new Hash('sha1'); + $hash->setKey(sha1('putty-private-key-file-mac-key', true)); + } + } else { + $private .= Random::string(16 - (strlen($private) & 15)); + $source .= Strings::packSSH2('s', $private); + $crypto = new AES('cbc'); + + switch ($version) { + case 3: + $salt = Random::string(16); + $key .= "Key-Derivation: Argon2id\r\n"; + $key .= "Argon2-Memory: 8192\r\n"; + $key .= "Argon2-Passes: 13\r\n"; + $key .= "Argon2-Parallelism: 1\r\n"; + $key .= "Argon2-Salt: " . Strings::bin2hex($salt) . "\r\n"; + extract(self::generateV3Key($password, 'Argon2id', 8192, 13, $salt)); + + $hash = new Hash('sha256'); + $hash->setKey($hashkey); + + break; + case 2: + $symkey = self::generateV2Key($password, 32); + $symiv = str_repeat("\0", $crypto->getBlockLength() >> 3); + $hashkey = 'putty-private-key-file-mac-key' . $password; + + $hash = new Hash('sha1'); + $hash->setKey(sha1($hashkey, true)); + } + + $crypto->setKey($symkey); + $crypto->setIV($symiv); + $crypto->disablePadding(); + $private = $crypto->encrypt($private); + $mac = $hash->hash($source); + } + + $private = Strings::base64_encode($private); + $key .= 'Private-Lines: ' . ((strlen($private) + 63) >> 6) . "\r\n"; + $key .= chunk_split($private, 64); + $key .= 'Private-MAC: ' . Strings::bin2hex($hash->hash($source)) . "\r\n"; + + return $key; + } + + /** + * Wrap a public key appropriately + * + * This is basically the format described in RFC 4716 (https://tools.ietf.org/html/rfc4716) + * + * @param string $key + * @param string $type + * @return string + */ + protected static function wrapPublicKey($key, $type) + { + $key = pack('Na*a*', strlen($type), $type, $key); + $key = "---- BEGIN SSH2 PUBLIC KEY ----\r\n" . + 'Comment: "' . str_replace(['\\', '"'], ['\\\\', '\"'], self::$comment) . "\"\r\n" . + chunk_split(Strings::base64_encode($key), 64) . + '---- END SSH2 PUBLIC KEY ----'; + return $key; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Signature/Raw.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Signature/Raw.php new file mode 100644 index 0000000..ab8e7e4 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Signature/Raw.php @@ -0,0 +1,60 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\Common\Formats\Signature; + +use phpseclib3\Math\BigInteger; + +/** + * Raw Signature Handler + * + * @author Jim Wigginton + */ +abstract class Raw +{ + /** + * Loads a signature + * + * @param array $sig + * @return array|bool + */ + public static function load($sig) + { + switch (true) { + case !is_array($sig): + case !isset($sig['r']) || !isset($sig['s']): + case !$sig['r'] instanceof BigInteger: + case !$sig['s'] instanceof BigInteger: + return false; + } + + return [ + 'r' => $sig['r'], + 's' => $sig['s'] + ]; + } + + /** + * Returns a signature in the appropriate format + * + * @param \phpseclib3\Math\BigInteger $r + * @param \phpseclib3\Math\BigInteger $s + * @return string + */ + public static function save(BigInteger $r, BigInteger $s) + { + return compact('r', 's'); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/PrivateKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/PrivateKey.php new file mode 100644 index 0000000..a6e1eb0 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/PrivateKey.php @@ -0,0 +1,31 @@ + + * @copyright 2009 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\Common; + +/** + * PrivateKey interface + * + * @author Jim Wigginton + */ +interface PrivateKey +{ + public function sign($message); + //public function decrypt($ciphertext); + public function getPublicKey(); + public function toString($type, array $options = []); + + /** + * @param string|false $password + * @return mixed + */ + public function withPassword($password = false); +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/PublicKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/PublicKey.php new file mode 100644 index 0000000..48a5875 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/PublicKey.php @@ -0,0 +1,25 @@ + + * @copyright 2009 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\Common; + +/** + * PublicKey interface + * + * @author Jim Wigginton + */ +interface PublicKey +{ + public function verify($message, $signature); + //public function encrypt($plaintext); + public function toString($type, array $options = []); + public function getFingerprint($algorithm); +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/StreamCipher.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/StreamCipher.php new file mode 100644 index 0000000..0e2d6f0 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/StreamCipher.php @@ -0,0 +1,54 @@ + + * @author Hans-Juergen Petrich + * @copyright 2007 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\Common; + +/** + * Base Class for all stream cipher classes + * + * @author Jim Wigginton + */ +abstract class StreamCipher extends SymmetricKey +{ + /** + * Block Length of the cipher + * + * Stream ciphers do not have a block size + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::block_size + * @var int + */ + protected $block_size = 0; + + /** + * Default Constructor. + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() + * @return \phpseclib3\Crypt\Common\StreamCipher + */ + public function __construct() + { + parent::__construct('stream'); + } + + /** + * Stream ciphers not use an IV + * + * @return bool + */ + public function usesIV() + { + return false; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/SymmetricKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/SymmetricKey.php new file mode 100644 index 0000000..175508d --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/SymmetricKey.php @@ -0,0 +1,3398 @@ + + * @author Hans-Juergen Petrich + * @copyright 2007 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\Common; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\Blowfish; +use phpseclib3\Crypt\Hash; +use phpseclib3\Exception\BadDecryptionException; +use phpseclib3\Exception\BadModeException; +use phpseclib3\Exception\InconsistentSetupException; +use phpseclib3\Exception\InsufficientSetupException; +use phpseclib3\Exception\UnsupportedAlgorithmException; +use phpseclib3\Math\BigInteger; +use phpseclib3\Math\BinaryField; +use phpseclib3\Math\PrimeField; + +/** + * Base Class for all \phpseclib3\Crypt\* cipher classes + * + * @author Jim Wigginton + * @author Hans-Juergen Petrich + */ +abstract class SymmetricKey +{ + /** + * Encrypt / decrypt using the Counter mode. + * + * Set to -1 since that's what Crypt/Random.php uses to index the CTR mode. + * + * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 + * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() + * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() + */ + const MODE_CTR = -1; + /** + * Encrypt / decrypt using the Electronic Code Book mode. + * + * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 + * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() + * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() + */ + const MODE_ECB = 1; + /** + * Encrypt / decrypt using the Code Book Chaining mode. + * + * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 + * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() + * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() + */ + const MODE_CBC = 2; + /** + * Encrypt / decrypt using the Cipher Feedback mode. + * + * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 + * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() + * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() + */ + const MODE_CFB = 3; + /** + * Encrypt / decrypt using the Cipher Feedback mode (8bit) + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() + * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() + */ + const MODE_CFB8 = 7; + /** + * Encrypt / decrypt using the Output Feedback mode (8bit) + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() + * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() + */ + const MODE_OFB8 = 8; + /** + * Encrypt / decrypt using the Output Feedback mode. + * + * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 + * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() + * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() + */ + const MODE_OFB = 4; + /** + * Encrypt / decrypt using Galois/Counter mode. + * + * @link https://en.wikipedia.org/wiki/Galois/Counter_Mode + * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() + * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() + */ + const MODE_GCM = 5; + /** + * Encrypt / decrypt using streaming mode. + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() + * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() + */ + const MODE_STREAM = 6; + + /** + * Mode Map + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() + */ + const MODE_MAP = [ + 'ctr' => self::MODE_CTR, + 'ecb' => self::MODE_ECB, + 'cbc' => self::MODE_CBC, + 'cfb' => self::MODE_CFB, + 'cfb8' => self::MODE_CFB8, + 'ofb' => self::MODE_OFB, + 'ofb8' => self::MODE_OFB8, + 'gcm' => self::MODE_GCM, + 'stream' => self::MODE_STREAM + ]; + + /** + * Base value for the internal implementation $engine switch + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() + */ + const ENGINE_INTERNAL = 1; + /** + * Base value for the eval() implementation $engine switch + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() + */ + const ENGINE_EVAL = 2; + /** + * Base value for the mcrypt implementation $engine switch + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() + */ + const ENGINE_MCRYPT = 3; + /** + * Base value for the openssl implementation $engine switch + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() + */ + const ENGINE_OPENSSL = 4; + /** + * Base value for the libsodium implementation $engine switch + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() + */ + const ENGINE_LIBSODIUM = 5; + /** + * Base value for the openssl / gcm implementation $engine switch + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() + */ + const ENGINE_OPENSSL_GCM = 6; + + /** + * Engine Reverse Map + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::getEngine() + */ + const ENGINE_MAP = [ + self::ENGINE_INTERNAL => 'PHP', + self::ENGINE_EVAL => 'Eval', + self::ENGINE_MCRYPT => 'mcrypt', + self::ENGINE_OPENSSL => 'OpenSSL', + self::ENGINE_LIBSODIUM => 'libsodium', + self::ENGINE_OPENSSL_GCM => 'OpenSSL (GCM)' + ]; + + /** + * The Encryption Mode + * + * @see self::__construct() + * @var int + */ + protected $mode; + + /** + * The Block Length of the block cipher + * + * @var int + */ + protected $block_size = 16; + + /** + * The Key + * + * @see self::setKey() + * @var string + */ + protected $key = false; + + /** + * HMAC Key + * + * @see self::setupGCM() + * @var ?string + */ + protected $hKey = false; + + /** + * The Initialization Vector + * + * @see self::setIV() + * @var string + */ + protected $iv = false; + + /** + * A "sliding" Initialization Vector + * + * @see self::enableContinuousBuffer() + * @see self::clearBuffers() + * @var string + */ + protected $encryptIV; + + /** + * A "sliding" Initialization Vector + * + * @see self::enableContinuousBuffer() + * @see self::clearBuffers() + * @var string + */ + protected $decryptIV; + + /** + * Continuous Buffer status + * + * @see self::enableContinuousBuffer() + * @var bool + */ + protected $continuousBuffer = false; + + /** + * Encryption buffer for CTR, OFB and CFB modes + * + * @see self::encrypt() + * @see self::clearBuffers() + * @var array + */ + protected $enbuffer; + + /** + * Decryption buffer for CTR, OFB and CFB modes + * + * @see self::decrypt() + * @see self::clearBuffers() + * @var array + */ + protected $debuffer; + + /** + * mcrypt resource for encryption + * + * The mcrypt resource can be recreated every time something needs to be created or it can be created just once. + * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode. + * + * @see self::encrypt() + * @var resource + */ + private $enmcrypt; + + /** + * mcrypt resource for decryption + * + * The mcrypt resource can be recreated every time something needs to be created or it can be created just once. + * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode. + * + * @see self::decrypt() + * @var resource + */ + private $demcrypt; + + /** + * Does the enmcrypt resource need to be (re)initialized? + * + * @see \phpseclib3\Crypt\Twofish::setKey() + * @see \phpseclib3\Crypt\Twofish::setIV() + * @var bool + */ + private $enchanged = true; + + /** + * Does the demcrypt resource need to be (re)initialized? + * + * @see \phpseclib3\Crypt\Twofish::setKey() + * @see \phpseclib3\Crypt\Twofish::setIV() + * @var bool + */ + private $dechanged = true; + + /** + * mcrypt resource for CFB mode + * + * mcrypt's CFB mode, in (and only in) buffered context, + * is broken, so phpseclib implements the CFB mode by it self, + * even when the mcrypt php extension is available. + * + * In order to do the CFB-mode work (fast) phpseclib + * use a separate ECB-mode mcrypt resource. + * + * @link http://phpseclib.sourceforge.net/cfb-demo.phps + * @see self::encrypt() + * @see self::decrypt() + * @see self::setupMcrypt() + * @var resource + */ + private $ecb; + + /** + * Optimizing value while CFB-encrypting + * + * Only relevant if $continuousBuffer enabled + * and $engine == self::ENGINE_MCRYPT + * + * It's faster to re-init $enmcrypt if + * $buffer bytes > $cfb_init_len than + * using the $ecb resource furthermore. + * + * This value depends of the chosen cipher + * and the time it would be needed for it's + * initialization [by mcrypt_generic_init()] + * which, typically, depends on the complexity + * on its internaly Key-expanding algorithm. + * + * @see self::encrypt() + * @var int + */ + protected $cfb_init_len = 600; + + /** + * Does internal cipher state need to be (re)initialized? + * + * @see self::setKey() + * @see self::setIV() + * @see self::disableContinuousBuffer() + * @var bool + */ + protected $changed = true; + + /** + * Does Eval engie need to be (re)initialized? + * + * @see self::setup() + * @var bool + */ + protected $nonIVChanged = true; + + /** + * Padding status + * + * @see self::enablePadding() + * @var bool + */ + private $padding = true; + + /** + * Is the mode one that is paddable? + * + * @see self::__construct() + * @var bool + */ + private $paddable = false; + + /** + * Holds which crypt engine internaly should be use, + * which will be determined automatically on __construct() + * + * Currently available $engines are: + * - self::ENGINE_LIBSODIUM (very fast, php-extension: libsodium, extension_loaded('libsodium') required) + * - self::ENGINE_OPENSSL_GCM (very fast, php-extension: openssl, extension_loaded('openssl') required) + * - self::ENGINE_OPENSSL (very fast, php-extension: openssl, extension_loaded('openssl') required) + * - self::ENGINE_MCRYPT (fast, php-extension: mcrypt, extension_loaded('mcrypt') required) + * - self::ENGINE_EVAL (medium, pure php-engine, no php-extension required) + * - self::ENGINE_INTERNAL (slower, pure php-engine, no php-extension required) + * + * @see self::setEngine() + * @see self::encrypt() + * @see self::decrypt() + * @var int + */ + protected $engine; + + /** + * Holds the preferred crypt engine + * + * @see self::setEngine() + * @see self::setPreferredEngine() + * @var int + */ + private $preferredEngine; + + /** + * The mcrypt specific name of the cipher + * + * Only used if $engine == self::ENGINE_MCRYPT + * + * @link http://www.php.net/mcrypt_module_open + * @link http://www.php.net/mcrypt_list_algorithms + * @see self::setupMcrypt() + * @var string + */ + protected $cipher_name_mcrypt; + + /** + * The openssl specific name of the cipher + * + * Only used if $engine == self::ENGINE_OPENSSL + * + * @link http://www.php.net/openssl-get-cipher-methods + * @var string + */ + protected $cipher_name_openssl; + + /** + * The openssl specific name of the cipher in ECB mode + * + * If OpenSSL does not support the mode we're trying to use (CTR) + * it can still be emulated with ECB mode. + * + * @link http://www.php.net/openssl-get-cipher-methods + * @var string + */ + protected $cipher_name_openssl_ecb; + + /** + * The default salt used by setPassword() + * + * @see self::setPassword() + * @var string + */ + private $password_default_salt = 'phpseclib/salt'; + + /** + * The name of the performance-optimized callback function + * + * Used by encrypt() / decrypt() + * only if $engine == self::ENGINE_INTERNAL + * + * @see self::encrypt() + * @see self::decrypt() + * @see self::setupInlineCrypt() + * @var Callback + */ + protected $inline_crypt; + + /** + * If OpenSSL can be used in ECB but not in CTR we can emulate CTR + * + * @see self::openssl_ctr_process() + * @var bool + */ + private $openssl_emulate_ctr = false; + + /** + * Don't truncate / null pad key + * + * @see self::clearBuffers() + * @var bool + */ + private $skip_key_adjustment = false; + + /** + * Has the key length explicitly been set or should it be derived from the key, itself? + * + * @see self::setKeyLength() + * @var bool + */ + protected $explicit_key_length = false; + + /** + * Hash subkey for GHASH + * + * @see self::setupGCM() + * @see self::ghash() + * @var BinaryField\Integer + */ + private $h; + + /** + * Additional authenticated data + * + * @var string + */ + protected $aad = ''; + + /** + * Authentication Tag produced after a round of encryption + * + * @var string + */ + protected $newtag = false; + + /** + * Authentication Tag to be verified during decryption + * + * @var string + */ + protected $oldtag = false; + + /** + * GCM Binary Field + * + * @see self::__construct() + * @see self::ghash() + * @var BinaryField + */ + private static $gcmField; + + /** + * Poly1305 Prime Field + * + * @see self::enablePoly1305() + * @see self::poly1305() + * @var PrimeField + */ + private static $poly1305Field; + + /** + * Flag for using regular vs "safe" intval + * + * @see self::initialize_static_variables() + * @var boolean + */ + protected static $use_reg_intval; + + /** + * Poly1305 Key + * + * @see self::setPoly1305Key() + * @see self::poly1305() + * @var string + */ + protected $poly1305Key; + + /** + * Poly1305 Flag + * + * @see self::setPoly1305Key() + * @see self::enablePoly1305() + * @var boolean + */ + protected $usePoly1305 = false; + + /** + * The Original Initialization Vector + * + * GCM uses the nonce to build the IV but we want to be able to distinguish between nonce-derived + * IV's and user-set IV's + * + * @see self::setIV() + * @var string + */ + private $origIV = false; + + /** + * Nonce + * + * Only used with GCM. We could re-use setIV() but nonce's can be of a different length and + * toggling between GCM and other modes could be more complicated if we re-used setIV() + * + * @see self::setNonce() + * @var string + */ + protected $nonce = false; + + /** + * Default Constructor. + * + * $mode could be: + * + * - ecb + * + * - cbc + * + * - ctr + * + * - cfb + * + * - cfb8 + * + * - ofb + * + * - ofb8 + * + * - gcm + * + * @param string $mode + * @throws BadModeException if an invalid / unsupported mode is provided + */ + public function __construct($mode) + { + $mode = strtolower($mode); + // necessary because of 5.6 compatibility; we can't do isset(self::MODE_MAP[$mode]) in 5.6 + $map = self::MODE_MAP; + if (!isset($map[$mode])) { + throw new BadModeException('No valid mode has been specified'); + } + + $mode = self::MODE_MAP[$mode]; + + // $mode dependent settings + switch ($mode) { + case self::MODE_ECB: + case self::MODE_CBC: + $this->paddable = true; + break; + case self::MODE_CTR: + case self::MODE_CFB: + case self::MODE_CFB8: + case self::MODE_OFB: + case self::MODE_OFB8: + case self::MODE_STREAM: + $this->paddable = false; + break; + case self::MODE_GCM: + if ($this->block_size != 16) { + throw new BadModeException('GCM is only valid for block ciphers with a block size of 128 bits'); + } + if (!isset(self::$gcmField)) { + self::$gcmField = new BinaryField(128, 7, 2, 1, 0); + } + $this->paddable = false; + break; + default: + throw new BadModeException('No valid mode has been specified'); + } + + $this->mode = $mode; + + static::initialize_static_variables(); + } + + /** + * Initialize static variables + */ + protected static function initialize_static_variables() + { + if (!isset(self::$use_reg_intval)) { + switch (true) { + // PHP_OS & "\xDF\xDF\xDF" == strtoupper(substr(PHP_OS, 0, 3)), but a lot faster + case (PHP_OS & "\xDF\xDF\xDF") === 'WIN': + case !function_exists('php_uname'): + case !is_string(php_uname('m')): + case (php_uname('m') & "\xDF\xDF\xDF") != 'ARM': + case defined('PHP_INT_SIZE') && PHP_INT_SIZE == 8: + self::$use_reg_intval = true; + break; + case (php_uname('m') & "\xDF\xDF\xDF") == 'ARM': + switch (true) { + /* PHP 7.0.0 introduced a bug that affected 32-bit ARM processors: + + https://github.com/php/php-src/commit/716da71446ebbd40fa6cf2cea8a4b70f504cc3cd + + altho the changelogs make no mention of it, this bug was fixed with this commit: + + https://github.com/php/php-src/commit/c1729272b17a1fe893d1a54e423d3b71470f3ee8 + + affected versions of PHP are: 7.0.x, 7.1.0 - 7.1.23 and 7.2.0 - 7.2.11 */ + case PHP_VERSION_ID >= 70000 && PHP_VERSION_ID <= 70123: + case PHP_VERSION_ID >= 70200 && PHP_VERSION_ID <= 70211: + self::$use_reg_intval = false; + break; + default: + self::$use_reg_intval = true; + } + } + } + } + + /** + * Sets the initialization vector. + * + * setIV() is not required when ecb or gcm modes are being used. + * + * {@internal Can be overwritten by a sub class, but does not have to be} + * + * @param string $iv + * @throws \LengthException if the IV length isn't equal to the block size + * @throws \BadMethodCallException if an IV is provided when one shouldn't be + */ + public function setIV($iv) + { + if ($this->mode == self::MODE_ECB) { + throw new \BadMethodCallException('This mode does not require an IV.'); + } + + if ($this->mode == self::MODE_GCM) { + throw new \BadMethodCallException('Use setNonce instead'); + } + + if (!$this->usesIV()) { + throw new \BadMethodCallException('This algorithm does not use an IV.'); + } + + if (strlen($iv) != $this->block_size) { + throw new \LengthException('Received initialization vector of size ' . strlen($iv) . ', but size ' . $this->block_size . ' is required'); + } + + $this->iv = $this->origIV = $iv; + $this->changed = true; + } + + /** + * Enables Poly1305 mode. + * + * Once enabled Poly1305 cannot be disabled. + * + * @throws \BadMethodCallException if Poly1305 is enabled whilst in GCM mode + */ + public function enablePoly1305() + { + if ($this->mode == self::MODE_GCM) { + throw new \BadMethodCallException('Poly1305 cannot be used in GCM mode'); + } + + $this->usePoly1305 = true; + } + + /** + * Enables Poly1305 mode. + * + * Once enabled Poly1305 cannot be disabled. If $key is not passed then an attempt to call createPoly1305Key + * will be made. + * + * @param string $key optional + * @throws \LengthException if the key isn't long enough + * @throws \BadMethodCallException if Poly1305 is enabled whilst in GCM mode + */ + public function setPoly1305Key($key = null) + { + if ($this->mode == self::MODE_GCM) { + throw new \BadMethodCallException('Poly1305 cannot be used in GCM mode'); + } + + if (!is_string($key) || strlen($key) != 32) { + throw new \LengthException('The Poly1305 key must be 32 bytes long (256 bits)'); + } + + if (!isset(self::$poly1305Field)) { + // 2^130-5 + self::$poly1305Field = new PrimeField(new BigInteger('3fffffffffffffffffffffffffffffffb', 16)); + } + + $this->poly1305Key = $key; + $this->usePoly1305 = true; + } + + /** + * Sets the nonce. + * + * setNonce() is only required when gcm is used + * + * @param string $nonce + * @throws \BadMethodCallException if an nonce is provided when one shouldn't be + */ + public function setNonce($nonce) + { + if ($this->mode != self::MODE_GCM) { + throw new \BadMethodCallException('Nonces are only used in GCM mode.'); + } + + $this->nonce = $nonce; + $this->setEngine(); + } + + /** + * Sets additional authenticated data + * + * setAAD() is only used by gcm or in poly1305 mode + * + * @param string $aad + * @throws \BadMethodCallException if mode isn't GCM or if poly1305 isn't being utilized + */ + public function setAAD($aad) + { + if ($this->mode != self::MODE_GCM && !$this->usePoly1305) { + throw new \BadMethodCallException('Additional authenticated data is only utilized in GCM mode or with Poly1305'); + } + + $this->aad = $aad; + } + + /** + * Returns whether or not the algorithm uses an IV + * + * @return bool + */ + public function usesIV() + { + return $this->mode != self::MODE_GCM && $this->mode != self::MODE_ECB; + } + + /** + * Returns whether or not the algorithm uses a nonce + * + * @return bool + */ + public function usesNonce() + { + return $this->mode == self::MODE_GCM; + } + + /** + * Returns the current key length in bits + * + * @return int + */ + public function getKeyLength() + { + return $this->key_length << 3; + } + + /** + * Returns the current block length in bits + * + * @return int + */ + public function getBlockLength() + { + return $this->block_size << 3; + } + + /** + * Returns the current block length in bytes + * + * @return int + */ + public function getBlockLengthInBytes() + { + return $this->block_size; + } + + /** + * Sets the key length. + * + * Keys with explicitly set lengths need to be treated accordingly + * + * @param int $length + */ + public function setKeyLength($length) + { + $this->explicit_key_length = $length >> 3; + + if (is_string($this->key) && strlen($this->key) != $this->explicit_key_length) { + $this->key = false; + throw new InconsistentSetupException('Key has already been set and is not ' . $this->explicit_key_length . ' bytes long'); + } + } + + /** + * Sets the key. + * + * The min/max length(s) of the key depends on the cipher which is used. + * If the key not fits the length(s) of the cipher it will paded with null bytes + * up to the closest valid key length. If the key is more than max length, + * we trim the excess bits. + * + * If the key is not explicitly set, it'll be assumed to be all null bytes. + * + * {@internal Could, but not must, extend by the child Crypt_* class} + * + * @param string $key + */ + public function setKey($key) + { + if ($this->explicit_key_length !== false && strlen($key) != $this->explicit_key_length) { + throw new InconsistentSetupException('Key length has already been set to ' . $this->explicit_key_length . ' bytes and this key is ' . strlen($key) . ' bytes'); + } + + $this->key = $key; + $this->key_length = strlen($key); + $this->setEngine(); + } + + /** + * Sets the password. + * + * Depending on what $method is set to, setPassword()'s (optional) parameters are as follows: + * {@link http://en.wikipedia.org/wiki/PBKDF2 pbkdf2} or pbkdf1: + * $hash, $salt, $count, $dkLen + * + * Where $hash (default = sha1) currently supports the following hashes: see: Crypt/Hash.php + * {@link https://en.wikipedia.org/wiki/Bcrypt bcypt}: + * $salt, $rounds, $keylen + * + * This is a modified version of bcrypt used by OpenSSH. + * + * {@internal Could, but not must, extend by the child Crypt_* class} + * + * @see Crypt/Hash.php + * @param string $password + * @param string $method + * @param int|string ...$func_args + * @throws \LengthException if pbkdf1 is being used and the derived key length exceeds the hash length + * @throws \RuntimeException if bcrypt is being used and a salt isn't provided + * @return bool + */ + public function setPassword($password, $method = 'pbkdf2', ...$func_args) + { + $key = ''; + + $method = strtolower($method); + switch ($method) { + case 'bcrypt': + if (!isset($func_args[2])) { + throw new \RuntimeException('A salt must be provided for bcrypt to work'); + } + + $salt = $func_args[0]; + + $rounds = isset($func_args[1]) ? $func_args[1] : 16; + $keylen = isset($func_args[2]) ? $func_args[2] : $this->key_length; + + $key = Blowfish::bcrypt_pbkdf($password, $salt, $keylen + $this->block_size, $rounds); + + $this->setKey(substr($key, 0, $keylen)); + $this->setIV(substr($key, $keylen)); + + return true; + case 'pkcs12': // from https://tools.ietf.org/html/rfc7292#appendix-B.2 + case 'pbkdf1': + case 'pbkdf2': + // Hash function + $hash = isset($func_args[0]) ? strtolower($func_args[0]) : 'sha1'; + $hashObj = new Hash(); + $hashObj->setHash($hash); + + // WPA and WPA2 use the SSID as the salt + $salt = isset($func_args[1]) ? $func_args[1] : $this->password_default_salt; + + // RFC2898#section-4.2 uses 1,000 iterations by default + // WPA and WPA2 use 4,096. + $count = isset($func_args[2]) ? $func_args[2] : 1000; + + // Keylength + if (isset($func_args[3])) { + if ($func_args[3] <= 0) { + throw new \LengthException('Derived key length cannot be longer 0 or less'); + } + $dkLen = $func_args[3]; + } else { + $key_length = $this->explicit_key_length !== false ? $this->explicit_key_length : $this->key_length; + $dkLen = $method == 'pbkdf1' ? 2 * $key_length : $key_length; + } + + switch (true) { + case $method == 'pkcs12': + /* + In this specification, however, all passwords are created from + BMPStrings with a NULL terminator. This means that each character in + the original BMPString is encoded in 2 bytes in big-endian format + (most-significant byte first). There are no Unicode byte order + marks. The 2 bytes produced from the last character in the BMPString + are followed by 2 additional bytes with the value 0x00. + + -- https://tools.ietf.org/html/rfc7292#appendix-B.1 + */ + $password = "\0" . chunk_split($password, 1, "\0") . "\0"; + + /* + This standard specifies 3 different values for the ID byte mentioned + above: + + 1. If ID=1, then the pseudorandom bits being produced are to be used + as key material for performing encryption or decryption. + + 2. If ID=2, then the pseudorandom bits being produced are to be used + as an IV (Initial Value) for encryption or decryption. + + 3. If ID=3, then the pseudorandom bits being produced are to be used + as an integrity key for MACing. + */ + // Construct a string, D (the "diversifier"), by concatenating v/8 + // copies of ID. + $blockLength = $hashObj->getBlockLengthInBytes(); + $d1 = str_repeat(chr(1), $blockLength); + $d2 = str_repeat(chr(2), $blockLength); + $s = ''; + if (strlen($salt)) { + while (strlen($s) < $blockLength) { + $s .= $salt; + } + } + $s = substr($s, 0, $blockLength); + + $p = ''; + if (strlen($password)) { + while (strlen($p) < $blockLength) { + $p .= $password; + } + } + $p = substr($p, 0, $blockLength); + + $i = $s . $p; + + $this->setKey(self::pkcs12helper($dkLen, $hashObj, $i, $d1, $count)); + if ($this->usesIV()) { + $this->setIV(self::pkcs12helper($this->block_size, $hashObj, $i, $d2, $count)); + } + + return true; + case $method == 'pbkdf1': + if ($dkLen > $hashObj->getLengthInBytes()) { + throw new \LengthException('Derived key length cannot be longer than the hash length'); + } + $t = $password . $salt; + for ($i = 0; $i < $count; ++$i) { + $t = $hashObj->hash($t); + } + $key = substr($t, 0, $dkLen); + + $this->setKey(substr($key, 0, $dkLen >> 1)); + if ($this->usesIV()) { + $this->setIV(substr($key, $dkLen >> 1)); + } + + return true; + case !in_array($hash, hash_algos()): + $i = 1; + $hashObj->setKey($password); + while (strlen($key) < $dkLen) { + $f = $u = $hashObj->hash($salt . pack('N', $i++)); + for ($j = 2; $j <= $count; ++$j) { + $u = $hashObj->hash($u); + $f ^= $u; + } + $key .= $f; + } + $key = substr($key, 0, $dkLen); + break; + default: + $key = hash_pbkdf2($hash, $password, $salt, $count, $dkLen, true); + } + break; + default: + throw new UnsupportedAlgorithmException($method . ' is not a supported password hashing method'); + } + + $this->setKey($key); + + return true; + } + + /** + * PKCS#12 KDF Helper Function + * + * As discussed here: + * + * {@link https://tools.ietf.org/html/rfc7292#appendix-B} + * + * @see self::setPassword() + * @param int $n + * @param \phpseclib3\Crypt\Hash $hashObj + * @param string $i + * @param string $d + * @param int $count + * @return string $a + */ + private static function pkcs12helper($n, $hashObj, $i, $d, $count) + { + static $one; + if (!isset($one)) { + $one = new BigInteger(1); + } + + $blockLength = $hashObj->getBlockLength() >> 3; + + $c = ceil($n / $hashObj->getLengthInBytes()); + $a = ''; + for ($j = 1; $j <= $c; $j++) { + $ai = $d . $i; + for ($k = 0; $k < $count; $k++) { + $ai = $hashObj->hash($ai); + } + $b = ''; + while (strlen($b) < $blockLength) { + $b .= $ai; + } + $b = substr($b, 0, $blockLength); + $b = new BigInteger($b, 256); + $newi = ''; + for ($k = 0; $k < strlen($i); $k += $blockLength) { + $temp = substr($i, $k, $blockLength); + $temp = new BigInteger($temp, 256); + $temp->setPrecision($blockLength << 3); + $temp = $temp->add($b); + $temp = $temp->add($one); + $newi .= $temp->toBytes(false); + } + $i = $newi; + $a .= $ai; + } + + return substr($a, 0, $n); + } + + /** + * Encrypts a message. + * + * $plaintext will be padded with additional bytes such that it's length is a multiple of the block size. Other cipher + * implementations may or may not pad in the same manner. Other common approaches to padding and the reasons why it's + * necessary are discussed in the following + * URL: + * + * {@link http://www.di-mgt.com.au/cryptopad.html http://www.di-mgt.com.au/cryptopad.html} + * + * An alternative to padding is to, separately, send the length of the file. This is what SSH, in fact, does. + * strlen($plaintext) will still need to be a multiple of the block size, however, arbitrary values can be added to make it that + * length. + * + * {@internal Could, but not must, extend by the child Crypt_* class} + * + * @see self::decrypt() + * @param string $plaintext + * @return string $ciphertext + */ + public function encrypt($plaintext) + { + if ($this->paddable) { + $plaintext = $this->pad($plaintext); + } + + $this->setup(); + + if ($this->mode == self::MODE_GCM) { + $oldIV = $this->iv; + Strings::increment_str($this->iv); + $cipher = new static('ctr'); + $cipher->setKey($this->key); + $cipher->setIV($this->iv); + $ciphertext = $cipher->encrypt($plaintext); + + $s = $this->ghash( + self::nullPad128($this->aad) . + self::nullPad128($ciphertext) . + self::len64($this->aad) . + self::len64($ciphertext) + ); + $cipher->encryptIV = $this->iv = $this->encryptIV = $this->decryptIV = $oldIV; + $this->newtag = $cipher->encrypt($s); + return $ciphertext; + } + + if (isset($this->poly1305Key)) { + $cipher = clone $this; + unset($cipher->poly1305Key); + $this->usePoly1305 = false; + $ciphertext = $cipher->encrypt($plaintext); + $this->newtag = $this->poly1305($ciphertext); + return $ciphertext; + } + + if ($this->engine === self::ENGINE_OPENSSL) { + switch ($this->mode) { + case self::MODE_STREAM: + return openssl_encrypt($plaintext, $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING); + case self::MODE_ECB: + return openssl_encrypt($plaintext, $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING); + case self::MODE_CBC: + $result = openssl_encrypt($plaintext, $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $this->encryptIV); + if ($this->continuousBuffer) { + $this->encryptIV = substr($result, -$this->block_size); + } + return $result; + case self::MODE_CTR: + return $this->openssl_ctr_process($plaintext, $this->encryptIV, $this->enbuffer); + case self::MODE_CFB: + // cfb loosely routines inspired by openssl's: + // {@link http://cvs.openssl.org/fileview?f=openssl/crypto/modes/cfb128.c&v=1.3.2.2.2.1} + $ciphertext = ''; + if ($this->continuousBuffer) { + $iv = &$this->encryptIV; + $pos = &$this->enbuffer['pos']; + } else { + $iv = $this->encryptIV; + $pos = 0; + } + $len = strlen($plaintext); + $i = 0; + if ($pos) { + $orig_pos = $pos; + $max = $this->block_size - $pos; + if ($len >= $max) { + $i = $max; + $len -= $max; + $pos = 0; + } else { + $i = $len; + $pos += $len; + $len = 0; + } + // ie. $i = min($max, $len), $len-= $i, $pos+= $i, $pos%= $blocksize + $ciphertext = substr($iv, $orig_pos) ^ $plaintext; + $iv = substr_replace($iv, $ciphertext, $orig_pos, $i); + $plaintext = substr($plaintext, $i); + } + + $overflow = $len % $this->block_size; + + if ($overflow) { + $ciphertext .= openssl_encrypt(substr($plaintext, 0, -$overflow) . str_repeat("\0", $this->block_size), $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $iv); + $iv = Strings::pop($ciphertext, $this->block_size); + + $size = $len - $overflow; + $block = $iv ^ substr($plaintext, -$overflow); + $iv = substr_replace($iv, $block, 0, $overflow); + $ciphertext .= $block; + $pos = $overflow; + } elseif ($len) { + $ciphertext = openssl_encrypt($plaintext, $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $iv); + $iv = substr($ciphertext, -$this->block_size); + } + + return $ciphertext; + case self::MODE_CFB8: + $ciphertext = openssl_encrypt($plaintext, $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $this->encryptIV); + if ($this->continuousBuffer) { + if (($len = strlen($ciphertext)) >= $this->block_size) { + $this->encryptIV = substr($ciphertext, -$this->block_size); + } else { + $this->encryptIV = substr($this->encryptIV, $len - $this->block_size) . substr($ciphertext, -$len); + } + } + return $ciphertext; + case self::MODE_OFB8: + $ciphertext = ''; + $len = strlen($plaintext); + $iv = $this->encryptIV; + + for ($i = 0; $i < $len; ++$i) { + $xor = openssl_encrypt($iv, $this->cipher_name_openssl_ecb, $this->key, $this->openssl_options, $this->decryptIV); + $ciphertext .= $plaintext[$i] ^ $xor; + $iv = substr($iv, 1) . $xor[0]; + } + + if ($this->continuousBuffer) { + $this->encryptIV = $iv; + } + break; + case self::MODE_OFB: + return $this->openssl_ofb_process($plaintext, $this->encryptIV, $this->enbuffer); + } + } + + if ($this->engine === self::ENGINE_MCRYPT) { + set_error_handler(function () { + }); + if ($this->enchanged) { + mcrypt_generic_init($this->enmcrypt, $this->key, $this->getIV($this->encryptIV)); + $this->enchanged = false; + } + + // re: {@link http://phpseclib.sourceforge.net/cfb-demo.phps} + // using mcrypt's default handing of CFB the above would output two different things. using phpseclib's + // rewritten CFB implementation the above outputs the same thing twice. + if ($this->mode == self::MODE_CFB && $this->continuousBuffer) { + $block_size = $this->block_size; + $iv = &$this->encryptIV; + $pos = &$this->enbuffer['pos']; + $len = strlen($plaintext); + $ciphertext = ''; + $i = 0; + if ($pos) { + $orig_pos = $pos; + $max = $block_size - $pos; + if ($len >= $max) { + $i = $max; + $len -= $max; + $pos = 0; + } else { + $i = $len; + $pos += $len; + $len = 0; + } + $ciphertext = substr($iv, $orig_pos) ^ $plaintext; + $iv = substr_replace($iv, $ciphertext, $orig_pos, $i); + $this->enbuffer['enmcrypt_init'] = true; + } + if ($len >= $block_size) { + if ($this->enbuffer['enmcrypt_init'] === false || $len > $this->cfb_init_len) { + if ($this->enbuffer['enmcrypt_init'] === true) { + mcrypt_generic_init($this->enmcrypt, $this->key, $iv); + $this->enbuffer['enmcrypt_init'] = false; + } + $ciphertext .= mcrypt_generic($this->enmcrypt, substr($plaintext, $i, $len - $len % $block_size)); + $iv = substr($ciphertext, -$block_size); + $len %= $block_size; + } else { + while ($len >= $block_size) { + $iv = mcrypt_generic($this->ecb, $iv) ^ substr($plaintext, $i, $block_size); + $ciphertext .= $iv; + $len -= $block_size; + $i += $block_size; + } + } + } + + if ($len) { + $iv = mcrypt_generic($this->ecb, $iv); + $block = $iv ^ substr($plaintext, -$len); + $iv = substr_replace($iv, $block, 0, $len); + $ciphertext .= $block; + $pos = $len; + } + + restore_error_handler(); + + return $ciphertext; + } + + $ciphertext = mcrypt_generic($this->enmcrypt, $plaintext); + + if (!$this->continuousBuffer) { + mcrypt_generic_init($this->enmcrypt, $this->key, $this->getIV($this->encryptIV)); + } + + restore_error_handler(); + + return $ciphertext; + } + + if ($this->engine === self::ENGINE_EVAL) { + $inline = $this->inline_crypt; + return $inline('encrypt', $plaintext); + } + + $buffer = &$this->enbuffer; + $block_size = $this->block_size; + $ciphertext = ''; + switch ($this->mode) { + case self::MODE_ECB: + for ($i = 0; $i < strlen($plaintext); $i += $block_size) { + $ciphertext .= $this->encryptBlock(substr($plaintext, $i, $block_size)); + } + break; + case self::MODE_CBC: + $xor = $this->encryptIV; + for ($i = 0; $i < strlen($plaintext); $i += $block_size) { + $block = substr($plaintext, $i, $block_size); + $block = $this->encryptBlock($block ^ $xor); + $xor = $block; + $ciphertext .= $block; + } + if ($this->continuousBuffer) { + $this->encryptIV = $xor; + } + break; + case self::MODE_CTR: + $xor = $this->encryptIV; + if (strlen($buffer['ciphertext'])) { + for ($i = 0; $i < strlen($plaintext); $i += $block_size) { + $block = substr($plaintext, $i, $block_size); + if (strlen($block) > strlen($buffer['ciphertext'])) { + $buffer['ciphertext'] .= $this->encryptBlock($xor); + Strings::increment_str($xor); + } + $key = Strings::shift($buffer['ciphertext'], $block_size); + $ciphertext .= $block ^ $key; + } + } else { + for ($i = 0; $i < strlen($plaintext); $i += $block_size) { + $block = substr($plaintext, $i, $block_size); + $key = $this->encryptBlock($xor); + Strings::increment_str($xor); + $ciphertext .= $block ^ $key; + } + } + if ($this->continuousBuffer) { + $this->encryptIV = $xor; + if ($start = strlen($plaintext) % $block_size) { + $buffer['ciphertext'] = substr($key, $start) . $buffer['ciphertext']; + } + } + break; + case self::MODE_CFB: + // cfb loosely routines inspired by openssl's: + // {@link http://cvs.openssl.org/fileview?f=openssl/crypto/modes/cfb128.c&v=1.3.2.2.2.1} + if ($this->continuousBuffer) { + $iv = &$this->encryptIV; + $pos = &$buffer['pos']; + } else { + $iv = $this->encryptIV; + $pos = 0; + } + $len = strlen($plaintext); + $i = 0; + if ($pos) { + $orig_pos = $pos; + $max = $block_size - $pos; + if ($len >= $max) { + $i = $max; + $len -= $max; + $pos = 0; + } else { + $i = $len; + $pos += $len; + $len = 0; + } + // ie. $i = min($max, $len), $len-= $i, $pos+= $i, $pos%= $blocksize + $ciphertext = substr($iv, $orig_pos) ^ $plaintext; + $iv = substr_replace($iv, $ciphertext, $orig_pos, $i); + } + while ($len >= $block_size) { + $iv = $this->encryptBlock($iv) ^ substr($plaintext, $i, $block_size); + $ciphertext .= $iv; + $len -= $block_size; + $i += $block_size; + } + if ($len) { + $iv = $this->encryptBlock($iv); + $block = $iv ^ substr($plaintext, $i); + $iv = substr_replace($iv, $block, 0, $len); + $ciphertext .= $block; + $pos = $len; + } + break; + case self::MODE_CFB8: + $ciphertext = ''; + $len = strlen($plaintext); + $iv = $this->encryptIV; + + for ($i = 0; $i < $len; ++$i) { + $ciphertext .= ($c = $plaintext[$i] ^ $this->encryptBlock($iv)); + $iv = substr($iv, 1) . $c; + } + + if ($this->continuousBuffer) { + if ($len >= $block_size) { + $this->encryptIV = substr($ciphertext, -$block_size); + } else { + $this->encryptIV = substr($this->encryptIV, $len - $block_size) . substr($ciphertext, -$len); + } + } + break; + case self::MODE_OFB8: + $ciphertext = ''; + $len = strlen($plaintext); + $iv = $this->encryptIV; + + for ($i = 0; $i < $len; ++$i) { + $xor = $this->encryptBlock($iv); + $ciphertext .= $plaintext[$i] ^ $xor; + $iv = substr($iv, 1) . $xor[0]; + } + + if ($this->continuousBuffer) { + $this->encryptIV = $iv; + } + break; + case self::MODE_OFB: + $xor = $this->encryptIV; + if (strlen($buffer['xor'])) { + for ($i = 0; $i < strlen($plaintext); $i += $block_size) { + $block = substr($plaintext, $i, $block_size); + if (strlen($block) > strlen($buffer['xor'])) { + $xor = $this->encryptBlock($xor); + $buffer['xor'] .= $xor; + } + $key = Strings::shift($buffer['xor'], $block_size); + $ciphertext .= $block ^ $key; + } + } else { + for ($i = 0; $i < strlen($plaintext); $i += $block_size) { + $xor = $this->encryptBlock($xor); + $ciphertext .= substr($plaintext, $i, $block_size) ^ $xor; + } + $key = $xor; + } + if ($this->continuousBuffer) { + $this->encryptIV = $xor; + if ($start = strlen($plaintext) % $block_size) { + $buffer['xor'] = substr($key, $start) . $buffer['xor']; + } + } + break; + case self::MODE_STREAM: + $ciphertext = $this->encryptBlock($plaintext); + break; + } + + return $ciphertext; + } + + /** + * Decrypts a message. + * + * If strlen($ciphertext) is not a multiple of the block size, null bytes will be added to the end of the string until + * it is. + * + * {@internal Could, but not must, extend by the child Crypt_* class} + * + * @see self::encrypt() + * @param string $ciphertext + * @return string $plaintext + * @throws \LengthException if we're inside a block cipher and the ciphertext length is not a multiple of the block size + */ + public function decrypt($ciphertext) + { + if ($this->paddable && strlen($ciphertext) % $this->block_size) { + throw new \LengthException('The ciphertext length (' . strlen($ciphertext) . ') needs to be a multiple of the block size (' . $this->block_size . ')'); + } + $this->setup(); + + if ($this->mode == self::MODE_GCM || isset($this->poly1305Key)) { + if ($this->oldtag === false) { + throw new InsufficientSetupException('Authentication Tag has not been set'); + } + + if (isset($this->poly1305Key)) { + $newtag = $this->poly1305($ciphertext); + } else { + $oldIV = $this->iv; + Strings::increment_str($this->iv); + $cipher = new static('ctr'); + $cipher->setKey($this->key); + $cipher->setIV($this->iv); + $plaintext = $cipher->decrypt($ciphertext); + + $s = $this->ghash( + self::nullPad128($this->aad) . + self::nullPad128($ciphertext) . + self::len64($this->aad) . + self::len64($ciphertext) + ); + $cipher->encryptIV = $this->iv = $this->encryptIV = $this->decryptIV = $oldIV; + $newtag = $cipher->encrypt($s); + } + if ($this->oldtag != substr($newtag, 0, strlen($newtag))) { + $cipher = clone $this; + unset($cipher->poly1305Key); + $this->usePoly1305 = false; + $plaintext = $cipher->decrypt($ciphertext); + $this->oldtag = false; + throw new BadDecryptionException('Derived authentication tag and supplied authentication tag do not match'); + } + $this->oldtag = false; + return $plaintext; + } + + if ($this->engine === self::ENGINE_OPENSSL) { + switch ($this->mode) { + case self::MODE_STREAM: + $plaintext = openssl_decrypt($ciphertext, $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING); + break; + case self::MODE_ECB: + $plaintext = openssl_decrypt($ciphertext, $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING); + break; + case self::MODE_CBC: + $offset = $this->block_size; + $plaintext = openssl_decrypt($ciphertext, $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $this->decryptIV); + if ($this->continuousBuffer) { + $this->decryptIV = substr($ciphertext, -$offset, $this->block_size); + } + break; + case self::MODE_CTR: + $plaintext = $this->openssl_ctr_process($ciphertext, $this->decryptIV, $this->debuffer); + break; + case self::MODE_CFB: + // cfb loosely routines inspired by openssl's: + // {@link http://cvs.openssl.org/fileview?f=openssl/crypto/modes/cfb128.c&v=1.3.2.2.2.1} + $plaintext = ''; + if ($this->continuousBuffer) { + $iv = &$this->decryptIV; + $pos = &$this->debuffer['pos']; + } else { + $iv = $this->decryptIV; + $pos = 0; + } + $len = strlen($ciphertext); + $i = 0; + if ($pos) { + $orig_pos = $pos; + $max = $this->block_size - $pos; + if ($len >= $max) { + $i = $max; + $len -= $max; + $pos = 0; + } else { + $i = $len; + $pos += $len; + $len = 0; + } + // ie. $i = min($max, $len), $len-= $i, $pos+= $i, $pos%= $this->blocksize + $plaintext = substr($iv, $orig_pos) ^ $ciphertext; + $iv = substr_replace($iv, substr($ciphertext, 0, $i), $orig_pos, $i); + $ciphertext = substr($ciphertext, $i); + } + $overflow = $len % $this->block_size; + if ($overflow) { + $plaintext .= openssl_decrypt(substr($ciphertext, 0, -$overflow), $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $iv); + if ($len - $overflow) { + $iv = substr($ciphertext, -$overflow - $this->block_size, -$overflow); + } + $iv = openssl_encrypt(str_repeat("\0", $this->block_size), $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $iv); + $plaintext .= $iv ^ substr($ciphertext, -$overflow); + $iv = substr_replace($iv, substr($ciphertext, -$overflow), 0, $overflow); + $pos = $overflow; + } elseif ($len) { + $plaintext .= openssl_decrypt($ciphertext, $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $iv); + $iv = substr($ciphertext, -$this->block_size); + } + break; + case self::MODE_CFB8: + $plaintext = openssl_decrypt($ciphertext, $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $this->decryptIV); + if ($this->continuousBuffer) { + if (($len = strlen($ciphertext)) >= $this->block_size) { + $this->decryptIV = substr($ciphertext, -$this->block_size); + } else { + $this->decryptIV = substr($this->decryptIV, $len - $this->block_size) . substr($ciphertext, -$len); + } + } + break; + case self::MODE_OFB8: + $plaintext = ''; + $len = strlen($ciphertext); + $iv = $this->decryptIV; + + for ($i = 0; $i < $len; ++$i) { + $xor = openssl_encrypt($iv, $this->cipher_name_openssl_ecb, $this->key, $this->openssl_options, $this->decryptIV); + $plaintext .= $ciphertext[$i] ^ $xor; + $iv = substr($iv, 1) . $xor[0]; + } + + if ($this->continuousBuffer) { + $this->decryptIV = $iv; + } + break; + case self::MODE_OFB: + $plaintext = $this->openssl_ofb_process($ciphertext, $this->decryptIV, $this->debuffer); + } + + return $this->paddable ? $this->unpad($plaintext) : $plaintext; + } + + if ($this->engine === self::ENGINE_MCRYPT) { + set_error_handler(function () { + }); + $block_size = $this->block_size; + if ($this->dechanged) { + mcrypt_generic_init($this->demcrypt, $this->key, $this->getIV($this->decryptIV)); + $this->dechanged = false; + } + + if ($this->mode == self::MODE_CFB && $this->continuousBuffer) { + $iv = &$this->decryptIV; + $pos = &$this->debuffer['pos']; + $len = strlen($ciphertext); + $plaintext = ''; + $i = 0; + if ($pos) { + $orig_pos = $pos; + $max = $block_size - $pos; + if ($len >= $max) { + $i = $max; + $len -= $max; + $pos = 0; + } else { + $i = $len; + $pos += $len; + $len = 0; + } + // ie. $i = min($max, $len), $len-= $i, $pos+= $i, $pos%= $blocksize + $plaintext = substr($iv, $orig_pos) ^ $ciphertext; + $iv = substr_replace($iv, substr($ciphertext, 0, $i), $orig_pos, $i); + } + if ($len >= $block_size) { + $cb = substr($ciphertext, $i, $len - $len % $block_size); + $plaintext .= mcrypt_generic($this->ecb, $iv . $cb) ^ $cb; + $iv = substr($cb, -$block_size); + $len %= $block_size; + } + if ($len) { + $iv = mcrypt_generic($this->ecb, $iv); + $plaintext .= $iv ^ substr($ciphertext, -$len); + $iv = substr_replace($iv, substr($ciphertext, -$len), 0, $len); + $pos = $len; + } + + restore_error_handler(); + + return $plaintext; + } + + $plaintext = mdecrypt_generic($this->demcrypt, $ciphertext); + + if (!$this->continuousBuffer) { + mcrypt_generic_init($this->demcrypt, $this->key, $this->getIV($this->decryptIV)); + } + + restore_error_handler(); + + return $this->paddable ? $this->unpad($plaintext) : $plaintext; + } + + if ($this->engine === self::ENGINE_EVAL) { + $inline = $this->inline_crypt; + return $inline('decrypt', $ciphertext); + } + + $block_size = $this->block_size; + + $buffer = &$this->debuffer; + $plaintext = ''; + switch ($this->mode) { + case self::MODE_ECB: + for ($i = 0; $i < strlen($ciphertext); $i += $block_size) { + $plaintext .= $this->decryptBlock(substr($ciphertext, $i, $block_size)); + } + break; + case self::MODE_CBC: + $xor = $this->decryptIV; + for ($i = 0; $i < strlen($ciphertext); $i += $block_size) { + $block = substr($ciphertext, $i, $block_size); + $plaintext .= $this->decryptBlock($block) ^ $xor; + $xor = $block; + } + if ($this->continuousBuffer) { + $this->decryptIV = $xor; + } + break; + case self::MODE_CTR: + $xor = $this->decryptIV; + if (strlen($buffer['ciphertext'])) { + for ($i = 0; $i < strlen($ciphertext); $i += $block_size) { + $block = substr($ciphertext, $i, $block_size); + if (strlen($block) > strlen($buffer['ciphertext'])) { + $buffer['ciphertext'] .= $this->encryptBlock($xor); + Strings::increment_str($xor); + } + $key = Strings::shift($buffer['ciphertext'], $block_size); + $plaintext .= $block ^ $key; + } + } else { + for ($i = 0; $i < strlen($ciphertext); $i += $block_size) { + $block = substr($ciphertext, $i, $block_size); + $key = $this->encryptBlock($xor); + Strings::increment_str($xor); + $plaintext .= $block ^ $key; + } + } + if ($this->continuousBuffer) { + $this->decryptIV = $xor; + if ($start = strlen($ciphertext) % $block_size) { + $buffer['ciphertext'] = substr($key, $start) . $buffer['ciphertext']; + } + } + break; + case self::MODE_CFB: + if ($this->continuousBuffer) { + $iv = &$this->decryptIV; + $pos = &$buffer['pos']; + } else { + $iv = $this->decryptIV; + $pos = 0; + } + $len = strlen($ciphertext); + $i = 0; + if ($pos) { + $orig_pos = $pos; + $max = $block_size - $pos; + if ($len >= $max) { + $i = $max; + $len -= $max; + $pos = 0; + } else { + $i = $len; + $pos += $len; + $len = 0; + } + // ie. $i = min($max, $len), $len-= $i, $pos+= $i, $pos%= $blocksize + $plaintext = substr($iv, $orig_pos) ^ $ciphertext; + $iv = substr_replace($iv, substr($ciphertext, 0, $i), $orig_pos, $i); + } + while ($len >= $block_size) { + $iv = $this->encryptBlock($iv); + $cb = substr($ciphertext, $i, $block_size); + $plaintext .= $iv ^ $cb; + $iv = $cb; + $len -= $block_size; + $i += $block_size; + } + if ($len) { + $iv = $this->encryptBlock($iv); + $plaintext .= $iv ^ substr($ciphertext, $i); + $iv = substr_replace($iv, substr($ciphertext, $i), 0, $len); + $pos = $len; + } + break; + case self::MODE_CFB8: + $plaintext = ''; + $len = strlen($ciphertext); + $iv = $this->decryptIV; + + for ($i = 0; $i < $len; ++$i) { + $plaintext .= $ciphertext[$i] ^ $this->encryptBlock($iv); + $iv = substr($iv, 1) . $ciphertext[$i]; + } + + if ($this->continuousBuffer) { + if ($len >= $block_size) { + $this->decryptIV = substr($ciphertext, -$block_size); + } else { + $this->decryptIV = substr($this->decryptIV, $len - $block_size) . substr($ciphertext, -$len); + } + } + break; + case self::MODE_OFB8: + $plaintext = ''; + $len = strlen($ciphertext); + $iv = $this->decryptIV; + + for ($i = 0; $i < $len; ++$i) { + $xor = $this->encryptBlock($iv); + $plaintext .= $ciphertext[$i] ^ $xor; + $iv = substr($iv, 1) . $xor[0]; + } + + if ($this->continuousBuffer) { + $this->decryptIV = $iv; + } + break; + case self::MODE_OFB: + $xor = $this->decryptIV; + if (strlen($buffer['xor'])) { + for ($i = 0; $i < strlen($ciphertext); $i += $block_size) { + $block = substr($ciphertext, $i, $block_size); + if (strlen($block) > strlen($buffer['xor'])) { + $xor = $this->encryptBlock($xor); + $buffer['xor'] .= $xor; + } + $key = Strings::shift($buffer['xor'], $block_size); + $plaintext .= $block ^ $key; + } + } else { + for ($i = 0; $i < strlen($ciphertext); $i += $block_size) { + $xor = $this->encryptBlock($xor); + $plaintext .= substr($ciphertext, $i, $block_size) ^ $xor; + } + $key = $xor; + } + if ($this->continuousBuffer) { + $this->decryptIV = $xor; + if ($start = strlen($ciphertext) % $block_size) { + $buffer['xor'] = substr($key, $start) . $buffer['xor']; + } + } + break; + case self::MODE_STREAM: + $plaintext = $this->decryptBlock($ciphertext); + break; + } + return $this->paddable ? $this->unpad($plaintext) : $plaintext; + } + + /** + * Get the authentication tag + * + * Only used in GCM or Poly1305 mode + * + * @see self::encrypt() + * @param int $length optional + * @return string + * @throws \LengthException if $length isn't of a sufficient length + * @throws \RuntimeException if GCM mode isn't being used + */ + public function getTag($length = 16) + { + if ($this->mode != self::MODE_GCM && !$this->usePoly1305) { + throw new \BadMethodCallException('Authentication tags are only utilized in GCM mode or with Poly1305'); + } + + if ($this->newtag === false) { + throw new \BadMethodCallException('A tag can only be returned after a round of encryption has been performed'); + } + + // the tag is 128-bits. it can't be greater than 16 bytes because that's bigger than the tag is. if it + // were 0 you might as well be doing CTR and less than 4 provides minimal security that could be trivially + // easily brute forced. + // see https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf#page=36 + // for more info + if ($length < 4 || $length > 16) { + throw new \LengthException('The authentication tag must be between 4 and 16 bytes long'); + } + + return $length == 16 ? + $this->newtag : + substr($this->newtag, 0, $length); + } + + /** + * Sets the authentication tag + * + * Only used in GCM mode + * + * @see self::decrypt() + * @param string $tag + * @throws \LengthException if $length isn't of a sufficient length + * @throws \RuntimeException if GCM mode isn't being used + */ + public function setTag($tag) + { + if ($this->usePoly1305 && !isset($this->poly1305Key) && method_exists($this, 'createPoly1305Key')) { + $this->createPoly1305Key(); + } + + if ($this->mode != self::MODE_GCM && !$this->usePoly1305) { + throw new \BadMethodCallException('Authentication tags are only utilized in GCM mode or with Poly1305'); + } + + $length = strlen($tag); + if ($length < 4 || $length > 16) { + throw new \LengthException('The authentication tag must be between 4 and 16 bytes long'); + } + $this->oldtag = $tag; + } + + /** + * Get the IV + * + * mcrypt requires an IV even if ECB is used + * + * @see self::encrypt() + * @see self::decrypt() + * @param string $iv + * @return string + */ + protected function getIV($iv) + { + return $this->mode == self::MODE_ECB ? str_repeat("\0", $this->block_size) : $iv; + } + + /** + * OpenSSL CTR Processor + * + * PHP's OpenSSL bindings do not operate in continuous mode so we'll wrap around it. Since the keystream + * for CTR is the same for both encrypting and decrypting this function is re-used by both SymmetricKey::encrypt() + * and SymmetricKey::decrypt(). Also, OpenSSL doesn't implement CTR for all of it's symmetric ciphers so this + * function will emulate CTR with ECB when necessary. + * + * @see self::encrypt() + * @see self::decrypt() + * @param string $plaintext + * @param string $encryptIV + * @param array $buffer + * @return string + */ + private function openssl_ctr_process($plaintext, &$encryptIV, &$buffer) + { + $ciphertext = ''; + + $block_size = $this->block_size; + $key = $this->key; + + if ($this->openssl_emulate_ctr) { + $xor = $encryptIV; + if (strlen($buffer['ciphertext'])) { + for ($i = 0; $i < strlen($plaintext); $i += $block_size) { + $block = substr($plaintext, $i, $block_size); + if (strlen($block) > strlen($buffer['ciphertext'])) { + $buffer['ciphertext'] .= openssl_encrypt($xor, $this->cipher_name_openssl_ecb, $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING); + } + Strings::increment_str($xor); + $otp = Strings::shift($buffer['ciphertext'], $block_size); + $ciphertext .= $block ^ $otp; + } + } else { + for ($i = 0; $i < strlen($plaintext); $i += $block_size) { + $block = substr($plaintext, $i, $block_size); + $otp = openssl_encrypt($xor, $this->cipher_name_openssl_ecb, $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING); + Strings::increment_str($xor); + $ciphertext .= $block ^ $otp; + } + } + if ($this->continuousBuffer) { + $encryptIV = $xor; + if ($start = strlen($plaintext) % $block_size) { + $buffer['ciphertext'] = substr($key, $start) . $buffer['ciphertext']; + } + } + + return $ciphertext; + } + + if (strlen($buffer['ciphertext'])) { + $ciphertext = $plaintext ^ Strings::shift($buffer['ciphertext'], strlen($plaintext)); + $plaintext = substr($plaintext, strlen($ciphertext)); + + if (!strlen($plaintext)) { + return $ciphertext; + } + } + + $overflow = strlen($plaintext) % $block_size; + if ($overflow) { + $plaintext2 = Strings::pop($plaintext, $overflow); // ie. trim $plaintext to a multiple of $block_size and put rest of $plaintext in $plaintext2 + $encrypted = openssl_encrypt($plaintext . str_repeat("\0", $block_size), $this->cipher_name_openssl, $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $encryptIV); + $temp = Strings::pop($encrypted, $block_size); + $ciphertext .= $encrypted . ($plaintext2 ^ $temp); + if ($this->continuousBuffer) { + $buffer['ciphertext'] = substr($temp, $overflow); + $encryptIV = $temp; + } + } elseif (!strlen($buffer['ciphertext'])) { + $ciphertext .= openssl_encrypt($plaintext . str_repeat("\0", $block_size), $this->cipher_name_openssl, $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $encryptIV); + $temp = Strings::pop($ciphertext, $block_size); + if ($this->continuousBuffer) { + $encryptIV = $temp; + } + } + if ($this->continuousBuffer) { + $encryptIV = openssl_decrypt($encryptIV, $this->cipher_name_openssl_ecb, $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING); + if ($overflow) { + Strings::increment_str($encryptIV); + } + } + + return $ciphertext; + } + + /** + * OpenSSL OFB Processor + * + * PHP's OpenSSL bindings do not operate in continuous mode so we'll wrap around it. Since the keystream + * for OFB is the same for both encrypting and decrypting this function is re-used by both SymmetricKey::encrypt() + * and SymmetricKey::decrypt(). + * + * @see self::encrypt() + * @see self::decrypt() + * @param string $plaintext + * @param string $encryptIV + * @param array $buffer + * @return string + */ + private function openssl_ofb_process($plaintext, &$encryptIV, &$buffer) + { + if (strlen($buffer['xor'])) { + $ciphertext = $plaintext ^ $buffer['xor']; + $buffer['xor'] = substr($buffer['xor'], strlen($ciphertext)); + $plaintext = substr($plaintext, strlen($ciphertext)); + } else { + $ciphertext = ''; + } + + $block_size = $this->block_size; + + $len = strlen($plaintext); + $key = $this->key; + $overflow = $len % $block_size; + + if (strlen($plaintext)) { + if ($overflow) { + $ciphertext .= openssl_encrypt(substr($plaintext, 0, -$overflow) . str_repeat("\0", $block_size), $this->cipher_name_openssl, $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $encryptIV); + $xor = Strings::pop($ciphertext, $block_size); + if ($this->continuousBuffer) { + $encryptIV = $xor; + } + $ciphertext .= Strings::shift($xor, $overflow) ^ substr($plaintext, -$overflow); + if ($this->continuousBuffer) { + $buffer['xor'] = $xor; + } + } else { + $ciphertext = openssl_encrypt($plaintext, $this->cipher_name_openssl, $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $encryptIV); + if ($this->continuousBuffer) { + $encryptIV = substr($ciphertext, -$block_size) ^ substr($plaintext, -$block_size); + } + } + } + + return $ciphertext; + } + + /** + * phpseclib <-> OpenSSL Mode Mapper + * + * May need to be overwritten by classes extending this one in some cases + * + * @return string + */ + protected function openssl_translate_mode() + { + switch ($this->mode) { + case self::MODE_ECB: + return 'ecb'; + case self::MODE_CBC: + return 'cbc'; + case self::MODE_CTR: + case self::MODE_GCM: + return 'ctr'; + case self::MODE_CFB: + return 'cfb'; + case self::MODE_CFB8: + return 'cfb8'; + case self::MODE_OFB: + return 'ofb'; + } + } + + /** + * Pad "packets". + * + * Block ciphers working by encrypting between their specified [$this->]block_size at a time + * If you ever need to encrypt or decrypt something that isn't of the proper length, it becomes necessary to + * pad the input so that it is of the proper length. + * + * Padding is enabled by default. Sometimes, however, it is undesirable to pad strings. Such is the case in SSH, + * where "packets" are padded with random bytes before being encrypted. Unpad these packets and you risk stripping + * away characters that shouldn't be stripped away. (SSH knows how many bytes are added because the length is + * transmitted separately) + * + * @see self::disablePadding() + */ + public function enablePadding() + { + $this->padding = true; + } + + /** + * Do not pad packets. + * + * @see self::enablePadding() + */ + public function disablePadding() + { + $this->padding = false; + } + + /** + * Treat consecutive "packets" as if they are a continuous buffer. + * + * Say you have a 32-byte plaintext $plaintext. Using the default behavior, the two following code snippets + * will yield different outputs: + * + * + * echo $rijndael->encrypt(substr($plaintext, 0, 16)); + * echo $rijndael->encrypt(substr($plaintext, 16, 16)); + * + * + * echo $rijndael->encrypt($plaintext); + * + * + * The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates + * another, as demonstrated with the following: + * + * + * $rijndael->encrypt(substr($plaintext, 0, 16)); + * echo $rijndael->decrypt($rijndael->encrypt(substr($plaintext, 16, 16))); + * + * + * echo $rijndael->decrypt($rijndael->encrypt(substr($plaintext, 16, 16))); + * + * + * With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different + * outputs. The reason is due to the fact that the initialization vector's change after every encryption / + * decryption round when the continuous buffer is enabled. When it's disabled, they remain constant. + * + * Put another way, when the continuous buffer is enabled, the state of the \phpseclib3\Crypt\*() object changes after each + * encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that + * continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them), + * however, they are also less intuitive and more likely to cause you problems. + * + * {@internal Could, but not must, extend by the child Crypt_* class} + * + * @see self::disableContinuousBuffer() + */ + public function enableContinuousBuffer() + { + if ($this->mode == self::MODE_ECB) { + return; + } + + if ($this->mode == self::MODE_GCM) { + throw new \BadMethodCallException('This mode does not run in continuous mode'); + } + + $this->continuousBuffer = true; + + $this->setEngine(); + } + + /** + * Treat consecutive packets as if they are a discontinuous buffer. + * + * The default behavior. + * + * {@internal Could, but not must, extend by the child Crypt_* class} + * + * @see self::enableContinuousBuffer() + */ + public function disableContinuousBuffer() + { + if ($this->mode == self::MODE_ECB) { + return; + } + if (!$this->continuousBuffer) { + return; + } + + $this->continuousBuffer = false; + + $this->setEngine(); + } + + /** + * Test for engine validity + * + * @see self::__construct() + * @param int $engine + * @return bool + */ + protected function isValidEngineHelper($engine) + { + switch ($engine) { + case self::ENGINE_OPENSSL: + $this->openssl_emulate_ctr = false; + $result = $this->cipher_name_openssl && + extension_loaded('openssl'); + if (!$result) { + return false; + } + + $methods = openssl_get_cipher_methods(); + if (in_array($this->cipher_name_openssl, $methods)) { + return true; + } + // not all of openssl's symmetric cipher's support ctr. for those + // that don't we'll emulate it + switch ($this->mode) { + case self::MODE_CTR: + if (in_array($this->cipher_name_openssl_ecb, $methods)) { + $this->openssl_emulate_ctr = true; + return true; + } + } + return false; + case self::ENGINE_MCRYPT: + set_error_handler(function () { + }); + $result = $this->cipher_name_mcrypt && + extension_loaded('mcrypt') && + in_array($this->cipher_name_mcrypt, mcrypt_list_algorithms()); + restore_error_handler(); + return $result; + case self::ENGINE_EVAL: + return method_exists($this, 'setupInlineCrypt'); + case self::ENGINE_INTERNAL: + return true; + } + + return false; + } + + /** + * Test for engine validity + * + * @see self::__construct() + * @param string $engine + * @return bool + */ + public function isValidEngine($engine) + { + static $reverseMap; + if (!isset($reverseMap)) { + $reverseMap = array_map('strtolower', self::ENGINE_MAP); + $reverseMap = array_flip($reverseMap); + } + $engine = strtolower($engine); + if (!isset($reverseMap[$engine])) { + return false; + } + + return $this->isValidEngineHelper($reverseMap[$engine]); + } + + /** + * Sets the preferred crypt engine + * + * Currently, $engine could be: + * + * - libsodium[very fast] + * + * - OpenSSL [very fast] + * + * - mcrypt [fast] + * + * - Eval [slow] + * + * - PHP [slowest] + * + * If the preferred crypt engine is not available the fastest available one will be used + * + * @see self::__construct() + * @param string $engine + */ + public function setPreferredEngine($engine) + { + static $reverseMap; + if (!isset($reverseMap)) { + $reverseMap = array_map('strtolower', self::ENGINE_MAP); + $reverseMap = array_flip($reverseMap); + } + $engine = is_string($engine) ? strtolower($engine) : ''; + $this->preferredEngine = isset($reverseMap[$engine]) ? $reverseMap[$engine] : self::ENGINE_LIBSODIUM; + + $this->setEngine(); + } + + /** + * Returns the engine currently being utilized + * + * @see self::setEngine() + */ + public function getEngine() + { + return self::ENGINE_MAP[$this->engine]; + } + + /** + * Sets the engine as appropriate + * + * @see self::__construct() + */ + protected function setEngine() + { + $this->engine = null; + + $candidateEngines = [ + self::ENGINE_LIBSODIUM, + self::ENGINE_OPENSSL_GCM, + self::ENGINE_OPENSSL, + self::ENGINE_MCRYPT, + self::ENGINE_EVAL + ]; + if (isset($this->preferredEngine)) { + $temp = [$this->preferredEngine]; + $candidateEngines = array_merge( + $temp, + array_diff($candidateEngines, $temp) + ); + } + foreach ($candidateEngines as $engine) { + if ($this->isValidEngineHelper($engine)) { + $this->engine = $engine; + break; + } + } + if (!$this->engine) { + $this->engine = self::ENGINE_INTERNAL; + } + + if ($this->engine != self::ENGINE_MCRYPT && $this->enmcrypt) { + set_error_handler(function () { + }); + // Closing the current mcrypt resource(s). _mcryptSetup() will, if needed, + // (re)open them with the module named in $this->cipher_name_mcrypt + mcrypt_module_close($this->enmcrypt); + mcrypt_module_close($this->demcrypt); + $this->enmcrypt = null; + $this->demcrypt = null; + + if ($this->ecb) { + mcrypt_module_close($this->ecb); + $this->ecb = null; + } + restore_error_handler(); + } + + $this->changed = $this->nonIVChanged = true; + } + + /** + * Encrypts a block + * + * Note: Must be extended by the child \phpseclib3\Crypt\* class + * + * @param string $in + * @return string + */ + abstract protected function encryptBlock($in); + + /** + * Decrypts a block + * + * Note: Must be extended by the child \phpseclib3\Crypt\* class + * + * @param string $in + * @return string + */ + abstract protected function decryptBlock($in); + + /** + * Setup the key (expansion) + * + * Only used if $engine == self::ENGINE_INTERNAL + * + * Note: Must extend by the child \phpseclib3\Crypt\* class + * + * @see self::setup() + */ + abstract protected function setupKey(); + + /** + * Setup the self::ENGINE_INTERNAL $engine + * + * (re)init, if necessary, the internal cipher $engine and flush all $buffers + * Used (only) if $engine == self::ENGINE_INTERNAL + * + * _setup() will be called each time if $changed === true + * typically this happens when using one or more of following public methods: + * + * - setKey() + * + * - setIV() + * + * - disableContinuousBuffer() + * + * - First run of encrypt() / decrypt() with no init-settings + * + * {@internal setup() is always called before en/decryption.} + * + * {@internal Could, but not must, extend by the child Crypt_* class} + * + * @see self::setKey() + * @see self::setIV() + * @see self::disableContinuousBuffer() + */ + protected function setup() + { + if (!$this->changed) { + return; + } + + $this->changed = false; + + if ($this->usePoly1305 && !isset($this->poly1305Key) && method_exists($this, 'createPoly1305Key')) { + $this->createPoly1305Key(); + } + + $this->enbuffer = $this->debuffer = ['ciphertext' => '', 'xor' => '', 'pos' => 0, 'enmcrypt_init' => true]; + //$this->newtag = $this->oldtag = false; + + if ($this->usesNonce()) { + if ($this->nonce === false) { + throw new InsufficientSetupException('No nonce has been defined'); + } + if ($this->mode == self::MODE_GCM && !in_array($this->engine, [self::ENGINE_LIBSODIUM, self::ENGINE_OPENSSL_GCM])) { + $this->setupGCM(); + } + } else { + $this->iv = $this->origIV; + } + + if ($this->iv === false && !in_array($this->mode, [self::MODE_STREAM, self::MODE_ECB])) { + if ($this->mode != self::MODE_GCM || !in_array($this->engine, [self::ENGINE_LIBSODIUM, self::ENGINE_OPENSSL_GCM])) { + throw new InsufficientSetupException('No IV has been defined'); + } + } + + if ($this->key === false) { + throw new InsufficientSetupException('No key has been defined'); + } + + $this->encryptIV = $this->decryptIV = $this->iv; + + switch ($this->engine) { + case self::ENGINE_MCRYPT: + $this->enchanged = $this->dechanged = true; + + set_error_handler(function () { + }); + + if (!isset($this->enmcrypt)) { + static $mcrypt_modes = [ + self::MODE_CTR => 'ctr', + self::MODE_ECB => MCRYPT_MODE_ECB, + self::MODE_CBC => MCRYPT_MODE_CBC, + self::MODE_CFB => 'ncfb', + self::MODE_CFB8 => MCRYPT_MODE_CFB, + self::MODE_OFB => MCRYPT_MODE_NOFB, + self::MODE_OFB8 => MCRYPT_MODE_OFB, + self::MODE_STREAM => MCRYPT_MODE_STREAM, + ]; + + $this->demcrypt = mcrypt_module_open($this->cipher_name_mcrypt, '', $mcrypt_modes[$this->mode], ''); + $this->enmcrypt = mcrypt_module_open($this->cipher_name_mcrypt, '', $mcrypt_modes[$this->mode], ''); + + // we need the $ecb mcrypt resource (only) in MODE_CFB with enableContinuousBuffer() + // to workaround mcrypt's broken ncfb implementation in buffered mode + // see: {@link http://phpseclib.sourceforge.net/cfb-demo.phps} + if ($this->mode == self::MODE_CFB) { + $this->ecb = mcrypt_module_open($this->cipher_name_mcrypt, '', MCRYPT_MODE_ECB, ''); + } + } // else should mcrypt_generic_deinit be called? + + if ($this->mode == self::MODE_CFB) { + mcrypt_generic_init($this->ecb, $this->key, str_repeat("\0", $this->block_size)); + } + + restore_error_handler(); + + break; + case self::ENGINE_INTERNAL: + $this->setupKey(); + break; + case self::ENGINE_EVAL: + if ($this->nonIVChanged) { + $this->setupKey(); + $this->setupInlineCrypt(); + } + } + + $this->nonIVChanged = false; + } + + /** + * Pads a string + * + * Pads a string using the RSA PKCS padding standards so that its length is a multiple of the blocksize. + * $this->block_size - (strlen($text) % $this->block_size) bytes are added, each of which is equal to + * chr($this->block_size - (strlen($text) % $this->block_size) + * + * If padding is disabled and $text is not a multiple of the blocksize, the string will be padded regardless + * and padding will, hence forth, be enabled. + * + * @see self::unpad() + * @param string $text + * @throws \LengthException if padding is disabled and the plaintext's length is not a multiple of the block size + * @return string + */ + protected function pad($text) + { + $length = strlen($text); + + if (!$this->padding) { + if ($length % $this->block_size == 0) { + return $text; + } else { + throw new \LengthException("The plaintext's length ($length) is not a multiple of the block size ({$this->block_size}). Try enabling padding."); + } + } + + $pad = $this->block_size - ($length % $this->block_size); + + return str_pad($text, $length + $pad, chr($pad)); + } + + /** + * Unpads a string. + * + * If padding is enabled and the reported padding length is invalid the encryption key will be assumed to be wrong + * and false will be returned. + * + * @see self::pad() + * @param string $text + * @throws \LengthException if the ciphertext's length is not a multiple of the block size + * @return string + */ + protected function unpad($text) + { + if (!$this->padding) { + return $text; + } + + $length = ord($text[strlen($text) - 1]); + + if (!$length || $length > $this->block_size) { + throw new BadDecryptionException("The ciphertext has an invalid padding length ($length) compared to the block size ({$this->block_size})"); + } + + return substr($text, 0, -$length); + } + + /** + * Setup the performance-optimized function for de/encrypt() + * + * Stores the created (or existing) callback function-name + * in $this->inline_crypt + * + * Internally for phpseclib developers: + * + * _setupInlineCrypt() would be called only if: + * + * - $this->engine === self::ENGINE_EVAL + * + * - each time on _setup(), after(!) _setupKey() + * + * + * This ensures that _setupInlineCrypt() has always a + * full ready2go initializated internal cipher $engine state + * where, for example, the keys already expanded, + * keys/block_size calculated and such. + * + * It is, each time if called, the responsibility of _setupInlineCrypt(): + * + * - to set $this->inline_crypt to a valid and fully working callback function + * as a (faster) replacement for encrypt() / decrypt() + * + * - NOT to create unlimited callback functions (for memory reasons!) + * no matter how often _setupInlineCrypt() would be called. At some + * point of amount they must be generic re-useable. + * + * - the code of _setupInlineCrypt() it self, + * and the generated callback code, + * must be, in following order: + * - 100% safe + * - 100% compatible to encrypt()/decrypt() + * - using only php5+ features/lang-constructs/php-extensions if + * compatibility (down to php4) or fallback is provided + * - readable/maintainable/understandable/commented and... not-cryptic-styled-code :-) + * - >= 10% faster than encrypt()/decrypt() [which is, by the way, + * the reason for the existence of _setupInlineCrypt() :-)] + * - memory-nice + * - short (as good as possible) + * + * Note: - _setupInlineCrypt() is using _createInlineCryptFunction() to create the full callback function code. + * - In case of using inline crypting, _setupInlineCrypt() must extend by the child \phpseclib3\Crypt\* class. + * - The following variable names are reserved: + * - $_* (all variable names prefixed with an underscore) + * - $self (object reference to it self. Do not use $this, but $self instead) + * - $in (the content of $in has to en/decrypt by the generated code) + * - The callback function should not use the 'return' statement, but en/decrypt'ing the content of $in only + * + * {@internal If a Crypt_* class providing inline crypting it must extend _setupInlineCrypt()} + * + * @see self::setup() + * @see self::createInlineCryptFunction() + * @see self::encrypt() + * @see self::decrypt() + */ + //protected function setupInlineCrypt(); + + /** + * Creates the performance-optimized function for en/decrypt() + * + * Internally for phpseclib developers: + * + * _createInlineCryptFunction(): + * + * - merge the $cipher_code [setup'ed by _setupInlineCrypt()] + * with the current [$this->]mode of operation code + * + * - create the $inline function, which called by encrypt() / decrypt() + * as its replacement to speed up the en/decryption operations. + * + * - return the name of the created $inline callback function + * + * - used to speed up en/decryption + * + * + * + * The main reason why can speed up things [up to 50%] this way are: + * + * - using variables more effective then regular. + * (ie no use of expensive arrays but integers $k_0, $k_1 ... + * or even, for example, the pure $key[] values hardcoded) + * + * - avoiding 1000's of function calls of ie _encryptBlock() + * but inlining the crypt operations. + * in the mode of operation for() loop. + * + * - full loop unroll the (sometimes key-dependent) rounds + * avoiding this way ++$i counters and runtime-if's etc... + * + * The basic code architectur of the generated $inline en/decrypt() + * lambda function, in pseudo php, is: + * + * + * +----------------------------------------------------------------------------------------------+ + * | callback $inline = create_function: | + * | lambda_function_0001_crypt_ECB($action, $text) | + * | { | + * | INSERT PHP CODE OF: | + * | $cipher_code['init_crypt']; // general init code. | + * | // ie: $sbox'es declarations used for | + * | // encrypt and decrypt'ing. | + * | | + * | switch ($action) { | + * | case 'encrypt': | + * | INSERT PHP CODE OF: | + * | $cipher_code['init_encrypt']; // encrypt sepcific init code. | + * | ie: specified $key or $box | + * | declarations for encrypt'ing. | + * | | + * | foreach ($ciphertext) { | + * | $in = $block_size of $ciphertext; | + * | | + * | INSERT PHP CODE OF: | + * | $cipher_code['encrypt_block']; // encrypt's (string) $in, which is always: | + * | // strlen($in) == $this->block_size | + * | // here comes the cipher algorithm in action | + * | // for encryption. | + * | // $cipher_code['encrypt_block'] has to | + * | // encrypt the content of the $in variable | + * | | + * | $plaintext .= $in; | + * | } | + * | return $plaintext; | + * | | + * | case 'decrypt': | + * | INSERT PHP CODE OF: | + * | $cipher_code['init_decrypt']; // decrypt sepcific init code | + * | ie: specified $key or $box | + * | declarations for decrypt'ing. | + * | foreach ($plaintext) { | + * | $in = $block_size of $plaintext; | + * | | + * | INSERT PHP CODE OF: | + * | $cipher_code['decrypt_block']; // decrypt's (string) $in, which is always | + * | // strlen($in) == $this->block_size | + * | // here comes the cipher algorithm in action | + * | // for decryption. | + * | // $cipher_code['decrypt_block'] has to | + * | // decrypt the content of the $in variable | + * | $ciphertext .= $in; | + * | } | + * | return $ciphertext; | + * | } | + * | } | + * +----------------------------------------------------------------------------------------------+ + * + * + * See also the \phpseclib3\Crypt\*::_setupInlineCrypt()'s for + * productive inline $cipher_code's how they works. + * + * Structure of: + * + * $cipher_code = [ + * 'init_crypt' => (string) '', // optional + * 'init_encrypt' => (string) '', // optional + * 'init_decrypt' => (string) '', // optional + * 'encrypt_block' => (string) '', // required + * 'decrypt_block' => (string) '' // required + * ]; + * + * + * @see self::setupInlineCrypt() + * @see self::encrypt() + * @see self::decrypt() + * @param array $cipher_code + * @return string (the name of the created callback function) + */ + protected function createInlineCryptFunction($cipher_code) + { + $block_size = $this->block_size; + + // optional + $init_crypt = isset($cipher_code['init_crypt']) ? $cipher_code['init_crypt'] : ''; + $init_encrypt = isset($cipher_code['init_encrypt']) ? $cipher_code['init_encrypt'] : ''; + $init_decrypt = isset($cipher_code['init_decrypt']) ? $cipher_code['init_decrypt'] : ''; + // required + $encrypt_block = $cipher_code['encrypt_block']; + $decrypt_block = $cipher_code['decrypt_block']; + + // Generating mode of operation inline code, + // merged with the $cipher_code algorithm + // for encrypt- and decryption. + switch ($this->mode) { + case self::MODE_ECB: + $encrypt = $init_encrypt . ' + $_ciphertext = ""; + $_plaintext_len = strlen($_text); + + for ($_i = 0; $_i < $_plaintext_len; $_i+= ' . $block_size . ') { + $in = substr($_text, $_i, ' . $block_size . '); + ' . $encrypt_block . ' + $_ciphertext.= $in; + } + + return $_ciphertext; + '; + + $decrypt = $init_decrypt . ' + $_plaintext = ""; + $_text = str_pad($_text, strlen($_text) + (' . $block_size . ' - strlen($_text) % ' . $block_size . ') % ' . $block_size . ', chr(0)); + $_ciphertext_len = strlen($_text); + + for ($_i = 0; $_i < $_ciphertext_len; $_i+= ' . $block_size . ') { + $in = substr($_text, $_i, ' . $block_size . '); + ' . $decrypt_block . ' + $_plaintext.= $in; + } + + return $this->unpad($_plaintext); + '; + break; + case self::MODE_CTR: + $encrypt = $init_encrypt . ' + $_ciphertext = ""; + $_plaintext_len = strlen($_text); + $_xor = $this->encryptIV; + $_buffer = &$this->enbuffer; + if (strlen($_buffer["ciphertext"])) { + for ($_i = 0; $_i < $_plaintext_len; $_i+= ' . $block_size . ') { + $_block = substr($_text, $_i, ' . $block_size . '); + if (strlen($_block) > strlen($_buffer["ciphertext"])) { + $in = $_xor; + ' . $encrypt_block . ' + \phpseclib3\Common\Functions\Strings::increment_str($_xor); + $_buffer["ciphertext"].= $in; + } + $_key = \phpseclib3\Common\Functions\Strings::shift($_buffer["ciphertext"], ' . $block_size . '); + $_ciphertext.= $_block ^ $_key; + } + } else { + for ($_i = 0; $_i < $_plaintext_len; $_i+= ' . $block_size . ') { + $_block = substr($_text, $_i, ' . $block_size . '); + $in = $_xor; + ' . $encrypt_block . ' + \phpseclib3\Common\Functions\Strings::increment_str($_xor); + $_key = $in; + $_ciphertext.= $_block ^ $_key; + } + } + if ($this->continuousBuffer) { + $this->encryptIV = $_xor; + if ($_start = $_plaintext_len % ' . $block_size . ') { + $_buffer["ciphertext"] = substr($_key, $_start) . $_buffer["ciphertext"]; + } + } + + return $_ciphertext; + '; + + $decrypt = $init_encrypt . ' + $_plaintext = ""; + $_ciphertext_len = strlen($_text); + $_xor = $this->decryptIV; + $_buffer = &$this->debuffer; + + if (strlen($_buffer["ciphertext"])) { + for ($_i = 0; $_i < $_ciphertext_len; $_i+= ' . $block_size . ') { + $_block = substr($_text, $_i, ' . $block_size . '); + if (strlen($_block) > strlen($_buffer["ciphertext"])) { + $in = $_xor; + ' . $encrypt_block . ' + \phpseclib3\Common\Functions\Strings::increment_str($_xor); + $_buffer["ciphertext"].= $in; + } + $_key = \phpseclib3\Common\Functions\Strings::shift($_buffer["ciphertext"], ' . $block_size . '); + $_plaintext.= $_block ^ $_key; + } + } else { + for ($_i = 0; $_i < $_ciphertext_len; $_i+= ' . $block_size . ') { + $_block = substr($_text, $_i, ' . $block_size . '); + $in = $_xor; + ' . $encrypt_block . ' + \phpseclib3\Common\Functions\Strings::increment_str($_xor); + $_key = $in; + $_plaintext.= $_block ^ $_key; + } + } + if ($this->continuousBuffer) { + $this->decryptIV = $_xor; + if ($_start = $_ciphertext_len % ' . $block_size . ') { + $_buffer["ciphertext"] = substr($_key, $_start) . $_buffer["ciphertext"]; + } + } + + return $_plaintext; + '; + break; + case self::MODE_CFB: + $encrypt = $init_encrypt . ' + $_ciphertext = ""; + $_buffer = &$this->enbuffer; + + if ($this->continuousBuffer) { + $_iv = &$this->encryptIV; + $_pos = &$_buffer["pos"]; + } else { + $_iv = $this->encryptIV; + $_pos = 0; + } + $_len = strlen($_text); + $_i = 0; + if ($_pos) { + $_orig_pos = $_pos; + $_max = ' . $block_size . ' - $_pos; + if ($_len >= $_max) { + $_i = $_max; + $_len-= $_max; + $_pos = 0; + } else { + $_i = $_len; + $_pos+= $_len; + $_len = 0; + } + $_ciphertext = substr($_iv, $_orig_pos) ^ $_text; + $_iv = substr_replace($_iv, $_ciphertext, $_orig_pos, $_i); + } + while ($_len >= ' . $block_size . ') { + $in = $_iv; + ' . $encrypt_block . '; + $_iv = $in ^ substr($_text, $_i, ' . $block_size . '); + $_ciphertext.= $_iv; + $_len-= ' . $block_size . '; + $_i+= ' . $block_size . '; + } + if ($_len) { + $in = $_iv; + ' . $encrypt_block . ' + $_iv = $in; + $_block = $_iv ^ substr($_text, $_i); + $_iv = substr_replace($_iv, $_block, 0, $_len); + $_ciphertext.= $_block; + $_pos = $_len; + } + return $_ciphertext; + '; + + $decrypt = $init_encrypt . ' + $_plaintext = ""; + $_buffer = &$this->debuffer; + + if ($this->continuousBuffer) { + $_iv = &$this->decryptIV; + $_pos = &$_buffer["pos"]; + } else { + $_iv = $this->decryptIV; + $_pos = 0; + } + $_len = strlen($_text); + $_i = 0; + if ($_pos) { + $_orig_pos = $_pos; + $_max = ' . $block_size . ' - $_pos; + if ($_len >= $_max) { + $_i = $_max; + $_len-= $_max; + $_pos = 0; + } else { + $_i = $_len; + $_pos+= $_len; + $_len = 0; + } + $_plaintext = substr($_iv, $_orig_pos) ^ $_text; + $_iv = substr_replace($_iv, substr($_text, 0, $_i), $_orig_pos, $_i); + } + while ($_len >= ' . $block_size . ') { + $in = $_iv; + ' . $encrypt_block . ' + $_iv = $in; + $cb = substr($_text, $_i, ' . $block_size . '); + $_plaintext.= $_iv ^ $cb; + $_iv = $cb; + $_len-= ' . $block_size . '; + $_i+= ' . $block_size . '; + } + if ($_len) { + $in = $_iv; + ' . $encrypt_block . ' + $_iv = $in; + $_plaintext.= $_iv ^ substr($_text, $_i); + $_iv = substr_replace($_iv, substr($_text, $_i), 0, $_len); + $_pos = $_len; + } + + return $_plaintext; + '; + break; + case self::MODE_CFB8: + $encrypt = $init_encrypt . ' + $_ciphertext = ""; + $_len = strlen($_text); + $_iv = $this->encryptIV; + + for ($_i = 0; $_i < $_len; ++$_i) { + $in = $_iv; + ' . $encrypt_block . ' + $_ciphertext .= ($_c = $_text[$_i] ^ $in); + $_iv = substr($_iv, 1) . $_c; + } + + if ($this->continuousBuffer) { + if ($_len >= ' . $block_size . ') { + $this->encryptIV = substr($_ciphertext, -' . $block_size . '); + } else { + $this->encryptIV = substr($this->encryptIV, $_len - ' . $block_size . ') . substr($_ciphertext, -$_len); + } + } + + return $_ciphertext; + '; + $decrypt = $init_encrypt . ' + $_plaintext = ""; + $_len = strlen($_text); + $_iv = $this->decryptIV; + + for ($_i = 0; $_i < $_len; ++$_i) { + $in = $_iv; + ' . $encrypt_block . ' + $_plaintext .= $_text[$_i] ^ $in; + $_iv = substr($_iv, 1) . $_text[$_i]; + } + + if ($this->continuousBuffer) { + if ($_len >= ' . $block_size . ') { + $this->decryptIV = substr($_text, -' . $block_size . '); + } else { + $this->decryptIV = substr($this->decryptIV, $_len - ' . $block_size . ') . substr($_text, -$_len); + } + } + + return $_plaintext; + '; + break; + case self::MODE_OFB8: + $encrypt = $init_encrypt . ' + $_ciphertext = ""; + $_len = strlen($_text); + $_iv = $this->encryptIV; + + for ($_i = 0; $_i < $_len; ++$_i) { + $in = $_iv; + ' . $encrypt_block . ' + $_ciphertext.= $_text[$_i] ^ $in; + $_iv = substr($_iv, 1) . $in[0]; + } + + if ($this->continuousBuffer) { + $this->encryptIV = $_iv; + } + + return $_ciphertext; + '; + $decrypt = $init_encrypt . ' + $_plaintext = ""; + $_len = strlen($_text); + $_iv = $this->decryptIV; + + for ($_i = 0; $_i < $_len; ++$_i) { + $in = $_iv; + ' . $encrypt_block . ' + $_plaintext.= $_text[$_i] ^ $in; + $_iv = substr($_iv, 1) . $in[0]; + } + + if ($this->continuousBuffer) { + $this->decryptIV = $_iv; + } + + return $_plaintext; + '; + break; + case self::MODE_OFB: + $encrypt = $init_encrypt . ' + $_ciphertext = ""; + $_plaintext_len = strlen($_text); + $_xor = $this->encryptIV; + $_buffer = &$this->enbuffer; + + if (strlen($_buffer["xor"])) { + for ($_i = 0; $_i < $_plaintext_len; $_i+= ' . $block_size . ') { + $_block = substr($_text, $_i, ' . $block_size . '); + if (strlen($_block) > strlen($_buffer["xor"])) { + $in = $_xor; + ' . $encrypt_block . ' + $_xor = $in; + $_buffer["xor"].= $_xor; + } + $_key = \phpseclib3\Common\Functions\Strings::shift($_buffer["xor"], ' . $block_size . '); + $_ciphertext.= $_block ^ $_key; + } + } else { + for ($_i = 0; $_i < $_plaintext_len; $_i+= ' . $block_size . ') { + $in = $_xor; + ' . $encrypt_block . ' + $_xor = $in; + $_ciphertext.= substr($_text, $_i, ' . $block_size . ') ^ $_xor; + } + $_key = $_xor; + } + if ($this->continuousBuffer) { + $this->encryptIV = $_xor; + if ($_start = $_plaintext_len % ' . $block_size . ') { + $_buffer["xor"] = substr($_key, $_start) . $_buffer["xor"]; + } + } + return $_ciphertext; + '; + + $decrypt = $init_encrypt . ' + $_plaintext = ""; + $_ciphertext_len = strlen($_text); + $_xor = $this->decryptIV; + $_buffer = &$this->debuffer; + + if (strlen($_buffer["xor"])) { + for ($_i = 0; $_i < $_ciphertext_len; $_i+= ' . $block_size . ') { + $_block = substr($_text, $_i, ' . $block_size . '); + if (strlen($_block) > strlen($_buffer["xor"])) { + $in = $_xor; + ' . $encrypt_block . ' + $_xor = $in; + $_buffer["xor"].= $_xor; + } + $_key = \phpseclib3\Common\Functions\Strings::shift($_buffer["xor"], ' . $block_size . '); + $_plaintext.= $_block ^ $_key; + } + } else { + for ($_i = 0; $_i < $_ciphertext_len; $_i+= ' . $block_size . ') { + $in = $_xor; + ' . $encrypt_block . ' + $_xor = $in; + $_plaintext.= substr($_text, $_i, ' . $block_size . ') ^ $_xor; + } + $_key = $_xor; + } + if ($this->continuousBuffer) { + $this->decryptIV = $_xor; + if ($_start = $_ciphertext_len % ' . $block_size . ') { + $_buffer["xor"] = substr($_key, $_start) . $_buffer["xor"]; + } + } + return $_plaintext; + '; + break; + case self::MODE_STREAM: + $encrypt = $init_encrypt . ' + $_ciphertext = ""; + ' . $encrypt_block . ' + return $_ciphertext; + '; + $decrypt = $init_decrypt . ' + $_plaintext = ""; + ' . $decrypt_block . ' + return $_plaintext; + '; + break; + // case self::MODE_CBC: + default: + $encrypt = $init_encrypt . ' + $_ciphertext = ""; + $_plaintext_len = strlen($_text); + + $in = $this->encryptIV; + + for ($_i = 0; $_i < $_plaintext_len; $_i+= ' . $block_size . ') { + $in = substr($_text, $_i, ' . $block_size . ') ^ $in; + ' . $encrypt_block . ' + $_ciphertext.= $in; + } + + if ($this->continuousBuffer) { + $this->encryptIV = $in; + } + + return $_ciphertext; + '; + + $decrypt = $init_decrypt . ' + $_plaintext = ""; + $_text = str_pad($_text, strlen($_text) + (' . $block_size . ' - strlen($_text) % ' . $block_size . ') % ' . $block_size . ', chr(0)); + $_ciphertext_len = strlen($_text); + + $_iv = $this->decryptIV; + + for ($_i = 0; $_i < $_ciphertext_len; $_i+= ' . $block_size . ') { + $in = $_block = substr($_text, $_i, ' . $block_size . '); + ' . $decrypt_block . ' + $_plaintext.= $in ^ $_iv; + $_iv = $_block; + } + + if ($this->continuousBuffer) { + $this->decryptIV = $_iv; + } + + return $this->unpad($_plaintext); + '; + break; + } + + // Before discrediting this, please read the following: + // @see https://github.com/phpseclib/phpseclib/issues/1293 + // @see https://github.com/phpseclib/phpseclib/pull/1143 + eval('$func = function ($_action, $_text) { ' . $init_crypt . 'if ($_action == "encrypt") { ' . $encrypt . ' } else { ' . $decrypt . ' }};'); + + return \Closure::bind($func, $this, static::class); + } + + /** + * Convert float to int + * + * On ARM CPUs converting floats to ints doesn't always work + * + * @param string $x + * @return int + */ + protected static function safe_intval($x) + { + if (is_int($x)) { + return $x; + } + + if (self::$use_reg_intval) { + return PHP_INT_SIZE == 4 && PHP_VERSION_ID >= 80100 ? intval($x) : $x; + } + + return (fmod($x, 0x80000000) & 0x7FFFFFFF) | + ((fmod(floor($x / 0x80000000), 2) & 1) << 31); + } + + /** + * eval()'able string for in-line float to int + * + * @return string + */ + protected static function safe_intval_inline() + { + if (self::$use_reg_intval) { + return PHP_INT_SIZE == 4 && PHP_VERSION_ID >= 80100 ? 'intval(%s)' : '%s'; + } + + $safeint = '(is_int($temp = %s) ? $temp : (fmod($temp, 0x80000000) & 0x7FFFFFFF) | '; + return $safeint . '((fmod(floor($temp / 0x80000000), 2) & 1) << 31))'; + } + + /** + * Sets up GCM parameters + * + * See steps 1-2 of https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf#page=23 + * for more info + * + */ + private function setupGCM() + { + // don't keep on re-calculating $this->h + if (!$this->h || $this->hKey != $this->key) { + $cipher = new static('ecb'); + $cipher->setKey($this->key); + $cipher->disablePadding(); + + $this->h = self::$gcmField->newInteger( + Strings::switchEndianness($cipher->encrypt("\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0")) + ); + $this->hKey = $this->key; + } + + if (strlen($this->nonce) == 12) { + $this->iv = $this->nonce . "\0\0\0\1"; + } else { + $this->iv = $this->ghash( + self::nullPad128($this->nonce) . str_repeat("\0", 8) . self::len64($this->nonce) + ); + } + } + + /** + * Performs GHASH operation + * + * See https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf#page=20 + * for more info + * + * @see self::decrypt() + * @see self::encrypt() + * @param string $x + * @return string + */ + private function ghash($x) + { + $h = $this->h; + $y = ["\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"]; + $x = str_split($x, 16); + $n = 0; + // the switchEndianness calls are necessary because the multiplication algorithm in BinaryField/Integer + // interprets strings as polynomials in big endian order whereas in GCM they're interpreted in little + // endian order per https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf#page=19. + // big endian order is what binary field elliptic curves use per http://www.secg.org/sec1-v2.pdf#page=18. + + // we could switchEndianness here instead of in the while loop but doing so in the while loop seems like it + // might be slightly more performant + //$x = Strings::switchEndianness($x); + foreach ($x as $xn) { + $xn = Strings::switchEndianness($xn); + $t = $y[$n] ^ $xn; + $temp = self::$gcmField->newInteger($t); + $y[++$n] = $temp->multiply($h)->toBytes(); + $y[$n] = substr($y[$n], 1); + } + $y[$n] = Strings::switchEndianness($y[$n]); + return $y[$n]; + } + + /** + * Returns the bit length of a string in a packed format + * + * @see self::decrypt() + * @see self::encrypt() + * @see self::setupGCM() + * @param string $str + * @return string + */ + private static function len64($str) + { + return "\0\0\0\0" . pack('N', 8 * strlen($str)); + } + + /** + * NULL pads a string to be a multiple of 128 + * + * @see self::decrypt() + * @see self::encrypt() + * @see self::setupGCM() + * @param string $str + * @return string + */ + protected static function nullPad128($str) + { + $len = strlen($str); + return $str . str_repeat("\0", 16 * ceil($len / 16) - $len); + } + + /** + * Calculates Poly1305 MAC + * + * On my system ChaCha20, with libsodium, takes 0.5s. With this custom Poly1305 implementation + * it takes 1.2s. + * + * @see self::decrypt() + * @see self::encrypt() + * @param string $text + * @return string + */ + protected function poly1305($text) + { + $s = $this->poly1305Key; // strlen($this->poly1305Key) == 32 + $r = Strings::shift($s, 16); + $r = strrev($r); + $r &= "\x0f\xff\xff\xfc\x0f\xff\xff\xfc\x0f\xff\xff\xfc\x0f\xff\xff\xff"; + $s = strrev($s); + + $r = self::$poly1305Field->newInteger(new BigInteger($r, 256)); + $s = self::$poly1305Field->newInteger(new BigInteger($s, 256)); + $a = self::$poly1305Field->newInteger(new BigInteger()); + + $blocks = str_split($text, 16); + foreach ($blocks as $block) { + $n = strrev($block . chr(1)); + $n = self::$poly1305Field->newInteger(new BigInteger($n, 256)); + $a = $a->add($n); + $a = $a->multiply($r); + } + $r = $a->toBigInteger()->add($s->toBigInteger()); + $mask = "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"; + return strrev($r->toBytes()) & $mask; + } + + /** + * Return the mode + * + * You can do $obj instanceof AES or whatever to get the cipher but you can't do that to get the mode + * + * @return string + */ + public function getMode() + { + return array_flip(self::MODE_MAP)[$this->mode]; + } + + /** + * Is the continuous buffer enabled? + * + * @return boolean + */ + public function continuousBufferEnabled() + { + return $this->continuousBuffer; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Traits/Fingerprint.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Traits/Fingerprint.php new file mode 100644 index 0000000..9ca8926 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Traits/Fingerprint.php @@ -0,0 +1,57 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\Common\Traits; + +use phpseclib3\Crypt\Hash; + +/** + * Fingerprint Trait for Private Keys + * + * @author Jim Wigginton + */ +trait Fingerprint +{ + /** + * Returns the public key's fingerprint + * + * The public key's fingerprint is returned, which is equivalent to running `ssh-keygen -lf rsa.pub`. If there is + * no public key currently loaded, false is returned. + * Example output (md5): "c1:b1:30:29:d7:b8:de:6c:97:77:10:d7:46:41:63:87" (as specified by RFC 4716) + * + * @param string $algorithm The hashing algorithm to be used. Valid options are 'md5' and 'sha256'. False is returned + * for invalid values. + * @return mixed + */ + public function getFingerprint($algorithm = 'md5') + { + $type = self::validatePlugin('Keys', 'OpenSSH', 'savePublicKey'); + if ($type === false) { + return false; + } + $key = $this->toString('OpenSSH', ['binary' => true]); + if ($key === false) { + return false; + } + switch ($algorithm) { + case 'sha256': + $hash = new Hash('sha256'); + $base = base64_encode($hash->hash($key)); + return substr($base, 0, strlen($base) - 1); + case 'md5': + return substr(chunk_split(md5($key), 2, ':'), 0, -1); + default: + return false; + } + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Traits/PasswordProtected.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Traits/PasswordProtected.php new file mode 100644 index 0000000..0ac274e --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Traits/PasswordProtected.php @@ -0,0 +1,46 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\Common\Traits; + +/** + * Password Protected Trait for Private Keys + * + * @author Jim Wigginton + */ +trait PasswordProtected +{ + /** + * Password + * + * @var string|bool + */ + private $password = false; + + /** + * Sets the password + * + * Private keys can be encrypted with a password. To unset the password, pass in the empty string or false. + * Or rather, pass in $password such that empty($password) && !is_string($password) is true. + * + * @see self::createKey() + * @see self::load() + * @param string|bool $password + */ + public function withPassword($password = false) + { + $new = clone $this; + $new->password = $password; + return $new; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DES.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DES.php new file mode 100644 index 0000000..3b03830 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DES.php @@ -0,0 +1,1392 @@ + + * setKey('abcdefgh'); + * + * $size = 10 * 1024; + * $plaintext = ''; + * for ($i = 0; $i < $size; $i++) { + * $plaintext.= 'a'; + * } + * + * echo $des->decrypt($des->encrypt($plaintext)); + * ?> + * + * + * @author Jim Wigginton + * @copyright 2007 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt; + +use phpseclib3\Crypt\Common\BlockCipher; +use phpseclib3\Exception\BadModeException; + +/** + * Pure-PHP implementation of DES. + * + * @author Jim Wigginton + */ +class DES extends BlockCipher +{ + /** + * Contains $keys[self::ENCRYPT] + * + * @see \phpseclib3\Crypt\DES::setupKey() + * @see \phpseclib3\Crypt\DES::processBlock() + */ + const ENCRYPT = 0; + /** + * Contains $keys[self::DECRYPT] + * + * @see \phpseclib3\Crypt\DES::setupKey() + * @see \phpseclib3\Crypt\DES::processBlock() + */ + const DECRYPT = 1; + + /** + * Block Length of the cipher + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::block_size + * @var int + */ + protected $block_size = 8; + + /** + * Key Length (in bytes) + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::setKeyLength() + * @var int + */ + protected $key_length = 8; + + /** + * The mcrypt specific name of the cipher + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::cipher_name_mcrypt + * @var string + */ + protected $cipher_name_mcrypt = 'des'; + + /** + * The OpenSSL names of the cipher / modes + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::openssl_mode_names + * @var array + */ + protected $openssl_mode_names = [ + self::MODE_ECB => 'des-ecb', + self::MODE_CBC => 'des-cbc', + self::MODE_CFB => 'des-cfb', + self::MODE_OFB => 'des-ofb' + // self::MODE_CTR is undefined for DES + ]; + + /** + * Optimizing value while CFB-encrypting + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::cfb_init_len + * @var int + */ + protected $cfb_init_len = 500; + + /** + * Switch for DES/3DES encryption + * + * Used only if $engine == self::ENGINE_INTERNAL + * + * @see self::setupKey() + * @see self::processBlock() + * @var int + */ + protected $des_rounds = 1; + + /** + * max possible size of $key + * + * @see self::setKey() + * @var string + */ + protected $key_length_max = 8; + + /** + * The Key Schedule + * + * @see self::setupKey() + * @var array + */ + private $keys; + + /** + * Key Cache "key" + * + * @see self::setupKey() + * @var array + */ + private $kl; + + /** + * Shuffle table. + * + * For each byte value index, the entry holds an 8-byte string + * with each byte containing all bits in the same state as the + * corresponding bit in the index value. + * + * @see self::processBlock() + * @see self::setupKey() + * @var array + */ + protected static $shuffle = [ + "\x00\x00\x00\x00\x00\x00\x00\x00", "\x00\x00\x00\x00\x00\x00\x00\xFF", + "\x00\x00\x00\x00\x00\x00\xFF\x00", "\x00\x00\x00\x00\x00\x00\xFF\xFF", + "\x00\x00\x00\x00\x00\xFF\x00\x00", "\x00\x00\x00\x00\x00\xFF\x00\xFF", + "\x00\x00\x00\x00\x00\xFF\xFF\x00", "\x00\x00\x00\x00\x00\xFF\xFF\xFF", + "\x00\x00\x00\x00\xFF\x00\x00\x00", "\x00\x00\x00\x00\xFF\x00\x00\xFF", + "\x00\x00\x00\x00\xFF\x00\xFF\x00", "\x00\x00\x00\x00\xFF\x00\xFF\xFF", + "\x00\x00\x00\x00\xFF\xFF\x00\x00", "\x00\x00\x00\x00\xFF\xFF\x00\xFF", + "\x00\x00\x00\x00\xFF\xFF\xFF\x00", "\x00\x00\x00\x00\xFF\xFF\xFF\xFF", + "\x00\x00\x00\xFF\x00\x00\x00\x00", "\x00\x00\x00\xFF\x00\x00\x00\xFF", + "\x00\x00\x00\xFF\x00\x00\xFF\x00", "\x00\x00\x00\xFF\x00\x00\xFF\xFF", + "\x00\x00\x00\xFF\x00\xFF\x00\x00", "\x00\x00\x00\xFF\x00\xFF\x00\xFF", + "\x00\x00\x00\xFF\x00\xFF\xFF\x00", "\x00\x00\x00\xFF\x00\xFF\xFF\xFF", + "\x00\x00\x00\xFF\xFF\x00\x00\x00", "\x00\x00\x00\xFF\xFF\x00\x00\xFF", + "\x00\x00\x00\xFF\xFF\x00\xFF\x00", "\x00\x00\x00\xFF\xFF\x00\xFF\xFF", + "\x00\x00\x00\xFF\xFF\xFF\x00\x00", "\x00\x00\x00\xFF\xFF\xFF\x00\xFF", + "\x00\x00\x00\xFF\xFF\xFF\xFF\x00", "\x00\x00\x00\xFF\xFF\xFF\xFF\xFF", + "\x00\x00\xFF\x00\x00\x00\x00\x00", "\x00\x00\xFF\x00\x00\x00\x00\xFF", + "\x00\x00\xFF\x00\x00\x00\xFF\x00", "\x00\x00\xFF\x00\x00\x00\xFF\xFF", + "\x00\x00\xFF\x00\x00\xFF\x00\x00", "\x00\x00\xFF\x00\x00\xFF\x00\xFF", + "\x00\x00\xFF\x00\x00\xFF\xFF\x00", "\x00\x00\xFF\x00\x00\xFF\xFF\xFF", + "\x00\x00\xFF\x00\xFF\x00\x00\x00", "\x00\x00\xFF\x00\xFF\x00\x00\xFF", + "\x00\x00\xFF\x00\xFF\x00\xFF\x00", "\x00\x00\xFF\x00\xFF\x00\xFF\xFF", + "\x00\x00\xFF\x00\xFF\xFF\x00\x00", "\x00\x00\xFF\x00\xFF\xFF\x00\xFF", + "\x00\x00\xFF\x00\xFF\xFF\xFF\x00", "\x00\x00\xFF\x00\xFF\xFF\xFF\xFF", + "\x00\x00\xFF\xFF\x00\x00\x00\x00", "\x00\x00\xFF\xFF\x00\x00\x00\xFF", + "\x00\x00\xFF\xFF\x00\x00\xFF\x00", "\x00\x00\xFF\xFF\x00\x00\xFF\xFF", + "\x00\x00\xFF\xFF\x00\xFF\x00\x00", "\x00\x00\xFF\xFF\x00\xFF\x00\xFF", + "\x00\x00\xFF\xFF\x00\xFF\xFF\x00", "\x00\x00\xFF\xFF\x00\xFF\xFF\xFF", + "\x00\x00\xFF\xFF\xFF\x00\x00\x00", "\x00\x00\xFF\xFF\xFF\x00\x00\xFF", + "\x00\x00\xFF\xFF\xFF\x00\xFF\x00", "\x00\x00\xFF\xFF\xFF\x00\xFF\xFF", + "\x00\x00\xFF\xFF\xFF\xFF\x00\x00", "\x00\x00\xFF\xFF\xFF\xFF\x00\xFF", + "\x00\x00\xFF\xFF\xFF\xFF\xFF\x00", "\x00\x00\xFF\xFF\xFF\xFF\xFF\xFF", + "\x00\xFF\x00\x00\x00\x00\x00\x00", "\x00\xFF\x00\x00\x00\x00\x00\xFF", + "\x00\xFF\x00\x00\x00\x00\xFF\x00", "\x00\xFF\x00\x00\x00\x00\xFF\xFF", + "\x00\xFF\x00\x00\x00\xFF\x00\x00", "\x00\xFF\x00\x00\x00\xFF\x00\xFF", + "\x00\xFF\x00\x00\x00\xFF\xFF\x00", "\x00\xFF\x00\x00\x00\xFF\xFF\xFF", + "\x00\xFF\x00\x00\xFF\x00\x00\x00", "\x00\xFF\x00\x00\xFF\x00\x00\xFF", + "\x00\xFF\x00\x00\xFF\x00\xFF\x00", "\x00\xFF\x00\x00\xFF\x00\xFF\xFF", + "\x00\xFF\x00\x00\xFF\xFF\x00\x00", "\x00\xFF\x00\x00\xFF\xFF\x00\xFF", + "\x00\xFF\x00\x00\xFF\xFF\xFF\x00", "\x00\xFF\x00\x00\xFF\xFF\xFF\xFF", + "\x00\xFF\x00\xFF\x00\x00\x00\x00", "\x00\xFF\x00\xFF\x00\x00\x00\xFF", + "\x00\xFF\x00\xFF\x00\x00\xFF\x00", "\x00\xFF\x00\xFF\x00\x00\xFF\xFF", + "\x00\xFF\x00\xFF\x00\xFF\x00\x00", "\x00\xFF\x00\xFF\x00\xFF\x00\xFF", + "\x00\xFF\x00\xFF\x00\xFF\xFF\x00", "\x00\xFF\x00\xFF\x00\xFF\xFF\xFF", + "\x00\xFF\x00\xFF\xFF\x00\x00\x00", "\x00\xFF\x00\xFF\xFF\x00\x00\xFF", + "\x00\xFF\x00\xFF\xFF\x00\xFF\x00", "\x00\xFF\x00\xFF\xFF\x00\xFF\xFF", + "\x00\xFF\x00\xFF\xFF\xFF\x00\x00", "\x00\xFF\x00\xFF\xFF\xFF\x00\xFF", + "\x00\xFF\x00\xFF\xFF\xFF\xFF\x00", "\x00\xFF\x00\xFF\xFF\xFF\xFF\xFF", + "\x00\xFF\xFF\x00\x00\x00\x00\x00", "\x00\xFF\xFF\x00\x00\x00\x00\xFF", + "\x00\xFF\xFF\x00\x00\x00\xFF\x00", "\x00\xFF\xFF\x00\x00\x00\xFF\xFF", + "\x00\xFF\xFF\x00\x00\xFF\x00\x00", "\x00\xFF\xFF\x00\x00\xFF\x00\xFF", + "\x00\xFF\xFF\x00\x00\xFF\xFF\x00", "\x00\xFF\xFF\x00\x00\xFF\xFF\xFF", + "\x00\xFF\xFF\x00\xFF\x00\x00\x00", "\x00\xFF\xFF\x00\xFF\x00\x00\xFF", + "\x00\xFF\xFF\x00\xFF\x00\xFF\x00", "\x00\xFF\xFF\x00\xFF\x00\xFF\xFF", + "\x00\xFF\xFF\x00\xFF\xFF\x00\x00", "\x00\xFF\xFF\x00\xFF\xFF\x00\xFF", + "\x00\xFF\xFF\x00\xFF\xFF\xFF\x00", "\x00\xFF\xFF\x00\xFF\xFF\xFF\xFF", + "\x00\xFF\xFF\xFF\x00\x00\x00\x00", "\x00\xFF\xFF\xFF\x00\x00\x00\xFF", + "\x00\xFF\xFF\xFF\x00\x00\xFF\x00", "\x00\xFF\xFF\xFF\x00\x00\xFF\xFF", + "\x00\xFF\xFF\xFF\x00\xFF\x00\x00", "\x00\xFF\xFF\xFF\x00\xFF\x00\xFF", + "\x00\xFF\xFF\xFF\x00\xFF\xFF\x00", "\x00\xFF\xFF\xFF\x00\xFF\xFF\xFF", + "\x00\xFF\xFF\xFF\xFF\x00\x00\x00", "\x00\xFF\xFF\xFF\xFF\x00\x00\xFF", + "\x00\xFF\xFF\xFF\xFF\x00\xFF\x00", "\x00\xFF\xFF\xFF\xFF\x00\xFF\xFF", + "\x00\xFF\xFF\xFF\xFF\xFF\x00\x00", "\x00\xFF\xFF\xFF\xFF\xFF\x00\xFF", + "\x00\xFF\xFF\xFF\xFF\xFF\xFF\x00", "\x00\xFF\xFF\xFF\xFF\xFF\xFF\xFF", + "\xFF\x00\x00\x00\x00\x00\x00\x00", "\xFF\x00\x00\x00\x00\x00\x00\xFF", + "\xFF\x00\x00\x00\x00\x00\xFF\x00", "\xFF\x00\x00\x00\x00\x00\xFF\xFF", + "\xFF\x00\x00\x00\x00\xFF\x00\x00", "\xFF\x00\x00\x00\x00\xFF\x00\xFF", + "\xFF\x00\x00\x00\x00\xFF\xFF\x00", "\xFF\x00\x00\x00\x00\xFF\xFF\xFF", + "\xFF\x00\x00\x00\xFF\x00\x00\x00", "\xFF\x00\x00\x00\xFF\x00\x00\xFF", + "\xFF\x00\x00\x00\xFF\x00\xFF\x00", "\xFF\x00\x00\x00\xFF\x00\xFF\xFF", + "\xFF\x00\x00\x00\xFF\xFF\x00\x00", "\xFF\x00\x00\x00\xFF\xFF\x00\xFF", + "\xFF\x00\x00\x00\xFF\xFF\xFF\x00", "\xFF\x00\x00\x00\xFF\xFF\xFF\xFF", + "\xFF\x00\x00\xFF\x00\x00\x00\x00", "\xFF\x00\x00\xFF\x00\x00\x00\xFF", + "\xFF\x00\x00\xFF\x00\x00\xFF\x00", "\xFF\x00\x00\xFF\x00\x00\xFF\xFF", + "\xFF\x00\x00\xFF\x00\xFF\x00\x00", "\xFF\x00\x00\xFF\x00\xFF\x00\xFF", + "\xFF\x00\x00\xFF\x00\xFF\xFF\x00", "\xFF\x00\x00\xFF\x00\xFF\xFF\xFF", + "\xFF\x00\x00\xFF\xFF\x00\x00\x00", "\xFF\x00\x00\xFF\xFF\x00\x00\xFF", + "\xFF\x00\x00\xFF\xFF\x00\xFF\x00", "\xFF\x00\x00\xFF\xFF\x00\xFF\xFF", + "\xFF\x00\x00\xFF\xFF\xFF\x00\x00", "\xFF\x00\x00\xFF\xFF\xFF\x00\xFF", + "\xFF\x00\x00\xFF\xFF\xFF\xFF\x00", "\xFF\x00\x00\xFF\xFF\xFF\xFF\xFF", + "\xFF\x00\xFF\x00\x00\x00\x00\x00", "\xFF\x00\xFF\x00\x00\x00\x00\xFF", + "\xFF\x00\xFF\x00\x00\x00\xFF\x00", "\xFF\x00\xFF\x00\x00\x00\xFF\xFF", + "\xFF\x00\xFF\x00\x00\xFF\x00\x00", "\xFF\x00\xFF\x00\x00\xFF\x00\xFF", + "\xFF\x00\xFF\x00\x00\xFF\xFF\x00", "\xFF\x00\xFF\x00\x00\xFF\xFF\xFF", + "\xFF\x00\xFF\x00\xFF\x00\x00\x00", "\xFF\x00\xFF\x00\xFF\x00\x00\xFF", + "\xFF\x00\xFF\x00\xFF\x00\xFF\x00", "\xFF\x00\xFF\x00\xFF\x00\xFF\xFF", + "\xFF\x00\xFF\x00\xFF\xFF\x00\x00", "\xFF\x00\xFF\x00\xFF\xFF\x00\xFF", + "\xFF\x00\xFF\x00\xFF\xFF\xFF\x00", "\xFF\x00\xFF\x00\xFF\xFF\xFF\xFF", + "\xFF\x00\xFF\xFF\x00\x00\x00\x00", "\xFF\x00\xFF\xFF\x00\x00\x00\xFF", + "\xFF\x00\xFF\xFF\x00\x00\xFF\x00", "\xFF\x00\xFF\xFF\x00\x00\xFF\xFF", + "\xFF\x00\xFF\xFF\x00\xFF\x00\x00", "\xFF\x00\xFF\xFF\x00\xFF\x00\xFF", + "\xFF\x00\xFF\xFF\x00\xFF\xFF\x00", "\xFF\x00\xFF\xFF\x00\xFF\xFF\xFF", + "\xFF\x00\xFF\xFF\xFF\x00\x00\x00", "\xFF\x00\xFF\xFF\xFF\x00\x00\xFF", + "\xFF\x00\xFF\xFF\xFF\x00\xFF\x00", "\xFF\x00\xFF\xFF\xFF\x00\xFF\xFF", + "\xFF\x00\xFF\xFF\xFF\xFF\x00\x00", "\xFF\x00\xFF\xFF\xFF\xFF\x00\xFF", + "\xFF\x00\xFF\xFF\xFF\xFF\xFF\x00", "\xFF\x00\xFF\xFF\xFF\xFF\xFF\xFF", + "\xFF\xFF\x00\x00\x00\x00\x00\x00", "\xFF\xFF\x00\x00\x00\x00\x00\xFF", + "\xFF\xFF\x00\x00\x00\x00\xFF\x00", "\xFF\xFF\x00\x00\x00\x00\xFF\xFF", + "\xFF\xFF\x00\x00\x00\xFF\x00\x00", "\xFF\xFF\x00\x00\x00\xFF\x00\xFF", + "\xFF\xFF\x00\x00\x00\xFF\xFF\x00", "\xFF\xFF\x00\x00\x00\xFF\xFF\xFF", + "\xFF\xFF\x00\x00\xFF\x00\x00\x00", "\xFF\xFF\x00\x00\xFF\x00\x00\xFF", + "\xFF\xFF\x00\x00\xFF\x00\xFF\x00", "\xFF\xFF\x00\x00\xFF\x00\xFF\xFF", + "\xFF\xFF\x00\x00\xFF\xFF\x00\x00", "\xFF\xFF\x00\x00\xFF\xFF\x00\xFF", + "\xFF\xFF\x00\x00\xFF\xFF\xFF\x00", "\xFF\xFF\x00\x00\xFF\xFF\xFF\xFF", + "\xFF\xFF\x00\xFF\x00\x00\x00\x00", "\xFF\xFF\x00\xFF\x00\x00\x00\xFF", + "\xFF\xFF\x00\xFF\x00\x00\xFF\x00", "\xFF\xFF\x00\xFF\x00\x00\xFF\xFF", + "\xFF\xFF\x00\xFF\x00\xFF\x00\x00", "\xFF\xFF\x00\xFF\x00\xFF\x00\xFF", + "\xFF\xFF\x00\xFF\x00\xFF\xFF\x00", "\xFF\xFF\x00\xFF\x00\xFF\xFF\xFF", + "\xFF\xFF\x00\xFF\xFF\x00\x00\x00", "\xFF\xFF\x00\xFF\xFF\x00\x00\xFF", + "\xFF\xFF\x00\xFF\xFF\x00\xFF\x00", "\xFF\xFF\x00\xFF\xFF\x00\xFF\xFF", + "\xFF\xFF\x00\xFF\xFF\xFF\x00\x00", "\xFF\xFF\x00\xFF\xFF\xFF\x00\xFF", + "\xFF\xFF\x00\xFF\xFF\xFF\xFF\x00", "\xFF\xFF\x00\xFF\xFF\xFF\xFF\xFF", + "\xFF\xFF\xFF\x00\x00\x00\x00\x00", "\xFF\xFF\xFF\x00\x00\x00\x00\xFF", + "\xFF\xFF\xFF\x00\x00\x00\xFF\x00", "\xFF\xFF\xFF\x00\x00\x00\xFF\xFF", + "\xFF\xFF\xFF\x00\x00\xFF\x00\x00", "\xFF\xFF\xFF\x00\x00\xFF\x00\xFF", + "\xFF\xFF\xFF\x00\x00\xFF\xFF\x00", "\xFF\xFF\xFF\x00\x00\xFF\xFF\xFF", + "\xFF\xFF\xFF\x00\xFF\x00\x00\x00", "\xFF\xFF\xFF\x00\xFF\x00\x00\xFF", + "\xFF\xFF\xFF\x00\xFF\x00\xFF\x00", "\xFF\xFF\xFF\x00\xFF\x00\xFF\xFF", + "\xFF\xFF\xFF\x00\xFF\xFF\x00\x00", "\xFF\xFF\xFF\x00\xFF\xFF\x00\xFF", + "\xFF\xFF\xFF\x00\xFF\xFF\xFF\x00", "\xFF\xFF\xFF\x00\xFF\xFF\xFF\xFF", + "\xFF\xFF\xFF\xFF\x00\x00\x00\x00", "\xFF\xFF\xFF\xFF\x00\x00\x00\xFF", + "\xFF\xFF\xFF\xFF\x00\x00\xFF\x00", "\xFF\xFF\xFF\xFF\x00\x00\xFF\xFF", + "\xFF\xFF\xFF\xFF\x00\xFF\x00\x00", "\xFF\xFF\xFF\xFF\x00\xFF\x00\xFF", + "\xFF\xFF\xFF\xFF\x00\xFF\xFF\x00", "\xFF\xFF\xFF\xFF\x00\xFF\xFF\xFF", + "\xFF\xFF\xFF\xFF\xFF\x00\x00\x00", "\xFF\xFF\xFF\xFF\xFF\x00\x00\xFF", + "\xFF\xFF\xFF\xFF\xFF\x00\xFF\x00", "\xFF\xFF\xFF\xFF\xFF\x00\xFF\xFF", + "\xFF\xFF\xFF\xFF\xFF\xFF\x00\x00", "\xFF\xFF\xFF\xFF\xFF\xFF\x00\xFF", + "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\x00", "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF" + ]; + + /** + * IP mapping helper table. + * + * Indexing this table with each source byte performs the initial bit permutation. + * + * @var array + */ + protected static $ipmap = [ + 0x00, 0x10, 0x01, 0x11, 0x20, 0x30, 0x21, 0x31, + 0x02, 0x12, 0x03, 0x13, 0x22, 0x32, 0x23, 0x33, + 0x40, 0x50, 0x41, 0x51, 0x60, 0x70, 0x61, 0x71, + 0x42, 0x52, 0x43, 0x53, 0x62, 0x72, 0x63, 0x73, + 0x04, 0x14, 0x05, 0x15, 0x24, 0x34, 0x25, 0x35, + 0x06, 0x16, 0x07, 0x17, 0x26, 0x36, 0x27, 0x37, + 0x44, 0x54, 0x45, 0x55, 0x64, 0x74, 0x65, 0x75, + 0x46, 0x56, 0x47, 0x57, 0x66, 0x76, 0x67, 0x77, + 0x80, 0x90, 0x81, 0x91, 0xA0, 0xB0, 0xA1, 0xB1, + 0x82, 0x92, 0x83, 0x93, 0xA2, 0xB2, 0xA3, 0xB3, + 0xC0, 0xD0, 0xC1, 0xD1, 0xE0, 0xF0, 0xE1, 0xF1, + 0xC2, 0xD2, 0xC3, 0xD3, 0xE2, 0xF2, 0xE3, 0xF3, + 0x84, 0x94, 0x85, 0x95, 0xA4, 0xB4, 0xA5, 0xB5, + 0x86, 0x96, 0x87, 0x97, 0xA6, 0xB6, 0xA7, 0xB7, + 0xC4, 0xD4, 0xC5, 0xD5, 0xE4, 0xF4, 0xE5, 0xF5, + 0xC6, 0xD6, 0xC7, 0xD7, 0xE6, 0xF6, 0xE7, 0xF7, + 0x08, 0x18, 0x09, 0x19, 0x28, 0x38, 0x29, 0x39, + 0x0A, 0x1A, 0x0B, 0x1B, 0x2A, 0x3A, 0x2B, 0x3B, + 0x48, 0x58, 0x49, 0x59, 0x68, 0x78, 0x69, 0x79, + 0x4A, 0x5A, 0x4B, 0x5B, 0x6A, 0x7A, 0x6B, 0x7B, + 0x0C, 0x1C, 0x0D, 0x1D, 0x2C, 0x3C, 0x2D, 0x3D, + 0x0E, 0x1E, 0x0F, 0x1F, 0x2E, 0x3E, 0x2F, 0x3F, + 0x4C, 0x5C, 0x4D, 0x5D, 0x6C, 0x7C, 0x6D, 0x7D, + 0x4E, 0x5E, 0x4F, 0x5F, 0x6E, 0x7E, 0x6F, 0x7F, + 0x88, 0x98, 0x89, 0x99, 0xA8, 0xB8, 0xA9, 0xB9, + 0x8A, 0x9A, 0x8B, 0x9B, 0xAA, 0xBA, 0xAB, 0xBB, + 0xC8, 0xD8, 0xC9, 0xD9, 0xE8, 0xF8, 0xE9, 0xF9, + 0xCA, 0xDA, 0xCB, 0xDB, 0xEA, 0xFA, 0xEB, 0xFB, + 0x8C, 0x9C, 0x8D, 0x9D, 0xAC, 0xBC, 0xAD, 0xBD, + 0x8E, 0x9E, 0x8F, 0x9F, 0xAE, 0xBE, 0xAF, 0xBF, + 0xCC, 0xDC, 0xCD, 0xDD, 0xEC, 0xFC, 0xED, 0xFD, + 0xCE, 0xDE, 0xCF, 0xDF, 0xEE, 0xFE, 0xEF, 0xFF + ]; + + /** + * Inverse IP mapping helper table. + * Indexing this table with a byte value reverses the bit order. + * + * @var array + */ + protected static $invipmap = [ + 0x00, 0x80, 0x40, 0xC0, 0x20, 0xA0, 0x60, 0xE0, + 0x10, 0x90, 0x50, 0xD0, 0x30, 0xB0, 0x70, 0xF0, + 0x08, 0x88, 0x48, 0xC8, 0x28, 0xA8, 0x68, 0xE8, + 0x18, 0x98, 0x58, 0xD8, 0x38, 0xB8, 0x78, 0xF8, + 0x04, 0x84, 0x44, 0xC4, 0x24, 0xA4, 0x64, 0xE4, + 0x14, 0x94, 0x54, 0xD4, 0x34, 0xB4, 0x74, 0xF4, + 0x0C, 0x8C, 0x4C, 0xCC, 0x2C, 0xAC, 0x6C, 0xEC, + 0x1C, 0x9C, 0x5C, 0xDC, 0x3C, 0xBC, 0x7C, 0xFC, + 0x02, 0x82, 0x42, 0xC2, 0x22, 0xA2, 0x62, 0xE2, + 0x12, 0x92, 0x52, 0xD2, 0x32, 0xB2, 0x72, 0xF2, + 0x0A, 0x8A, 0x4A, 0xCA, 0x2A, 0xAA, 0x6A, 0xEA, + 0x1A, 0x9A, 0x5A, 0xDA, 0x3A, 0xBA, 0x7A, 0xFA, + 0x06, 0x86, 0x46, 0xC6, 0x26, 0xA6, 0x66, 0xE6, + 0x16, 0x96, 0x56, 0xD6, 0x36, 0xB6, 0x76, 0xF6, + 0x0E, 0x8E, 0x4E, 0xCE, 0x2E, 0xAE, 0x6E, 0xEE, + 0x1E, 0x9E, 0x5E, 0xDE, 0x3E, 0xBE, 0x7E, 0xFE, + 0x01, 0x81, 0x41, 0xC1, 0x21, 0xA1, 0x61, 0xE1, + 0x11, 0x91, 0x51, 0xD1, 0x31, 0xB1, 0x71, 0xF1, + 0x09, 0x89, 0x49, 0xC9, 0x29, 0xA9, 0x69, 0xE9, + 0x19, 0x99, 0x59, 0xD9, 0x39, 0xB9, 0x79, 0xF9, + 0x05, 0x85, 0x45, 0xC5, 0x25, 0xA5, 0x65, 0xE5, + 0x15, 0x95, 0x55, 0xD5, 0x35, 0xB5, 0x75, 0xF5, + 0x0D, 0x8D, 0x4D, 0xCD, 0x2D, 0xAD, 0x6D, 0xED, + 0x1D, 0x9D, 0x5D, 0xDD, 0x3D, 0xBD, 0x7D, 0xFD, + 0x03, 0x83, 0x43, 0xC3, 0x23, 0xA3, 0x63, 0xE3, + 0x13, 0x93, 0x53, 0xD3, 0x33, 0xB3, 0x73, 0xF3, + 0x0B, 0x8B, 0x4B, 0xCB, 0x2B, 0xAB, 0x6B, 0xEB, + 0x1B, 0x9B, 0x5B, 0xDB, 0x3B, 0xBB, 0x7B, 0xFB, + 0x07, 0x87, 0x47, 0xC7, 0x27, 0xA7, 0x67, 0xE7, + 0x17, 0x97, 0x57, 0xD7, 0x37, 0xB7, 0x77, 0xF7, + 0x0F, 0x8F, 0x4F, 0xCF, 0x2F, 0xAF, 0x6F, 0xEF, + 0x1F, 0x9F, 0x5F, 0xDF, 0x3F, 0xBF, 0x7F, 0xFF + ]; + + /** + * Pre-permuted S-box1 + * + * Each box ($sbox1-$sbox8) has been vectorized, then each value pre-permuted using the + * P table: concatenation can then be replaced by exclusive ORs. + * + * @var array + */ + protected static $sbox1 = [ + 0x00808200, 0x00000000, 0x00008000, 0x00808202, + 0x00808002, 0x00008202, 0x00000002, 0x00008000, + 0x00000200, 0x00808200, 0x00808202, 0x00000200, + 0x00800202, 0x00808002, 0x00800000, 0x00000002, + 0x00000202, 0x00800200, 0x00800200, 0x00008200, + 0x00008200, 0x00808000, 0x00808000, 0x00800202, + 0x00008002, 0x00800002, 0x00800002, 0x00008002, + 0x00000000, 0x00000202, 0x00008202, 0x00800000, + 0x00008000, 0x00808202, 0x00000002, 0x00808000, + 0x00808200, 0x00800000, 0x00800000, 0x00000200, + 0x00808002, 0x00008000, 0x00008200, 0x00800002, + 0x00000200, 0x00000002, 0x00800202, 0x00008202, + 0x00808202, 0x00008002, 0x00808000, 0x00800202, + 0x00800002, 0x00000202, 0x00008202, 0x00808200, + 0x00000202, 0x00800200, 0x00800200, 0x00000000, + 0x00008002, 0x00008200, 0x00000000, 0x00808002 + ]; + + /** + * Pre-permuted S-box2 + * + * @var array + */ + protected static $sbox2 = [ + 0x40084010, 0x40004000, 0x00004000, 0x00084010, + 0x00080000, 0x00000010, 0x40080010, 0x40004010, + 0x40000010, 0x40084010, 0x40084000, 0x40000000, + 0x40004000, 0x00080000, 0x00000010, 0x40080010, + 0x00084000, 0x00080010, 0x40004010, 0x00000000, + 0x40000000, 0x00004000, 0x00084010, 0x40080000, + 0x00080010, 0x40000010, 0x00000000, 0x00084000, + 0x00004010, 0x40084000, 0x40080000, 0x00004010, + 0x00000000, 0x00084010, 0x40080010, 0x00080000, + 0x40004010, 0x40080000, 0x40084000, 0x00004000, + 0x40080000, 0x40004000, 0x00000010, 0x40084010, + 0x00084010, 0x00000010, 0x00004000, 0x40000000, + 0x00004010, 0x40084000, 0x00080000, 0x40000010, + 0x00080010, 0x40004010, 0x40000010, 0x00080010, + 0x00084000, 0x00000000, 0x40004000, 0x00004010, + 0x40000000, 0x40080010, 0x40084010, 0x00084000 + ]; + + /** + * Pre-permuted S-box3 + * + * @var array + */ + protected static $sbox3 = [ + 0x00000104, 0x04010100, 0x00000000, 0x04010004, + 0x04000100, 0x00000000, 0x00010104, 0x04000100, + 0x00010004, 0x04000004, 0x04000004, 0x00010000, + 0x04010104, 0x00010004, 0x04010000, 0x00000104, + 0x04000000, 0x00000004, 0x04010100, 0x00000100, + 0x00010100, 0x04010000, 0x04010004, 0x00010104, + 0x04000104, 0x00010100, 0x00010000, 0x04000104, + 0x00000004, 0x04010104, 0x00000100, 0x04000000, + 0x04010100, 0x04000000, 0x00010004, 0x00000104, + 0x00010000, 0x04010100, 0x04000100, 0x00000000, + 0x00000100, 0x00010004, 0x04010104, 0x04000100, + 0x04000004, 0x00000100, 0x00000000, 0x04010004, + 0x04000104, 0x00010000, 0x04000000, 0x04010104, + 0x00000004, 0x00010104, 0x00010100, 0x04000004, + 0x04010000, 0x04000104, 0x00000104, 0x04010000, + 0x00010104, 0x00000004, 0x04010004, 0x00010100 + ]; + + /** + * Pre-permuted S-box4 + * + * @var array + */ + protected static $sbox4 = [ + 0x80401000, 0x80001040, 0x80001040, 0x00000040, + 0x00401040, 0x80400040, 0x80400000, 0x80001000, + 0x00000000, 0x00401000, 0x00401000, 0x80401040, + 0x80000040, 0x00000000, 0x00400040, 0x80400000, + 0x80000000, 0x00001000, 0x00400000, 0x80401000, + 0x00000040, 0x00400000, 0x80001000, 0x00001040, + 0x80400040, 0x80000000, 0x00001040, 0x00400040, + 0x00001000, 0x00401040, 0x80401040, 0x80000040, + 0x00400040, 0x80400000, 0x00401000, 0x80401040, + 0x80000040, 0x00000000, 0x00000000, 0x00401000, + 0x00001040, 0x00400040, 0x80400040, 0x80000000, + 0x80401000, 0x80001040, 0x80001040, 0x00000040, + 0x80401040, 0x80000040, 0x80000000, 0x00001000, + 0x80400000, 0x80001000, 0x00401040, 0x80400040, + 0x80001000, 0x00001040, 0x00400000, 0x80401000, + 0x00000040, 0x00400000, 0x00001000, 0x00401040 + ]; + + /** + * Pre-permuted S-box5 + * + * @var array + */ + protected static $sbox5 = [ + 0x00000080, 0x01040080, 0x01040000, 0x21000080, + 0x00040000, 0x00000080, 0x20000000, 0x01040000, + 0x20040080, 0x00040000, 0x01000080, 0x20040080, + 0x21000080, 0x21040000, 0x00040080, 0x20000000, + 0x01000000, 0x20040000, 0x20040000, 0x00000000, + 0x20000080, 0x21040080, 0x21040080, 0x01000080, + 0x21040000, 0x20000080, 0x00000000, 0x21000000, + 0x01040080, 0x01000000, 0x21000000, 0x00040080, + 0x00040000, 0x21000080, 0x00000080, 0x01000000, + 0x20000000, 0x01040000, 0x21000080, 0x20040080, + 0x01000080, 0x20000000, 0x21040000, 0x01040080, + 0x20040080, 0x00000080, 0x01000000, 0x21040000, + 0x21040080, 0x00040080, 0x21000000, 0x21040080, + 0x01040000, 0x00000000, 0x20040000, 0x21000000, + 0x00040080, 0x01000080, 0x20000080, 0x00040000, + 0x00000000, 0x20040000, 0x01040080, 0x20000080 + ]; + + /** + * Pre-permuted S-box6 + * + * @var array + */ + protected static $sbox6 = [ + 0x10000008, 0x10200000, 0x00002000, 0x10202008, + 0x10200000, 0x00000008, 0x10202008, 0x00200000, + 0x10002000, 0x00202008, 0x00200000, 0x10000008, + 0x00200008, 0x10002000, 0x10000000, 0x00002008, + 0x00000000, 0x00200008, 0x10002008, 0x00002000, + 0x00202000, 0x10002008, 0x00000008, 0x10200008, + 0x10200008, 0x00000000, 0x00202008, 0x10202000, + 0x00002008, 0x00202000, 0x10202000, 0x10000000, + 0x10002000, 0x00000008, 0x10200008, 0x00202000, + 0x10202008, 0x00200000, 0x00002008, 0x10000008, + 0x00200000, 0x10002000, 0x10000000, 0x00002008, + 0x10000008, 0x10202008, 0x00202000, 0x10200000, + 0x00202008, 0x10202000, 0x00000000, 0x10200008, + 0x00000008, 0x00002000, 0x10200000, 0x00202008, + 0x00002000, 0x00200008, 0x10002008, 0x00000000, + 0x10202000, 0x10000000, 0x00200008, 0x10002008 + ]; + + /** + * Pre-permuted S-box7 + * + * @var array + */ + protected static $sbox7 = [ + 0x00100000, 0x02100001, 0x02000401, 0x00000000, + 0x00000400, 0x02000401, 0x00100401, 0x02100400, + 0x02100401, 0x00100000, 0x00000000, 0x02000001, + 0x00000001, 0x02000000, 0x02100001, 0x00000401, + 0x02000400, 0x00100401, 0x00100001, 0x02000400, + 0x02000001, 0x02100000, 0x02100400, 0x00100001, + 0x02100000, 0x00000400, 0x00000401, 0x02100401, + 0x00100400, 0x00000001, 0x02000000, 0x00100400, + 0x02000000, 0x00100400, 0x00100000, 0x02000401, + 0x02000401, 0x02100001, 0x02100001, 0x00000001, + 0x00100001, 0x02000000, 0x02000400, 0x00100000, + 0x02100400, 0x00000401, 0x00100401, 0x02100400, + 0x00000401, 0x02000001, 0x02100401, 0x02100000, + 0x00100400, 0x00000000, 0x00000001, 0x02100401, + 0x00000000, 0x00100401, 0x02100000, 0x00000400, + 0x02000001, 0x02000400, 0x00000400, 0x00100001 + ]; + + /** + * Pre-permuted S-box8 + * + * @var array + */ + protected static $sbox8 = [ + 0x08000820, 0x00000800, 0x00020000, 0x08020820, + 0x08000000, 0x08000820, 0x00000020, 0x08000000, + 0x00020020, 0x08020000, 0x08020820, 0x00020800, + 0x08020800, 0x00020820, 0x00000800, 0x00000020, + 0x08020000, 0x08000020, 0x08000800, 0x00000820, + 0x00020800, 0x00020020, 0x08020020, 0x08020800, + 0x00000820, 0x00000000, 0x00000000, 0x08020020, + 0x08000020, 0x08000800, 0x00020820, 0x00020000, + 0x00020820, 0x00020000, 0x08020800, 0x00000800, + 0x00000020, 0x08020020, 0x00000800, 0x00020820, + 0x08000800, 0x00000020, 0x08000020, 0x08020000, + 0x08020020, 0x08000000, 0x00020000, 0x08000820, + 0x00000000, 0x08020820, 0x00020020, 0x08000020, + 0x08020000, 0x08000800, 0x08000820, 0x00000000, + 0x08020820, 0x00020800, 0x00020800, 0x00000820, + 0x00000820, 0x00020020, 0x08000000, 0x08020800 + ]; + + /** + * Default Constructor. + * + * @param string $mode + * @throws BadModeException if an invalid / unsupported mode is provided + */ + public function __construct($mode) + { + parent::__construct($mode); + + if ($this->mode == self::MODE_STREAM) { + throw new BadModeException('Block ciphers cannot be ran in stream mode'); + } + } + + /** + * Test for engine validity + * + * This is mainly just a wrapper to set things up for \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine() + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine() + * @param int $engine + * @return bool + */ + protected function isValidEngineHelper($engine) + { + if ($this->key_length_max == 8) { + if ($engine == self::ENGINE_OPENSSL) { + // quoting https://www.openssl.org/news/openssl-3.0-notes.html, OpenSSL 3.0.1 + // "Moved all variations of the EVP ciphers CAST5, BF, IDEA, SEED, RC2, RC4, RC5, and DES to the legacy provider" + // in theory openssl_get_cipher_methods() should catch this but, on GitHub Actions, at least, it does not + if (defined('OPENSSL_VERSION_TEXT') && version_compare(preg_replace('#OpenSSL (\d+\.\d+\.\d+) .*#', '$1', OPENSSL_VERSION_TEXT), '3.0.1', '>=')) { + return false; + } + $this->cipher_name_openssl_ecb = 'des-ecb'; + $this->cipher_name_openssl = 'des-' . $this->openssl_translate_mode(); + } + } + + return parent::isValidEngineHelper($engine); + } + + /** + * Sets the key. + * + * Keys must be 64-bits long or 8 bytes long. + * + * DES also requires that every eighth bit be a parity bit, however, we'll ignore that. + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::setKey() + * @param string $key + */ + public function setKey($key) + { + if (!($this instanceof TripleDES) && strlen($key) != 8) { + throw new \LengthException('Key of size ' . strlen($key) . ' not supported by this algorithm. Only keys of size 8 are supported'); + } + + // Sets the key + parent::setKey($key); + } + + /** + * Encrypts a block + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::encryptBlock() + * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() + * @see self::encrypt() + * @param string $in + * @return string + */ + protected function encryptBlock($in) + { + return $this->processBlock($in, self::ENCRYPT); + } + + /** + * Decrypts a block + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::decryptBlock() + * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() + * @see self::decrypt() + * @param string $in + * @return string + */ + protected function decryptBlock($in) + { + return $this->processBlock($in, self::DECRYPT); + } + + /** + * Encrypts or decrypts a 64-bit block + * + * $mode should be either self::ENCRYPT or self::DECRYPT. See + * {@link http://en.wikipedia.org/wiki/Image:Feistel.png Feistel.png} to get a general + * idea of what this function does. + * + * @see self::encryptBlock() + * @see self::decryptBlock() + * @param string $block + * @param int $mode + * @return string + */ + private function processBlock($block, $mode) + { + static $sbox1, $sbox2, $sbox3, $sbox4, $sbox5, $sbox6, $sbox7, $sbox8, $shuffleip, $shuffleinvip; + if (!$sbox1) { + $sbox1 = array_map('intval', self::$sbox1); + $sbox2 = array_map('intval', self::$sbox2); + $sbox3 = array_map('intval', self::$sbox3); + $sbox4 = array_map('intval', self::$sbox4); + $sbox5 = array_map('intval', self::$sbox5); + $sbox6 = array_map('intval', self::$sbox6); + $sbox7 = array_map('intval', self::$sbox7); + $sbox8 = array_map('intval', self::$sbox8); + /* Merge $shuffle with $[inv]ipmap */ + for ($i = 0; $i < 256; ++$i) { + $shuffleip[] = self::$shuffle[self::$ipmap[$i]]; + $shuffleinvip[] = self::$shuffle[self::$invipmap[$i]]; + } + } + + $keys = $this->keys[$mode]; + $ki = -1; + + // Do the initial IP permutation. + $t = unpack('Nl/Nr', $block); + list($l, $r) = [$t['l'], $t['r']]; + $block = ($shuffleip[ $r & 0xFF] & "\x80\x80\x80\x80\x80\x80\x80\x80") | + ($shuffleip[($r >> 8) & 0xFF] & "\x40\x40\x40\x40\x40\x40\x40\x40") | + ($shuffleip[($r >> 16) & 0xFF] & "\x20\x20\x20\x20\x20\x20\x20\x20") | + ($shuffleip[($r >> 24) & 0xFF] & "\x10\x10\x10\x10\x10\x10\x10\x10") | + ($shuffleip[ $l & 0xFF] & "\x08\x08\x08\x08\x08\x08\x08\x08") | + ($shuffleip[($l >> 8) & 0xFF] & "\x04\x04\x04\x04\x04\x04\x04\x04") | + ($shuffleip[($l >> 16) & 0xFF] & "\x02\x02\x02\x02\x02\x02\x02\x02") | + ($shuffleip[($l >> 24) & 0xFF] & "\x01\x01\x01\x01\x01\x01\x01\x01"); + + // Extract L0 and R0. + $t = unpack('Nl/Nr', $block); + list($l, $r) = [$t['l'], $t['r']]; + + for ($des_round = 0; $des_round < $this->des_rounds; ++$des_round) { + // Perform the 16 steps. + for ($i = 0; $i < 16; $i++) { + // start of "the Feistel (F) function" - see the following URL: + // http://en.wikipedia.org/wiki/Image:Data_Encryption_Standard_InfoBox_Diagram.png + // Merge key schedule. + $b1 = (($r >> 3) & 0x1FFFFFFF) ^ ($r << 29) ^ $keys[++$ki]; + $b2 = (($r >> 31) & 0x00000001) ^ ($r << 1) ^ $keys[++$ki]; + + // S-box indexing. + $t = $sbox1[($b1 >> 24) & 0x3F] ^ $sbox2[($b2 >> 24) & 0x3F] ^ + $sbox3[($b1 >> 16) & 0x3F] ^ $sbox4[($b2 >> 16) & 0x3F] ^ + $sbox5[($b1 >> 8) & 0x3F] ^ $sbox6[($b2 >> 8) & 0x3F] ^ + $sbox7[ $b1 & 0x3F] ^ $sbox8[ $b2 & 0x3F] ^ $l; + // end of "the Feistel (F) function" + + $l = $r; + $r = $t; + } + + // Last step should not permute L & R. + $t = $l; + $l = $r; + $r = $t; + } + + // Perform the inverse IP permutation. + return ($shuffleinvip[($r >> 24) & 0xFF] & "\x80\x80\x80\x80\x80\x80\x80\x80") | + ($shuffleinvip[($l >> 24) & 0xFF] & "\x40\x40\x40\x40\x40\x40\x40\x40") | + ($shuffleinvip[($r >> 16) & 0xFF] & "\x20\x20\x20\x20\x20\x20\x20\x20") | + ($shuffleinvip[($l >> 16) & 0xFF] & "\x10\x10\x10\x10\x10\x10\x10\x10") | + ($shuffleinvip[($r >> 8) & 0xFF] & "\x08\x08\x08\x08\x08\x08\x08\x08") | + ($shuffleinvip[($l >> 8) & 0xFF] & "\x04\x04\x04\x04\x04\x04\x04\x04") | + ($shuffleinvip[ $r & 0xFF] & "\x02\x02\x02\x02\x02\x02\x02\x02") | + ($shuffleinvip[ $l & 0xFF] & "\x01\x01\x01\x01\x01\x01\x01\x01"); + } + + /** + * Creates the key schedule + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::setupKey() + */ + protected function setupKey() + { + if (isset($this->kl['key']) && $this->key === $this->kl['key'] && $this->des_rounds === $this->kl['des_rounds']) { + // already expanded + return; + } + $this->kl = ['key' => $this->key, 'des_rounds' => $this->des_rounds]; + + static $shifts = [ // number of key bits shifted per round + 1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1 + ]; + + static $pc1map = [ + 0x00, 0x00, 0x08, 0x08, 0x04, 0x04, 0x0C, 0x0C, + 0x02, 0x02, 0x0A, 0x0A, 0x06, 0x06, 0x0E, 0x0E, + 0x10, 0x10, 0x18, 0x18, 0x14, 0x14, 0x1C, 0x1C, + 0x12, 0x12, 0x1A, 0x1A, 0x16, 0x16, 0x1E, 0x1E, + 0x20, 0x20, 0x28, 0x28, 0x24, 0x24, 0x2C, 0x2C, + 0x22, 0x22, 0x2A, 0x2A, 0x26, 0x26, 0x2E, 0x2E, + 0x30, 0x30, 0x38, 0x38, 0x34, 0x34, 0x3C, 0x3C, + 0x32, 0x32, 0x3A, 0x3A, 0x36, 0x36, 0x3E, 0x3E, + 0x40, 0x40, 0x48, 0x48, 0x44, 0x44, 0x4C, 0x4C, + 0x42, 0x42, 0x4A, 0x4A, 0x46, 0x46, 0x4E, 0x4E, + 0x50, 0x50, 0x58, 0x58, 0x54, 0x54, 0x5C, 0x5C, + 0x52, 0x52, 0x5A, 0x5A, 0x56, 0x56, 0x5E, 0x5E, + 0x60, 0x60, 0x68, 0x68, 0x64, 0x64, 0x6C, 0x6C, + 0x62, 0x62, 0x6A, 0x6A, 0x66, 0x66, 0x6E, 0x6E, + 0x70, 0x70, 0x78, 0x78, 0x74, 0x74, 0x7C, 0x7C, + 0x72, 0x72, 0x7A, 0x7A, 0x76, 0x76, 0x7E, 0x7E, + 0x80, 0x80, 0x88, 0x88, 0x84, 0x84, 0x8C, 0x8C, + 0x82, 0x82, 0x8A, 0x8A, 0x86, 0x86, 0x8E, 0x8E, + 0x90, 0x90, 0x98, 0x98, 0x94, 0x94, 0x9C, 0x9C, + 0x92, 0x92, 0x9A, 0x9A, 0x96, 0x96, 0x9E, 0x9E, + 0xA0, 0xA0, 0xA8, 0xA8, 0xA4, 0xA4, 0xAC, 0xAC, + 0xA2, 0xA2, 0xAA, 0xAA, 0xA6, 0xA6, 0xAE, 0xAE, + 0xB0, 0xB0, 0xB8, 0xB8, 0xB4, 0xB4, 0xBC, 0xBC, + 0xB2, 0xB2, 0xBA, 0xBA, 0xB6, 0xB6, 0xBE, 0xBE, + 0xC0, 0xC0, 0xC8, 0xC8, 0xC4, 0xC4, 0xCC, 0xCC, + 0xC2, 0xC2, 0xCA, 0xCA, 0xC6, 0xC6, 0xCE, 0xCE, + 0xD0, 0xD0, 0xD8, 0xD8, 0xD4, 0xD4, 0xDC, 0xDC, + 0xD2, 0xD2, 0xDA, 0xDA, 0xD6, 0xD6, 0xDE, 0xDE, + 0xE0, 0xE0, 0xE8, 0xE8, 0xE4, 0xE4, 0xEC, 0xEC, + 0xE2, 0xE2, 0xEA, 0xEA, 0xE6, 0xE6, 0xEE, 0xEE, + 0xF0, 0xF0, 0xF8, 0xF8, 0xF4, 0xF4, 0xFC, 0xFC, + 0xF2, 0xF2, 0xFA, 0xFA, 0xF6, 0xF6, 0xFE, 0xFE + ]; + + // Mapping tables for the PC-2 transformation. + static $pc2mapc1 = [ + 0x00000000, 0x00000400, 0x00200000, 0x00200400, + 0x00000001, 0x00000401, 0x00200001, 0x00200401, + 0x02000000, 0x02000400, 0x02200000, 0x02200400, + 0x02000001, 0x02000401, 0x02200001, 0x02200401 + ]; + static $pc2mapc2 = [ + 0x00000000, 0x00000800, 0x08000000, 0x08000800, + 0x00010000, 0x00010800, 0x08010000, 0x08010800, + 0x00000000, 0x00000800, 0x08000000, 0x08000800, + 0x00010000, 0x00010800, 0x08010000, 0x08010800, + 0x00000100, 0x00000900, 0x08000100, 0x08000900, + 0x00010100, 0x00010900, 0x08010100, 0x08010900, + 0x00000100, 0x00000900, 0x08000100, 0x08000900, + 0x00010100, 0x00010900, 0x08010100, 0x08010900, + 0x00000010, 0x00000810, 0x08000010, 0x08000810, + 0x00010010, 0x00010810, 0x08010010, 0x08010810, + 0x00000010, 0x00000810, 0x08000010, 0x08000810, + 0x00010010, 0x00010810, 0x08010010, 0x08010810, + 0x00000110, 0x00000910, 0x08000110, 0x08000910, + 0x00010110, 0x00010910, 0x08010110, 0x08010910, + 0x00000110, 0x00000910, 0x08000110, 0x08000910, + 0x00010110, 0x00010910, 0x08010110, 0x08010910, + 0x00040000, 0x00040800, 0x08040000, 0x08040800, + 0x00050000, 0x00050800, 0x08050000, 0x08050800, + 0x00040000, 0x00040800, 0x08040000, 0x08040800, + 0x00050000, 0x00050800, 0x08050000, 0x08050800, + 0x00040100, 0x00040900, 0x08040100, 0x08040900, + 0x00050100, 0x00050900, 0x08050100, 0x08050900, + 0x00040100, 0x00040900, 0x08040100, 0x08040900, + 0x00050100, 0x00050900, 0x08050100, 0x08050900, + 0x00040010, 0x00040810, 0x08040010, 0x08040810, + 0x00050010, 0x00050810, 0x08050010, 0x08050810, + 0x00040010, 0x00040810, 0x08040010, 0x08040810, + 0x00050010, 0x00050810, 0x08050010, 0x08050810, + 0x00040110, 0x00040910, 0x08040110, 0x08040910, + 0x00050110, 0x00050910, 0x08050110, 0x08050910, + 0x00040110, 0x00040910, 0x08040110, 0x08040910, + 0x00050110, 0x00050910, 0x08050110, 0x08050910, + 0x01000000, 0x01000800, 0x09000000, 0x09000800, + 0x01010000, 0x01010800, 0x09010000, 0x09010800, + 0x01000000, 0x01000800, 0x09000000, 0x09000800, + 0x01010000, 0x01010800, 0x09010000, 0x09010800, + 0x01000100, 0x01000900, 0x09000100, 0x09000900, + 0x01010100, 0x01010900, 0x09010100, 0x09010900, + 0x01000100, 0x01000900, 0x09000100, 0x09000900, + 0x01010100, 0x01010900, 0x09010100, 0x09010900, + 0x01000010, 0x01000810, 0x09000010, 0x09000810, + 0x01010010, 0x01010810, 0x09010010, 0x09010810, + 0x01000010, 0x01000810, 0x09000010, 0x09000810, + 0x01010010, 0x01010810, 0x09010010, 0x09010810, + 0x01000110, 0x01000910, 0x09000110, 0x09000910, + 0x01010110, 0x01010910, 0x09010110, 0x09010910, + 0x01000110, 0x01000910, 0x09000110, 0x09000910, + 0x01010110, 0x01010910, 0x09010110, 0x09010910, + 0x01040000, 0x01040800, 0x09040000, 0x09040800, + 0x01050000, 0x01050800, 0x09050000, 0x09050800, + 0x01040000, 0x01040800, 0x09040000, 0x09040800, + 0x01050000, 0x01050800, 0x09050000, 0x09050800, + 0x01040100, 0x01040900, 0x09040100, 0x09040900, + 0x01050100, 0x01050900, 0x09050100, 0x09050900, + 0x01040100, 0x01040900, 0x09040100, 0x09040900, + 0x01050100, 0x01050900, 0x09050100, 0x09050900, + 0x01040010, 0x01040810, 0x09040010, 0x09040810, + 0x01050010, 0x01050810, 0x09050010, 0x09050810, + 0x01040010, 0x01040810, 0x09040010, 0x09040810, + 0x01050010, 0x01050810, 0x09050010, 0x09050810, + 0x01040110, 0x01040910, 0x09040110, 0x09040910, + 0x01050110, 0x01050910, 0x09050110, 0x09050910, + 0x01040110, 0x01040910, 0x09040110, 0x09040910, + 0x01050110, 0x01050910, 0x09050110, 0x09050910 + ]; + static $pc2mapc3 = [ + 0x00000000, 0x00000004, 0x00001000, 0x00001004, + 0x00000000, 0x00000004, 0x00001000, 0x00001004, + 0x10000000, 0x10000004, 0x10001000, 0x10001004, + 0x10000000, 0x10000004, 0x10001000, 0x10001004, + 0x00000020, 0x00000024, 0x00001020, 0x00001024, + 0x00000020, 0x00000024, 0x00001020, 0x00001024, + 0x10000020, 0x10000024, 0x10001020, 0x10001024, + 0x10000020, 0x10000024, 0x10001020, 0x10001024, + 0x00080000, 0x00080004, 0x00081000, 0x00081004, + 0x00080000, 0x00080004, 0x00081000, 0x00081004, + 0x10080000, 0x10080004, 0x10081000, 0x10081004, + 0x10080000, 0x10080004, 0x10081000, 0x10081004, + 0x00080020, 0x00080024, 0x00081020, 0x00081024, + 0x00080020, 0x00080024, 0x00081020, 0x00081024, + 0x10080020, 0x10080024, 0x10081020, 0x10081024, + 0x10080020, 0x10080024, 0x10081020, 0x10081024, + 0x20000000, 0x20000004, 0x20001000, 0x20001004, + 0x20000000, 0x20000004, 0x20001000, 0x20001004, + 0x30000000, 0x30000004, 0x30001000, 0x30001004, + 0x30000000, 0x30000004, 0x30001000, 0x30001004, + 0x20000020, 0x20000024, 0x20001020, 0x20001024, + 0x20000020, 0x20000024, 0x20001020, 0x20001024, + 0x30000020, 0x30000024, 0x30001020, 0x30001024, + 0x30000020, 0x30000024, 0x30001020, 0x30001024, + 0x20080000, 0x20080004, 0x20081000, 0x20081004, + 0x20080000, 0x20080004, 0x20081000, 0x20081004, + 0x30080000, 0x30080004, 0x30081000, 0x30081004, + 0x30080000, 0x30080004, 0x30081000, 0x30081004, + 0x20080020, 0x20080024, 0x20081020, 0x20081024, + 0x20080020, 0x20080024, 0x20081020, 0x20081024, + 0x30080020, 0x30080024, 0x30081020, 0x30081024, + 0x30080020, 0x30080024, 0x30081020, 0x30081024, + 0x00000002, 0x00000006, 0x00001002, 0x00001006, + 0x00000002, 0x00000006, 0x00001002, 0x00001006, + 0x10000002, 0x10000006, 0x10001002, 0x10001006, + 0x10000002, 0x10000006, 0x10001002, 0x10001006, + 0x00000022, 0x00000026, 0x00001022, 0x00001026, + 0x00000022, 0x00000026, 0x00001022, 0x00001026, + 0x10000022, 0x10000026, 0x10001022, 0x10001026, + 0x10000022, 0x10000026, 0x10001022, 0x10001026, + 0x00080002, 0x00080006, 0x00081002, 0x00081006, + 0x00080002, 0x00080006, 0x00081002, 0x00081006, + 0x10080002, 0x10080006, 0x10081002, 0x10081006, + 0x10080002, 0x10080006, 0x10081002, 0x10081006, + 0x00080022, 0x00080026, 0x00081022, 0x00081026, + 0x00080022, 0x00080026, 0x00081022, 0x00081026, + 0x10080022, 0x10080026, 0x10081022, 0x10081026, + 0x10080022, 0x10080026, 0x10081022, 0x10081026, + 0x20000002, 0x20000006, 0x20001002, 0x20001006, + 0x20000002, 0x20000006, 0x20001002, 0x20001006, + 0x30000002, 0x30000006, 0x30001002, 0x30001006, + 0x30000002, 0x30000006, 0x30001002, 0x30001006, + 0x20000022, 0x20000026, 0x20001022, 0x20001026, + 0x20000022, 0x20000026, 0x20001022, 0x20001026, + 0x30000022, 0x30000026, 0x30001022, 0x30001026, + 0x30000022, 0x30000026, 0x30001022, 0x30001026, + 0x20080002, 0x20080006, 0x20081002, 0x20081006, + 0x20080002, 0x20080006, 0x20081002, 0x20081006, + 0x30080002, 0x30080006, 0x30081002, 0x30081006, + 0x30080002, 0x30080006, 0x30081002, 0x30081006, + 0x20080022, 0x20080026, 0x20081022, 0x20081026, + 0x20080022, 0x20080026, 0x20081022, 0x20081026, + 0x30080022, 0x30080026, 0x30081022, 0x30081026, + 0x30080022, 0x30080026, 0x30081022, 0x30081026 + ]; + static $pc2mapc4 = [ + 0x00000000, 0x00100000, 0x00000008, 0x00100008, + 0x00000200, 0x00100200, 0x00000208, 0x00100208, + 0x00000000, 0x00100000, 0x00000008, 0x00100008, + 0x00000200, 0x00100200, 0x00000208, 0x00100208, + 0x04000000, 0x04100000, 0x04000008, 0x04100008, + 0x04000200, 0x04100200, 0x04000208, 0x04100208, + 0x04000000, 0x04100000, 0x04000008, 0x04100008, + 0x04000200, 0x04100200, 0x04000208, 0x04100208, + 0x00002000, 0x00102000, 0x00002008, 0x00102008, + 0x00002200, 0x00102200, 0x00002208, 0x00102208, + 0x00002000, 0x00102000, 0x00002008, 0x00102008, + 0x00002200, 0x00102200, 0x00002208, 0x00102208, + 0x04002000, 0x04102000, 0x04002008, 0x04102008, + 0x04002200, 0x04102200, 0x04002208, 0x04102208, + 0x04002000, 0x04102000, 0x04002008, 0x04102008, + 0x04002200, 0x04102200, 0x04002208, 0x04102208, + 0x00000000, 0x00100000, 0x00000008, 0x00100008, + 0x00000200, 0x00100200, 0x00000208, 0x00100208, + 0x00000000, 0x00100000, 0x00000008, 0x00100008, + 0x00000200, 0x00100200, 0x00000208, 0x00100208, + 0x04000000, 0x04100000, 0x04000008, 0x04100008, + 0x04000200, 0x04100200, 0x04000208, 0x04100208, + 0x04000000, 0x04100000, 0x04000008, 0x04100008, + 0x04000200, 0x04100200, 0x04000208, 0x04100208, + 0x00002000, 0x00102000, 0x00002008, 0x00102008, + 0x00002200, 0x00102200, 0x00002208, 0x00102208, + 0x00002000, 0x00102000, 0x00002008, 0x00102008, + 0x00002200, 0x00102200, 0x00002208, 0x00102208, + 0x04002000, 0x04102000, 0x04002008, 0x04102008, + 0x04002200, 0x04102200, 0x04002208, 0x04102208, + 0x04002000, 0x04102000, 0x04002008, 0x04102008, + 0x04002200, 0x04102200, 0x04002208, 0x04102208, + 0x00020000, 0x00120000, 0x00020008, 0x00120008, + 0x00020200, 0x00120200, 0x00020208, 0x00120208, + 0x00020000, 0x00120000, 0x00020008, 0x00120008, + 0x00020200, 0x00120200, 0x00020208, 0x00120208, + 0x04020000, 0x04120000, 0x04020008, 0x04120008, + 0x04020200, 0x04120200, 0x04020208, 0x04120208, + 0x04020000, 0x04120000, 0x04020008, 0x04120008, + 0x04020200, 0x04120200, 0x04020208, 0x04120208, + 0x00022000, 0x00122000, 0x00022008, 0x00122008, + 0x00022200, 0x00122200, 0x00022208, 0x00122208, + 0x00022000, 0x00122000, 0x00022008, 0x00122008, + 0x00022200, 0x00122200, 0x00022208, 0x00122208, + 0x04022000, 0x04122000, 0x04022008, 0x04122008, + 0x04022200, 0x04122200, 0x04022208, 0x04122208, + 0x04022000, 0x04122000, 0x04022008, 0x04122008, + 0x04022200, 0x04122200, 0x04022208, 0x04122208, + 0x00020000, 0x00120000, 0x00020008, 0x00120008, + 0x00020200, 0x00120200, 0x00020208, 0x00120208, + 0x00020000, 0x00120000, 0x00020008, 0x00120008, + 0x00020200, 0x00120200, 0x00020208, 0x00120208, + 0x04020000, 0x04120000, 0x04020008, 0x04120008, + 0x04020200, 0x04120200, 0x04020208, 0x04120208, + 0x04020000, 0x04120000, 0x04020008, 0x04120008, + 0x04020200, 0x04120200, 0x04020208, 0x04120208, + 0x00022000, 0x00122000, 0x00022008, 0x00122008, + 0x00022200, 0x00122200, 0x00022208, 0x00122208, + 0x00022000, 0x00122000, 0x00022008, 0x00122008, + 0x00022200, 0x00122200, 0x00022208, 0x00122208, + 0x04022000, 0x04122000, 0x04022008, 0x04122008, + 0x04022200, 0x04122200, 0x04022208, 0x04122208, + 0x04022000, 0x04122000, 0x04022008, 0x04122008, + 0x04022200, 0x04122200, 0x04022208, 0x04122208 + ]; + static $pc2mapd1 = [ + 0x00000000, 0x00000001, 0x08000000, 0x08000001, + 0x00200000, 0x00200001, 0x08200000, 0x08200001, + 0x00000002, 0x00000003, 0x08000002, 0x08000003, + 0x00200002, 0x00200003, 0x08200002, 0x08200003 + ]; + static $pc2mapd2 = [ + 0x00000000, 0x00100000, 0x00000800, 0x00100800, + 0x00000000, 0x00100000, 0x00000800, 0x00100800, + 0x04000000, 0x04100000, 0x04000800, 0x04100800, + 0x04000000, 0x04100000, 0x04000800, 0x04100800, + 0x00000004, 0x00100004, 0x00000804, 0x00100804, + 0x00000004, 0x00100004, 0x00000804, 0x00100804, + 0x04000004, 0x04100004, 0x04000804, 0x04100804, + 0x04000004, 0x04100004, 0x04000804, 0x04100804, + 0x00000000, 0x00100000, 0x00000800, 0x00100800, + 0x00000000, 0x00100000, 0x00000800, 0x00100800, + 0x04000000, 0x04100000, 0x04000800, 0x04100800, + 0x04000000, 0x04100000, 0x04000800, 0x04100800, + 0x00000004, 0x00100004, 0x00000804, 0x00100804, + 0x00000004, 0x00100004, 0x00000804, 0x00100804, + 0x04000004, 0x04100004, 0x04000804, 0x04100804, + 0x04000004, 0x04100004, 0x04000804, 0x04100804, + 0x00000200, 0x00100200, 0x00000A00, 0x00100A00, + 0x00000200, 0x00100200, 0x00000A00, 0x00100A00, + 0x04000200, 0x04100200, 0x04000A00, 0x04100A00, + 0x04000200, 0x04100200, 0x04000A00, 0x04100A00, + 0x00000204, 0x00100204, 0x00000A04, 0x00100A04, + 0x00000204, 0x00100204, 0x00000A04, 0x00100A04, + 0x04000204, 0x04100204, 0x04000A04, 0x04100A04, + 0x04000204, 0x04100204, 0x04000A04, 0x04100A04, + 0x00000200, 0x00100200, 0x00000A00, 0x00100A00, + 0x00000200, 0x00100200, 0x00000A00, 0x00100A00, + 0x04000200, 0x04100200, 0x04000A00, 0x04100A00, + 0x04000200, 0x04100200, 0x04000A00, 0x04100A00, + 0x00000204, 0x00100204, 0x00000A04, 0x00100A04, + 0x00000204, 0x00100204, 0x00000A04, 0x00100A04, + 0x04000204, 0x04100204, 0x04000A04, 0x04100A04, + 0x04000204, 0x04100204, 0x04000A04, 0x04100A04, + 0x00020000, 0x00120000, 0x00020800, 0x00120800, + 0x00020000, 0x00120000, 0x00020800, 0x00120800, + 0x04020000, 0x04120000, 0x04020800, 0x04120800, + 0x04020000, 0x04120000, 0x04020800, 0x04120800, + 0x00020004, 0x00120004, 0x00020804, 0x00120804, + 0x00020004, 0x00120004, 0x00020804, 0x00120804, + 0x04020004, 0x04120004, 0x04020804, 0x04120804, + 0x04020004, 0x04120004, 0x04020804, 0x04120804, + 0x00020000, 0x00120000, 0x00020800, 0x00120800, + 0x00020000, 0x00120000, 0x00020800, 0x00120800, + 0x04020000, 0x04120000, 0x04020800, 0x04120800, + 0x04020000, 0x04120000, 0x04020800, 0x04120800, + 0x00020004, 0x00120004, 0x00020804, 0x00120804, + 0x00020004, 0x00120004, 0x00020804, 0x00120804, + 0x04020004, 0x04120004, 0x04020804, 0x04120804, + 0x04020004, 0x04120004, 0x04020804, 0x04120804, + 0x00020200, 0x00120200, 0x00020A00, 0x00120A00, + 0x00020200, 0x00120200, 0x00020A00, 0x00120A00, + 0x04020200, 0x04120200, 0x04020A00, 0x04120A00, + 0x04020200, 0x04120200, 0x04020A00, 0x04120A00, + 0x00020204, 0x00120204, 0x00020A04, 0x00120A04, + 0x00020204, 0x00120204, 0x00020A04, 0x00120A04, + 0x04020204, 0x04120204, 0x04020A04, 0x04120A04, + 0x04020204, 0x04120204, 0x04020A04, 0x04120A04, + 0x00020200, 0x00120200, 0x00020A00, 0x00120A00, + 0x00020200, 0x00120200, 0x00020A00, 0x00120A00, + 0x04020200, 0x04120200, 0x04020A00, 0x04120A00, + 0x04020200, 0x04120200, 0x04020A00, 0x04120A00, + 0x00020204, 0x00120204, 0x00020A04, 0x00120A04, + 0x00020204, 0x00120204, 0x00020A04, 0x00120A04, + 0x04020204, 0x04120204, 0x04020A04, 0x04120A04, + 0x04020204, 0x04120204, 0x04020A04, 0x04120A04 + ]; + static $pc2mapd3 = [ + 0x00000000, 0x00010000, 0x02000000, 0x02010000, + 0x00000020, 0x00010020, 0x02000020, 0x02010020, + 0x00040000, 0x00050000, 0x02040000, 0x02050000, + 0x00040020, 0x00050020, 0x02040020, 0x02050020, + 0x00002000, 0x00012000, 0x02002000, 0x02012000, + 0x00002020, 0x00012020, 0x02002020, 0x02012020, + 0x00042000, 0x00052000, 0x02042000, 0x02052000, + 0x00042020, 0x00052020, 0x02042020, 0x02052020, + 0x00000000, 0x00010000, 0x02000000, 0x02010000, + 0x00000020, 0x00010020, 0x02000020, 0x02010020, + 0x00040000, 0x00050000, 0x02040000, 0x02050000, + 0x00040020, 0x00050020, 0x02040020, 0x02050020, + 0x00002000, 0x00012000, 0x02002000, 0x02012000, + 0x00002020, 0x00012020, 0x02002020, 0x02012020, + 0x00042000, 0x00052000, 0x02042000, 0x02052000, + 0x00042020, 0x00052020, 0x02042020, 0x02052020, + 0x00000010, 0x00010010, 0x02000010, 0x02010010, + 0x00000030, 0x00010030, 0x02000030, 0x02010030, + 0x00040010, 0x00050010, 0x02040010, 0x02050010, + 0x00040030, 0x00050030, 0x02040030, 0x02050030, + 0x00002010, 0x00012010, 0x02002010, 0x02012010, + 0x00002030, 0x00012030, 0x02002030, 0x02012030, + 0x00042010, 0x00052010, 0x02042010, 0x02052010, + 0x00042030, 0x00052030, 0x02042030, 0x02052030, + 0x00000010, 0x00010010, 0x02000010, 0x02010010, + 0x00000030, 0x00010030, 0x02000030, 0x02010030, + 0x00040010, 0x00050010, 0x02040010, 0x02050010, + 0x00040030, 0x00050030, 0x02040030, 0x02050030, + 0x00002010, 0x00012010, 0x02002010, 0x02012010, + 0x00002030, 0x00012030, 0x02002030, 0x02012030, + 0x00042010, 0x00052010, 0x02042010, 0x02052010, + 0x00042030, 0x00052030, 0x02042030, 0x02052030, + 0x20000000, 0x20010000, 0x22000000, 0x22010000, + 0x20000020, 0x20010020, 0x22000020, 0x22010020, + 0x20040000, 0x20050000, 0x22040000, 0x22050000, + 0x20040020, 0x20050020, 0x22040020, 0x22050020, + 0x20002000, 0x20012000, 0x22002000, 0x22012000, + 0x20002020, 0x20012020, 0x22002020, 0x22012020, + 0x20042000, 0x20052000, 0x22042000, 0x22052000, + 0x20042020, 0x20052020, 0x22042020, 0x22052020, + 0x20000000, 0x20010000, 0x22000000, 0x22010000, + 0x20000020, 0x20010020, 0x22000020, 0x22010020, + 0x20040000, 0x20050000, 0x22040000, 0x22050000, + 0x20040020, 0x20050020, 0x22040020, 0x22050020, + 0x20002000, 0x20012000, 0x22002000, 0x22012000, + 0x20002020, 0x20012020, 0x22002020, 0x22012020, + 0x20042000, 0x20052000, 0x22042000, 0x22052000, + 0x20042020, 0x20052020, 0x22042020, 0x22052020, + 0x20000010, 0x20010010, 0x22000010, 0x22010010, + 0x20000030, 0x20010030, 0x22000030, 0x22010030, + 0x20040010, 0x20050010, 0x22040010, 0x22050010, + 0x20040030, 0x20050030, 0x22040030, 0x22050030, + 0x20002010, 0x20012010, 0x22002010, 0x22012010, + 0x20002030, 0x20012030, 0x22002030, 0x22012030, + 0x20042010, 0x20052010, 0x22042010, 0x22052010, + 0x20042030, 0x20052030, 0x22042030, 0x22052030, + 0x20000010, 0x20010010, 0x22000010, 0x22010010, + 0x20000030, 0x20010030, 0x22000030, 0x22010030, + 0x20040010, 0x20050010, 0x22040010, 0x22050010, + 0x20040030, 0x20050030, 0x22040030, 0x22050030, + 0x20002010, 0x20012010, 0x22002010, 0x22012010, + 0x20002030, 0x20012030, 0x22002030, 0x22012030, + 0x20042010, 0x20052010, 0x22042010, 0x22052010, + 0x20042030, 0x20052030, 0x22042030, 0x22052030 + ]; + static $pc2mapd4 = [ + 0x00000000, 0x00000400, 0x01000000, 0x01000400, + 0x00000000, 0x00000400, 0x01000000, 0x01000400, + 0x00000100, 0x00000500, 0x01000100, 0x01000500, + 0x00000100, 0x00000500, 0x01000100, 0x01000500, + 0x10000000, 0x10000400, 0x11000000, 0x11000400, + 0x10000000, 0x10000400, 0x11000000, 0x11000400, + 0x10000100, 0x10000500, 0x11000100, 0x11000500, + 0x10000100, 0x10000500, 0x11000100, 0x11000500, + 0x00080000, 0x00080400, 0x01080000, 0x01080400, + 0x00080000, 0x00080400, 0x01080000, 0x01080400, + 0x00080100, 0x00080500, 0x01080100, 0x01080500, + 0x00080100, 0x00080500, 0x01080100, 0x01080500, + 0x10080000, 0x10080400, 0x11080000, 0x11080400, + 0x10080000, 0x10080400, 0x11080000, 0x11080400, + 0x10080100, 0x10080500, 0x11080100, 0x11080500, + 0x10080100, 0x10080500, 0x11080100, 0x11080500, + 0x00000008, 0x00000408, 0x01000008, 0x01000408, + 0x00000008, 0x00000408, 0x01000008, 0x01000408, + 0x00000108, 0x00000508, 0x01000108, 0x01000508, + 0x00000108, 0x00000508, 0x01000108, 0x01000508, + 0x10000008, 0x10000408, 0x11000008, 0x11000408, + 0x10000008, 0x10000408, 0x11000008, 0x11000408, + 0x10000108, 0x10000508, 0x11000108, 0x11000508, + 0x10000108, 0x10000508, 0x11000108, 0x11000508, + 0x00080008, 0x00080408, 0x01080008, 0x01080408, + 0x00080008, 0x00080408, 0x01080008, 0x01080408, + 0x00080108, 0x00080508, 0x01080108, 0x01080508, + 0x00080108, 0x00080508, 0x01080108, 0x01080508, + 0x10080008, 0x10080408, 0x11080008, 0x11080408, + 0x10080008, 0x10080408, 0x11080008, 0x11080408, + 0x10080108, 0x10080508, 0x11080108, 0x11080508, + 0x10080108, 0x10080508, 0x11080108, 0x11080508, + 0x00001000, 0x00001400, 0x01001000, 0x01001400, + 0x00001000, 0x00001400, 0x01001000, 0x01001400, + 0x00001100, 0x00001500, 0x01001100, 0x01001500, + 0x00001100, 0x00001500, 0x01001100, 0x01001500, + 0x10001000, 0x10001400, 0x11001000, 0x11001400, + 0x10001000, 0x10001400, 0x11001000, 0x11001400, + 0x10001100, 0x10001500, 0x11001100, 0x11001500, + 0x10001100, 0x10001500, 0x11001100, 0x11001500, + 0x00081000, 0x00081400, 0x01081000, 0x01081400, + 0x00081000, 0x00081400, 0x01081000, 0x01081400, + 0x00081100, 0x00081500, 0x01081100, 0x01081500, + 0x00081100, 0x00081500, 0x01081100, 0x01081500, + 0x10081000, 0x10081400, 0x11081000, 0x11081400, + 0x10081000, 0x10081400, 0x11081000, 0x11081400, + 0x10081100, 0x10081500, 0x11081100, 0x11081500, + 0x10081100, 0x10081500, 0x11081100, 0x11081500, + 0x00001008, 0x00001408, 0x01001008, 0x01001408, + 0x00001008, 0x00001408, 0x01001008, 0x01001408, + 0x00001108, 0x00001508, 0x01001108, 0x01001508, + 0x00001108, 0x00001508, 0x01001108, 0x01001508, + 0x10001008, 0x10001408, 0x11001008, 0x11001408, + 0x10001008, 0x10001408, 0x11001008, 0x11001408, + 0x10001108, 0x10001508, 0x11001108, 0x11001508, + 0x10001108, 0x10001508, 0x11001108, 0x11001508, + 0x00081008, 0x00081408, 0x01081008, 0x01081408, + 0x00081008, 0x00081408, 0x01081008, 0x01081408, + 0x00081108, 0x00081508, 0x01081108, 0x01081508, + 0x00081108, 0x00081508, 0x01081108, 0x01081508, + 0x10081008, 0x10081408, 0x11081008, 0x11081408, + 0x10081008, 0x10081408, 0x11081008, 0x11081408, + 0x10081108, 0x10081508, 0x11081108, 0x11081508, + 0x10081108, 0x10081508, 0x11081108, 0x11081508 + ]; + + $keys = []; + for ($des_round = 0; $des_round < $this->des_rounds; ++$des_round) { + // pad the key and remove extra characters as appropriate. + $key = str_pad(substr($this->key, $des_round * 8, 8), 8, "\0"); + + // Perform the PC/1 transformation and compute C and D. + $t = unpack('Nl/Nr', $key); + list($l, $r) = [$t['l'], $t['r']]; + $key = (self::$shuffle[$pc1map[ $r & 0xFF]] & "\x80\x80\x80\x80\x80\x80\x80\x00") | + (self::$shuffle[$pc1map[($r >> 8) & 0xFF]] & "\x40\x40\x40\x40\x40\x40\x40\x00") | + (self::$shuffle[$pc1map[($r >> 16) & 0xFF]] & "\x20\x20\x20\x20\x20\x20\x20\x00") | + (self::$shuffle[$pc1map[($r >> 24) & 0xFF]] & "\x10\x10\x10\x10\x10\x10\x10\x00") | + (self::$shuffle[$pc1map[ $l & 0xFF]] & "\x08\x08\x08\x08\x08\x08\x08\x00") | + (self::$shuffle[$pc1map[($l >> 8) & 0xFF]] & "\x04\x04\x04\x04\x04\x04\x04\x00") | + (self::$shuffle[$pc1map[($l >> 16) & 0xFF]] & "\x02\x02\x02\x02\x02\x02\x02\x00") | + (self::$shuffle[$pc1map[($l >> 24) & 0xFF]] & "\x01\x01\x01\x01\x01\x01\x01\x00"); + $key = unpack('Nc/Nd', $key); + $c = ( $key['c'] >> 4) & 0x0FFFFFFF; + $d = (($key['d'] >> 4) & 0x0FFFFFF0) | ($key['c'] & 0x0F); + + $keys[$des_round] = [ + self::ENCRYPT => [], + self::DECRYPT => array_fill(0, 32, 0) + ]; + for ($i = 0, $ki = 31; $i < 16; ++$i, $ki -= 2) { + $c <<= $shifts[$i]; + $c = ($c | ($c >> 28)) & 0x0FFFFFFF; + $d <<= $shifts[$i]; + $d = ($d | ($d >> 28)) & 0x0FFFFFFF; + + // Perform the PC-2 transformation. + $cp = $pc2mapc1[ $c >> 24 ] | $pc2mapc2[($c >> 16) & 0xFF] | + $pc2mapc3[($c >> 8) & 0xFF] | $pc2mapc4[ $c & 0xFF]; + $dp = $pc2mapd1[ $d >> 24 ] | $pc2mapd2[($d >> 16) & 0xFF] | + $pc2mapd3[($d >> 8) & 0xFF] | $pc2mapd4[ $d & 0xFF]; + + // Reorder: odd bytes/even bytes. Push the result in key schedule. + $val1 = ( $cp & intval(0xFF000000)) | (($cp << 8) & 0x00FF0000) | + (($dp >> 16) & 0x0000FF00) | (($dp >> 8) & 0x000000FF); + $val2 = (($cp << 8) & intval(0xFF000000)) | (($cp << 16) & 0x00FF0000) | + (($dp >> 8) & 0x0000FF00) | ( $dp & 0x000000FF); + $keys[$des_round][self::ENCRYPT][ ] = $val1; + $keys[$des_round][self::DECRYPT][$ki - 1] = $val1; + $keys[$des_round][self::ENCRYPT][ ] = $val2; + $keys[$des_round][self::DECRYPT][$ki ] = $val2; + } + } + + switch ($this->des_rounds) { + case 3: // 3DES keys + $this->keys = [ + self::ENCRYPT => array_merge( + $keys[0][self::ENCRYPT], + $keys[1][self::DECRYPT], + $keys[2][self::ENCRYPT] + ), + self::DECRYPT => array_merge( + $keys[2][self::DECRYPT], + $keys[1][self::ENCRYPT], + $keys[0][self::DECRYPT] + ) + ]; + break; + // case 1: // DES keys + default: + $this->keys = [ + self::ENCRYPT => $keys[0][self::ENCRYPT], + self::DECRYPT => $keys[0][self::DECRYPT] + ]; + } + } + + /** + * Setup the performance-optimized function for de/encrypt() + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::setupInlineCrypt() + */ + protected function setupInlineCrypt() + { + // Engine configuration for: + // - DES ($des_rounds == 1) or + // - 3DES ($des_rounds == 3) + $des_rounds = $this->des_rounds; + + $init_crypt = 'static $sbox1, $sbox2, $sbox3, $sbox4, $sbox5, $sbox6, $sbox7, $sbox8, $shuffleip, $shuffleinvip; + if (!$sbox1) { + $sbox1 = array_map("intval", self::$sbox1); + $sbox2 = array_map("intval", self::$sbox2); + $sbox3 = array_map("intval", self::$sbox3); + $sbox4 = array_map("intval", self::$sbox4); + $sbox5 = array_map("intval", self::$sbox5); + $sbox6 = array_map("intval", self::$sbox6); + $sbox7 = array_map("intval", self::$sbox7); + $sbox8 = array_map("intval", self::$sbox8);' + /* Merge $shuffle with $[inv]ipmap */ . ' + for ($i = 0; $i < 256; ++$i) { + $shuffleip[] = self::$shuffle[self::$ipmap[$i]]; + $shuffleinvip[] = self::$shuffle[self::$invipmap[$i]]; + } + } + '; + + $k = [ + self::ENCRYPT => $this->keys[self::ENCRYPT], + self::DECRYPT => $this->keys[self::DECRYPT] + ]; + $init_encrypt = ''; + $init_decrypt = ''; + + // Creating code for en- and decryption. + $crypt_block = []; + foreach ([self::ENCRYPT, self::DECRYPT] as $c) { + /* Do the initial IP permutation. */ + $crypt_block[$c] = ' + $in = unpack("N*", $in); + $l = $in[1]; + $r = $in[2]; + $in = unpack("N*", + ($shuffleip[ $r & 0xFF] & "\x80\x80\x80\x80\x80\x80\x80\x80") | + ($shuffleip[($r >> 8) & 0xFF] & "\x40\x40\x40\x40\x40\x40\x40\x40") | + ($shuffleip[($r >> 16) & 0xFF] & "\x20\x20\x20\x20\x20\x20\x20\x20") | + ($shuffleip[($r >> 24) & 0xFF] & "\x10\x10\x10\x10\x10\x10\x10\x10") | + ($shuffleip[ $l & 0xFF] & "\x08\x08\x08\x08\x08\x08\x08\x08") | + ($shuffleip[($l >> 8) & 0xFF] & "\x04\x04\x04\x04\x04\x04\x04\x04") | + ($shuffleip[($l >> 16) & 0xFF] & "\x02\x02\x02\x02\x02\x02\x02\x02") | + ($shuffleip[($l >> 24) & 0xFF] & "\x01\x01\x01\x01\x01\x01\x01\x01") + ); + ' . /* Extract L0 and R0 */ ' + $l = $in[1]; + $r = $in[2]; + '; + + $l = '$l'; + $r = '$r'; + + // Perform DES or 3DES. + for ($ki = -1, $des_round = 0; $des_round < $des_rounds; ++$des_round) { + // Perform the 16 steps. + for ($i = 0; $i < 16; ++$i) { + // start of "the Feistel (F) function" - see the following URL: + // http://en.wikipedia.org/wiki/Image:Data_Encryption_Standard_InfoBox_Diagram.png + // Merge key schedule. + $crypt_block[$c] .= ' + $b1 = ((' . $r . ' >> 3) & 0x1FFFFFFF) ^ (' . $r . ' << 29) ^ ' . $k[$c][++$ki] . '; + $b2 = ((' . $r . ' >> 31) & 0x00000001) ^ (' . $r . ' << 1) ^ ' . $k[$c][++$ki] . ';' . + /* S-box indexing. */ + $l . ' = $sbox1[($b1 >> 24) & 0x3F] ^ $sbox2[($b2 >> 24) & 0x3F] ^ + $sbox3[($b1 >> 16) & 0x3F] ^ $sbox4[($b2 >> 16) & 0x3F] ^ + $sbox5[($b1 >> 8) & 0x3F] ^ $sbox6[($b2 >> 8) & 0x3F] ^ + $sbox7[ $b1 & 0x3F] ^ $sbox8[ $b2 & 0x3F] ^ ' . $l . '; + '; + // end of "the Feistel (F) function" + + // swap L & R + list($l, $r) = [$r, $l]; + } + list($l, $r) = [$r, $l]; + } + + // Perform the inverse IP permutation. + $crypt_block[$c] .= '$in = + ($shuffleinvip[($l >> 24) & 0xFF] & "\x80\x80\x80\x80\x80\x80\x80\x80") | + ($shuffleinvip[($r >> 24) & 0xFF] & "\x40\x40\x40\x40\x40\x40\x40\x40") | + ($shuffleinvip[($l >> 16) & 0xFF] & "\x20\x20\x20\x20\x20\x20\x20\x20") | + ($shuffleinvip[($r >> 16) & 0xFF] & "\x10\x10\x10\x10\x10\x10\x10\x10") | + ($shuffleinvip[($l >> 8) & 0xFF] & "\x08\x08\x08\x08\x08\x08\x08\x08") | + ($shuffleinvip[($r >> 8) & 0xFF] & "\x04\x04\x04\x04\x04\x04\x04\x04") | + ($shuffleinvip[ $l & 0xFF] & "\x02\x02\x02\x02\x02\x02\x02\x02") | + ($shuffleinvip[ $r & 0xFF] & "\x01\x01\x01\x01\x01\x01\x01\x01"); + '; + } + + // Creates the inline-crypt function + $this->inline_crypt = $this->createInlineCryptFunction( + [ + 'init_crypt' => $init_crypt, + 'init_encrypt' => $init_encrypt, + 'init_decrypt' => $init_decrypt, + 'encrypt_block' => $crypt_block[self::ENCRYPT], + 'decrypt_block' => $crypt_block[self::DECRYPT] + ] + ); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH.php new file mode 100644 index 0000000..e1deaf0 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH.php @@ -0,0 +1,405 @@ + + * + * + * + * @author Jim Wigginton + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt; + +use phpseclib3\Crypt\Common\AsymmetricKey; +use phpseclib3\Crypt\DH\Parameters; +use phpseclib3\Crypt\DH\PrivateKey; +use phpseclib3\Crypt\DH\PublicKey; +use phpseclib3\Exception\NoKeyLoadedException; +use phpseclib3\Exception\UnsupportedOperationException; +use phpseclib3\Math\BigInteger; + +/** + * Pure-PHP (EC)DH implementation + * + * @author Jim Wigginton + */ +abstract class DH extends AsymmetricKey +{ + /** + * Algorithm Name + * + * @var string + */ + const ALGORITHM = 'DH'; + + /** + * DH prime + * + * @var \phpseclib3\Math\BigInteger + */ + protected $prime; + + /** + * DH Base + * + * Prime divisor of p-1 + * + * @var \phpseclib3\Math\BigInteger + */ + protected $base; + + /** + * Public Key + * + * @var \phpseclib3\Math\BigInteger + */ + protected $publicKey; + + /** + * Create DH parameters + * + * This method is a bit polymorphic. It can take any of the following: + * - two BigInteger's (prime and base) + * - an integer representing the size of the prime in bits (the base is assumed to be 2) + * - a string (eg. diffie-hellman-group14-sha1) + * + * @return Parameters + */ + public static function createParameters(...$args) + { + $class = new \ReflectionClass(static::class); + if ($class->isFinal()) { + throw new \RuntimeException('createParameters() should not be called from final classes (' . static::class . ')'); + } + + $params = new Parameters(); + if (count($args) == 2 && $args[0] instanceof BigInteger && $args[1] instanceof BigInteger) { + //if (!$args[0]->isPrime()) { + // throw new \InvalidArgumentException('The first parameter should be a prime number'); + //} + $params->prime = $args[0]; + $params->base = $args[1]; + return $params; + } elseif (count($args) == 1 && is_numeric($args[0])) { + $params->prime = BigInteger::randomPrime($args[0]); + $params->base = new BigInteger(2); + return $params; + } elseif (count($args) != 1 || !is_string($args[0])) { + throw new \InvalidArgumentException('Valid parameters are either: two BigInteger\'s (prime and base), a single integer (the length of the prime; base is assumed to be 2) or a string'); + } + switch ($args[0]) { + // see http://tools.ietf.org/html/rfc2409#section-6.2 and + // http://tools.ietf.org/html/rfc2412, appendex E + case 'diffie-hellman-group1-sha1': + $prime = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' . + '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' . + '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' . + 'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF'; + break; + // see http://tools.ietf.org/html/rfc3526#section-3 + case 'diffie-hellman-group14-sha1': // 2048-bit MODP Group + case 'diffie-hellman-group14-sha256': + $prime = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' . + '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' . + '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' . + 'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF05' . + '98DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB' . + '9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B' . + 'E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718' . + '3995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF'; + break; + // see https://tools.ietf.org/html/rfc3526#section-4 + case 'diffie-hellman-group15-sha512': // 3072-bit MODP Group + $prime = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' . + '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' . + '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' . + 'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF05' . + '98DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB' . + '9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B' . + 'E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718' . + '3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33' . + 'A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7' . + 'ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864' . + 'D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E2' . + '08E24FA074E5AB3143DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF'; + break; + // see https://tools.ietf.org/html/rfc3526#section-5 + case 'diffie-hellman-group16-sha512': // 4096-bit MODP Group + $prime = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' . + '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' . + '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' . + 'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF05' . + '98DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB' . + '9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B' . + 'E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718' . + '3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33' . + 'A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7' . + 'ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864' . + 'D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E2' . + '08E24FA074E5AB3143DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7' . + '88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8' . + 'DBBBC2DB04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2' . + '233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9' . + '93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199FFFFFFFFFFFFFFFF'; + break; + // see https://tools.ietf.org/html/rfc3526#section-6 + case 'diffie-hellman-group17-sha512': // 6144-bit MODP Group + $prime = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' . + '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' . + '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' . + 'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF05' . + '98DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB' . + '9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B' . + 'E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718' . + '3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33' . + 'A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7' . + 'ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864' . + 'D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E2' . + '08E24FA074E5AB3143DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7' . + '88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8' . + 'DBBBC2DB04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2' . + '233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9' . + '93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C93402849236C3FAB4D27C7026' . + 'C1D4DCB2602646DEC9751E763DBA37BDF8FF9406AD9E530EE5DB382F413001AE' . + 'B06A53ED9027D831179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1B' . + 'DB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF5983CA01C64B92EC' . + 'F032EA15D1721D03F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E' . + '59E7C97FBEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA' . + 'CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58BB7C5DA76' . + 'F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632387FE8D76E3C0468' . + '043E8F663F4860EE12BF2D5B0B7474D6E694F91E6DCC4024FFFFFFFFFFFFFFFF'; + break; + // see https://tools.ietf.org/html/rfc3526#section-7 + case 'diffie-hellman-group18-sha512': // 8192-bit MODP Group + $prime = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' . + '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' . + '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' . + 'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF05' . + '98DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB' . + '9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B' . + 'E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718' . + '3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33' . + 'A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7' . + 'ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864' . + 'D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E2' . + '08E24FA074E5AB3143DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7' . + '88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8' . + 'DBBBC2DB04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2' . + '233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9' . + '93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C93402849236C3FAB4D27C7026' . + 'C1D4DCB2602646DEC9751E763DBA37BDF8FF9406AD9E530EE5DB382F413001AE' . + 'B06A53ED9027D831179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1B' . + 'DB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF5983CA01C64B92EC' . + 'F032EA15D1721D03F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E' . + '59E7C97FBEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA' . + 'CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58BB7C5DA76' . + 'F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632387FE8D76E3C0468' . + '043E8F663F4860EE12BF2D5B0B7474D6E694F91E6DBE115974A3926F12FEE5E4' . + '38777CB6A932DF8CD8BEC4D073B931BA3BC832B68D9DD300741FA7BF8AFC47ED' . + '2576F6936BA424663AAB639C5AE4F5683423B4742BF1C978238F16CBE39D652D' . + 'E3FDB8BEFC848AD922222E04A4037C0713EB57A81A23F0C73473FC646CEA306B' . + '4BCBC8862F8385DDFA9D4B7FA2C087E879683303ED5BDD3A062B3CF5B3A278A6' . + '6D2A13F83F44F82DDF310EE074AB6A364597E899A0255DC164F31CC50846851D' . + 'F9AB48195DED7EA1B1D510BD7EE74D73FAF36BC31ECFA268359046F4EB879F92' . + '4009438B481C6CD7889A002ED5EE382BC9190DA6FC026E479558E4475677E9AA' . + '9E3050E2765694DFC81F56E880B96E7160C980DD98EDD3DFFFFFFFFFFFFFFFFF'; + break; + default: + throw new \InvalidArgumentException('Invalid named prime provided'); + } + + $params->prime = new BigInteger($prime, 16); + $params->base = new BigInteger(2); + + return $params; + } + + /** + * Create public / private key pair. + * + * The rationale for the second parameter is described in http://tools.ietf.org/html/rfc4419#section-6.2 : + * + * "To increase the speed of the key exchange, both client and server may + * reduce the size of their private exponents. It should be at least + * twice as long as the key material that is generated from the shared + * secret. For more details, see the paper by van Oorschot and Wiener + * [VAN-OORSCHOT]." + * + * $length is in bits + * + * @param Parameters $params + * @param int $length optional + * @return DH\PrivateKey + */ + public static function createKey(Parameters $params, $length = 0) + { + $class = new \ReflectionClass(static::class); + if ($class->isFinal()) { + throw new \RuntimeException('createKey() should not be called from final classes (' . static::class . ')'); + } + + $one = new BigInteger(1); + if ($length) { + $max = $one->bitwise_leftShift($length); + $max = $max->subtract($one); + } else { + $max = $params->prime->subtract($one); + } + + $key = new PrivateKey(); + $key->prime = $params->prime; + $key->base = $params->base; + $key->privateKey = BigInteger::randomRange($one, $max); + $key->publicKey = $key->base->powMod($key->privateKey, $key->prime); + return $key; + } + + /** + * Compute Shared Secret + * + * @param PrivateKey|EC $private + * @param PublicKey|BigInteger|string $public + * @return mixed + */ + public static function computeSecret($private, $public) + { + if ($private instanceof PrivateKey) { // DH\PrivateKey + switch (true) { + case $public instanceof PublicKey: + if (!$private->prime->equals($public->prime) || !$private->base->equals($public->base)) { + throw new \InvalidArgumentException('The public and private key do not share the same prime and / or base numbers'); + } + return $public->publicKey->powMod($private->privateKey, $private->prime)->toBytes(true); + case is_string($public): + $public = new BigInteger($public, -256); + // fall-through + case $public instanceof BigInteger: + return $public->powMod($private->privateKey, $private->prime)->toBytes(true); + default: + throw new \InvalidArgumentException('$public needs to be an instance of DH\PublicKey, a BigInteger or a string'); + } + } + + if ($private instanceof EC\PrivateKey) { + switch (true) { + case $public instanceof EC\PublicKey: + $public = $public->getEncodedCoordinates(); + // fall-through + case is_string($public): + $point = $private->multiply($public); + switch ($private->getCurve()) { + case 'Curve25519': + case 'Curve448': + $secret = $point; + break; + default: + // according to https://www.secg.org/sec1-v2.pdf#page=33 only X is returned + $secret = substr($point, 1, (strlen($point) - 1) >> 1); + } + /* + if (($secret[0] & "\x80") === "\x80") { + $secret = "\0$secret"; + } + */ + return $secret; + default: + throw new \InvalidArgumentException('$public needs to be an instance of EC\PublicKey or a string (an encoded coordinate)'); + } + } + } + + /** + * Load the key + * + * @param string $key + * @param string $password optional + * @return AsymmetricKey + */ + public static function load($key, $password = false) + { + try { + return EC::load($key, $password); + } catch (NoKeyLoadedException $e) { + } + + return parent::load($key, $password); + } + + /** + * OnLoad Handler + * + * @return bool + */ + protected static function onLoad(array $components) + { + if (!isset($components['privateKey']) && !isset($components['publicKey'])) { + $new = new Parameters(); + } else { + $new = isset($components['privateKey']) ? + new PrivateKey() : + new PublicKey(); + } + + $new->prime = $components['prime']; + $new->base = $components['base']; + + if (isset($components['privateKey'])) { + $new->privateKey = $components['privateKey']; + } + if (isset($components['publicKey'])) { + $new->publicKey = $components['publicKey']; + } + + return $new; + } + + /** + * Determines which hashing function should be used + * + * @param string $hash + */ + public function withHash($hash) + { + throw new UnsupportedOperationException('DH does not use a hash algorithm'); + } + + /** + * Returns the hash algorithm currently being used + * + */ + public function getHash() + { + throw new UnsupportedOperationException('DH does not use a hash algorithm'); + } + + /** + * Returns the parameters + * + * A public / private key is only returned if the currently loaded "key" contains an x or y + * value. + * + * @see self::getPublicKey() + * @return mixed + */ + public function getParameters() + { + $type = DH::validatePlugin('Keys', 'PKCS1', 'saveParameters'); + + $key = $type::saveParameters($this->prime, $this->base); + return DH::load($key, 'PKCS1'); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/Formats/Keys/PKCS1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/Formats/Keys/PKCS1.php new file mode 100644 index 0000000..65a0a5d --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/Formats/Keys/PKCS1.php @@ -0,0 +1,77 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\DH\Formats\Keys; + +use phpseclib3\Crypt\Common\Formats\Keys\PKCS1 as Progenitor; +use phpseclib3\File\ASN1; +use phpseclib3\File\ASN1\Maps; +use phpseclib3\Math\BigInteger; + +/** + * "PKCS1" Formatted DH Key Handler + * + * @author Jim Wigginton + */ +abstract class PKCS1 extends Progenitor +{ + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password optional + * @return array + */ + public static function load($key, $password = '') + { + $key = parent::load($key, $password); + + $decoded = ASN1::decodeBER($key); + if (!$decoded) { + throw new \RuntimeException('Unable to decode BER'); + } + + $components = ASN1::asn1map($decoded[0], Maps\DHParameter::MAP); + if (!is_array($components)) { + throw new \RuntimeException('Unable to perform ASN1 mapping on parameters'); + } + + return $components; + } + + /** + * Convert EC parameters to the appropriate format + * + * @return string + */ + public static function saveParameters(BigInteger $prime, BigInteger $base, array $options = []) + { + $params = [ + 'prime' => $prime, + 'base' => $base + ]; + $params = ASN1::encodeDER($params, Maps\DHParameter::MAP); + + return "-----BEGIN DH PARAMETERS-----\r\n" . + chunk_split(base64_encode($params), 64) . + "-----END DH PARAMETERS-----\r\n"; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/Formats/Keys/PKCS8.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/Formats/Keys/PKCS8.php new file mode 100644 index 0000000..c330a3c --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/Formats/Keys/PKCS8.php @@ -0,0 +1,132 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\DH\Formats\Keys; + +use phpseclib3\Crypt\Common\Formats\Keys\PKCS8 as Progenitor; +use phpseclib3\File\ASN1; +use phpseclib3\File\ASN1\Maps; +use phpseclib3\Math\BigInteger; + +/** + * PKCS#8 Formatted DH Key Handler + * + * @author Jim Wigginton + */ +abstract class PKCS8 extends Progenitor +{ + /** + * OID Name + * + * @var string + */ + const OID_NAME = 'dhKeyAgreement'; + + /** + * OID Value + * + * @var string + */ + const OID_VALUE = '1.2.840.113549.1.3.1'; + + /** + * Child OIDs loaded + * + * @var bool + */ + protected static $childOIDsLoaded = false; + + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password optional + * @return array + */ + public static function load($key, $password = '') + { + $key = parent::load($key, $password); + + $type = isset($key['privateKey']) ? 'privateKey' : 'publicKey'; + + $decoded = ASN1::decodeBER($key[$type . 'Algorithm']['parameters']->element); + if (empty($decoded)) { + throw new \RuntimeException('Unable to decode BER of parameters'); + } + $components = ASN1::asn1map($decoded[0], Maps\DHParameter::MAP); + if (!is_array($components)) { + throw new \RuntimeException('Unable to perform ASN1 mapping on parameters'); + } + + $decoded = ASN1::decodeBER($key[$type]); + switch (true) { + case !isset($decoded): + case !isset($decoded[0]['content']): + case !$decoded[0]['content'] instanceof BigInteger: + throw new \RuntimeException('Unable to decode BER of parameters'); + } + $components[$type] = $decoded[0]['content']; + + return $components; + } + + /** + * Convert a private key to the appropriate format. + * + * @param \phpseclib3\Math\BigInteger $prime + * @param \phpseclib3\Math\BigInteger $base + * @param \phpseclib3\Math\BigInteger $privateKey + * @param \phpseclib3\Math\BigInteger $publicKey + * @param string $password optional + * @param array $options optional + * @return string + */ + public static function savePrivateKey(BigInteger $prime, BigInteger $base, BigInteger $privateKey, BigInteger $publicKey, $password = '', array $options = []) + { + $params = [ + 'prime' => $prime, + 'base' => $base + ]; + $params = ASN1::encodeDER($params, Maps\DHParameter::MAP); + $params = new ASN1\Element($params); + $key = ASN1::encodeDER($privateKey, ['type' => ASN1::TYPE_INTEGER]); + return self::wrapPrivateKey($key, [], $params, $password, null, '', $options); + } + + /** + * Convert a public key to the appropriate format + * + * @param \phpseclib3\Math\BigInteger $prime + * @param \phpseclib3\Math\BigInteger $base + * @param \phpseclib3\Math\BigInteger $publicKey + * @param array $options optional + * @return string + */ + public static function savePublicKey(BigInteger $prime, BigInteger $base, BigInteger $publicKey, array $options = []) + { + $params = [ + 'prime' => $prime, + 'base' => $base + ]; + $params = ASN1::encodeDER($params, Maps\DHParameter::MAP); + $params = new ASN1\Element($params); + $key = ASN1::encodeDER($publicKey, ['type' => ASN1::TYPE_INTEGER]); + return self::wrapPublicKey($key, $params); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/Parameters.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/Parameters.php new file mode 100644 index 0000000..c0ded84 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/Parameters.php @@ -0,0 +1,36 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\DH; + +use phpseclib3\Crypt\DH; + +/** + * DH Parameters + * + * @author Jim Wigginton + */ +final class Parameters extends DH +{ + /** + * Returns the parameters + * + * @param string $type + * @param array $options optional + * @return string + */ + public function toString($type = 'PKCS1', array $options = []) + { + $type = self::validatePlugin('Keys', 'PKCS1', 'saveParameters'); + + return $type::saveParameters($this->prime, $this->base, $options); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/PrivateKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/PrivateKey.php new file mode 100644 index 0000000..737781f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/PrivateKey.php @@ -0,0 +1,75 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\DH; + +use phpseclib3\Crypt\Common; +use phpseclib3\Crypt\DH; + +/** + * DH Private Key + * + * @author Jim Wigginton + */ +final class PrivateKey extends DH +{ + use Common\Traits\PasswordProtected; + + /** + * Private Key + * + * @var \phpseclib3\Math\BigInteger + */ + protected $privateKey; + + /** + * Public Key + * + * @var \phpseclib3\Math\BigInteger + */ + protected $publicKey; + + /** + * Returns the public key + * + * @return DH\PublicKey + */ + public function getPublicKey() + { + $type = self::validatePlugin('Keys', 'PKCS8', 'savePublicKey'); + + if (!isset($this->publicKey)) { + $this->publicKey = $this->base->powMod($this->privateKey, $this->prime); + } + + $key = $type::savePublicKey($this->prime, $this->base, $this->publicKey); + + return DH::loadFormat('PKCS8', $key); + } + + /** + * Returns the private key + * + * @param string $type + * @param array $options optional + * @return string + */ + public function toString($type, array $options = []) + { + $type = self::validatePlugin('Keys', $type, 'savePrivateKey'); + + if (!isset($this->publicKey)) { + $this->publicKey = $this->base->powMod($this->privateKey, $this->prime); + } + + return $type::savePrivateKey($this->prime, $this->base, $this->privateKey, $this->publicKey, $this->password, $options); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/PublicKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/PublicKey.php new file mode 100644 index 0000000..87726a5 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/PublicKey.php @@ -0,0 +1,49 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\DH; + +use phpseclib3\Crypt\Common; +use phpseclib3\Crypt\DH; + +/** + * DH Public Key + * + * @author Jim Wigginton + */ +final class PublicKey extends DH +{ + use Common\Traits\Fingerprint; + + /** + * Returns the public key + * + * @param string $type + * @param array $options optional + * @return string + */ + public function toString($type, array $options = []) + { + $type = self::validatePlugin('Keys', $type, 'savePublicKey'); + + return $type::savePublicKey($this->prime, $this->base, $this->publicKey, $options); + } + + /** + * Returns the public key as a BigInteger + * + * @return \phpseclib3\Math\BigInteger + */ + public function toBigInteger() + { + return $this->publicKey; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA.php new file mode 100644 index 0000000..0123c66 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA.php @@ -0,0 +1,337 @@ + + * getPublicKey(); + * + * $plaintext = 'terrafrost'; + * + * $signature = $private->sign($plaintext); + * + * echo $public->verify($plaintext, $signature) ? 'verified' : 'unverified'; + * ?> + * + * + * @author Jim Wigginton + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt; + +use phpseclib3\Crypt\Common\AsymmetricKey; +use phpseclib3\Crypt\DSA\Parameters; +use phpseclib3\Crypt\DSA\PrivateKey; +use phpseclib3\Crypt\DSA\PublicKey; +use phpseclib3\Exception\InsufficientSetupException; +use phpseclib3\Math\BigInteger; + +/** + * Pure-PHP FIPS 186-4 compliant implementation of DSA. + * + * @author Jim Wigginton + */ +abstract class DSA extends AsymmetricKey +{ + /** + * Algorithm Name + * + * @var string + */ + const ALGORITHM = 'DSA'; + + /** + * DSA Prime P + * + * @var \phpseclib3\Math\BigInteger + */ + protected $p; + + /** + * DSA Group Order q + * + * Prime divisor of p-1 + * + * @var \phpseclib3\Math\BigInteger + */ + protected $q; + + /** + * DSA Group Generator G + * + * @var \phpseclib3\Math\BigInteger + */ + protected $g; + + /** + * DSA public key value y + * + * @var \phpseclib3\Math\BigInteger + */ + protected $y; + + /** + * Signature Format + * + * @var string + */ + protected $sigFormat; + + /** + * Signature Format (Short) + * + * @var string + */ + protected $shortFormat; + + /** + * Create DSA parameters + * + * @param int $L + * @param int $N + * @return \phpseclib3\Crypt\DSA|bool + */ + public static function createParameters($L = 2048, $N = 224) + { + self::initialize_static_variables(); + + $class = new \ReflectionClass(static::class); + if ($class->isFinal()) { + throw new \RuntimeException('createParameters() should not be called from final classes (' . static::class . ')'); + } + + if (!isset(self::$engines['PHP'])) { + self::useBestEngine(); + } + + switch (true) { + case $N == 160: + /* + in FIPS 186-1 and 186-2 N was fixed at 160 whereas K had an upper bound of 1024. + RFC 4253 (SSH Transport Layer Protocol) references FIPS 186-2 and as such most + SSH DSA implementations only support keys with an N of 160. + puttygen let's you set the size of L (but not the size of N) and uses 2048 as the + default L value. that's not really compliant with any of the FIPS standards, however, + for the purposes of maintaining compatibility with puttygen, we'll support it + */ + //case ($L >= 512 || $L <= 1024) && (($L & 0x3F) == 0) && $N == 160: + // FIPS 186-3 changed this as follows: + //case $L == 1024 && $N == 160: + case $L == 2048 && $N == 224: + case $L == 2048 && $N == 256: + case $L == 3072 && $N == 256: + break; + default: + throw new \InvalidArgumentException('Invalid values for N and L'); + } + + $two = new BigInteger(2); + + $q = BigInteger::randomPrime($N); + $divisor = $q->multiply($two); + + do { + $x = BigInteger::random($L); + list(, $c) = $x->divide($divisor); + $p = $x->subtract($c->subtract(self::$one)); + } while ($p->getLength() != $L || !$p->isPrime()); + + $p_1 = $p->subtract(self::$one); + list($e) = $p_1->divide($q); + + // quoting http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf#page=50 , + // "h could be obtained from a random number generator or from a counter that + // changes after each use". PuTTY (sshdssg.c) starts h off at 1 and increments + // it on each loop. wikipedia says "commonly h = 2 is used" so we'll just do that + $h = clone $two; + while (true) { + $g = $h->powMod($e, $p); + if (!$g->equals(self::$one)) { + break; + } + $h = $h->add(self::$one); + } + + $dsa = new Parameters(); + $dsa->p = $p; + $dsa->q = $q; + $dsa->g = $g; + + return $dsa; + } + + /** + * Create public / private key pair. + * + * This method is a bit polymorphic. It can take a DSA/Parameters object, L / N as two distinct parameters or + * no parameters (at which point L and N will be generated with this method) + * + * Returns the private key, from which the publickey can be extracted + * + * @param int[] ...$args + * @return DSA\PrivateKey + */ + public static function createKey(...$args) + { + self::initialize_static_variables(); + + $class = new \ReflectionClass(static::class); + if ($class->isFinal()) { + throw new \RuntimeException('createKey() should not be called from final classes (' . static::class . ')'); + } + + if (!isset(self::$engines['PHP'])) { + self::useBestEngine(); + } + + if (count($args) == 2 && is_int($args[0]) && is_int($args[1])) { + $params = self::createParameters($args[0], $args[1]); + } elseif (count($args) == 1 && $args[0] instanceof Parameters) { + $params = $args[0]; + } elseif (!count($args)) { + $params = self::createParameters(); + } else { + throw new InsufficientSetupException('Valid parameters are either two integers (L and N), a single DSA object or no parameters at all.'); + } + + $private = new PrivateKey(); + $private->p = $params->p; + $private->q = $params->q; + $private->g = $params->g; + + $private->x = BigInteger::randomRange(self::$one, $private->q->subtract(self::$one)); + $private->y = $private->g->powMod($private->x, $private->p); + + //$public = clone $private; + //unset($public->x); + + return $private + ->withHash($params->hash->getHash()) + ->withSignatureFormat($params->shortFormat); + } + + /** + * OnLoad Handler + * + * @return bool + */ + protected static function onLoad(array $components) + { + if (!isset(self::$engines['PHP'])) { + self::useBestEngine(); + } + + if (!isset($components['x']) && !isset($components['y'])) { + $new = new Parameters(); + } elseif (isset($components['x'])) { + $new = new PrivateKey(); + $new->x = $components['x']; + } else { + $new = new PublicKey(); + } + + $new->p = $components['p']; + $new->q = $components['q']; + $new->g = $components['g']; + + if (isset($components['y'])) { + $new->y = $components['y']; + } + + return $new; + } + + /** + * Constructor + * + * PublicKey and PrivateKey objects can only be created from abstract RSA class + */ + protected function __construct() + { + $this->sigFormat = self::validatePlugin('Signature', 'ASN1'); + $this->shortFormat = 'ASN1'; + + parent::__construct(); + } + + /** + * Returns the key size + * + * More specifically, this L (the length of DSA Prime P) and N (the length of DSA Group Order q) + * + * @return array + */ + public function getLength() + { + return ['L' => $this->p->getLength(), 'N' => $this->q->getLength()]; + } + + /** + * Returns the current engine being used + * + * @see self::useInternalEngine() + * @see self::useBestEngine() + * @return string + */ + public function getEngine() + { + if (!isset(self::$engines['PHP'])) { + self::useBestEngine(); + } + return self::$engines['OpenSSL'] && in_array($this->hash->getHash(), openssl_get_md_methods()) ? + 'OpenSSL' : 'PHP'; + } + + /** + * Returns the parameters + * + * A public / private key is only returned if the currently loaded "key" contains an x or y + * value. + * + * @see self::getPublicKey() + * @return mixed + */ + public function getParameters() + { + $type = self::validatePlugin('Keys', 'PKCS1', 'saveParameters'); + + $key = $type::saveParameters($this->p, $this->q, $this->g); + return DSA::load($key, 'PKCS1') + ->withHash($this->hash->getHash()) + ->withSignatureFormat($this->shortFormat); + } + + /** + * Determines the signature padding mode + * + * Valid values are: ASN1, SSH2, Raw + * + * @param string $format + */ + public function withSignatureFormat($format) + { + $new = clone $this; + $new->shortFormat = $format; + $new->sigFormat = self::validatePlugin('Signature', $format); + return $new; + } + + /** + * Returns the signature format currently being used + * + */ + public function getSignatureFormat() + { + return $this->shortFormat; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/OpenSSH.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/OpenSSH.php new file mode 100644 index 0000000..cc204fa --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/OpenSSH.php @@ -0,0 +1,118 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\DSA\Formats\Keys; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\Common\Formats\Keys\OpenSSH as Progenitor; +use phpseclib3\Math\BigInteger; + +/** + * OpenSSH Formatted DSA Key Handler + * + * @author Jim Wigginton + */ +abstract class OpenSSH extends Progenitor +{ + /** + * Supported Key Types + * + * @var array + */ + protected static $types = ['ssh-dss']; + + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password optional + * @return array + */ + public static function load($key, $password = '') + { + $parsed = parent::load($key, $password); + + if (isset($parsed['paddedKey'])) { + list($type) = Strings::unpackSSH2('s', $parsed['paddedKey']); + if ($type != $parsed['type']) { + throw new \RuntimeException("The public and private keys are not of the same type ($type vs $parsed[type])"); + } + + list($p, $q, $g, $y, $x, $comment) = Strings::unpackSSH2('i5s', $parsed['paddedKey']); + + return compact('p', 'q', 'g', 'y', 'x', 'comment'); + } + + list($p, $q, $g, $y) = Strings::unpackSSH2('iiii', $parsed['publicKey']); + + $comment = $parsed['comment']; + + return compact('p', 'q', 'g', 'y', 'comment'); + } + + /** + * Convert a public key to the appropriate format + * + * @param \phpseclib3\Math\BigInteger $p + * @param \phpseclib3\Math\BigInteger $q + * @param \phpseclib3\Math\BigInteger $g + * @param \phpseclib3\Math\BigInteger $y + * @param array $options optional + * @return string + */ + public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, array $options = []) + { + if ($q->getLength() != 160) { + throw new \InvalidArgumentException('SSH only supports keys with an N (length of Group Order q) of 160'); + } + + // from : + // string "ssh-dss" + // mpint p + // mpint q + // mpint g + // mpint y + $DSAPublicKey = Strings::packSSH2('siiii', 'ssh-dss', $p, $q, $g, $y); + + if (isset($options['binary']) ? $options['binary'] : self::$binary) { + return $DSAPublicKey; + } + + $comment = isset($options['comment']) ? $options['comment'] : self::$comment; + $DSAPublicKey = 'ssh-dss ' . base64_encode($DSAPublicKey) . ' ' . $comment; + + return $DSAPublicKey; + } + + /** + * Convert a private key to the appropriate format. + * + * @param \phpseclib3\Math\BigInteger $p + * @param \phpseclib3\Math\BigInteger $q + * @param \phpseclib3\Math\BigInteger $g + * @param \phpseclib3\Math\BigInteger $y + * @param \phpseclib3\Math\BigInteger $x + * @param string $password optional + * @param array $options optional + * @return string + */ + public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '', array $options = []) + { + $publicKey = self::savePublicKey($p, $q, $g, $y, ['binary' => true]); + $privateKey = Strings::packSSH2('si5', 'ssh-dss', $p, $q, $g, $y, $x); + + return self::wrapPrivateKey($publicKey, $privateKey, $password, $options); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PKCS1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PKCS1.php new file mode 100644 index 0000000..52a0499 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PKCS1.php @@ -0,0 +1,143 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\DSA\Formats\Keys; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\Common\Formats\Keys\PKCS1 as Progenitor; +use phpseclib3\File\ASN1; +use phpseclib3\File\ASN1\Maps; +use phpseclib3\Math\BigInteger; + +/** + * PKCS#1 Formatted DSA Key Handler + * + * @author Jim Wigginton + */ +abstract class PKCS1 extends Progenitor +{ + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password optional + * @return array + */ + public static function load($key, $password = '') + { + $key = parent::load($key, $password); + + $decoded = ASN1::decodeBER($key); + if (!$decoded) { + throw new \RuntimeException('Unable to decode BER'); + } + + $key = ASN1::asn1map($decoded[0], Maps\DSAParams::MAP); + if (is_array($key)) { + return $key; + } + + $key = ASN1::asn1map($decoded[0], Maps\DSAPrivateKey::MAP); + if (is_array($key)) { + return $key; + } + + $key = ASN1::asn1map($decoded[0], Maps\DSAPublicKey::MAP); + if (is_array($key)) { + return $key; + } + + throw new \RuntimeException('Unable to perform ASN1 mapping'); + } + + /** + * Convert DSA parameters to the appropriate format + * + * @param \phpseclib3\Math\BigInteger $p + * @param \phpseclib3\Math\BigInteger $q + * @param \phpseclib3\Math\BigInteger $g + * @return string + */ + public static function saveParameters(BigInteger $p, BigInteger $q, BigInteger $g) + { + $key = [ + 'p' => $p, + 'q' => $q, + 'g' => $g + ]; + + $key = ASN1::encodeDER($key, Maps\DSAParams::MAP); + + return "-----BEGIN DSA PARAMETERS-----\r\n" . + chunk_split(Strings::base64_encode($key), 64) . + "-----END DSA PARAMETERS-----\r\n"; + } + + /** + * Convert a private key to the appropriate format. + * + * @param \phpseclib3\Math\BigInteger $p + * @param \phpseclib3\Math\BigInteger $q + * @param \phpseclib3\Math\BigInteger $g + * @param \phpseclib3\Math\BigInteger $y + * @param \phpseclib3\Math\BigInteger $x + * @param string $password optional + * @param array $options optional + * @return string + */ + public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '', array $options = []) + { + $key = [ + 'version' => 0, + 'p' => $p, + 'q' => $q, + 'g' => $g, + 'y' => $y, + 'x' => $x + ]; + + $key = ASN1::encodeDER($key, Maps\DSAPrivateKey::MAP); + + return self::wrapPrivateKey($key, 'DSA', $password, $options); + } + + /** + * Convert a public key to the appropriate format + * + * @param \phpseclib3\Math\BigInteger $p + * @param \phpseclib3\Math\BigInteger $q + * @param \phpseclib3\Math\BigInteger $g + * @param \phpseclib3\Math\BigInteger $y + * @return string + */ + public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y) + { + $key = ASN1::encodeDER($y, Maps\DSAPublicKey::MAP); + + return self::wrapPublicKey($key, 'DSA'); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PKCS8.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PKCS8.php new file mode 100644 index 0000000..004881e --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PKCS8.php @@ -0,0 +1,146 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\DSA\Formats\Keys; + +use phpseclib3\Crypt\Common\Formats\Keys\PKCS8 as Progenitor; +use phpseclib3\File\ASN1; +use phpseclib3\File\ASN1\Maps; +use phpseclib3\Math\BigInteger; + +/** + * PKCS#8 Formatted DSA Key Handler + * + * @author Jim Wigginton + */ +abstract class PKCS8 extends Progenitor +{ + /** + * OID Name + * + * @var string + */ + const OID_NAME = 'id-dsa'; + + /** + * OID Value + * + * @var string + */ + const OID_VALUE = '1.2.840.10040.4.1'; + + /** + * Child OIDs loaded + * + * @var bool + */ + protected static $childOIDsLoaded = false; + + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password optional + * @return array + */ + public static function load($key, $password = '') + { + $key = parent::load($key, $password); + + $type = isset($key['privateKey']) ? 'privateKey' : 'publicKey'; + + $decoded = ASN1::decodeBER($key[$type . 'Algorithm']['parameters']->element); + if (!$decoded) { + throw new \RuntimeException('Unable to decode BER of parameters'); + } + $components = ASN1::asn1map($decoded[0], Maps\DSAParams::MAP); + if (!is_array($components)) { + throw new \RuntimeException('Unable to perform ASN1 mapping on parameters'); + } + + $decoded = ASN1::decodeBER($key[$type]); + if (empty($decoded)) { + throw new \RuntimeException('Unable to decode BER'); + } + + $var = $type == 'privateKey' ? 'x' : 'y'; + $components[$var] = ASN1::asn1map($decoded[0], Maps\DSAPublicKey::MAP); + if (!$components[$var] instanceof BigInteger) { + throw new \RuntimeException('Unable to perform ASN1 mapping'); + } + + if (isset($key['meta'])) { + $components['meta'] = $key['meta']; + } + + return $components; + } + + /** + * Convert a private key to the appropriate format. + * + * @param \phpseclib3\Math\BigInteger $p + * @param \phpseclib3\Math\BigInteger $q + * @param \phpseclib3\Math\BigInteger $g + * @param \phpseclib3\Math\BigInteger $y + * @param \phpseclib3\Math\BigInteger $x + * @param string $password optional + * @param array $options optional + * @return string + */ + public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '', array $options = []) + { + $params = [ + 'p' => $p, + 'q' => $q, + 'g' => $g + ]; + $params = ASN1::encodeDER($params, Maps\DSAParams::MAP); + $params = new ASN1\Element($params); + $key = ASN1::encodeDER($x, Maps\DSAPublicKey::MAP); + return self::wrapPrivateKey($key, [], $params, $password, null, '', $options); + } + + /** + * Convert a public key to the appropriate format + * + * @param \phpseclib3\Math\BigInteger $p + * @param \phpseclib3\Math\BigInteger $q + * @param \phpseclib3\Math\BigInteger $g + * @param \phpseclib3\Math\BigInteger $y + * @param array $options optional + * @return string + */ + public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, array $options = []) + { + $params = [ + 'p' => $p, + 'q' => $q, + 'g' => $g + ]; + $params = ASN1::encodeDER($params, Maps\DSAParams::MAP); + $params = new ASN1\Element($params); + $key = ASN1::encodeDER($y, Maps\DSAPublicKey::MAP); + return self::wrapPublicKey($key, $params); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PuTTY.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PuTTY.php new file mode 100644 index 0000000..177bfdd --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PuTTY.php @@ -0,0 +1,109 @@ + 160 kinda useless, hence this handlers not supporting such keys. + * + * PHP version 5 + * + * @author Jim Wigginton + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\DSA\Formats\Keys; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\Common\Formats\Keys\PuTTY as Progenitor; +use phpseclib3\Math\BigInteger; + +/** + * PuTTY Formatted DSA Key Handler + * + * @author Jim Wigginton + */ +abstract class PuTTY extends Progenitor +{ + /** + * Public Handler + * + * @var string + */ + const PUBLIC_HANDLER = 'phpseclib3\Crypt\DSA\Formats\Keys\OpenSSH'; + + /** + * Algorithm Identifier + * + * @var array + */ + protected static $types = ['ssh-dss']; + + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password optional + * @return array + */ + public static function load($key, $password = '') + { + $components = parent::load($key, $password); + if (!isset($components['private'])) { + return $components; + } + extract($components); + unset($components['public'], $components['private']); + + list($p, $q, $g, $y) = Strings::unpackSSH2('iiii', $public); + list($x) = Strings::unpackSSH2('i', $private); + + return compact('p', 'q', 'g', 'y', 'x', 'comment'); + } + + /** + * Convert a private key to the appropriate format. + * + * @param \phpseclib3\Math\BigInteger $p + * @param \phpseclib3\Math\BigInteger $q + * @param \phpseclib3\Math\BigInteger $g + * @param \phpseclib3\Math\BigInteger $y + * @param \phpseclib3\Math\BigInteger $x + * @param string $password optional + * @param array $options optional + * @return string + */ + public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = false, array $options = []) + { + if ($q->getLength() != 160) { + throw new \InvalidArgumentException('SSH only supports keys with an N (length of Group Order q) of 160'); + } + + $public = Strings::packSSH2('iiii', $p, $q, $g, $y); + $private = Strings::packSSH2('i', $x); + + return self::wrapPrivateKey($public, $private, 'ssh-dss', $password, $options); + } + + /** + * Convert a public key to the appropriate format + * + * @param \phpseclib3\Math\BigInteger $p + * @param \phpseclib3\Math\BigInteger $q + * @param \phpseclib3\Math\BigInteger $g + * @param \phpseclib3\Math\BigInteger $y + * @return string + */ + public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y) + { + if ($q->getLength() != 160) { + throw new \InvalidArgumentException('SSH only supports keys with an N (length of Group Order q) of 160'); + } + + return self::wrapPublicKey(Strings::packSSH2('iiii', $p, $q, $g, $y), 'ssh-dss'); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/Raw.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/Raw.php new file mode 100644 index 0000000..201aa6f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/Raw.php @@ -0,0 +1,85 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\DSA\Formats\Keys; + +use phpseclib3\Math\BigInteger; + +/** + * Raw DSA Key Handler + * + * @author Jim Wigginton + */ +abstract class Raw +{ + /** + * Break a public or private key down into its constituent components + * + * @param array $key + * @param string $password optional + * @return array + */ + public static function load($key, $password = '') + { + if (!is_array($key)) { + throw new \UnexpectedValueException('Key should be a array - not a ' . gettype($key)); + } + + switch (true) { + case !isset($key['p']) || !isset($key['q']) || !isset($key['g']): + case !$key['p'] instanceof BigInteger: + case !$key['q'] instanceof BigInteger: + case !$key['g'] instanceof BigInteger: + case !isset($key['x']) && !isset($key['y']): + case isset($key['x']) && !$key['x'] instanceof BigInteger: + case isset($key['y']) && !$key['y'] instanceof BigInteger: + throw new \UnexpectedValueException('Key appears to be malformed'); + } + + $options = ['p' => 1, 'q' => 1, 'g' => 1, 'x' => 1, 'y' => 1]; + + return array_intersect_key($key, $options); + } + + /** + * Convert a private key to the appropriate format. + * + * @param \phpseclib3\Math\BigInteger $p + * @param \phpseclib3\Math\BigInteger $q + * @param \phpseclib3\Math\BigInteger $g + * @param \phpseclib3\Math\BigInteger $y + * @param \phpseclib3\Math\BigInteger $x + * @param string $password optional + * @return string + */ + public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '') + { + return compact('p', 'q', 'g', 'y', 'x'); + } + + /** + * Convert a public key to the appropriate format + * + * @param \phpseclib3\Math\BigInteger $p + * @param \phpseclib3\Math\BigInteger $q + * @param \phpseclib3\Math\BigInteger $g + * @param \phpseclib3\Math\BigInteger $y + * @return string + */ + public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y) + { + return compact('p', 'q', 'g', 'y'); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/XML.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/XML.php new file mode 100644 index 0000000..fc36367 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/XML.php @@ -0,0 +1,132 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\DSA\Formats\Keys; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Exception\BadConfigurationException; +use phpseclib3\Math\BigInteger; + +/** + * XML Formatted DSA Key Handler + * + * @author Jim Wigginton + */ +abstract class XML +{ + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password optional + * @return array + */ + public static function load($key, $password = '') + { + if (!Strings::is_stringable($key)) { + throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); + } + + if (!class_exists('DOMDocument')) { + throw new BadConfigurationException('The dom extension is not setup correctly on this system'); + } + + $use_errors = libxml_use_internal_errors(true); + + $dom = new \DOMDocument(); + if (substr($key, 0, 5) != '' . $key . ''; + } + if (!$dom->loadXML($key)) { + libxml_use_internal_errors($use_errors); + throw new \UnexpectedValueException('Key does not appear to contain XML'); + } + $xpath = new \DOMXPath($dom); + $keys = ['p', 'q', 'g', 'y', 'j', 'seed', 'pgencounter']; + foreach ($keys as $key) { + // $dom->getElementsByTagName($key) is case-sensitive + $temp = $xpath->query("//*[translate(local-name(), 'ABCDEFGHIJKLMNOPQRSTUVWXYZ','abcdefghijklmnopqrstuvwxyz')='$key']"); + if (!$temp->length) { + continue; + } + $value = new BigInteger(Strings::base64_decode($temp->item(0)->nodeValue), 256); + switch ($key) { + case 'p': // a prime modulus meeting the [DSS] requirements + // Parameters P, Q, and G can be public and common to a group of users. They might be known + // from application context. As such, they are optional but P and Q must either both appear + // or both be absent + $components['p'] = $value; + break; + case 'q': // an integer in the range 2**159 < Q < 2**160 which is a prime divisor of P-1 + $components['q'] = $value; + break; + case 'g': // an integer with certain properties with respect to P and Q + $components['g'] = $value; + break; + case 'y': // G**X mod P (where X is part of the private key and not made public) + $components['y'] = $value; + // the remaining options do not do anything + case 'j': // (P - 1) / Q + // Parameter J is available for inclusion solely for efficiency as it is calculatable from + // P and Q + case 'seed': // a DSA prime generation seed + // Parameters seed and pgenCounter are used in the DSA prime number generation algorithm + // specified in [DSS]. As such, they are optional but must either both be present or both + // be absent + case 'pgencounter': // a DSA prime generation counter + } + } + + libxml_use_internal_errors($use_errors); + + if (!isset($components['y'])) { + throw new \UnexpectedValueException('Key is missing y component'); + } + + switch (true) { + case !isset($components['p']): + case !isset($components['q']): + case !isset($components['g']): + return ['y' => $components['y']]; + } + + return $components; + } + + /** + * Convert a public key to the appropriate format + * + * See https://www.w3.org/TR/xmldsig-core/#sec-DSAKeyValue + * + * @param \phpseclib3\Math\BigInteger $p + * @param \phpseclib3\Math\BigInteger $q + * @param \phpseclib3\Math\BigInteger $g + * @param \phpseclib3\Math\BigInteger $y + * @return string + */ + public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y) + { + return "\r\n" . + '

' . Strings::base64_encode($p->toBytes()) . "

\r\n" . + ' ' . Strings::base64_encode($q->toBytes()) . "\r\n" . + ' ' . Strings::base64_encode($g->toBytes()) . "\r\n" . + ' ' . Strings::base64_encode($y->toBytes()) . "\r\n" . + ''; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/ASN1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/ASN1.php new file mode 100644 index 0000000..df52bee --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/ASN1.php @@ -0,0 +1,62 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\DSA\Formats\Signature; + +use phpseclib3\File\ASN1 as Encoder; +use phpseclib3\File\ASN1\Maps; +use phpseclib3\Math\BigInteger; + +/** + * ASN1 Signature Handler + * + * @author Jim Wigginton + */ +abstract class ASN1 +{ + /** + * Loads a signature + * + * @param string $sig + * @return array|bool + */ + public static function load($sig) + { + if (!is_string($sig)) { + return false; + } + + $decoded = Encoder::decodeBER($sig); + if (empty($decoded)) { + return false; + } + $components = Encoder::asn1map($decoded[0], Maps\DssSigValue::MAP); + + return $components; + } + + /** + * Returns a signature in the appropriate format + * + * @param \phpseclib3\Math\BigInteger $r + * @param \phpseclib3\Math\BigInteger $s + * @return string + */ + public static function save(BigInteger $r, BigInteger $s) + { + return Encoder::encodeDER(compact('r', 's'), Maps\DssSigValue::MAP); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/Raw.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/Raw.php new file mode 100644 index 0000000..2657a2a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/Raw.php @@ -0,0 +1,25 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\DSA\Formats\Signature; + +use phpseclib3\Crypt\Common\Formats\Signature\Raw as Progenitor; + +/** + * Raw DSA Signature Handler + * + * @author Jim Wigginton + */ +abstract class Raw extends Progenitor +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/SSH2.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/SSH2.php new file mode 100644 index 0000000..dbfceab --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/SSH2.php @@ -0,0 +1,74 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\DSA\Formats\Signature; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Math\BigInteger; + +/** + * SSH2 Signature Handler + * + * @author Jim Wigginton + */ +abstract class SSH2 +{ + /** + * Loads a signature + * + * @param string $sig + * @return mixed + */ + public static function load($sig) + { + if (!is_string($sig)) { + return false; + } + + $result = Strings::unpackSSH2('ss', $sig); + if ($result === false) { + return false; + } + list($type, $blob) = $result; + if ($type != 'ssh-dss' || strlen($blob) != 40) { + return false; + } + + return [ + 'r' => new BigInteger(substr($blob, 0, 20), 256), + 's' => new BigInteger(substr($blob, 20), 256) + ]; + } + + /** + * Returns a signature in the appropriate format + * + * @param \phpseclib3\Math\BigInteger $r + * @param \phpseclib3\Math\BigInteger $s + * @return string + */ + public static function save(BigInteger $r, BigInteger $s) + { + if ($r->getLength() > 160 || $s->getLength() > 160) { + return false; + } + return Strings::packSSH2( + 'ss', + 'ssh-dss', + str_pad($r->toBytes(), 20, "\0", STR_PAD_LEFT) . + str_pad($s->toBytes(), 20, "\0", STR_PAD_LEFT) + ); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Parameters.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Parameters.php new file mode 100644 index 0000000..84d16ba --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Parameters.php @@ -0,0 +1,36 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\DSA; + +use phpseclib3\Crypt\DSA; + +/** + * DSA Parameters + * + * @author Jim Wigginton + */ +final class Parameters extends DSA +{ + /** + * Returns the parameters + * + * @param string $type + * @param array $options optional + * @return string + */ + public function toString($type = 'PKCS1', array $options = []) + { + $type = self::validatePlugin('Keys', 'PKCS1', 'saveParameters'); + + return $type::saveParameters($this->p, $this->q, $this->g, $options); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/PrivateKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/PrivateKey.php new file mode 100644 index 0000000..74d3e69 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/PrivateKey.php @@ -0,0 +1,152 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\DSA; + +use phpseclib3\Crypt\Common; +use phpseclib3\Crypt\DSA; +use phpseclib3\Crypt\DSA\Formats\Signature\ASN1 as ASN1Signature; +use phpseclib3\Math\BigInteger; + +/** + * DSA Private Key + * + * @author Jim Wigginton + */ +final class PrivateKey extends DSA implements Common\PrivateKey +{ + use Common\Traits\PasswordProtected; + + /** + * DSA secret exponent x + * + * @var \phpseclib3\Math\BigInteger + */ + protected $x; + + /** + * Returns the public key + * + * If you do "openssl rsa -in private.rsa -pubout -outform PEM" you get a PKCS8 formatted key + * that contains a publicKeyAlgorithm AlgorithmIdentifier and a publicKey BIT STRING. + * An AlgorithmIdentifier contains an OID and a parameters field. With RSA public keys this + * parameters field is NULL. With DSA PKCS8 public keys it is not - it contains the p, q and g + * variables. The publicKey BIT STRING contains, simply, the y variable. This can be verified + * by getting a DSA PKCS8 public key: + * + * "openssl dsa -in private.dsa -pubout -outform PEM" + * + * ie. just swap out rsa with dsa in the rsa command above. + * + * A PKCS1 public key corresponds to the publicKey portion of the PKCS8 key. In the case of RSA + * the publicKey portion /is/ the key. In the case of DSA it is not. You cannot verify a signature + * without the parameters and the PKCS1 DSA public key format does not include the parameters. + * + * @see self::getPrivateKey() + * @return mixed + */ + public function getPublicKey() + { + $type = self::validatePlugin('Keys', 'PKCS8', 'savePublicKey'); + + if (!isset($this->y)) { + $this->y = $this->g->powMod($this->x, $this->p); + } + + $key = $type::savePublicKey($this->p, $this->q, $this->g, $this->y); + + return DSA::loadFormat('PKCS8', $key) + ->withHash($this->hash->getHash()) + ->withSignatureFormat($this->shortFormat); + } + + /** + * Create a signature + * + * @see self::verify() + * @param string $message + * @return mixed + */ + public function sign($message) + { + $format = $this->sigFormat; + + if (self::$engines['OpenSSL'] && in_array($this->hash->getHash(), openssl_get_md_methods())) { + $signature = ''; + $result = openssl_sign($message, $signature, $this->toString('PKCS8'), $this->hash->getHash()); + + if ($result) { + if ($this->shortFormat == 'ASN1') { + return $signature; + } + + extract(ASN1Signature::load($signature)); + + return $format::save($r, $s); + } + } + + $h = $this->hash->hash($message); + $h = $this->bits2int($h); + + while (true) { + $k = BigInteger::randomRange(self::$one, $this->q->subtract(self::$one)); + $r = $this->g->powMod($k, $this->p); + list(, $r) = $r->divide($this->q); + if ($r->equals(self::$zero)) { + continue; + } + $kinv = $k->modInverse($this->q); + $temp = $h->add($this->x->multiply($r)); + $temp = $kinv->multiply($temp); + list(, $s) = $temp->divide($this->q); + if (!$s->equals(self::$zero)) { + break; + } + } + + // the following is an RFC6979 compliant implementation of deterministic DSA + // it's unused because it's mainly intended for use when a good CSPRNG isn't + // available. if phpseclib's CSPRNG isn't good then even key generation is + // suspect + /* + $h1 = $this->hash->hash($message); + $k = $this->computek($h1); + $r = $this->g->powMod($k, $this->p); + list(, $r) = $r->divide($this->q); + $kinv = $k->modInverse($this->q); + $h1 = $this->bits2int($h1); + $temp = $h1->add($this->x->multiply($r)); + $temp = $kinv->multiply($temp); + list(, $s) = $temp->divide($this->q); + */ + + return $format::save($r, $s); + } + + /** + * Returns the private key + * + * @param string $type + * @param array $options optional + * @return string + */ + public function toString($type, array $options = []) + { + $type = self::validatePlugin('Keys', $type, 'savePrivateKey'); + + if (!isset($this->y)) { + $this->y = $this->g->powMod($this->x, $this->p); + } + + return $type::savePrivateKey($this->p, $this->q, $this->g, $this->y, $this->x, $this->password, $options); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/PublicKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/PublicKey.php new file mode 100644 index 0000000..c14ffbd --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/PublicKey.php @@ -0,0 +1,86 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\DSA; + +use phpseclib3\Crypt\Common; +use phpseclib3\Crypt\DSA; +use phpseclib3\Crypt\DSA\Formats\Signature\ASN1 as ASN1Signature; + +/** + * DSA Public Key + * + * @author Jim Wigginton + */ +final class PublicKey extends DSA implements Common\PublicKey +{ + use Common\Traits\Fingerprint; + + /** + * Verify a signature + * + * @see self::verify() + * @param string $message + * @param string $signature + * @return mixed + */ + public function verify($message, $signature) + { + $format = $this->sigFormat; + + $params = $format::load($signature); + if ($params === false || count($params) != 2) { + return false; + } + extract($params); + + if (self::$engines['OpenSSL'] && in_array($this->hash->getHash(), openssl_get_md_methods())) { + $sig = $format != 'ASN1' ? ASN1Signature::save($r, $s) : $signature; + + $result = openssl_verify($message, $sig, $this->toString('PKCS8'), $this->hash->getHash()); + + if ($result != -1) { + return (bool) $result; + } + } + + $q_1 = $this->q->subtract(self::$one); + if (!$r->between(self::$one, $q_1) || !$s->between(self::$one, $q_1)) { + return false; + } + + $w = $s->modInverse($this->q); + $h = $this->hash->hash($message); + $h = $this->bits2int($h); + list(, $u1) = $h->multiply($w)->divide($this->q); + list(, $u2) = $r->multiply($w)->divide($this->q); + $v1 = $this->g->powMod($u1, $this->p); + $v2 = $this->y->powMod($u2, $this->p); + list(, $v) = $v1->multiply($v2)->divide($this->p); + list(, $v) = $v->divide($this->q); + + return $v->equals($r); + } + + /** + * Returns the public key + * + * @param string $type + * @param array $options optional + * @return string + */ + public function toString($type, array $options = []) + { + $type = self::validatePlugin('Keys', $type, 'savePublicKey'); + + return $type::savePublicKey($this->p, $this->q, $this->g, $this->y, $options); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC.php new file mode 100644 index 0000000..10b3825 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC.php @@ -0,0 +1,480 @@ + + * getPublicKey(); + * + * $plaintext = 'terrafrost'; + * + * $signature = $private->sign($plaintext); + * + * echo $public->verify($plaintext, $signature) ? 'verified' : 'unverified'; + * ?> + * + * + * @author Jim Wigginton + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt; + +use phpseclib3\Crypt\Common\AsymmetricKey; +use phpseclib3\Crypt\EC\BaseCurves\Montgomery as MontgomeryCurve; +use phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards as TwistedEdwardsCurve; +use phpseclib3\Crypt\EC\Curves\Curve25519; +use phpseclib3\Crypt\EC\Curves\Ed25519; +use phpseclib3\Crypt\EC\Curves\Ed448; +use phpseclib3\Crypt\EC\Formats\Keys\PKCS1; +use phpseclib3\Crypt\EC\Parameters; +use phpseclib3\Crypt\EC\PrivateKey; +use phpseclib3\Crypt\EC\PublicKey; +use phpseclib3\Exception\UnsupportedAlgorithmException; +use phpseclib3\Exception\UnsupportedCurveException; +use phpseclib3\Exception\UnsupportedOperationException; +use phpseclib3\File\ASN1; +use phpseclib3\File\ASN1\Maps\ECParameters; +use phpseclib3\Math\BigInteger; + +/** + * Pure-PHP implementation of EC. + * + * @author Jim Wigginton + */ +abstract class EC extends AsymmetricKey +{ + /** + * Algorithm Name + * + * @var string + */ + const ALGORITHM = 'EC'; + + /** + * Public Key QA + * + * @var object[] + */ + protected $QA; + + /** + * Curve + * + * @var \phpseclib3\Crypt\EC\BaseCurves\Base + */ + protected $curve; + + /** + * Signature Format + * + * @var string + */ + protected $format; + + /** + * Signature Format (Short) + * + * @var string + */ + protected $shortFormat; + + /** + * Curve Name + * + * @var string + */ + private $curveName; + + /** + * Curve Order + * + * Used for deterministic ECDSA + * + * @var \phpseclib3\Math\BigInteger + */ + protected $q; + + /** + * Alias for the private key + * + * Used for deterministic ECDSA. AsymmetricKey expects $x. I don't like x because + * with x you have x * the base point yielding an (x, y)-coordinate that is the + * public key. But the x is different depending on which side of the equal sign + * you're on. It's less ambiguous if you do dA * base point = (x, y)-coordinate. + * + * @var \phpseclib3\Math\BigInteger + */ + protected $x; + + /** + * Context + * + * @var string + */ + protected $context; + + /** + * Signature Format + * + * @var string + */ + protected $sigFormat; + + /** + * Create public / private key pair. + * + * @param string $curve + * @return \phpseclib3\Crypt\EC\PrivateKey + */ + public static function createKey($curve) + { + self::initialize_static_variables(); + + $class = new \ReflectionClass(static::class); + if ($class->isFinal()) { + throw new \RuntimeException('createKey() should not be called from final classes (' . static::class . ')'); + } + + if (!isset(self::$engines['PHP'])) { + self::useBestEngine(); + } + + $curve = strtolower($curve); + if (self::$engines['libsodium'] && $curve == 'ed25519' && function_exists('sodium_crypto_sign_keypair')) { + $kp = sodium_crypto_sign_keypair(); + + $privatekey = EC::loadFormat('libsodium', sodium_crypto_sign_secretkey($kp)); + //$publickey = EC::loadFormat('libsodium', sodium_crypto_sign_publickey($kp)); + + $privatekey->curveName = 'Ed25519'; + //$publickey->curveName = $curve; + + return $privatekey; + } + + $privatekey = new PrivateKey(); + + $curveName = $curve; + if (preg_match('#(?:^curve|^ed)\d+$#', $curveName)) { + $curveName = ucfirst($curveName); + } elseif (substr($curveName, 0, 10) == 'brainpoolp') { + $curveName = 'brainpoolP' . substr($curveName, 10); + } + $curve = '\phpseclib3\Crypt\EC\Curves\\' . $curveName; + + if (!class_exists($curve)) { + throw new UnsupportedCurveException('Named Curve of ' . $curveName . ' is not supported'); + } + + $reflect = new \ReflectionClass($curve); + $curveName = $reflect->isFinal() ? + $reflect->getParentClass()->getShortName() : + $reflect->getShortName(); + + $curve = new $curve(); + if ($curve instanceof TwistedEdwardsCurve) { + $arr = $curve->extractSecret(Random::string($curve instanceof Ed448 ? 57 : 32)); + $privatekey->dA = $dA = $arr['dA']; + $privatekey->secret = $arr['secret']; + } else { + $privatekey->dA = $dA = $curve->createRandomMultiplier(); + } + if ($curve instanceof Curve25519 && self::$engines['libsodium']) { + //$r = pack('H*', '0900000000000000000000000000000000000000000000000000000000000000'); + //$QA = sodium_crypto_scalarmult($dA->toBytes(), $r); + $QA = sodium_crypto_box_publickey_from_secretkey($dA->toBytes()); + $privatekey->QA = [$curve->convertInteger(new BigInteger(strrev($QA), 256))]; + } else { + $privatekey->QA = $curve->multiplyPoint($curve->getBasePoint(), $dA); + } + $privatekey->curve = $curve; + + //$publickey = clone $privatekey; + //unset($publickey->dA); + //unset($publickey->x); + + $privatekey->curveName = $curveName; + //$publickey->curveName = $curveName; + + if ($privatekey->curve instanceof TwistedEdwardsCurve) { + return $privatekey->withHash($curve::HASH); + } + + return $privatekey; + } + + /** + * OnLoad Handler + * + * @return bool + */ + protected static function onLoad(array $components) + { + if (!isset(self::$engines['PHP'])) { + self::useBestEngine(); + } + + if (!isset($components['dA']) && !isset($components['QA'])) { + $new = new Parameters(); + $new->curve = $components['curve']; + return $new; + } + + $new = isset($components['dA']) ? + new PrivateKey() : + new PublicKey(); + $new->curve = $components['curve']; + $new->QA = $components['QA']; + + if (isset($components['dA'])) { + $new->dA = $components['dA']; + $new->secret = $components['secret']; + } + + if ($new->curve instanceof TwistedEdwardsCurve) { + return $new->withHash($components['curve']::HASH); + } + + return $new; + } + + /** + * Constructor + * + * PublicKey and PrivateKey objects can only be created from abstract RSA class + */ + protected function __construct() + { + $this->sigFormat = self::validatePlugin('Signature', 'ASN1'); + $this->shortFormat = 'ASN1'; + + parent::__construct(); + } + + /** + * Returns the curve + * + * Returns a string if it's a named curve, an array if not + * + * @return string|array + */ + public function getCurve() + { + if ($this->curveName) { + return $this->curveName; + } + + if ($this->curve instanceof MontgomeryCurve) { + $this->curveName = $this->curve instanceof Curve25519 ? 'Curve25519' : 'Curve448'; + return $this->curveName; + } + + if ($this->curve instanceof TwistedEdwardsCurve) { + $this->curveName = $this->curve instanceof Ed25519 ? 'Ed25519' : 'Ed448'; + return $this->curveName; + } + + $params = $this->getParameters()->toString('PKCS8', ['namedCurve' => true]); + $decoded = ASN1::extractBER($params); + $decoded = ASN1::decodeBER($decoded); + $decoded = ASN1::asn1map($decoded[0], ECParameters::MAP); + if (isset($decoded['namedCurve'])) { + $this->curveName = $decoded['namedCurve']; + return $decoded['namedCurve']; + } + + if (!$namedCurves) { + PKCS1::useSpecifiedCurve(); + } + + return $decoded; + } + + /** + * Returns the key size + * + * Quoting https://tools.ietf.org/html/rfc5656#section-2, + * + * "The size of a set of elliptic curve domain parameters on a prime + * curve is defined as the number of bits in the binary representation + * of the field order, commonly denoted by p. Size on a + * characteristic-2 curve is defined as the number of bits in the binary + * representation of the field, commonly denoted by m. A set of + * elliptic curve domain parameters defines a group of order n generated + * by a base point P" + * + * @return int + */ + public function getLength() + { + return $this->curve->getLength(); + } + + /** + * Returns the current engine being used + * + * @see self::useInternalEngine() + * @see self::useBestEngine() + * @return string + */ + public function getEngine() + { + if (!isset(self::$engines['PHP'])) { + self::useBestEngine(); + } + if ($this->curve instanceof TwistedEdwardsCurve) { + return $this->curve instanceof Ed25519 && self::$engines['libsodium'] && !isset($this->context) ? + 'libsodium' : 'PHP'; + } + + return self::$engines['OpenSSL'] && in_array($this->hash->getHash(), openssl_get_md_methods()) ? + 'OpenSSL' : 'PHP'; + } + + /** + * Returns the public key coordinates as a string + * + * Used by ECDH + * + * @return string + */ + public function getEncodedCoordinates() + { + if ($this->curve instanceof MontgomeryCurve) { + return strrev($this->QA[0]->toBytes(true)); + } + if ($this->curve instanceof TwistedEdwardsCurve) { + return $this->curve->encodePoint($this->QA); + } + return "\4" . $this->QA[0]->toBytes(true) . $this->QA[1]->toBytes(true); + } + + /** + * Returns the parameters + * + * @see self::getPublicKey() + * @param string $type optional + * @return mixed + */ + public function getParameters($type = 'PKCS1') + { + $type = self::validatePlugin('Keys', $type, 'saveParameters'); + + $key = $type::saveParameters($this->curve); + + return EC::load($key, 'PKCS1') + ->withHash($this->hash->getHash()) + ->withSignatureFormat($this->shortFormat); + } + + /** + * Determines the signature padding mode + * + * Valid values are: ASN1, SSH2, Raw + * + * @param string $format + */ + public function withSignatureFormat($format) + { + if ($this->curve instanceof MontgomeryCurve) { + throw new UnsupportedOperationException('Montgomery Curves cannot be used to create signatures'); + } + + $new = clone $this; + $new->shortFormat = $format; + $new->sigFormat = self::validatePlugin('Signature', $format); + return $new; + } + + /** + * Returns the signature format currently being used + * + */ + public function getSignatureFormat() + { + return $this->shortFormat; + } + + /** + * Sets the context + * + * Used by Ed25519 / Ed448. + * + * @see self::sign() + * @see self::verify() + * @param string $context optional + */ + public function withContext($context = null) + { + if (!$this->curve instanceof TwistedEdwardsCurve) { + throw new UnsupportedCurveException('Only Ed25519 and Ed448 support contexts'); + } + + $new = clone $this; + if (!isset($context)) { + $new->context = null; + return $new; + } + if (!is_string($context)) { + throw new \InvalidArgumentException('setContext expects a string'); + } + if (strlen($context) > 255) { + throw new \LengthException('The context is supposed to be, at most, 255 bytes long'); + } + $new->context = $context; + return $new; + } + + /** + * Returns the signature format currently being used + * + */ + public function getContext() + { + return $this->context; + } + + /** + * Determines which hashing function should be used + * + * @param string $hash + */ + public function withHash($hash) + { + if ($this->curve instanceof MontgomeryCurve) { + throw new UnsupportedOperationException('Montgomery Curves cannot be used to create signatures'); + } + if ($this->curve instanceof Ed25519 && $hash != 'sha512') { + throw new UnsupportedAlgorithmException('Ed25519 only supports sha512 as a hash'); + } + if ($this->curve instanceof Ed448 && $hash != 'shake256-912') { + throw new UnsupportedAlgorithmException('Ed448 only supports shake256 with a length of 114 bytes'); + } + + return parent::withHash($hash); + } + + /** + * __toString() magic method + * + * @return string + */ + public function __toString() + { + if ($this->curve instanceof MontgomeryCurve) { + return ''; + } + + return parent::__toString(); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Base.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Base.php new file mode 100644 index 0000000..dbc914b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Base.php @@ -0,0 +1,218 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\BaseCurves; + +use phpseclib3\Math\BigInteger; + +/** + * Base + * + * @author Jim Wigginton + */ +abstract class Base +{ + /** + * The Order + * + * @var BigInteger + */ + protected $order; + + /** + * Finite Field Integer factory + * + * @var \phpseclib3\Math\FiniteField\Integer + */ + protected $factory; + + /** + * Returns a random integer + * + * @return object + */ + public function randomInteger() + { + return $this->factory->randomInteger(); + } + + /** + * Converts a BigInteger to a \phpseclib3\Math\FiniteField\Integer integer + * + * @return object + */ + public function convertInteger(BigInteger $x) + { + return $this->factory->newInteger($x); + } + + /** + * Returns the length, in bytes, of the modulo + * + * @return integer + */ + public function getLengthInBytes() + { + return $this->factory->getLengthInBytes(); + } + + /** + * Returns the length, in bits, of the modulo + * + * @return integer + */ + public function getLength() + { + return $this->factory->getLength(); + } + + /** + * Multiply a point on the curve by a scalar + * + * Uses the montgomery ladder technique as described here: + * + * https://en.wikipedia.org/wiki/Elliptic_curve_point_multiplication#Montgomery_ladder + * https://github.com/phpecc/phpecc/issues/16#issuecomment-59176772 + * + * @return array + */ + public function multiplyPoint(array $p, BigInteger $d) + { + $alreadyInternal = isset($p[2]); + $r = $alreadyInternal ? + [[], $p] : + [[], $this->convertToInternal($p)]; + + $d = $d->toBits(); + for ($i = 0; $i < strlen($d); $i++) { + $d_i = (int) $d[$i]; + $r[1 - $d_i] = $this->addPoint($r[0], $r[1]); + $r[$d_i] = $this->doublePoint($r[$d_i]); + } + + return $alreadyInternal ? $r[0] : $this->convertToAffine($r[0]); + } + + /** + * Creates a random scalar multiplier + * + * @return BigInteger + */ + public function createRandomMultiplier() + { + static $one; + if (!isset($one)) { + $one = new BigInteger(1); + } + + return BigInteger::randomRange($one, $this->order->subtract($one)); + } + + /** + * Performs range check + */ + public function rangeCheck(BigInteger $x) + { + static $zero; + if (!isset($zero)) { + $zero = new BigInteger(); + } + + if (!isset($this->order)) { + throw new \RuntimeException('setOrder needs to be called before this method'); + } + if ($x->compare($this->order) > 0 || $x->compare($zero) <= 0) { + throw new \RangeException('x must be between 1 and the order of the curve'); + } + } + + /** + * Sets the Order + */ + public function setOrder(BigInteger $order) + { + $this->order = $order; + } + + /** + * Returns the Order + * + * @return \phpseclib3\Math\BigInteger + */ + public function getOrder() + { + return $this->order; + } + + /** + * Use a custom defined modular reduction function + * + * @return object + */ + public function setReduction(callable $func) + { + $this->factory->setReduction($func); + } + + /** + * Returns the affine point + * + * @return object[] + */ + public function convertToAffine(array $p) + { + return $p; + } + + /** + * Converts an affine point to a jacobian coordinate + * + * @return object[] + */ + public function convertToInternal(array $p) + { + return $p; + } + + /** + * Negates a point + * + * @return object[] + */ + public function negatePoint(array $p) + { + $temp = [ + $p[0], + $p[1]->negate() + ]; + if (isset($p[2])) { + $temp[] = $p[2]; + } + return $temp; + } + + /** + * Multiply and Add Points + * + * @return int[] + */ + public function multiplyAddPoints(array $points, array $scalars) + { + $p1 = $this->convertToInternal($points[0]); + $p2 = $this->convertToInternal($points[1]); + $p1 = $this->multiplyPoint($p1, $scalars[0]); + $p2 = $this->multiplyPoint($p2, $scalars[1]); + $r = $this->addPoint($p1, $p2); + return $this->convertToAffine($r); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Binary.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Binary.php new file mode 100644 index 0000000..4fc6c70 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Binary.php @@ -0,0 +1,373 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\BaseCurves; + +use phpseclib3\Math\BigInteger; +use phpseclib3\Math\BinaryField; +use phpseclib3\Math\BinaryField\Integer as BinaryInteger; + +/** + * Curves over y^2 + x*y = x^3 + a*x^2 + b + * + * @author Jim Wigginton + */ +class Binary extends Base +{ + /** + * Binary Field Integer factory + * + * @var \phpseclib3\Math\BinaryField + */ + protected $factory; + + /** + * Cofficient for x^1 + * + * @var object + */ + protected $a; + + /** + * Cofficient for x^0 + * + * @var object + */ + protected $b; + + /** + * Base Point + * + * @var object + */ + protected $p; + + /** + * The number one over the specified finite field + * + * @var object + */ + protected $one; + + /** + * The modulo + * + * @var BigInteger + */ + protected $modulo; + + /** + * The Order + * + * @var BigInteger + */ + protected $order; + + /** + * Sets the modulo + */ + public function setModulo(...$modulo) + { + $this->modulo = $modulo; + $this->factory = new BinaryField(...$modulo); + + $this->one = $this->factory->newInteger("\1"); + } + + /** + * Set coefficients a and b + * + * @param string $a + * @param string $b + */ + public function setCoefficients($a, $b) + { + if (!isset($this->factory)) { + throw new \RuntimeException('setModulo needs to be called before this method'); + } + $this->a = $this->factory->newInteger(pack('H*', $a)); + $this->b = $this->factory->newInteger(pack('H*', $b)); + } + + /** + * Set x and y coordinates for the base point + * + * @param string|BinaryInteger $x + * @param string|BinaryInteger $y + */ + public function setBasePoint($x, $y) + { + switch (true) { + case !is_string($x) && !$x instanceof BinaryInteger: + throw new \UnexpectedValueException('Argument 1 passed to Binary::setBasePoint() must be a string or an instance of BinaryField\Integer'); + case !is_string($y) && !$y instanceof BinaryInteger: + throw new \UnexpectedValueException('Argument 2 passed to Binary::setBasePoint() must be a string or an instance of BinaryField\Integer'); + } + if (!isset($this->factory)) { + throw new \RuntimeException('setModulo needs to be called before this method'); + } + $this->p = [ + is_string($x) ? $this->factory->newInteger(pack('H*', $x)) : $x, + is_string($y) ? $this->factory->newInteger(pack('H*', $y)) : $y + ]; + } + + /** + * Retrieve the base point as an array + * + * @return array + */ + public function getBasePoint() + { + if (!isset($this->factory)) { + throw new \RuntimeException('setModulo needs to be called before this method'); + } + /* + if (!isset($this->p)) { + throw new \RuntimeException('setBasePoint needs to be called before this method'); + } + */ + return $this->p; + } + + /** + * Adds two points on the curve + * + * @return FiniteField[] + */ + public function addPoint(array $p, array $q) + { + if (!isset($this->factory)) { + throw new \RuntimeException('setModulo needs to be called before this method'); + } + + if (!count($p) || !count($q)) { + if (count($q)) { + return $q; + } + if (count($p)) { + return $p; + } + return []; + } + + if (!isset($p[2]) || !isset($q[2])) { + throw new \RuntimeException('Affine coordinates need to be manually converted to "Jacobi" coordinates or vice versa'); + } + + if ($p[0]->equals($q[0])) { + return !$p[1]->equals($q[1]) ? [] : $this->doublePoint($p); + } + + // formulas from http://hyperelliptic.org/EFD/g12o/auto-shortw-jacobian.html + + list($x1, $y1, $z1) = $p; + list($x2, $y2, $z2) = $q; + + $o1 = $z1->multiply($z1); + $b = $x2->multiply($o1); + + if ($z2->equals($this->one)) { + $d = $y2->multiply($o1)->multiply($z1); + $e = $x1->add($b); + $f = $y1->add($d); + $z3 = $e->multiply($z1); + $h = $f->multiply($x2)->add($z3->multiply($y2)); + $i = $f->add($z3); + $g = $z3->multiply($z3); + $p1 = $this->a->multiply($g); + $p2 = $f->multiply($i); + $p3 = $e->multiply($e)->multiply($e); + $x3 = $p1->add($p2)->add($p3); + $y3 = $i->multiply($x3)->add($g->multiply($h)); + + return [$x3, $y3, $z3]; + } + + $o2 = $z2->multiply($z2); + $a = $x1->multiply($o2); + $c = $y1->multiply($o2)->multiply($z2); + $d = $y2->multiply($o1)->multiply($z1); + $e = $a->add($b); + $f = $c->add($d); + $g = $e->multiply($z1); + $h = $f->multiply($x2)->add($g->multiply($y2)); + $z3 = $g->multiply($z2); + $i = $f->add($z3); + $p1 = $this->a->multiply($z3->multiply($z3)); + $p2 = $f->multiply($i); + $p3 = $e->multiply($e)->multiply($e); + $x3 = $p1->add($p2)->add($p3); + $y3 = $i->multiply($x3)->add($g->multiply($g)->multiply($h)); + + return [$x3, $y3, $z3]; + } + + /** + * Doubles a point on a curve + * + * @return FiniteField[] + */ + public function doublePoint(array $p) + { + if (!isset($this->factory)) { + throw new \RuntimeException('setModulo needs to be called before this method'); + } + + if (!count($p)) { + return []; + } + + if (!isset($p[2])) { + throw new \RuntimeException('Affine coordinates need to be manually converted to "Jacobi" coordinates or vice versa'); + } + + // formulas from http://hyperelliptic.org/EFD/g12o/auto-shortw-jacobian.html + + list($x1, $y1, $z1) = $p; + + $a = $x1->multiply($x1); + $b = $a->multiply($a); + + if ($z1->equals($this->one)) { + $x3 = $b->add($this->b); + $z3 = clone $x1; + $p1 = $a->add($y1)->add($z3)->multiply($this->b); + $p2 = $a->add($y1)->multiply($b); + $y3 = $p1->add($p2); + + return [$x3, $y3, $z3]; + } + + $c = $z1->multiply($z1); + $d = $c->multiply($c); + $x3 = $b->add($this->b->multiply($d->multiply($d))); + $z3 = $x1->multiply($c); + $p1 = $b->multiply($z3); + $p2 = $a->add($y1->multiply($z1))->add($z3)->multiply($x3); + $y3 = $p1->add($p2); + + return [$x3, $y3, $z3]; + } + + /** + * Returns the X coordinate and the derived Y coordinate + * + * Not supported because it is covered by patents. + * Quoting https://www.openssl.org/docs/man1.1.0/apps/ecparam.html , + * + * "Due to patent issues the compressed option is disabled by default for binary curves + * and can be enabled by defining the preprocessor macro OPENSSL_EC_BIN_PT_COMP at + * compile time." + * + * @return array + */ + public function derivePoint($m) + { + throw new \RuntimeException('Point compression on binary finite field elliptic curves is not supported'); + } + + /** + * Tests whether or not the x / y values satisfy the equation + * + * @return boolean + */ + public function verifyPoint(array $p) + { + list($x, $y) = $p; + $lhs = $y->multiply($y); + $lhs = $lhs->add($x->multiply($y)); + $x2 = $x->multiply($x); + $x3 = $x2->multiply($x); + $rhs = $x3->add($this->a->multiply($x2))->add($this->b); + + return $lhs->equals($rhs); + } + + /** + * Returns the modulo + * + * @return \phpseclib3\Math\BigInteger + */ + public function getModulo() + { + return $this->modulo; + } + + /** + * Returns the a coefficient + * + * @return \phpseclib3\Math\PrimeField\Integer + */ + public function getA() + { + return $this->a; + } + + /** + * Returns the a coefficient + * + * @return \phpseclib3\Math\PrimeField\Integer + */ + public function getB() + { + return $this->b; + } + + /** + * Returns the affine point + * + * A Jacobian Coordinate is of the form (x, y, z). + * To convert a Jacobian Coordinate to an Affine Point + * you do (x / z^2, y / z^3) + * + * @return \phpseclib3\Math\PrimeField\Integer[] + */ + public function convertToAffine(array $p) + { + if (!isset($p[2])) { + return $p; + } + list($x, $y, $z) = $p; + $z = $this->one->divide($z); + $z2 = $z->multiply($z); + return [ + $x->multiply($z2), + $y->multiply($z2)->multiply($z) + ]; + } + + /** + * Converts an affine point to a jacobian coordinate + * + * @return \phpseclib3\Math\PrimeField\Integer[] + */ + public function convertToInternal(array $p) + { + if (isset($p[2])) { + return $p; + } + + $p[2] = clone $this->one; + $p['fresh'] = true; + return $p; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/KoblitzPrime.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/KoblitzPrime.php new file mode 100644 index 0000000..d8492eb --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/KoblitzPrime.php @@ -0,0 +1,335 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\BaseCurves; + +use phpseclib3\Math\BigInteger; +use phpseclib3\Math\PrimeField; + +/** + * Curves over y^2 = x^3 + b + * + * @author Jim Wigginton + */ +class KoblitzPrime extends Prime +{ + /** + * Basis + * + * @var list + */ + protected $basis; + + /** + * Beta + * + * @var PrimeField\Integer + */ + protected $beta; + + // don't overwrite setCoefficients() with one that only accepts one parameter so that + // one might be able to switch between KoblitzPrime and Prime more easily (for benchmarking + // purposes). + + /** + * Multiply and Add Points + * + * Uses a efficiently computable endomorphism to achieve a slight speedup + * + * Adapted from: + * https://github.com/indutny/elliptic/blob/725bd91/lib/elliptic/curve/short.js#L219 + * + * @return int[] + */ + public function multiplyAddPoints(array $points, array $scalars) + { + static $zero, $one, $two; + if (!isset($two)) { + $two = new BigInteger(2); + $one = new BigInteger(1); + } + + if (!isset($this->beta)) { + // get roots + $inv = $this->one->divide($this->two)->negate(); + $s = $this->three->negate()->squareRoot()->multiply($inv); + $betas = [ + $inv->add($s), + $inv->subtract($s) + ]; + $this->beta = $betas[0]->compare($betas[1]) < 0 ? $betas[0] : $betas[1]; + //echo strtoupper($this->beta->toHex(true)) . "\n"; exit; + } + + if (!isset($this->basis)) { + $factory = new PrimeField($this->order); + $tempOne = $factory->newInteger($one); + $tempTwo = $factory->newInteger($two); + $tempThree = $factory->newInteger(new BigInteger(3)); + + $inv = $tempOne->divide($tempTwo)->negate(); + $s = $tempThree->negate()->squareRoot()->multiply($inv); + + $lambdas = [ + $inv->add($s), + $inv->subtract($s) + ]; + + $lhs = $this->multiplyPoint($this->p, $lambdas[0])[0]; + $rhs = $this->p[0]->multiply($this->beta); + $lambda = $lhs->equals($rhs) ? $lambdas[0] : $lambdas[1]; + + $this->basis = static::extendedGCD($lambda->toBigInteger(), $this->order); + ///* + foreach ($this->basis as $basis) { + echo strtoupper($basis['a']->toHex(true)) . "\n"; + echo strtoupper($basis['b']->toHex(true)) . "\n\n"; + } + exit; + //*/ + } + + $npoints = $nscalars = []; + for ($i = 0; $i < count($points); $i++) { + $p = $points[$i]; + $k = $scalars[$i]->toBigInteger(); + + // begin split + list($v1, $v2) = $this->basis; + + $c1 = $v2['b']->multiply($k); + list($c1, $r) = $c1->divide($this->order); + if ($this->order->compare($r->multiply($two)) <= 0) { + $c1 = $c1->add($one); + } + + $c2 = $v1['b']->negate()->multiply($k); + list($c2, $r) = $c2->divide($this->order); + if ($this->order->compare($r->multiply($two)) <= 0) { + $c2 = $c2->add($one); + } + + $p1 = $c1->multiply($v1['a']); + $p2 = $c2->multiply($v2['a']); + $q1 = $c1->multiply($v1['b']); + $q2 = $c2->multiply($v2['b']); + + $k1 = $k->subtract($p1)->subtract($p2); + $k2 = $q1->add($q2)->negate(); + // end split + + $beta = [ + $p[0]->multiply($this->beta), + $p[1], + clone $this->one + ]; + + if (isset($p['naf'])) { + $beta['naf'] = array_map(function ($p) { + return [ + $p[0]->multiply($this->beta), + $p[1], + clone $this->one + ]; + }, $p['naf']); + $beta['nafwidth'] = $p['nafwidth']; + } + + if ($k1->isNegative()) { + $k1 = $k1->negate(); + $p = $this->negatePoint($p); + } + + if ($k2->isNegative()) { + $k2 = $k2->negate(); + $beta = $this->negatePoint($beta); + } + + $pos = 2 * $i; + $npoints[$pos] = $p; + $nscalars[$pos] = $this->factory->newInteger($k1); + + $pos++; + $npoints[$pos] = $beta; + $nscalars[$pos] = $this->factory->newInteger($k2); + } + + return parent::multiplyAddPoints($npoints, $nscalars); + } + + /** + * Returns the numerator and denominator of the slope + * + * @return FiniteField[] + */ + protected function doublePointHelper(array $p) + { + $numerator = $this->three->multiply($p[0])->multiply($p[0]); + $denominator = $this->two->multiply($p[1]); + return [$numerator, $denominator]; + } + + /** + * Doubles a jacobian coordinate on the curve + * + * See http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html#doubling-dbl-2009-l + * + * @return FiniteField[] + */ + protected function jacobianDoublePoint(array $p) + { + list($x1, $y1, $z1) = $p; + $a = $x1->multiply($x1); + $b = $y1->multiply($y1); + $c = $b->multiply($b); + $d = $x1->add($b); + $d = $d->multiply($d)->subtract($a)->subtract($c)->multiply($this->two); + $e = $this->three->multiply($a); + $f = $e->multiply($e); + $x3 = $f->subtract($this->two->multiply($d)); + $y3 = $e->multiply($d->subtract($x3))->subtract( + $this->eight->multiply($c) + ); + $z3 = $this->two->multiply($y1)->multiply($z1); + return [$x3, $y3, $z3]; + } + + /** + * Doubles a "fresh" jacobian coordinate on the curve + * + * See http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html#doubling-mdbl-2007-bl + * + * @return FiniteField[] + */ + protected function jacobianDoublePointMixed(array $p) + { + list($x1, $y1) = $p; + $xx = $x1->multiply($x1); + $yy = $y1->multiply($y1); + $yyyy = $yy->multiply($yy); + $s = $x1->add($yy); + $s = $s->multiply($s)->subtract($xx)->subtract($yyyy)->multiply($this->two); + $m = $this->three->multiply($xx); + $t = $m->multiply($m)->subtract($this->two->multiply($s)); + $x3 = $t; + $y3 = $s->subtract($t); + $y3 = $m->multiply($y3)->subtract($this->eight->multiply($yyyy)); + $z3 = $this->two->multiply($y1); + return [$x3, $y3, $z3]; + } + + /** + * Tests whether or not the x / y values satisfy the equation + * + * @return boolean + */ + public function verifyPoint(array $p) + { + list($x, $y) = $p; + $lhs = $y->multiply($y); + $temp = $x->multiply($x)->multiply($x); + $rhs = $temp->add($this->b); + + return $lhs->equals($rhs); + } + + /** + * Calculates the parameters needed from the Euclidean algorithm as discussed at + * http://diamond.boisestate.edu/~liljanab/MATH308/GuideToECC.pdf#page=148 + * + * @param BigInteger $u + * @param BigInteger $v + * @return BigInteger[] + */ + protected static function extendedGCD(BigInteger $u, BigInteger $v) + { + $one = new BigInteger(1); + $zero = new BigInteger(); + + $a = clone $one; + $b = clone $zero; + $c = clone $zero; + $d = clone $one; + + $stop = $v->bitwise_rightShift($v->getLength() >> 1); + + $a1 = clone $zero; + $b1 = clone $zero; + $a2 = clone $zero; + $b2 = clone $zero; + + $postGreatestIndex = 0; + + while (!$v->equals($zero)) { + list($q) = $u->divide($v); + + $temp = $u; + $u = $v; + $v = $temp->subtract($v->multiply($q)); + + $temp = $a; + $a = $c; + $c = $temp->subtract($a->multiply($q)); + + $temp = $b; + $b = $d; + $d = $temp->subtract($b->multiply($q)); + + if ($v->compare($stop) > 0) { + $a0 = $v; + $b0 = $c; + } else { + $postGreatestIndex++; + } + + if ($postGreatestIndex == 1) { + $a1 = $v; + $b1 = $c->negate(); + } + + if ($postGreatestIndex == 2) { + $rhs = $a0->multiply($a0)->add($b0->multiply($b0)); + $lhs = $v->multiply($v)->add($b->multiply($b)); + if ($lhs->compare($rhs) <= 0) { + $a2 = $a0; + $b2 = $b0->negate(); + } else { + $a2 = $v; + $b2 = $c->negate(); + } + + break; + } + } + + return [ + ['a' => $a1, 'b' => $b1], + ['a' => $a2, 'b' => $b2] + ]; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Montgomery.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Montgomery.php new file mode 100644 index 0000000..e3fa50b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Montgomery.php @@ -0,0 +1,279 @@ + + * @copyright 2019 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\BaseCurves; + +use phpseclib3\Crypt\EC\Curves\Curve25519; +use phpseclib3\Math\BigInteger; +use phpseclib3\Math\PrimeField; +use phpseclib3\Math\PrimeField\Integer as PrimeInteger; + +/** + * Curves over y^2 = x^3 + a*x + x + * + * @author Jim Wigginton + */ +class Montgomery extends Base +{ + /** + * Prime Field Integer factory + * + * @var \phpseclib3\Math\PrimeField + */ + protected $factory; + + /** + * Cofficient for x + * + * @var object + */ + protected $a; + + /** + * Constant used for point doubling + * + * @var object + */ + protected $a24; + + /** + * The Number Zero + * + * @var object + */ + protected $zero; + + /** + * The Number One + * + * @var object + */ + protected $one; + + /** + * Base Point + * + * @var object + */ + protected $p; + + /** + * The modulo + * + * @var BigInteger + */ + protected $modulo; + + /** + * The Order + * + * @var BigInteger + */ + protected $order; + + /** + * Sets the modulo + */ + public function setModulo(BigInteger $modulo) + { + $this->modulo = $modulo; + $this->factory = new PrimeField($modulo); + $this->zero = $this->factory->newInteger(new BigInteger()); + $this->one = $this->factory->newInteger(new BigInteger(1)); + } + + /** + * Set coefficients a + */ + public function setCoefficients(BigInteger $a) + { + if (!isset($this->factory)) { + throw new \RuntimeException('setModulo needs to be called before this method'); + } + $this->a = $this->factory->newInteger($a); + $two = $this->factory->newInteger(new BigInteger(2)); + $four = $this->factory->newInteger(new BigInteger(4)); + $this->a24 = $this->a->subtract($two)->divide($four); + } + + /** + * Set x and y coordinates for the base point + * + * @param BigInteger|PrimeInteger $x + * @param BigInteger|PrimeInteger $y + * @return PrimeInteger[] + */ + public function setBasePoint($x, $y) + { + switch (true) { + case !$x instanceof BigInteger && !$x instanceof PrimeInteger: + throw new \UnexpectedValueException('Argument 1 passed to Prime::setBasePoint() must be an instance of either BigInteger or PrimeField\Integer'); + case !$y instanceof BigInteger && !$y instanceof PrimeInteger: + throw new \UnexpectedValueException('Argument 2 passed to Prime::setBasePoint() must be an instance of either BigInteger or PrimeField\Integer'); + } + if (!isset($this->factory)) { + throw new \RuntimeException('setModulo needs to be called before this method'); + } + $this->p = [ + $x instanceof BigInteger ? $this->factory->newInteger($x) : $x, + $y instanceof BigInteger ? $this->factory->newInteger($y) : $y + ]; + } + + /** + * Retrieve the base point as an array + * + * @return array + */ + public function getBasePoint() + { + if (!isset($this->factory)) { + throw new \RuntimeException('setModulo needs to be called before this method'); + } + /* + if (!isset($this->p)) { + throw new \RuntimeException('setBasePoint needs to be called before this method'); + } + */ + return $this->p; + } + + /** + * Doubles and adds a point on a curve + * + * See https://tools.ietf.org/html/draft-ietf-tls-curve25519-01#appendix-A.1.3 + * + * @return FiniteField[][] + */ + private function doubleAndAddPoint(array $p, array $q, PrimeInteger $x1) + { + if (!isset($this->factory)) { + throw new \RuntimeException('setModulo needs to be called before this method'); + } + + if (!count($p) || !count($q)) { + return []; + } + + if (!isset($p[1])) { + throw new \RuntimeException('Affine coordinates need to be manually converted to XZ coordinates'); + } + + list($x2, $z2) = $p; + list($x3, $z3) = $q; + + $a = $x2->add($z2); + $aa = $a->multiply($a); + $b = $x2->subtract($z2); + $bb = $b->multiply($b); + $e = $aa->subtract($bb); + $c = $x3->add($z3); + $d = $x3->subtract($z3); + $da = $d->multiply($a); + $cb = $c->multiply($b); + $temp = $da->add($cb); + $x5 = $temp->multiply($temp); + $temp = $da->subtract($cb); + $z5 = $x1->multiply($temp->multiply($temp)); + $x4 = $aa->multiply($bb); + $temp = static::class == Curve25519::class ? $bb : $aa; + $z4 = $e->multiply($temp->add($this->a24->multiply($e))); + + return [ + [$x4, $z4], + [$x5, $z5] + ]; + } + + /** + * Multiply a point on the curve by a scalar + * + * Uses the montgomery ladder technique as described here: + * + * https://en.wikipedia.org/wiki/Elliptic_curve_point_multiplication#Montgomery_ladder + * https://github.com/phpecc/phpecc/issues/16#issuecomment-59176772 + * + * @return array + */ + public function multiplyPoint(array $p, BigInteger $d) + { + $p1 = [$this->one, $this->zero]; + $alreadyInternal = isset($x[1]); + $p2 = $this->convertToInternal($p); + $x = $p[0]; + + $b = $d->toBits(); + $b = str_pad($b, 256, '0', STR_PAD_LEFT); + for ($i = 0; $i < strlen($b); $i++) { + $b_i = (int) $b[$i]; + if ($b_i) { + list($p2, $p1) = $this->doubleAndAddPoint($p2, $p1, $x); + } else { + list($p1, $p2) = $this->doubleAndAddPoint($p1, $p2, $x); + } + } + + return $alreadyInternal ? $p1 : $this->convertToAffine($p1); + } + + /** + * Converts an affine point to an XZ coordinate + * + * From https://hyperelliptic.org/EFD/g1p/auto-montgom-xz.html + * + * XZ coordinates represent x y as X Z satsfying the following equations: + * + * x=X/Z + * + * @return \phpseclib3\Math\PrimeField\Integer[] + */ + public function convertToInternal(array $p) + { + if (empty($p)) { + return [clone $this->zero, clone $this->one]; + } + + if (isset($p[1])) { + return $p; + } + + $p[1] = clone $this->one; + + return $p; + } + + /** + * Returns the affine point + * + * @return \phpseclib3\Math\PrimeField\Integer[] + */ + public function convertToAffine(array $p) + { + if (!isset($p[1])) { + return $p; + } + list($x, $z) = $p; + return [$x->divide($z)]; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Prime.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Prime.php new file mode 100644 index 0000000..6250dfb --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Prime.php @@ -0,0 +1,785 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\BaseCurves; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Math\BigInteger; +use phpseclib3\Math\Common\FiniteField\Integer; +use phpseclib3\Math\PrimeField; +use phpseclib3\Math\PrimeField\Integer as PrimeInteger; + +/** + * Curves over y^2 = x^3 + a*x + b + * + * @author Jim Wigginton + */ +class Prime extends Base +{ + /** + * Prime Field Integer factory + * + * @var \phpseclib3\Math\PrimeFields + */ + protected $factory; + + /** + * Cofficient for x^1 + * + * @var object + */ + protected $a; + + /** + * Cofficient for x^0 + * + * @var object + */ + protected $b; + + /** + * Base Point + * + * @var object + */ + protected $p; + + /** + * The number one over the specified finite field + * + * @var object + */ + protected $one; + + /** + * The number two over the specified finite field + * + * @var object + */ + protected $two; + + /** + * The number three over the specified finite field + * + * @var object + */ + protected $three; + + /** + * The number four over the specified finite field + * + * @var object + */ + protected $four; + + /** + * The number eight over the specified finite field + * + * @var object + */ + protected $eight; + + /** + * The modulo + * + * @var BigInteger + */ + protected $modulo; + + /** + * The Order + * + * @var BigInteger + */ + protected $order; + + /** + * Sets the modulo + */ + public function setModulo(BigInteger $modulo) + { + $this->modulo = $modulo; + $this->factory = new PrimeField($modulo); + $this->two = $this->factory->newInteger(new BigInteger(2)); + $this->three = $this->factory->newInteger(new BigInteger(3)); + // used by jacobian coordinates + $this->one = $this->factory->newInteger(new BigInteger(1)); + $this->four = $this->factory->newInteger(new BigInteger(4)); + $this->eight = $this->factory->newInteger(new BigInteger(8)); + } + + /** + * Set coefficients a and b + */ + public function setCoefficients(BigInteger $a, BigInteger $b) + { + if (!isset($this->factory)) { + throw new \RuntimeException('setModulo needs to be called before this method'); + } + $this->a = $this->factory->newInteger($a); + $this->b = $this->factory->newInteger($b); + } + + /** + * Set x and y coordinates for the base point + * + * @param BigInteger|PrimeInteger $x + * @param BigInteger|PrimeInteger $y + * @return PrimeInteger[] + */ + public function setBasePoint($x, $y) + { + switch (true) { + case !$x instanceof BigInteger && !$x instanceof PrimeInteger: + throw new \UnexpectedValueException('Argument 1 passed to Prime::setBasePoint() must be an instance of either BigInteger or PrimeField\Integer'); + case !$y instanceof BigInteger && !$y instanceof PrimeInteger: + throw new \UnexpectedValueException('Argument 2 passed to Prime::setBasePoint() must be an instance of either BigInteger or PrimeField\Integer'); + } + if (!isset($this->factory)) { + throw new \RuntimeException('setModulo needs to be called before this method'); + } + $this->p = [ + $x instanceof BigInteger ? $this->factory->newInteger($x) : $x, + $y instanceof BigInteger ? $this->factory->newInteger($y) : $y + ]; + } + + /** + * Retrieve the base point as an array + * + * @return array + */ + public function getBasePoint() + { + if (!isset($this->factory)) { + throw new \RuntimeException('setModulo needs to be called before this method'); + } + /* + if (!isset($this->p)) { + throw new \RuntimeException('setBasePoint needs to be called before this method'); + } + */ + return $this->p; + } + + /** + * Adds two "fresh" jacobian form on the curve + * + * @return FiniteField[] + */ + protected function jacobianAddPointMixedXY(array $p, array $q) + { + list($u1, $s1) = $p; + list($u2, $s2) = $q; + if ($u1->equals($u2)) { + if (!$s1->equals($s2)) { + return []; + } else { + return $this->doublePoint($p); + } + } + $h = $u2->subtract($u1); + $r = $s2->subtract($s1); + $h2 = $h->multiply($h); + $h3 = $h2->multiply($h); + $v = $u1->multiply($h2); + $x3 = $r->multiply($r)->subtract($h3)->subtract($v->multiply($this->two)); + $y3 = $r->multiply( + $v->subtract($x3) + )->subtract( + $s1->multiply($h3) + ); + return [$x3, $y3, $h]; + } + + /** + * Adds one "fresh" jacobian form on the curve + * + * The second parameter should be the "fresh" one + * + * @return FiniteField[] + */ + protected function jacobianAddPointMixedX(array $p, array $q) + { + list($u1, $s1, $z1) = $p; + list($x2, $y2) = $q; + + $z12 = $z1->multiply($z1); + + $u2 = $x2->multiply($z12); + $s2 = $y2->multiply($z12->multiply($z1)); + if ($u1->equals($u2)) { + if (!$s1->equals($s2)) { + return []; + } else { + return $this->doublePoint($p); + } + } + $h = $u2->subtract($u1); + $r = $s2->subtract($s1); + $h2 = $h->multiply($h); + $h3 = $h2->multiply($h); + $v = $u1->multiply($h2); + $x3 = $r->multiply($r)->subtract($h3)->subtract($v->multiply($this->two)); + $y3 = $r->multiply( + $v->subtract($x3) + )->subtract( + $s1->multiply($h3) + ); + $z3 = $h->multiply($z1); + return [$x3, $y3, $z3]; + } + + /** + * Adds two jacobian coordinates on the curve + * + * @return FiniteField[] + */ + protected function jacobianAddPoint(array $p, array $q) + { + list($x1, $y1, $z1) = $p; + list($x2, $y2, $z2) = $q; + + $z12 = $z1->multiply($z1); + $z22 = $z2->multiply($z2); + + $u1 = $x1->multiply($z22); + $u2 = $x2->multiply($z12); + $s1 = $y1->multiply($z22->multiply($z2)); + $s2 = $y2->multiply($z12->multiply($z1)); + if ($u1->equals($u2)) { + if (!$s1->equals($s2)) { + return []; + } else { + return $this->doublePoint($p); + } + } + $h = $u2->subtract($u1); + $r = $s2->subtract($s1); + $h2 = $h->multiply($h); + $h3 = $h2->multiply($h); + $v = $u1->multiply($h2); + $x3 = $r->multiply($r)->subtract($h3)->subtract($v->multiply($this->two)); + $y3 = $r->multiply( + $v->subtract($x3) + )->subtract( + $s1->multiply($h3) + ); + $z3 = $h->multiply($z1)->multiply($z2); + return [$x3, $y3, $z3]; + } + + /** + * Adds two points on the curve + * + * @return FiniteField[] + */ + public function addPoint(array $p, array $q) + { + if (!isset($this->factory)) { + throw new \RuntimeException('setModulo needs to be called before this method'); + } + + if (!count($p) || !count($q)) { + if (count($q)) { + return $q; + } + if (count($p)) { + return $p; + } + return []; + } + + // use jacobian coordinates + if (isset($p[2]) && isset($q[2])) { + if (isset($p['fresh']) && isset($q['fresh'])) { + return $this->jacobianAddPointMixedXY($p, $q); + } + if (isset($p['fresh'])) { + return $this->jacobianAddPointMixedX($q, $p); + } + if (isset($q['fresh'])) { + return $this->jacobianAddPointMixedX($p, $q); + } + return $this->jacobianAddPoint($p, $q); + } + + if (isset($p[2]) || isset($q[2])) { + throw new \RuntimeException('Affine coordinates need to be manually converted to Jacobi coordinates or vice versa'); + } + + if ($p[0]->equals($q[0])) { + if (!$p[1]->equals($q[1])) { + return []; + } else { // eg. doublePoint + list($numerator, $denominator) = $this->doublePointHelper($p); + } + } else { + $numerator = $q[1]->subtract($p[1]); + $denominator = $q[0]->subtract($p[0]); + } + $slope = $numerator->divide($denominator); + $x = $slope->multiply($slope)->subtract($p[0])->subtract($q[0]); + $y = $slope->multiply($p[0]->subtract($x))->subtract($p[1]); + + return [$x, $y]; + } + + /** + * Returns the numerator and denominator of the slope + * + * @return FiniteField[] + */ + protected function doublePointHelper(array $p) + { + $numerator = $this->three->multiply($p[0])->multiply($p[0])->add($this->a); + $denominator = $this->two->multiply($p[1]); + return [$numerator, $denominator]; + } + + /** + * Doubles a jacobian coordinate on the curve + * + * @return FiniteField[] + */ + protected function jacobianDoublePoint(array $p) + { + list($x, $y, $z) = $p; + $x2 = $x->multiply($x); + $y2 = $y->multiply($y); + $z2 = $z->multiply($z); + $s = $this->four->multiply($x)->multiply($y2); + $m1 = $this->three->multiply($x2); + $m2 = $this->a->multiply($z2->multiply($z2)); + $m = $m1->add($m2); + $x1 = $m->multiply($m)->subtract($this->two->multiply($s)); + $y1 = $m->multiply($s->subtract($x1))->subtract( + $this->eight->multiply($y2->multiply($y2)) + ); + $z1 = $this->two->multiply($y)->multiply($z); + return [$x1, $y1, $z1]; + } + + /** + * Doubles a "fresh" jacobian coordinate on the curve + * + * @return FiniteField[] + */ + protected function jacobianDoublePointMixed(array $p) + { + list($x, $y) = $p; + $x2 = $x->multiply($x); + $y2 = $y->multiply($y); + $s = $this->four->multiply($x)->multiply($y2); + $m1 = $this->three->multiply($x2); + $m = $m1->add($this->a); + $x1 = $m->multiply($m)->subtract($this->two->multiply($s)); + $y1 = $m->multiply($s->subtract($x1))->subtract( + $this->eight->multiply($y2->multiply($y2)) + ); + $z1 = $this->two->multiply($y); + return [$x1, $y1, $z1]; + } + + /** + * Doubles a point on a curve + * + * @return FiniteField[] + */ + public function doublePoint(array $p) + { + if (!isset($this->factory)) { + throw new \RuntimeException('setModulo needs to be called before this method'); + } + + if (!count($p)) { + return []; + } + + // use jacobian coordinates + if (isset($p[2])) { + if (isset($p['fresh'])) { + return $this->jacobianDoublePointMixed($p); + } + return $this->jacobianDoublePoint($p); + } + + list($numerator, $denominator) = $this->doublePointHelper($p); + + $slope = $numerator->divide($denominator); + + $x = $slope->multiply($slope)->subtract($p[0])->subtract($p[0]); + $y = $slope->multiply($p[0]->subtract($x))->subtract($p[1]); + + return [$x, $y]; + } + + /** + * Returns the X coordinate and the derived Y coordinate + * + * @return array + */ + public function derivePoint($m) + { + $y = ord(Strings::shift($m)); + $x = new BigInteger($m, 256); + $xp = $this->convertInteger($x); + switch ($y) { + case 2: + $ypn = false; + break; + case 3: + $ypn = true; + break; + default: + throw new \RuntimeException('Coordinate not in recognized format'); + } + $temp = $xp->multiply($this->a); + $temp = $xp->multiply($xp)->multiply($xp)->add($temp); + $temp = $temp->add($this->b); + $b = $temp->squareRoot(); + if (!$b) { + throw new \RuntimeException('Unable to derive Y coordinate'); + } + $bn = $b->isOdd(); + $yp = $ypn == $bn ? $b : $b->negate(); + return [$xp, $yp]; + } + + /** + * Tests whether or not the x / y values satisfy the equation + * + * @return boolean + */ + public function verifyPoint(array $p) + { + list($x, $y) = $p; + $lhs = $y->multiply($y); + $temp = $x->multiply($this->a); + $temp = $x->multiply($x)->multiply($x)->add($temp); + $rhs = $temp->add($this->b); + + return $lhs->equals($rhs); + } + + /** + * Returns the modulo + * + * @return \phpseclib3\Math\BigInteger + */ + public function getModulo() + { + return $this->modulo; + } + + /** + * Returns the a coefficient + * + * @return \phpseclib3\Math\PrimeField\Integer + */ + public function getA() + { + return $this->a; + } + + /** + * Returns the a coefficient + * + * @return \phpseclib3\Math\PrimeField\Integer + */ + public function getB() + { + return $this->b; + } + + /** + * Multiply and Add Points + * + * Adapted from: + * https://github.com/indutny/elliptic/blob/725bd91/lib/elliptic/curve/base.js#L125 + * + * @return int[] + */ + public function multiplyAddPoints(array $points, array $scalars) + { + $length = count($points); + + foreach ($points as &$point) { + $point = $this->convertToInternal($point); + } + + $wnd = [$this->getNAFPoints($points[0], 7)]; + $wndWidth = [isset($points[0]['nafwidth']) ? $points[0]['nafwidth'] : 7]; + for ($i = 1; $i < $length; $i++) { + $wnd[] = $this->getNAFPoints($points[$i], 1); + $wndWidth[] = isset($points[$i]['nafwidth']) ? $points[$i]['nafwidth'] : 1; + } + + $naf = []; + + // comb all window NAFs + + $max = 0; + for ($i = $length - 1; $i >= 1; $i -= 2) { + $a = $i - 1; + $b = $i; + if ($wndWidth[$a] != 1 || $wndWidth[$b] != 1) { + $naf[$a] = $scalars[$a]->getNAF($wndWidth[$a]); + $naf[$b] = $scalars[$b]->getNAF($wndWidth[$b]); + $max = max(count($naf[$a]), count($naf[$b]), $max); + continue; + } + + $comb = [ + $points[$a], // 1 + null, // 3 + null, // 5 + $points[$b] // 7 + ]; + + $comb[1] = $this->addPoint($points[$a], $points[$b]); + $comb[2] = $this->addPoint($points[$a], $this->negatePoint($points[$b])); + + $index = [ + -3, /* -1 -1 */ + -1, /* -1 0 */ + -5, /* -1 1 */ + -7, /* 0 -1 */ + 0, /* 0 -1 */ + 7, /* 0 1 */ + 5, /* 1 -1 */ + 1, /* 1 0 */ + 3 /* 1 1 */ + ]; + + $jsf = self::getJSFPoints($scalars[$a], $scalars[$b]); + + $max = max(count($jsf[0]), $max); + if ($max > 0) { + $naf[$a] = array_fill(0, $max, 0); + $naf[$b] = array_fill(0, $max, 0); + } else { + $naf[$a] = []; + $naf[$b] = []; + } + + for ($j = 0; $j < $max; $j++) { + $ja = isset($jsf[0][$j]) ? $jsf[0][$j] : 0; + $jb = isset($jsf[1][$j]) ? $jsf[1][$j] : 0; + + $naf[$a][$j] = $index[3 * ($ja + 1) + $jb + 1]; + $naf[$b][$j] = 0; + $wnd[$a] = $comb; + } + } + + $acc = []; + $temp = [0, 0, 0, 0]; + for ($i = $max; $i >= 0; $i--) { + $k = 0; + while ($i >= 0) { + $zero = true; + for ($j = 0; $j < $length; $j++) { + $temp[$j] = isset($naf[$j][$i]) ? $naf[$j][$i] : 0; + if ($temp[$j] != 0) { + $zero = false; + } + } + if (!$zero) { + break; + } + $k++; + $i--; + } + + if ($i >= 0) { + $k++; + } + while ($k--) { + $acc = $this->doublePoint($acc); + } + + if ($i < 0) { + break; + } + + for ($j = 0; $j < $length; $j++) { + $z = $temp[$j]; + $p = null; + if ($z == 0) { + continue; + } + $p = $z > 0 ? + $wnd[$j][($z - 1) >> 1] : + $this->negatePoint($wnd[$j][(-$z - 1) >> 1]); + $acc = $this->addPoint($acc, $p); + } + } + + return $this->convertToAffine($acc); + } + + /** + * Precomputes NAF points + * + * Adapted from: + * https://github.com/indutny/elliptic/blob/725bd91/lib/elliptic/curve/base.js#L351 + * + * @return int[] + */ + private function getNAFPoints(array $point, $wnd) + { + if (isset($point['naf'])) { + return $point['naf']; + } + + $res = [$point]; + $max = (1 << $wnd) - 1; + $dbl = $max == 1 ? null : $this->doublePoint($point); + for ($i = 1; $i < $max; $i++) { + $res[] = $this->addPoint($res[$i - 1], $dbl); + } + + $point['naf'] = $res; + + /* + $str = ''; + foreach ($res as $re) { + $re[0] = bin2hex($re[0]->toBytes()); + $re[1] = bin2hex($re[1]->toBytes()); + $str.= " ['$re[0]', '$re[1]'],\r\n"; + } + file_put_contents('temp.txt', $str); + exit; + */ + + return $res; + } + + /** + * Precomputes points in Joint Sparse Form + * + * Adapted from: + * https://github.com/indutny/elliptic/blob/725bd91/lib/elliptic/utils.js#L96 + * + * @return int[] + */ + private static function getJSFPoints(Integer $k1, Integer $k2) + { + static $three; + if (!isset($three)) { + $three = new BigInteger(3); + } + + $jsf = [[], []]; + $k1 = $k1->toBigInteger(); + $k2 = $k2->toBigInteger(); + $d1 = 0; + $d2 = 0; + + while ($k1->compare(new BigInteger(-$d1)) > 0 || $k2->compare(new BigInteger(-$d2)) > 0) { + // first phase + $m14 = $k1->testBit(0) + 2 * $k1->testBit(1); + $m14 += $d1; + $m14 &= 3; + + $m24 = $k2->testBit(0) + 2 * $k2->testBit(1); + $m24 += $d2; + $m24 &= 3; + + if ($m14 == 3) { + $m14 = -1; + } + if ($m24 == 3) { + $m24 = -1; + } + + $u1 = 0; + if ($m14 & 1) { // if $m14 is odd + $m8 = $k1->testBit(0) + 2 * $k1->testBit(1) + 4 * $k1->testBit(2); + $m8 += $d1; + $m8 &= 7; + $u1 = ($m8 == 3 || $m8 == 5) && $m24 == 2 ? -$m14 : $m14; + } + $jsf[0][] = $u1; + + $u2 = 0; + if ($m24 & 1) { // if $m24 is odd + $m8 = $k2->testBit(0) + 2 * $k2->testBit(1) + 4 * $k2->testBit(2); + $m8 += $d2; + $m8 &= 7; + $u2 = ($m8 == 3 || $m8 == 5) && $m14 == 2 ? -$m24 : $m24; + } + $jsf[1][] = $u2; + + // second phase + if (2 * $d1 == $u1 + 1) { + $d1 = 1 - $d1; + } + if (2 * $d2 == $u2 + 1) { + $d2 = 1 - $d2; + } + $k1 = $k1->bitwise_rightShift(1); + $k2 = $k2->bitwise_rightShift(1); + } + + return $jsf; + } + + /** + * Returns the affine point + * + * A Jacobian Coordinate is of the form (x, y, z). + * To convert a Jacobian Coordinate to an Affine Point + * you do (x / z^2, y / z^3) + * + * @return \phpseclib3\Math\PrimeField\Integer[] + */ + public function convertToAffine(array $p) + { + if (!isset($p[2])) { + return $p; + } + list($x, $y, $z) = $p; + $z = $this->one->divide($z); + $z2 = $z->multiply($z); + return [ + $x->multiply($z2), + $y->multiply($z2)->multiply($z) + ]; + } + + /** + * Converts an affine point to a jacobian coordinate + * + * @return \phpseclib3\Math\PrimeField\Integer[] + */ + public function convertToInternal(array $p) + { + if (isset($p[2])) { + return $p; + } + + $p[2] = clone $this->one; + $p['fresh'] = true; + return $p; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/TwistedEdwards.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/TwistedEdwards.php new file mode 100644 index 0000000..2521a4c --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/TwistedEdwards.php @@ -0,0 +1,215 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\BaseCurves; + +use phpseclib3\Math\BigInteger; +use phpseclib3\Math\PrimeField; +use phpseclib3\Math\PrimeField\Integer as PrimeInteger; + +/** + * Curves over a*x^2 + y^2 = 1 + d*x^2*y^2 + * + * @author Jim Wigginton + */ +class TwistedEdwards extends Base +{ + /** + * The modulo + * + * @var BigInteger + */ + protected $modulo; + + /** + * Cofficient for x^2 + * + * @var object + */ + protected $a; + + /** + * Cofficient for x^2*y^2 + * + * @var object + */ + protected $d; + + /** + * Base Point + * + * @var object[] + */ + protected $p; + + /** + * The number zero over the specified finite field + * + * @var object + */ + protected $zero; + + /** + * The number one over the specified finite field + * + * @var object + */ + protected $one; + + /** + * The number two over the specified finite field + * + * @var object + */ + protected $two; + + /** + * Sets the modulo + */ + public function setModulo(BigInteger $modulo) + { + $this->modulo = $modulo; + $this->factory = new PrimeField($modulo); + $this->zero = $this->factory->newInteger(new BigInteger(0)); + $this->one = $this->factory->newInteger(new BigInteger(1)); + $this->two = $this->factory->newInteger(new BigInteger(2)); + } + + /** + * Set coefficients a and b + */ + public function setCoefficients(BigInteger $a, BigInteger $d) + { + if (!isset($this->factory)) { + throw new \RuntimeException('setModulo needs to be called before this method'); + } + $this->a = $this->factory->newInteger($a); + $this->d = $this->factory->newInteger($d); + } + + /** + * Set x and y coordinates for the base point + */ + public function setBasePoint($x, $y) + { + switch (true) { + case !$x instanceof BigInteger && !$x instanceof PrimeInteger: + throw new \UnexpectedValueException('Argument 1 passed to Prime::setBasePoint() must be an instance of either BigInteger or PrimeField\Integer'); + case !$y instanceof BigInteger && !$y instanceof PrimeInteger: + throw new \UnexpectedValueException('Argument 2 passed to Prime::setBasePoint() must be an instance of either BigInteger or PrimeField\Integer'); + } + if (!isset($this->factory)) { + throw new \RuntimeException('setModulo needs to be called before this method'); + } + $this->p = [ + $x instanceof BigInteger ? $this->factory->newInteger($x) : $x, + $y instanceof BigInteger ? $this->factory->newInteger($y) : $y + ]; + } + + /** + * Returns the a coefficient + * + * @return \phpseclib3\Math\PrimeField\Integer + */ + public function getA() + { + return $this->a; + } + + /** + * Returns the a coefficient + * + * @return \phpseclib3\Math\PrimeField\Integer + */ + public function getD() + { + return $this->d; + } + + /** + * Retrieve the base point as an array + * + * @return array + */ + public function getBasePoint() + { + if (!isset($this->factory)) { + throw new \RuntimeException('setModulo needs to be called before this method'); + } + /* + if (!isset($this->p)) { + throw new \RuntimeException('setBasePoint needs to be called before this method'); + } + */ + return $this->p; + } + + /** + * Returns the affine point + * + * @return \phpseclib3\Math\PrimeField\Integer[] + */ + public function convertToAffine(array $p) + { + if (!isset($p[2])) { + return $p; + } + list($x, $y, $z) = $p; + $z = $this->one->divide($z); + return [ + $x->multiply($z), + $y->multiply($z) + ]; + } + + /** + * Returns the modulo + * + * @return \phpseclib3\Math\BigInteger + */ + public function getModulo() + { + return $this->modulo; + } + + /** + * Tests whether or not the x / y values satisfy the equation + * + * @return boolean + */ + public function verifyPoint(array $p) + { + list($x, $y) = $p; + $x2 = $x->multiply($x); + $y2 = $y->multiply($y); + + $lhs = $this->a->multiply($x2)->add($y2); + $rhs = $this->d->multiply($x2)->multiply($y2)->add($this->one); + + return $lhs->equals($rhs); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Curve25519.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Curve25519.php new file mode 100644 index 0000000..0f3f4d8 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Curve25519.php @@ -0,0 +1,81 @@ + + * @copyright 2019 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Montgomery; +use phpseclib3\Math\BigInteger; + +class Curve25519 extends Montgomery +{ + public function __construct() + { + // 2^255 - 19 + $this->setModulo(new BigInteger('7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFED', 16)); + $this->a24 = $this->factory->newInteger(new BigInteger('121666')); + $this->p = [$this->factory->newInteger(new BigInteger(9))]; + // 2^252 + 0x14def9dea2f79cd65812631a5cf5d3ed + $this->setOrder(new BigInteger('1000000000000000000000000000000014DEF9DEA2F79CD65812631A5CF5D3ED', 16)); + + /* + $this->setCoefficients( + new BigInteger('486662'), // a + ); + $this->setBasePoint( + new BigInteger(9), + new BigInteger('14781619447589544791020593568409986887264606134616475288964881837755586237401') + ); + */ + } + + /** + * Multiply a point on the curve by a scalar + * + * Modifies the scalar as described at https://tools.ietf.org/html/rfc7748#page-8 + * + * @return array + */ + public function multiplyPoint(array $p, BigInteger $d) + { + //$r = strrev(sodium_crypto_scalarmult($d->toBytes(), strrev($p[0]->toBytes()))); + //return [$this->factory->newInteger(new BigInteger($r, 256))]; + + $d = $d->toBytes(); + $d &= "\xF8" . str_repeat("\xFF", 30) . "\x7F"; + $d = strrev($d); + $d |= "\x40"; + $d = new BigInteger($d, -256); + + return parent::multiplyPoint($p, $d); + } + + /** + * Creates a random scalar multiplier + * + * @return BigInteger + */ + public function createRandomMultiplier() + { + return BigInteger::random(256); + } + + /** + * Performs range check + */ + public function rangeCheck(BigInteger $x) + { + if ($x->getLength() > 256 || $x->isNegative()) { + throw new \RangeException('x must be a positive integer less than 256 bytes in length'); + } + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Curve448.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Curve448.php new file mode 100644 index 0000000..f4a4423 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Curve448.php @@ -0,0 +1,92 @@ + + * @copyright 2019 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Montgomery; +use phpseclib3\Math\BigInteger; + +class Curve448 extends Montgomery +{ + public function __construct() + { + // 2^448 - 2^224 - 1 + $this->setModulo(new BigInteger( + 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE' . + 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF', + 16 + )); + $this->a24 = $this->factory->newInteger(new BigInteger('39081')); + $this->p = [$this->factory->newInteger(new BigInteger(5))]; + // 2^446 - 0x8335dc163bb124b65129c96fde933d8d723a70aadc873d6d54a7bb0d + $this->setOrder(new BigInteger( + '3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF' . + '7CCA23E9C44EDB49AED63690216CC2728DC58F552378C292AB5844F3', + 16 + )); + + /* + $this->setCoefficients( + new BigInteger('156326'), // a + ); + $this->setBasePoint( + new BigInteger(5), + new BigInteger( + '355293926785568175264127502063783334808976399387714271831880898' . + '435169088786967410002932673765864550910142774147268105838985595290' . + '606362') + ); + */ + } + + /** + * Multiply a point on the curve by a scalar + * + * Modifies the scalar as described at https://tools.ietf.org/html/rfc7748#page-8 + * + * @return array + */ + public function multiplyPoint(array $p, BigInteger $d) + { + //$r = strrev(sodium_crypto_scalarmult($d->toBytes(), strrev($p[0]->toBytes()))); + //return [$this->factory->newInteger(new BigInteger($r, 256))]; + + $d = $d->toBytes(); + $d[0] = $d[0] & "\xFC"; + $d = strrev($d); + $d |= "\x80"; + $d = new BigInteger($d, 256); + + return parent::multiplyPoint($p, $d); + } + + /** + * Creates a random scalar multiplier + * + * @return BigInteger + */ + public function createRandomMultiplier() + { + return BigInteger::random(446); + } + + /** + * Performs range check + */ + public function rangeCheck(BigInteger $x) + { + if ($x->getLength() > 448 || $x->isNegative()) { + throw new \RangeException('x must be a positive integer less than 446 bytes in length'); + } + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Ed25519.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Ed25519.php new file mode 100644 index 0000000..9d3de68 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Ed25519.php @@ -0,0 +1,333 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards; +use phpseclib3\Crypt\Hash; +use phpseclib3\Crypt\Random; +use phpseclib3\Math\BigInteger; + +class Ed25519 extends TwistedEdwards +{ + const HASH = 'sha512'; + /* + Per https://tools.ietf.org/html/rfc8032#page-6 EdDSA has several parameters, one of which is b: + + 2. An integer b with 2^(b-1) > p. EdDSA public keys have exactly b + bits, and EdDSA signatures have exactly 2*b bits. b is + recommended to be a multiple of 8, so public key and signature + lengths are an integral number of octets. + + SIZE corresponds to b + */ + const SIZE = 32; + + public function __construct() + { + // 2^255 - 19 + $this->setModulo(new BigInteger('7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFED', 16)); + $this->setCoefficients( + // -1 + new BigInteger('7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEC', 16), // a + // -121665/121666 + new BigInteger('52036CEE2B6FFE738CC740797779E89800700A4D4141D8AB75EB4DCA135978A3', 16) // d + ); + $this->setBasePoint( + new BigInteger('216936D3CD6E53FEC0A4E231FDD6DC5C692CC7609525A7B2C9562D608F25D51A', 16), + new BigInteger('6666666666666666666666666666666666666666666666666666666666666658', 16) + ); + $this->setOrder(new BigInteger('1000000000000000000000000000000014DEF9DEA2F79CD65812631A5CF5D3ED', 16)); + // algorithm 14.47 from http://cacr.uwaterloo.ca/hac/about/chap14.pdf#page=16 + /* + $this->setReduction(function($x) { + $parts = $x->bitwise_split(255); + $className = $this->className; + + if (count($parts) > 2) { + list(, $r) = $x->divide($className::$modulo); + return $r; + } + + $zero = new BigInteger(); + $c = new BigInteger(19); + + switch (count($parts)) { + case 2: + list($qi, $ri) = $parts; + break; + case 1: + $qi = $zero; + list($ri) = $parts; + break; + case 0: + return $zero; + } + $r = $ri; + + while ($qi->compare($zero) > 0) { + $temp = $qi->multiply($c)->bitwise_split(255); + if (count($temp) == 2) { + list($qi, $ri) = $temp; + } else { + $qi = $zero; + list($ri) = $temp; + } + $r = $r->add($ri); + } + + while ($r->compare($className::$modulo) > 0) { + $r = $r->subtract($className::$modulo); + } + return $r; + }); + */ + } + + /** + * Recover X from Y + * + * Implements steps 2-4 at https://tools.ietf.org/html/rfc8032#section-5.1.3 + * + * Used by EC\Keys\Common.php + * + * @param BigInteger $y + * @param boolean $sign + * @return object[] + */ + public function recoverX(BigInteger $y, $sign) + { + $y = $this->factory->newInteger($y); + + $y2 = $y->multiply($y); + $u = $y2->subtract($this->one); + $v = $this->d->multiply($y2)->add($this->one); + $x2 = $u->divide($v); + if ($x2->equals($this->zero)) { + if ($sign) { + throw new \RuntimeException('Unable to recover X coordinate (x2 = 0)'); + } + return clone $this->zero; + } + // find the square root + /* we don't do $x2->squareRoot() because, quoting from + https://tools.ietf.org/html/rfc8032#section-5.1.1: + + "For point decoding or "decompression", square roots modulo p are + needed. They can be computed using the Tonelli-Shanks algorithm or + the special case for p = 5 (mod 8). To find a square root of a, + first compute the candidate root x = a^((p+3)/8) (mod p)." + */ + $exp = $this->getModulo()->add(new BigInteger(3)); + $exp = $exp->bitwise_rightShift(3); + $x = $x2->pow($exp); + + // If v x^2 = -u (mod p), set x <-- x * 2^((p-1)/4), which is a square root. + if (!$x->multiply($x)->subtract($x2)->equals($this->zero)) { + $temp = $this->getModulo()->subtract(new BigInteger(1)); + $temp = $temp->bitwise_rightShift(2); + $temp = $this->two->pow($temp); + $x = $x->multiply($temp); + if (!$x->multiply($x)->subtract($x2)->equals($this->zero)) { + throw new \RuntimeException('Unable to recover X coordinate'); + } + } + if ($x->isOdd() != $sign) { + $x = $x->negate(); + } + + return [$x, $y]; + } + + /** + * Extract Secret Scalar + * + * Implements steps 1-3 at https://tools.ietf.org/html/rfc8032#section-5.1.5 + * + * Used by the various key handlers + * + * @param string $str + * @return array + */ + public function extractSecret($str) + { + if (strlen($str) != 32) { + throw new \LengthException('Private Key should be 32-bytes long'); + } + // 1. Hash the 32-byte private key using SHA-512, storing the digest in + // a 64-octet large buffer, denoted h. Only the lower 32 bytes are + // used for generating the public key. + $hash = new Hash('sha512'); + $h = $hash->hash($str); + $h = substr($h, 0, 32); + // 2. Prune the buffer: The lowest three bits of the first octet are + // cleared, the highest bit of the last octet is cleared, and the + // second highest bit of the last octet is set. + $h[0] = $h[0] & chr(0xF8); + $h = strrev($h); + $h[0] = ($h[0] & chr(0x3F)) | chr(0x40); + // 3. Interpret the buffer as the little-endian integer, forming a + // secret scalar s. + $dA = new BigInteger($h, 256); + + return [ + 'dA' => $dA, + 'secret' => $str + ]; + } + + /** + * Encode a point as a string + * + * @param array $point + * @return string + */ + public function encodePoint($point) + { + list($x, $y) = $point; + $y = $y->toBytes(); + $y[0] = $y[0] & chr(0x7F); + if ($x->isOdd()) { + $y[0] = $y[0] | chr(0x80); + } + $y = strrev($y); + + return $y; + } + + /** + * Creates a random scalar multiplier + * + * @return \phpseclib3\Math\PrimeField\Integer + */ + public function createRandomMultiplier() + { + return $this->extractSecret(Random::string(32))['dA']; + } + + /** + * Converts an affine point to an extended homogeneous coordinate + * + * From https://tools.ietf.org/html/rfc8032#section-5.1.4 : + * + * A point (x,y) is represented in extended homogeneous coordinates (X, Y, Z, T), + * with x = X/Z, y = Y/Z, x * y = T/Z. + * + * @return \phpseclib3\Math\PrimeField\Integer[] + */ + public function convertToInternal(array $p) + { + if (empty($p)) { + return [clone $this->zero, clone $this->one, clone $this->one, clone $this->zero]; + } + + if (isset($p[2])) { + return $p; + } + + $p[2] = clone $this->one; + $p[3] = $p[0]->multiply($p[1]); + + return $p; + } + + /** + * Doubles a point on a curve + * + * @return FiniteField[] + */ + public function doublePoint(array $p) + { + if (!isset($this->factory)) { + throw new \RuntimeException('setModulo needs to be called before this method'); + } + + if (!count($p)) { + return []; + } + + if (!isset($p[2])) { + throw new \RuntimeException('Affine coordinates need to be manually converted to "Jacobi" coordinates or vice versa'); + } + + // from https://tools.ietf.org/html/rfc8032#page-12 + + list($x1, $y1, $z1, $t1) = $p; + + $a = $x1->multiply($x1); + $b = $y1->multiply($y1); + $c = $this->two->multiply($z1)->multiply($z1); + $h = $a->add($b); + $temp = $x1->add($y1); + $e = $h->subtract($temp->multiply($temp)); + $g = $a->subtract($b); + $f = $c->add($g); + + $x3 = $e->multiply($f); + $y3 = $g->multiply($h); + $t3 = $e->multiply($h); + $z3 = $f->multiply($g); + + return [$x3, $y3, $z3, $t3]; + } + + /** + * Adds two points on the curve + * + * @return FiniteField[] + */ + public function addPoint(array $p, array $q) + { + if (!isset($this->factory)) { + throw new \RuntimeException('setModulo needs to be called before this method'); + } + + if (!count($p) || !count($q)) { + if (count($q)) { + return $q; + } + if (count($p)) { + return $p; + } + return []; + } + + if (!isset($p[2]) || !isset($q[2])) { + throw new \RuntimeException('Affine coordinates need to be manually converted to "Jacobi" coordinates or vice versa'); + } + + if ($p[0]->equals($q[0])) { + return !$p[1]->equals($q[1]) ? [] : $this->doublePoint($p); + } + + // from https://tools.ietf.org/html/rfc8032#page-12 + + list($x1, $y1, $z1, $t1) = $p; + list($x2, $y2, $z2, $t2) = $q; + + $a = $y1->subtract($x1)->multiply($y2->subtract($x2)); + $b = $y1->add($x1)->multiply($y2->add($x2)); + $c = $t1->multiply($this->two)->multiply($this->d)->multiply($t2); + $d = $z1->multiply($this->two)->multiply($z2); + $e = $b->subtract($a); + $f = $d->subtract($c); + $g = $d->add($c); + $h = $b->add($a); + + $x3 = $e->multiply($f); + $y3 = $g->multiply($h); + $t3 = $e->multiply($h); + $z3 = $f->multiply($g); + + return [$x3, $y3, $z3, $t3]; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Ed448.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Ed448.php new file mode 100644 index 0000000..5451f90 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Ed448.php @@ -0,0 +1,273 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards; +use phpseclib3\Crypt\Hash; +use phpseclib3\Crypt\Random; +use phpseclib3\Math\BigInteger; + +class Ed448 extends TwistedEdwards +{ + const HASH = 'shake256-912'; + const SIZE = 57; + + public function __construct() + { + // 2^448 - 2^224 - 1 + $this->setModulo(new BigInteger( + 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE' . + 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF', + 16 + )); + $this->setCoefficients( + new BigInteger(1), + // -39081 + new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE' . + 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF6756', 16) + ); + $this->setBasePoint( + new BigInteger('4F1970C66BED0DED221D15A622BF36DA9E146570470F1767EA6DE324' . + 'A3D3A46412AE1AF72AB66511433B80E18B00938E2626A82BC70CC05E', 16), + new BigInteger('693F46716EB6BC248876203756C9C7624BEA73736CA3984087789C1E' . + '05A0C2D73AD3FF1CE67C39C4FDBD132C4ED7C8AD9808795BF230FA14', 16) + ); + $this->setOrder(new BigInteger( + '3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF' . + '7CCA23E9C44EDB49AED63690216CC2728DC58F552378C292AB5844F3', + 16 + )); + } + + /** + * Recover X from Y + * + * Implements steps 2-4 at https://tools.ietf.org/html/rfc8032#section-5.2.3 + * + * Used by EC\Keys\Common.php + * + * @param BigInteger $y + * @param boolean $sign + * @return object[] + */ + public function recoverX(BigInteger $y, $sign) + { + $y = $this->factory->newInteger($y); + + $y2 = $y->multiply($y); + $u = $y2->subtract($this->one); + $v = $this->d->multiply($y2)->subtract($this->one); + $x2 = $u->divide($v); + if ($x2->equals($this->zero)) { + if ($sign) { + throw new \RuntimeException('Unable to recover X coordinate (x2 = 0)'); + } + return clone $this->zero; + } + // find the square root + $exp = $this->getModulo()->add(new BigInteger(1)); + $exp = $exp->bitwise_rightShift(2); + $x = $x2->pow($exp); + + if (!$x->multiply($x)->subtract($x2)->equals($this->zero)) { + throw new \RuntimeException('Unable to recover X coordinate'); + } + if ($x->isOdd() != $sign) { + $x = $x->negate(); + } + + return [$x, $y]; + } + + /** + * Extract Secret Scalar + * + * Implements steps 1-3 at https://tools.ietf.org/html/rfc8032#section-5.2.5 + * + * Used by the various key handlers + * + * @param string $str + * @return array + */ + public function extractSecret($str) + { + if (strlen($str) != 57) { + throw new \LengthException('Private Key should be 57-bytes long'); + } + // 1. Hash the 57-byte private key using SHAKE256(x, 114), storing the + // digest in a 114-octet large buffer, denoted h. Only the lower 57 + // bytes are used for generating the public key. + $hash = new Hash('shake256-912'); + $h = $hash->hash($str); + $h = substr($h, 0, 57); + // 2. Prune the buffer: The two least significant bits of the first + // octet are cleared, all eight bits the last octet are cleared, and + // the highest bit of the second to last octet is set. + $h[0] = $h[0] & chr(0xFC); + $h = strrev($h); + $h[0] = "\0"; + $h[1] = $h[1] | chr(0x80); + // 3. Interpret the buffer as the little-endian integer, forming a + // secret scalar s. + $dA = new BigInteger($h, 256); + + return [ + 'dA' => $dA, + 'secret' => $str + ]; + + $dA->secret = $str; + return $dA; + } + + /** + * Encode a point as a string + * + * @param array $point + * @return string + */ + public function encodePoint($point) + { + list($x, $y) = $point; + $y = "\0" . $y->toBytes(); + if ($x->isOdd()) { + $y[0] = $y[0] | chr(0x80); + } + $y = strrev($y); + + return $y; + } + + /** + * Creates a random scalar multiplier + * + * @return \phpseclib3\Math\PrimeField\Integer + */ + public function createRandomMultiplier() + { + return $this->extractSecret(Random::string(57))['dA']; + } + + /** + * Converts an affine point to an extended homogeneous coordinate + * + * From https://tools.ietf.org/html/rfc8032#section-5.2.4 : + * + * A point (x,y) is represented in extended homogeneous coordinates (X, Y, Z, T), + * with x = X/Z, y = Y/Z, x * y = T/Z. + * + * @return \phpseclib3\Math\PrimeField\Integer[] + */ + public function convertToInternal(array $p) + { + if (empty($p)) { + return [clone $this->zero, clone $this->one, clone $this->one]; + } + + if (isset($p[2])) { + return $p; + } + + $p[2] = clone $this->one; + + return $p; + } + + /** + * Doubles a point on a curve + * + * @return FiniteField[] + */ + public function doublePoint(array $p) + { + if (!isset($this->factory)) { + throw new \RuntimeException('setModulo needs to be called before this method'); + } + + if (!count($p)) { + return []; + } + + if (!isset($p[2])) { + throw new \RuntimeException('Affine coordinates need to be manually converted to "Jacobi" coordinates or vice versa'); + } + + // from https://tools.ietf.org/html/rfc8032#page-18 + + list($x1, $y1, $z1) = $p; + + $b = $x1->add($y1); + $b = $b->multiply($b); + $c = $x1->multiply($x1); + $d = $y1->multiply($y1); + $e = $c->add($d); + $h = $z1->multiply($z1); + $j = $e->subtract($this->two->multiply($h)); + + $x3 = $b->subtract($e)->multiply($j); + $y3 = $c->subtract($d)->multiply($e); + $z3 = $e->multiply($j); + + return [$x3, $y3, $z3]; + } + + /** + * Adds two points on the curve + * + * @return FiniteField[] + */ + public function addPoint(array $p, array $q) + { + if (!isset($this->factory)) { + throw new \RuntimeException('setModulo needs to be called before this method'); + } + + if (!count($p) || !count($q)) { + if (count($q)) { + return $q; + } + if (count($p)) { + return $p; + } + return []; + } + + if (!isset($p[2]) || !isset($q[2])) { + throw new \RuntimeException('Affine coordinates need to be manually converted to "Jacobi" coordinates or vice versa'); + } + + if ($p[0]->equals($q[0])) { + return !$p[1]->equals($q[1]) ? [] : $this->doublePoint($p); + } + + // from https://tools.ietf.org/html/rfc8032#page-17 + + list($x1, $y1, $z1) = $p; + list($x2, $y2, $z2) = $q; + + $a = $z1->multiply($z2); + $b = $a->multiply($a); + $c = $x1->multiply($x2); + $d = $y1->multiply($y2); + $e = $this->d->multiply($c)->multiply($d); + $f = $b->subtract($e); + $g = $b->add($e); + $h = $x1->add($y1)->multiply($x2->add($y2)); + + $x3 = $a->multiply($f)->multiply($h->subtract($c)->subtract($d)); + $y3 = $a->multiply($g)->multiply($d->subtract($c)); + $z3 = $f->multiply($g); + + return [$x3, $y3, $z3]; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP160r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP160r1.php new file mode 100644 index 0000000..7bc2272 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP160r1.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class brainpoolP160r1 extends Prime +{ + public function __construct() + { + $this->setModulo(new BigInteger('E95E4A5F737059DC60DFC7AD95B3D8139515620F', 16)); + $this->setCoefficients( + new BigInteger('340E7BE2A280EB74E2BE61BADA745D97E8F7C300', 16), + new BigInteger('1E589A8595423412134FAA2DBDEC95C8D8675E58', 16) + ); + $this->setBasePoint( + new BigInteger('BED5AF16EA3F6A4F62938C4631EB5AF7BDBCDBC3', 16), + new BigInteger('1667CB477A1A8EC338F94741669C976316DA6321', 16) + ); + $this->setOrder(new BigInteger('E95E4A5F737059DC60DF5991D45029409E60FC09', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP160t1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP160t1.php new file mode 100644 index 0000000..ebfb29a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP160t1.php @@ -0,0 +1,47 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class brainpoolP160t1 extends Prime +{ + public function __construct() + { + $this->setModulo(new BigInteger('E95E4A5F737059DC60DFC7AD95B3D8139515620F', 16)); + $this->setCoefficients( + new BigInteger('E95E4A5F737059DC60DFC7AD95B3D8139515620C', 16), // eg. -3 + new BigInteger('7A556B6DAE535B7B51ED2C4D7DAA7A0B5C55F380', 16) + ); + $this->setBasePoint( + new BigInteger('B199B13B9B34EFC1397E64BAEB05ACC265FF2378', 16), + new BigInteger('ADD6718B7C7C1961F0991B842443772152C9E0AD', 16) + ); + $this->setOrder(new BigInteger('E95E4A5F737059DC60DF5991D45029409E60FC09', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP192r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP192r1.php new file mode 100644 index 0000000..6ec848b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP192r1.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class brainpoolP192r1 extends Prime +{ + public function __construct() + { + $this->setModulo(new BigInteger('C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297', 16)); + $this->setCoefficients( + new BigInteger('6A91174076B1E0E19C39C031FE8685C1CAE040E5C69A28EF', 16), + new BigInteger('469A28EF7C28CCA3DC721D044F4496BCCA7EF4146FBF25C9', 16) + ); + $this->setBasePoint( + new BigInteger('C0A0647EAAB6A48753B033C56CB0F0900A2F5C4853375FD6', 16), + new BigInteger('14B690866ABD5BB88B5F4828C1490002E6773FA2FA299B8F', 16) + ); + $this->setOrder(new BigInteger('C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP192t1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP192t1.php new file mode 100644 index 0000000..e6a86bb --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP192t1.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class brainpoolP192t1 extends Prime +{ + public function __construct() + { + $this->setModulo(new BigInteger('C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297', 16)); + $this->setCoefficients( + new BigInteger('C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86294', 16), // eg. -3 + new BigInteger('13D56FFAEC78681E68F9DEB43B35BEC2FB68542E27897B79', 16) + ); + $this->setBasePoint( + new BigInteger('3AE9E58C82F63C30282E1FE7BBF43FA72C446AF6F4618129', 16), + new BigInteger('097E2C5667C2223A902AB5CA449D0084B7E5B3DE7CCC01C9', 16) + ); + $this->setOrder(new BigInteger('C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP224r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP224r1.php new file mode 100644 index 0000000..3d7d872 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP224r1.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class brainpoolP224r1 extends Prime +{ + public function __construct() + { + $this->setModulo(new BigInteger('D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF', 16)); + $this->setCoefficients( + new BigInteger('68A5E62CA9CE6C1C299803A6C1530B514E182AD8B0042A59CAD29F43', 16), + new BigInteger('2580F63CCFE44138870713B1A92369E33E2135D266DBB372386C400B', 16) + ); + $this->setBasePoint( + new BigInteger('0D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C1E6EFDEE12C07D', 16), + new BigInteger('58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D3761402CD', 16) + ); + $this->setOrder(new BigInteger('D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP224t1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP224t1.php new file mode 100644 index 0000000..3d4f928 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP224t1.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class brainpoolP224t1 extends Prime +{ + public function __construct() + { + $this->setModulo(new BigInteger('D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF', 16)); + $this->setCoefficients( + new BigInteger('D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FC', 16), // eg. -3 + new BigInteger('4B337D934104CD7BEF271BF60CED1ED20DA14C08B3BB64F18A60888D', 16) + ); + $this->setBasePoint( + new BigInteger('6AB1E344CE25FF3896424E7FFE14762ECB49F8928AC0C76029B4D580', 16), + new BigInteger('0374E9F5143E568CD23F3F4D7C0D4B1E41C8CC0D1C6ABD5F1A46DB4C', 16) + ); + $this->setOrder(new BigInteger('D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP256r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP256r1.php new file mode 100644 index 0000000..5780da7 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP256r1.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class brainpoolP256r1 extends Prime +{ + public function __construct() + { + $this->setModulo(new BigInteger('A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377', 16)); + $this->setCoefficients( + new BigInteger('7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9', 16), + new BigInteger('26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6', 16) + ); + $this->setBasePoint( + new BigInteger('8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262', 16), + new BigInteger('547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997', 16) + ); + $this->setOrder(new BigInteger('A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP256t1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP256t1.php new file mode 100644 index 0000000..724d8b8 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP256t1.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class brainpoolP256t1 extends Prime +{ + public function __construct() + { + $this->setModulo(new BigInteger('A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377', 16)); + $this->setCoefficients( + new BigInteger('A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5374', 16), // eg. -3 + new BigInteger('662C61C430D84EA4FE66A7733D0B76B7BF93EBC4AF2F49256AE58101FEE92B04', 16) + ); + $this->setBasePoint( + new BigInteger('A3E8EB3CC1CFE7B7732213B23A656149AFA142C47AAFBC2B79A191562E1305F4', 16), + new BigInteger('2D996C823439C56D7F7B22E14644417E69BCB6DE39D027001DABE8F35B25C9BE', 16) + ); + $this->setOrder(new BigInteger('A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP320r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP320r1.php new file mode 100644 index 0000000..182e622 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP320r1.php @@ -0,0 +1,40 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class brainpoolP320r1 extends Prime +{ + public function __construct() + { + $this->setModulo(new BigInteger('D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F9' . + '2B9EC7893EC28FCD412B1F1B32E27', 16)); + $this->setCoefficients( + new BigInteger('3EE30B568FBAB0F883CCEBD46D3F3BB8A2A73513F5EB79DA66190EB085FFA9F4' . + '92F375A97D860EB4', 16), + new BigInteger('520883949DFDBC42D3AD198640688A6FE13F41349554B49ACC31DCCD88453981' . + '6F5EB4AC8FB1F1A6', 16) + ); + $this->setBasePoint( + new BigInteger('43BD7E9AFB53D8B85289BCC48EE5BFE6F20137D10A087EB6E7871E2A10A599C7' . + '10AF8D0D39E20611', 16), + new BigInteger('14FDD05545EC1CC8AB4093247F77275E0743FFED117182EAA9C77877AAAC6AC7' . + 'D35245D1692E8EE1', 16) + ); + $this->setOrder(new BigInteger('D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D4' . + '82EC7EE8658E98691555B44C59311', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP320t1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP320t1.php new file mode 100644 index 0000000..d5a620d --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP320t1.php @@ -0,0 +1,40 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class brainpoolP320t1 extends Prime +{ + public function __construct() + { + $this->setModulo(new BigInteger('D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F9' . + '2B9EC7893EC28FCD412B1F1B32E27', 16)); + $this->setCoefficients( + new BigInteger('D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28' . + 'FCD412B1F1B32E24', 16), // eg. -3 + new BigInteger('A7F561E038EB1ED560B3D147DB782013064C19F27ED27C6780AAF77FB8A547CE' . + 'B5B4FEF422340353', 16) + ); + $this->setBasePoint( + new BigInteger('925BE9FB01AFC6FB4D3E7D4990010F813408AB106C4F09CB7EE07868CC136FFF' . + '3357F624A21BED52', 16), + new BigInteger('63BA3A7A27483EBF6671DBEF7ABB30EBEE084E58A0B077AD42A5A0989D1EE71B' . + '1B9BC0455FB0D2C3', 16) + ); + $this->setOrder(new BigInteger('D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D4' . + '82EC7EE8658E98691555B44C59311', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP384r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP384r1.php new file mode 100644 index 0000000..a20b4b4 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP384r1.php @@ -0,0 +1,58 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class brainpoolP384r1 extends Prime +{ + public function __construct() + { + $this->setModulo(new BigInteger( + '8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A7' . + '1874700133107EC53', + 16 + )); + $this->setCoefficients( + new BigInteger( + '7BC382C63D8C150C3C72080ACE05AFA0C2BEA28E4FB22787139165EFBA91F90F8AA5814A503' . + 'AD4EB04A8C7DD22CE2826', + 16 + ), + new BigInteger( + '4A8C7DD22CE28268B39B55416F0447C2FB77DE107DCD2A62E880EA53EEB62D57CB4390295DB' . + 'C9943AB78696FA504C11', + 16 + ) + ); + $this->setBasePoint( + new BigInteger( + '1D1C64F068CF45FFA2A63A81B7C13F6B8847A3E77EF14FE3DB7FCAFE0CBD10E8E826E03436D' . + '646AAEF87B2E247D4AF1E', + 16 + ), + new BigInteger( + '8ABE1D7520F9C2A45CB1EB8E95CFD55262B70B29FEEC5864E19C054FF99129280E464621779' . + '1811142820341263C5315', + 16 + ) + ); + $this->setOrder(new BigInteger( + '8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC31' . + '03B883202E9046565', + 16 + )); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP384t1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP384t1.php new file mode 100644 index 0000000..366660e --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP384t1.php @@ -0,0 +1,58 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class brainpoolP384t1 extends Prime +{ + public function __construct() + { + $this->setModulo(new BigInteger( + '8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A7' . + '1874700133107EC53', + 16 + )); + $this->setCoefficients( + new BigInteger( + '8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901' . + 'D1A71874700133107EC50', + 16 + ), // eg. -3 + new BigInteger( + '7F519EADA7BDA81BD826DBA647910F8C4B9346ED8CCDC64E4B1ABD11756DCE1D2074AA263B8' . + '8805CED70355A33B471EE', + 16 + ) + ); + $this->setBasePoint( + new BigInteger( + '18DE98B02DB9A306F2AFCD7235F72A819B80AB12EBD653172476FECD462AABFFC4FF191B946' . + 'A5F54D8D0AA2F418808CC', + 16 + ), + new BigInteger( + '25AB056962D30651A114AFD2755AD336747F93475B7A1FCA3B88F2B6A208CCFE469408584DC' . + '2B2912675BF5B9E582928', + 16 + ) + ); + $this->setOrder(new BigInteger( + '8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC31' . + '03B883202E9046565', + 16 + )); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP512r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP512r1.php new file mode 100644 index 0000000..5efe5e1 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP512r1.php @@ -0,0 +1,58 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class brainpoolP512r1 extends Prime +{ + public function __construct() + { + $this->setModulo(new BigInteger( + 'AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC' . + '66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3', + 16 + )); + $this->setCoefficients( + new BigInteger( + '7830A3318B603B89E2327145AC234CC594CBDD8D3DF91610A83441CAEA9863BC2DED5D5AA82' . + '53AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CA', + 16 + ), + new BigInteger( + '3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C' . + '1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723', + 16 + ) + ); + $this->setBasePoint( + new BigInteger( + '81AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D0098EFF3B1F78E2D' . + '0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F822', + 16 + ), + new BigInteger( + '7DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F8111B2DCDE494A5' . + 'F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892', + 16 + ) + ); + $this->setOrder(new BigInteger( + 'AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA' . + '92619418661197FAC10471DB1D381085DDADDB58796829CA90069', + 16 + )); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP512t1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP512t1.php new file mode 100644 index 0000000..745863a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP512t1.php @@ -0,0 +1,58 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class brainpoolP512t1 extends Prime +{ + public function __construct() + { + $this->setModulo(new BigInteger( + 'AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC' . + '66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3', + 16 + )); + $this->setCoefficients( + new BigInteger( + 'AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC' . + '66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F0', + 16 + ), // eg. -3 + new BigInteger( + '7CBBBCF9441CFAB76E1890E46884EAE321F70C0BCB4981527897504BEC3E36A62BCDFA23049' . + '76540F6450085F2DAE145C22553B465763689180EA2571867423E', + 16 + ) + ); + $this->setBasePoint( + new BigInteger( + '640ECE5C12788717B9C1BA06CBC2A6FEBA85842458C56DDE9DB1758D39C0313D82BA51735CD' . + 'B3EA499AA77A7D6943A64F7A3F25FE26F06B51BAA2696FA9035DA', + 16 + ), + new BigInteger( + '5B534BD595F5AF0FA2C892376C84ACE1BB4E3019B71634C01131159CAE03CEE9D9932184BEE' . + 'F216BD71DF2DADF86A627306ECFF96DBB8BACE198B61E00F8B332', + 16 + ) + ); + $this->setOrder(new BigInteger( + 'AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA' . + '92619418661197FAC10471DB1D381085DDADDB58796829CA90069', + 16 + )); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistb233.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistb233.php new file mode 100644 index 0000000..bae12b0 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistb233.php @@ -0,0 +1,18 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +final class nistb233 extends sect233r1 +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistb409.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistb409.php new file mode 100644 index 0000000..a46153d --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistb409.php @@ -0,0 +1,18 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +final class nistb409 extends sect409r1 +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk163.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk163.php new file mode 100644 index 0000000..8b26376 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk163.php @@ -0,0 +1,18 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +final class nistk163 extends sect163k1 +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk233.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk233.php new file mode 100644 index 0000000..69e1413 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk233.php @@ -0,0 +1,18 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +final class nistk233 extends sect233k1 +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk283.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk283.php new file mode 100644 index 0000000..9e95f10 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk283.php @@ -0,0 +1,18 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +final class nistk283 extends sect283k1 +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk409.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk409.php new file mode 100644 index 0000000..06bd9af --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk409.php @@ -0,0 +1,18 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +final class nistk409 extends sect409k1 +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp192.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp192.php new file mode 100644 index 0000000..ddead3c --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp192.php @@ -0,0 +1,18 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +final class nistp192 extends secp192r1 +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp224.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp224.php new file mode 100644 index 0000000..746571b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp224.php @@ -0,0 +1,18 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +final class nistp224 extends secp224r1 +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp256.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp256.php new file mode 100644 index 0000000..a26c0f9 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp256.php @@ -0,0 +1,18 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +final class nistp256 extends secp256r1 +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp384.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp384.php new file mode 100644 index 0000000..1f20c02 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp384.php @@ -0,0 +1,18 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +final class nistp384 extends secp384r1 +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp521.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp521.php new file mode 100644 index 0000000..86fa050 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp521.php @@ -0,0 +1,18 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +final class nistp521 extends secp521r1 +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistt571.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistt571.php new file mode 100644 index 0000000..7908b38 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistt571.php @@ -0,0 +1,18 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +final class nistt571 extends sect571k1 +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime192v1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime192v1.php new file mode 100644 index 0000000..e9c13cd --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime192v1.php @@ -0,0 +1,18 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +final class prime192v1 extends secp192r1 +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime192v2.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime192v2.php new file mode 100644 index 0000000..e3e341f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime192v2.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class prime192v2 extends Prime +{ + public function __construct() + { + $this->setModulo(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF', 16)); + $this->setCoefficients( + new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC', 16), + new BigInteger('CC22D6DFB95C6B25E49C0D6364A4E5980C393AA21668D953', 16) + ); + $this->setBasePoint( + new BigInteger('EEA2BAE7E1497842F2DE7769CFE9C989C072AD696F48034A', 16), + new BigInteger('6574D11D69B6EC7A672BB82A083DF2F2B0847DE970B2DE15', 16) + ); + $this->setOrder(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFE5FB1A724DC80418648D8DD31', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime192v3.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime192v3.php new file mode 100644 index 0000000..1e97992 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime192v3.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class prime192v3 extends Prime +{ + public function __construct() + { + $this->setModulo(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF', 16)); + $this->setCoefficients( + new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC', 16), + new BigInteger('22123DC2395A05CAA7423DAECCC94760A7D462256BD56916', 16) + ); + $this->setBasePoint( + new BigInteger('7D29778100C65A1DA1783716588DCE2B8B4AEE8E228F1896', 16), + new BigInteger('38A90F22637337334B49DCB66A6DC8F9978ACA7648A943B0', 16) + ); + $this->setOrder(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFF7A62D031C83F4294F640EC13', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime239v1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime239v1.php new file mode 100644 index 0000000..084be9d --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime239v1.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class prime239v1 extends Prime +{ + public function __construct() + { + $this->setModulo(new BigInteger('7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF', 16)); + $this->setCoefficients( + new BigInteger('7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC', 16), + new BigInteger('6B016C3BDCF18941D0D654921475CA71A9DB2FB27D1D37796185C2942C0A', 16) + ); + $this->setBasePoint( + new BigInteger('0FFA963CDCA8816CCC33B8642BEDF905C3D358573D3F27FBBD3B3CB9AAAF', 16), + new BigInteger('7DEBE8E4E90A5DAE6E4054CA530BA04654B36818CE226B39FCCB7B02F1AE', 16) + ); + $this->setOrder(new BigInteger('7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF9E5E9A9F5D9071FBD1522688909D0B', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime239v2.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime239v2.php new file mode 100644 index 0000000..21941b8 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime239v2.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class prime239v2 extends Prime +{ + public function __construct() + { + $this->setModulo(new BigInteger('7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF', 16)); + $this->setCoefficients( + new BigInteger('7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC', 16), + new BigInteger('617FAB6832576CBBFED50D99F0249C3FEE58B94BA0038C7AE84C8C832F2C', 16) + ); + $this->setBasePoint( + new BigInteger('38AF09D98727705120C921BB5E9E26296A3CDCF2F35757A0EAFD87B830E7', 16), + new BigInteger('5B0125E4DBEA0EC7206DA0FC01D9B081329FB555DE6EF460237DFF8BE4BA', 16) + ); + $this->setOrder(new BigInteger('7FFFFFFFFFFFFFFFFFFFFFFF800000CFA7E8594377D414C03821BC582063', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime239v3.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime239v3.php new file mode 100644 index 0000000..78c50f0 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime239v3.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class prime239v3 extends Prime +{ + public function __construct() + { + $this->setModulo(new BigInteger('7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF', 16)); + $this->setCoefficients( + new BigInteger('7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC', 16), + new BigInteger('255705FA2A306654B1F4CB03D6A750A30C250102D4988717D9BA15AB6D3E', 16) + ); + $this->setBasePoint( + new BigInteger('6768AE8E18BB92CFCF005C949AA2C6D94853D0E660BBF854B1C9505FE95A', 16), + new BigInteger('1607E6898F390C06BC1D552BAD226F3B6FCFE48B6E818499AF18E3ED6CF3', 16) + ); + $this->setOrder(new BigInteger('7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF975DEB41B3A6057C3C432146526551', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime256v1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime256v1.php new file mode 100644 index 0000000..c72b22e --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime256v1.php @@ -0,0 +1,18 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +final class prime256v1 extends secp256r1 +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp112r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp112r1.php new file mode 100644 index 0000000..d1d3194 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp112r1.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class secp112r1 extends Prime +{ + public function __construct() + { + $this->setModulo(new BigInteger('DB7C2ABF62E35E668076BEAD208B', 16)); + $this->setCoefficients( + new BigInteger('DB7C2ABF62E35E668076BEAD2088', 16), + new BigInteger('659EF8BA043916EEDE8911702B22', 16) + ); + $this->setBasePoint( + new BigInteger('09487239995A5EE76B55F9C2F098', 16), + new BigInteger('A89CE5AF8724C0A23E0E0FF77500', 16) + ); + $this->setOrder(new BigInteger('DB7C2ABF62E35E7628DFAC6561C5', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp112r2.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp112r2.php new file mode 100644 index 0000000..da44e7f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp112r2.php @@ -0,0 +1,35 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class secp112r2 extends Prime +{ + public function __construct() + { + // same modulo as secp112r1 + $this->setModulo(new BigInteger('DB7C2ABF62E35E668076BEAD208B', 16)); + $this->setCoefficients( + new BigInteger('6127C24C05F38A0AAAF65C0EF02C', 16), + new BigInteger('51DEF1815DB5ED74FCC34C85D709', 16) + ); + $this->setBasePoint( + new BigInteger('4BA30AB5E892B4E1649DD0928643', 16), + new BigInteger('ADCD46F5882E3747DEF36E956E97', 16) + ); + $this->setOrder(new BigInteger('36DF0AAFD8B8D7597CA10520D04B', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp128r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp128r1.php new file mode 100644 index 0000000..34456bc --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp128r1.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class secp128r1 extends Prime +{ + public function __construct() + { + $this->setModulo(new BigInteger('FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF', 16)); + $this->setCoefficients( + new BigInteger('FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC', 16), + new BigInteger('E87579C11079F43DD824993C2CEE5ED3', 16) + ); + $this->setBasePoint( + new BigInteger('161FF7528B899B2D0C28607CA52C5B86', 16), + new BigInteger('CF5AC8395BAFEB13C02DA292DDED7A83', 16) + ); + $this->setOrder(new BigInteger('FFFFFFFE0000000075A30D1B9038A115', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp128r2.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp128r2.php new file mode 100644 index 0000000..e102c34 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp128r2.php @@ -0,0 +1,35 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class secp128r2 extends Prime +{ + public function __construct() + { + // same as secp128r1 + $this->setModulo(new BigInteger('FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF', 16)); + $this->setCoefficients( + new BigInteger('D6031998D1B3BBFEBF59CC9BBFF9AEE1', 16), + new BigInteger('5EEEFCA380D02919DC2C6558BB6D8A5D', 16) + ); + $this->setBasePoint( + new BigInteger('7B6AA5D85E572983E6FB32A7CDEBC140', 16), + new BigInteger('27B6916A894D3AEE7106FE805FC34B44', 16) + ); + $this->setOrder(new BigInteger('3FFFFFFF7FFFFFFFBE0024720613B5A3', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp160k1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp160k1.php new file mode 100644 index 0000000..c6a3334 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp160k1.php @@ -0,0 +1,46 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\KoblitzPrime; +use phpseclib3\Math\BigInteger; + +class secp160k1 extends KoblitzPrime +{ + public function __construct() + { + // same as secp160r2 + $this->setModulo(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73', 16)); + $this->setCoefficients( + new BigInteger('0000000000000000000000000000000000000000', 16), + new BigInteger('0000000000000000000000000000000000000007', 16) + ); + $this->setBasePoint( + new BigInteger('3B4C382CE37AA192A4019E763036F4F5DD4D7EBB', 16), + new BigInteger('938CF935318FDCED6BC28286531733C3F03C4FEE', 16) + ); + $this->setOrder(new BigInteger('0100000000000000000001B8FA16DFAB9ACA16B6B3', 16)); + + $this->basis = []; + $this->basis[] = [ + 'a' => new BigInteger('0096341F1138933BC2F505', -16), + 'b' => new BigInteger('FF6E9D0418C67BB8D5F562', -16) + ]; + $this->basis[] = [ + 'a' => new BigInteger('01BDCB3A09AAAABEAFF4A8', -16), + 'b' => new BigInteger('04D12329FF0EF498EA67', -16) + ]; + $this->beta = $this->factory->newInteger(new BigInteger('645B7345A143464942CC46D7CF4D5D1E1E6CBB68', -16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp160r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp160r1.php new file mode 100644 index 0000000..af46877 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp160r1.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class secp160r1 extends Prime +{ + public function __construct() + { + $this->setModulo(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF', 16)); + $this->setCoefficients( + new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC', 16), + new BigInteger('1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45', 16) + ); + $this->setBasePoint( + new BigInteger('4A96B5688EF573284664698968C38BB913CBFC82', 16), + new BigInteger('23A628553168947D59DCC912042351377AC5FB32', 16) + ); + $this->setOrder(new BigInteger('0100000000000000000001F4C8F927AED3CA752257', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp160r2.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp160r2.php new file mode 100644 index 0000000..9bd23d2 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp160r2.php @@ -0,0 +1,35 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class secp160r2 extends Prime +{ + public function __construct() + { + // same as secp160k1 + $this->setModulo(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73', 16)); + $this->setCoefficients( + new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC70', 16), + new BigInteger('B4E134D3FB59EB8BAB57274904664D5AF50388BA', 16) + ); + $this->setBasePoint( + new BigInteger('52DCB034293A117E1F4FF11B30F7199D3144CE6D', 16), + new BigInteger('FEAFFEF2E331F296E071FA0DF9982CFEA7D43F2E', 16) + ); + $this->setOrder(new BigInteger('0100000000000000000000351EE786A818F3A1A16B', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp192k1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp192k1.php new file mode 100644 index 0000000..79ff2e0 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp192k1.php @@ -0,0 +1,45 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\KoblitzPrime; +use phpseclib3\Math\BigInteger; + +class secp192k1 extends KoblitzPrime +{ + public function __construct() + { + $this->setModulo(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37', 16)); + $this->setCoefficients( + new BigInteger('000000000000000000000000000000000000000000000000', 16), + new BigInteger('000000000000000000000000000000000000000000000003', 16) + ); + $this->setBasePoint( + new BigInteger('DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D', 16), + new BigInteger('9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D', 16) + ); + $this->setOrder(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D', 16)); + + $this->basis = []; + $this->basis[] = [ + 'a' => new BigInteger('00B3FB3400DEC5C4ADCEB8655C', -16), + 'b' => new BigInteger('8EE96418CCF4CFC7124FDA0F', -16) + ]; + $this->basis[] = [ + 'a' => new BigInteger('01D90D03E8F096B9948B20F0A9', -16), + 'b' => new BigInteger('42E49819ABBA9474E1083F6B', -16) + ]; + $this->beta = $this->factory->newInteger(new BigInteger('447A96E6C647963E2F7809FEAAB46947F34B0AA3CA0BBA74', -16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp192r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp192r1.php new file mode 100644 index 0000000..83ab1c7 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp192r1.php @@ -0,0 +1,78 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class secp192r1 extends Prime +{ + public function __construct() + { + $modulo = new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF', 16); + $this->setModulo($modulo); + + // algorithm 2.27 from http://diamond.boisestate.edu/~liljanab/MATH308/GuideToECC.pdf#page=66 + /* in theory this should be faster than regular modular reductions save for one small issue. + to convert to / from base-2**8 with BCMath you have to call bcmul() and bcdiv() a lot. + to convert to / from base-2**8 with PHP64 you have to call base256_rshift() a lot. + in short, converting to / from base-2**8 is pretty expensive and that expense is + enough to offset whatever else might be gained by a simplified reduction algorithm. + now, if PHP supported unsigned integers things might be different. no bit-shifting + would be required for the PHP engine and it'd be a lot faster. but as is, BigInteger + uses base-2**31 or base-2**26 depending on whether or not the system is has a 32-bit + or a 64-bit OS. + */ + /* + $m_length = $this->getLengthInBytes(); + $this->setReduction(function($c) use ($m_length) { + $cBytes = $c->toBytes(); + $className = $this->className; + + if (strlen($cBytes) > 2 * $m_length) { + list(, $r) = $c->divide($className::$modulo); + return $r; + } + + $c = str_pad($cBytes, 48, "\0", STR_PAD_LEFT); + $c = array_reverse(str_split($c, 8)); + + $null = "\0\0\0\0\0\0\0\0"; + $s1 = new BigInteger($c[2] . $c[1] . $c[0], 256); + $s2 = new BigInteger($null . $c[3] . $c[3], 256); + $s3 = new BigInteger($c[4] . $c[4] . $null, 256); + $s4 = new BigInteger($c[5] . $c[5] . $c[5], 256); + + $r = $s1->add($s2)->add($s3)->add($s4); + while ($r->compare($className::$modulo) >= 0) { + $r = $r->subtract($className::$modulo); + } + + return $r; + }); + */ + + $this->setCoefficients( + new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC', 16), + new BigInteger('64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1', 16) + ); + $this->setBasePoint( + new BigInteger('188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012', 16), + new BigInteger('07192B95FFC8DA78631011ED6B24CDD573F977A11E794811', 16) + ); + $this->setOrder(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp224k1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp224k1.php new file mode 100644 index 0000000..79a5c54 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp224k1.php @@ -0,0 +1,45 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\KoblitzPrime; +use phpseclib3\Math\BigInteger; + +class secp224k1 extends KoblitzPrime +{ + public function __construct() + { + $this->setModulo(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFE56D', 16)); + $this->setCoefficients( + new BigInteger('00000000000000000000000000000000000000000000000000000000', 16), + new BigInteger('00000000000000000000000000000000000000000000000000000005', 16) + ); + $this->setBasePoint( + new BigInteger('A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C', 16), + new BigInteger('7E089FED7FBA344282CAFBD6F7E319F7C0B0BD59E2CA4BDB556D61A5', 16) + ); + $this->setOrder(new BigInteger('010000000000000000000000000001DCE8D2EC6184CAF0A971769FB1F7', 16)); + + $this->basis = []; + $this->basis[] = [ + 'a' => new BigInteger('00B8ADF1378A6EB73409FA6C9C637D', -16), + 'b' => new BigInteger('94730F82B358A3776A826298FA6F', -16) + ]; + $this->basis[] = [ + 'a' => new BigInteger('01DCE8D2EC6184CAF0A972769FCC8B', -16), + 'b' => new BigInteger('4D2100BA3DC75AAB747CCF355DEC', -16) + ]; + $this->beta = $this->factory->newInteger(new BigInteger('01F178FFA4B17C89E6F73AECE2AAD57AF4C0A748B63C830947B27E04', -16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp224r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp224r1.php new file mode 100644 index 0000000..a9e474a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp224r1.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class secp224r1 extends Prime +{ + public function __construct() + { + $this->setModulo(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001', 16)); + $this->setCoefficients( + new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE', 16), + new BigInteger('B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4', 16) + ); + $this->setBasePoint( + new BigInteger('B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21', 16), + new BigInteger('BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34', 16) + ); + $this->setOrder(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp256k1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp256k1.php new file mode 100644 index 0000000..462e7a1 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp256k1.php @@ -0,0 +1,49 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +//use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Crypt\EC\BaseCurves\KoblitzPrime; +use phpseclib3\Math\BigInteger; + +//class secp256k1 extends Prime +class secp256k1 extends KoblitzPrime +{ + public function __construct() + { + $this->setModulo(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F', 16)); + $this->setCoefficients( + new BigInteger('0000000000000000000000000000000000000000000000000000000000000000', 16), + new BigInteger('0000000000000000000000000000000000000000000000000000000000000007', 16) + ); + $this->setOrder(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141', 16)); + $this->setBasePoint( + new BigInteger('79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798', 16), + new BigInteger('483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8', 16) + ); + + $this->basis = []; + $this->basis[] = [ + 'a' => new BigInteger('3086D221A7D46BCDE86C90E49284EB15', -16), + 'b' => new BigInteger('FF1BBC8129FEF177D790AB8056F5401B3D', -16) + ]; + $this->basis[] = [ + 'a' => new BigInteger('114CA50F7A8E2F3F657C1108D9D44CFD8', -16), + 'b' => new BigInteger('3086D221A7D46BCDE86C90E49284EB15', -16) + ]; + $this->beta = $this->factory->newInteger(new BigInteger('7AE96A2B657C07106E64479EAC3434E99CF0497512F58995C1396C28719501EE', -16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp256r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp256r1.php new file mode 100644 index 0000000..9003373 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp256r1.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class secp256r1 extends Prime +{ + public function __construct() + { + $this->setModulo(new BigInteger('FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF', 16)); + $this->setCoefficients( + new BigInteger('FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC', 16), + new BigInteger('5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B', 16) + ); + $this->setBasePoint( + new BigInteger('6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296', 16), + new BigInteger('4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5', 16) + ); + $this->setOrder(new BigInteger('FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp384r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp384r1.php new file mode 100644 index 0000000..98764a3 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp384r1.php @@ -0,0 +1,52 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class secp384r1 extends Prime +{ + public function __construct() + { + $this->setModulo(new BigInteger( + 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF', + 16 + )); + $this->setCoefficients( + new BigInteger( + 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC', + 16 + ), + new BigInteger( + 'B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF', + 16 + ) + ); + $this->setBasePoint( + new BigInteger( + 'AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7', + 16 + ), + new BigInteger( + '3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F', + 16 + ) + ); + $this->setOrder(new BigInteger( + 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973', + 16 + )); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp521r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp521r1.php new file mode 100644 index 0000000..b89a4ea --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp521r1.php @@ -0,0 +1,46 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Prime; +use phpseclib3\Math\BigInteger; + +class secp521r1 extends Prime +{ + public function __construct() + { + $this->setModulo(new BigInteger('01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF' . + 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF' . + 'FFFF', 16)); + $this->setCoefficients( + new BigInteger('01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF' . + 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF' . + 'FFFC', 16), + new BigInteger('0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF1' . + '09E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B50' . + '3F00', 16) + ); + $this->setBasePoint( + new BigInteger('00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D' . + '3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5' . + 'BD66', 16), + new BigInteger('011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E' . + '662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD1' . + '6650', 16) + ); + $this->setOrder(new BigInteger('01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF' . + 'FFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E9138' . + '6409', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect113r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect113r1.php new file mode 100644 index 0000000..77ec760 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect113r1.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Binary; +use phpseclib3\Math\BigInteger; + +class sect113r1 extends Binary +{ + public function __construct() + { + $this->setModulo(113, 9, 0); + $this->setCoefficients( + '003088250CA6E7C7FE649CE85820F7', + '00E8BEE4D3E2260744188BE0E9C723' + ); + $this->setBasePoint( + '009D73616F35F4AB1407D73562C10F', + '00A52830277958EE84D1315ED31886' + ); + $this->setOrder(new BigInteger('0100000000000000D9CCEC8A39E56F', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect113r2.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect113r2.php new file mode 100644 index 0000000..2185d60 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect113r2.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Binary; +use phpseclib3\Math\BigInteger; + +class sect113r2 extends Binary +{ + public function __construct() + { + $this->setModulo(113, 9, 0); + $this->setCoefficients( + '00689918DBEC7E5A0DD6DFC0AA55C7', + '0095E9A9EC9B297BD4BF36E059184F' + ); + $this->setBasePoint( + '01A57A6A7B26CA5EF52FCDB8164797', + '00B3ADC94ED1FE674C06E695BABA1D' + ); + $this->setOrder(new BigInteger('010000000000000108789B2496AF93', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect131r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect131r1.php new file mode 100644 index 0000000..1365cb6 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect131r1.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Binary; +use phpseclib3\Math\BigInteger; + +class sect131r1 extends Binary +{ + public function __construct() + { + $this->setModulo(131, 8, 3, 2, 0); + $this->setCoefficients( + '07A11B09A76B562144418FF3FF8C2570B8', + '0217C05610884B63B9C6C7291678F9D341' + ); + $this->setBasePoint( + '0081BAF91FDF9833C40F9C181343638399', + '078C6E7EA38C001F73C8134B1B4EF9E150' + ); + $this->setOrder(new BigInteger('0400000000000000023123953A9464B54D', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect131r2.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect131r2.php new file mode 100644 index 0000000..93c11b2 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect131r2.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Binary; +use phpseclib3\Math\BigInteger; + +class sect131r2 extends Binary +{ + public function __construct() + { + $this->setModulo(131, 8, 3, 2, 0); + $this->setCoefficients( + '03E5A88919D7CAFCBF415F07C2176573B2', + '04B8266A46C55657AC734CE38F018F2192' + ); + $this->setBasePoint( + '0356DCD8F2F95031AD652D23951BB366A8', + '0648F06D867940A5366D9E265DE9EB240F' + ); + $this->setOrder(new BigInteger('0400000000000000016954A233049BA98F', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect163k1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect163k1.php new file mode 100644 index 0000000..3c8574b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect163k1.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Binary; +use phpseclib3\Math\BigInteger; + +class sect163k1 extends Binary +{ + public function __construct() + { + $this->setModulo(163, 7, 6, 3, 0); + $this->setCoefficients( + '000000000000000000000000000000000000000001', + '000000000000000000000000000000000000000001' + ); + $this->setBasePoint( + '02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8', + '0289070FB05D38FF58321F2E800536D538CCDAA3D9' + ); + $this->setOrder(new BigInteger('04000000000000000000020108A2E0CC0D99F8A5EF', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect163r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect163r1.php new file mode 100644 index 0000000..26afd87 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect163r1.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Binary; +use phpseclib3\Math\BigInteger; + +class sect163r1 extends Binary +{ + public function __construct() + { + $this->setModulo(163, 7, 6, 3, 0); + $this->setCoefficients( + '07B6882CAAEFA84F9554FF8428BD88E246D2782AE2', + '0713612DCDDCB40AAB946BDA29CA91F73AF958AFD9' + ); + $this->setBasePoint( + '0369979697AB43897789566789567F787A7876A654', + '00435EDB42EFAFB2989D51FEFCE3C80988F41FF883' + ); + $this->setOrder(new BigInteger('03FFFFFFFFFFFFFFFFFFFF48AAB689C29CA710279B', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect163r2.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect163r2.php new file mode 100644 index 0000000..38f9466 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect163r2.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Binary; +use phpseclib3\Math\BigInteger; + +class sect163r2 extends Binary +{ + public function __construct() + { + $this->setModulo(163, 7, 6, 3, 0); + $this->setCoefficients( + '000000000000000000000000000000000000000001', + '020A601907B8C953CA1481EB10512F78744A3205FD' + ); + $this->setBasePoint( + '03F0EBA16286A2D57EA0991168D4994637E8343E36', + '00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1' + ); + $this->setOrder(new BigInteger('040000000000000000000292FE77E70C12A4234C33', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect193r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect193r1.php new file mode 100644 index 0000000..951f261 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect193r1.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Binary; +use phpseclib3\Math\BigInteger; + +class sect193r1 extends Binary +{ + public function __construct() + { + $this->setModulo(193, 15, 0); + $this->setCoefficients( + '0017858FEB7A98975169E171F77B4087DE098AC8A911DF7B01', + '00FDFB49BFE6C3A89FACADAA7A1E5BBC7CC1C2E5D831478814' + ); + $this->setBasePoint( + '01F481BC5F0FF84A74AD6CDF6FDEF4BF6179625372D8C0C5E1', + '0025E399F2903712CCF3EA9E3A1AD17FB0B3201B6AF7CE1B05' + ); + $this->setOrder(new BigInteger('01000000000000000000000000C7F34A778F443ACC920EBA49', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect193r2.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect193r2.php new file mode 100644 index 0000000..e3ff47a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect193r2.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Binary; +use phpseclib3\Math\BigInteger; + +class sect193r2 extends Binary +{ + public function __construct() + { + $this->setModulo(193, 15, 0); + $this->setCoefficients( + '0163F35A5137C2CE3EA6ED8667190B0BC43ECD69977702709B', + '00C9BB9E8927D4D64C377E2AB2856A5B16E3EFB7F61D4316AE' + ); + $this->setBasePoint( + '00D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8F', + '01CE94335607C304AC29E7DEFBD9CA01F596F927224CDECF6C' + ); + $this->setOrder(new BigInteger('010000000000000000000000015AAB561B005413CCD4EE99D5', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect233k1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect233k1.php new file mode 100644 index 0000000..eea3f7a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect233k1.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Binary; +use phpseclib3\Math\BigInteger; + +class sect233k1 extends Binary +{ + public function __construct() + { + $this->setModulo(233, 74, 0); + $this->setCoefficients( + '000000000000000000000000000000000000000000000000000000000000', + '000000000000000000000000000000000000000000000000000000000001' + ); + $this->setBasePoint( + '017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126', + '01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3' + ); + $this->setOrder(new BigInteger('8000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect233r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect233r1.php new file mode 100644 index 0000000..68219f0 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect233r1.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Binary; +use phpseclib3\Math\BigInteger; + +class sect233r1 extends Binary +{ + public function __construct() + { + $this->setModulo(233, 74, 0); + $this->setCoefficients( + '000000000000000000000000000000000000000000000000000000000001', + '0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD' + ); + $this->setBasePoint( + '00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B', + '01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052' + ); + $this->setOrder(new BigInteger('01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect239k1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect239k1.php new file mode 100644 index 0000000..0e6994b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect239k1.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Binary; +use phpseclib3\Math\BigInteger; + +class sect239k1 extends Binary +{ + public function __construct() + { + $this->setModulo(239, 158, 0); + $this->setCoefficients( + '000000000000000000000000000000000000000000000000000000000000', + '000000000000000000000000000000000000000000000000000000000001' + ); + $this->setBasePoint( + '29A0B6A887A983E9730988A68727A8B2D126C44CC2CC7B2A6555193035DC', + '76310804F12E549BDB011C103089E73510ACB275FC312A5DC6B76553F0CA' + ); + $this->setOrder(new BigInteger('2000000000000000000000000000005A79FEC67CB6E91F1C1DA800E478A5', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect283k1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect283k1.php new file mode 100644 index 0000000..279c24a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect283k1.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Binary; +use phpseclib3\Math\BigInteger; + +class sect283k1 extends Binary +{ + public function __construct() + { + $this->setModulo(283, 12, 7, 5, 0); + $this->setCoefficients( + '000000000000000000000000000000000000000000000000000000000000000000000000', + '000000000000000000000000000000000000000000000000000000000000000000000001' + ); + $this->setBasePoint( + '0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836', + '01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259' + ); + $this->setOrder(new BigInteger('01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect283r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect283r1.php new file mode 100644 index 0000000..e44a607 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect283r1.php @@ -0,0 +1,34 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Binary; +use phpseclib3\Math\BigInteger; + +class sect283r1 extends Binary +{ + public function __construct() + { + $this->setModulo(283, 12, 7, 5, 0); + $this->setCoefficients( + '000000000000000000000000000000000000000000000000000000000000000000000001', + '027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5' + ); + $this->setBasePoint( + '05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053', + '03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4' + ); + $this->setOrder(new BigInteger('03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307', 16)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect409k1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect409k1.php new file mode 100644 index 0000000..1fe329d --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect409k1.php @@ -0,0 +1,38 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Binary; +use phpseclib3\Math\BigInteger; + +class sect409k1 extends Binary +{ + public function __construct() + { + $this->setModulo(409, 87, 0); + $this->setCoefficients( + '00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000', + '00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001' + ); + $this->setBasePoint( + '0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746', + '01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B' + ); + $this->setOrder(new BigInteger( + '7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F' . + '83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF', + 16 + )); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect409r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect409r1.php new file mode 100644 index 0000000..3e209ef --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect409r1.php @@ -0,0 +1,38 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Binary; +use phpseclib3\Math\BigInteger; + +class sect409r1 extends Binary +{ + public function __construct() + { + $this->setModulo(409, 87, 0); + $this->setCoefficients( + '00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001', + '0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F' + ); + $this->setBasePoint( + '015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7', + '0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706' + ); + $this->setOrder(new BigInteger( + '010000000000000000000000000000000000000000000000000001E2' . + 'AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173', + 16 + )); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php new file mode 100644 index 0000000..3c54eab --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php @@ -0,0 +1,42 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Binary; +use phpseclib3\Math\BigInteger; + +class sect571k1 extends Binary +{ + public function __construct() + { + $this->setModulo(571, 10, 5, 2, 0); + $this->setCoefficients( + '000000000000000000000000000000000000000000000000000000000000000000000000' . + '000000000000000000000000000000000000000000000000000000000000000000000000', + '000000000000000000000000000000000000000000000000000000000000000000000000' . + '000000000000000000000000000000000000000000000000000000000000000000000001' + ); + $this->setBasePoint( + '026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA443709584' . + '93B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972', + '0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0' . + 'AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3' + ); + $this->setOrder(new BigInteger( + '020000000000000000000000000000000000000000000000000000000000000000000000' . + '131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001', + 16 + )); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php new file mode 100644 index 0000000..172c1af --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php @@ -0,0 +1,42 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Crypt\EC\Curves; + +use phpseclib3\Crypt\EC\BaseCurves\Binary; +use phpseclib3\Math\BigInteger; + +class sect571r1 extends Binary +{ + public function __construct() + { + $this->setModulo(571, 10, 5, 2, 0); + $this->setCoefficients( + '000000000000000000000000000000000000000000000000000000000000000000000000' . + '000000000000000000000000000000000000000000000000000000000000000000000001', + '02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD' . + '8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A' + ); + $this->setBasePoint( + '0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950' . + 'F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19', + '037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43' . + 'BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B' + ); + $this->setOrder(new BigInteger( + '03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF' . + 'E661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47', + 16 + )); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/Common.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/Common.php new file mode 100644 index 0000000..63402b4 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/Common.php @@ -0,0 +1,549 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\EC\Formats\Keys; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\EC\BaseCurves\Base as BaseCurve; +use phpseclib3\Crypt\EC\BaseCurves\Binary as BinaryCurve; +use phpseclib3\Crypt\EC\BaseCurves\Prime as PrimeCurve; +use phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards as TwistedEdwardsCurve; +use phpseclib3\Exception\UnsupportedCurveException; +use phpseclib3\File\ASN1; +use phpseclib3\File\ASN1\Maps; +use phpseclib3\Math\BigInteger; + +/** + * Generic EC Key Parsing Helper functions + * + * @author Jim Wigginton + */ +trait Common +{ + /** + * Curve OIDs + * + * @var array + */ + private static $curveOIDs = []; + + /** + * Child OIDs loaded + * + * @var bool + */ + protected static $childOIDsLoaded = false; + + /** + * Use Named Curves + * + * @var bool + */ + private static $useNamedCurves = true; + + /** + * Initialize static variables + */ + private static function initialize_static_variables() + { + if (empty(self::$curveOIDs)) { + // the sec* curves are from the standards for efficient cryptography group + // sect* curves are curves over binary finite fields + // secp* curves are curves over prime finite fields + // sec*r* curves are regular curves; sec*k* curves are koblitz curves + // brainpool*r* curves are regular prime finite field curves + // brainpool*t* curves are twisted versions of the brainpool*r* curves + self::$curveOIDs = [ + 'prime192v1' => '1.2.840.10045.3.1.1', // J.5.1, example 1 (aka secp192r1) + 'prime192v2' => '1.2.840.10045.3.1.2', // J.5.1, example 2 + 'prime192v3' => '1.2.840.10045.3.1.3', // J.5.1, example 3 + 'prime239v1' => '1.2.840.10045.3.1.4', // J.5.2, example 1 + 'prime239v2' => '1.2.840.10045.3.1.5', // J.5.2, example 2 + 'prime239v3' => '1.2.840.10045.3.1.6', // J.5.2, example 3 + 'prime256v1' => '1.2.840.10045.3.1.7', // J.5.3, example 1 (aka secp256r1) + + // https://tools.ietf.org/html/rfc5656#section-10 + 'nistp256' => '1.2.840.10045.3.1.7', // aka secp256r1 + 'nistp384' => '1.3.132.0.34', // aka secp384r1 + 'nistp521' => '1.3.132.0.35', // aka secp521r1 + + 'nistk163' => '1.3.132.0.1', // aka sect163k1 + 'nistp192' => '1.2.840.10045.3.1.1', // aka secp192r1 + 'nistp224' => '1.3.132.0.33', // aka secp224r1 + 'nistk233' => '1.3.132.0.26', // aka sect233k1 + 'nistb233' => '1.3.132.0.27', // aka sect233r1 + 'nistk283' => '1.3.132.0.16', // aka sect283k1 + 'nistk409' => '1.3.132.0.36', // aka sect409k1 + 'nistb409' => '1.3.132.0.37', // aka sect409r1 + 'nistt571' => '1.3.132.0.38', // aka sect571k1 + + // from https://tools.ietf.org/html/rfc5915 + 'secp192r1' => '1.2.840.10045.3.1.1', // aka prime192v1 + 'sect163k1' => '1.3.132.0.1', + 'sect163r2' => '1.3.132.0.15', + 'secp224r1' => '1.3.132.0.33', + 'sect233k1' => '1.3.132.0.26', + 'sect233r1' => '1.3.132.0.27', + 'secp256r1' => '1.2.840.10045.3.1.7', // aka prime256v1 + 'sect283k1' => '1.3.132.0.16', + 'sect283r1' => '1.3.132.0.17', + 'secp384r1' => '1.3.132.0.34', + 'sect409k1' => '1.3.132.0.36', + 'sect409r1' => '1.3.132.0.37', + 'secp521r1' => '1.3.132.0.35', + 'sect571k1' => '1.3.132.0.38', + 'sect571r1' => '1.3.132.0.39', + // from http://www.secg.org/SEC2-Ver-1.0.pdf + 'secp112r1' => '1.3.132.0.6', + 'secp112r2' => '1.3.132.0.7', + 'secp128r1' => '1.3.132.0.28', + 'secp128r2' => '1.3.132.0.29', + 'secp160k1' => '1.3.132.0.9', + 'secp160r1' => '1.3.132.0.8', + 'secp160r2' => '1.3.132.0.30', + 'secp192k1' => '1.3.132.0.31', + 'secp224k1' => '1.3.132.0.32', + 'secp256k1' => '1.3.132.0.10', + + 'sect113r1' => '1.3.132.0.4', + 'sect113r2' => '1.3.132.0.5', + 'sect131r1' => '1.3.132.0.22', + 'sect131r2' => '1.3.132.0.23', + 'sect163r1' => '1.3.132.0.2', + 'sect193r1' => '1.3.132.0.24', + 'sect193r2' => '1.3.132.0.25', + 'sect239k1' => '1.3.132.0.3', + + // from http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.202.2977&rep=rep1&type=pdf#page=36 + /* + 'c2pnb163v1' => '1.2.840.10045.3.0.1', // J.4.1, example 1 + 'c2pnb163v2' => '1.2.840.10045.3.0.2', // J.4.1, example 2 + 'c2pnb163v3' => '1.2.840.10045.3.0.3', // J.4.1, example 3 + 'c2pnb172w1' => '1.2.840.10045.3.0.4', // J.4.2, example 1 + 'c2tnb191v1' => '1.2.840.10045.3.0.5', // J.4.3, example 1 + 'c2tnb191v2' => '1.2.840.10045.3.0.6', // J.4.3, example 2 + 'c2tnb191v3' => '1.2.840.10045.3.0.7', // J.4.3, example 3 + 'c2onb191v4' => '1.2.840.10045.3.0.8', // J.4.3, example 4 + 'c2onb191v5' => '1.2.840.10045.3.0.9', // J.4.3, example 5 + 'c2pnb208w1' => '1.2.840.10045.3.0.10', // J.4.4, example 1 + 'c2tnb239v1' => '1.2.840.10045.3.0.11', // J.4.5, example 1 + 'c2tnb239v2' => '1.2.840.10045.3.0.12', // J.4.5, example 2 + 'c2tnb239v3' => '1.2.840.10045.3.0.13', // J.4.5, example 3 + 'c2onb239v4' => '1.2.840.10045.3.0.14', // J.4.5, example 4 + 'c2onb239v5' => '1.2.840.10045.3.0.15', // J.4.5, example 5 + 'c2pnb272w1' => '1.2.840.10045.3.0.16', // J.4.6, example 1 + 'c2pnb304w1' => '1.2.840.10045.3.0.17', // J.4.7, example 1 + 'c2tnb359v1' => '1.2.840.10045.3.0.18', // J.4.8, example 1 + 'c2pnb368w1' => '1.2.840.10045.3.0.19', // J.4.9, example 1 + 'c2tnb431r1' => '1.2.840.10045.3.0.20', // J.4.10, example 1 + */ + + // http://www.ecc-brainpool.org/download/Domain-parameters.pdf + // https://tools.ietf.org/html/rfc5639 + 'brainpoolP160r1' => '1.3.36.3.3.2.8.1.1.1', + 'brainpoolP160t1' => '1.3.36.3.3.2.8.1.1.2', + 'brainpoolP192r1' => '1.3.36.3.3.2.8.1.1.3', + 'brainpoolP192t1' => '1.3.36.3.3.2.8.1.1.4', + 'brainpoolP224r1' => '1.3.36.3.3.2.8.1.1.5', + 'brainpoolP224t1' => '1.3.36.3.3.2.8.1.1.6', + 'brainpoolP256r1' => '1.3.36.3.3.2.8.1.1.7', + 'brainpoolP256t1' => '1.3.36.3.3.2.8.1.1.8', + 'brainpoolP320r1' => '1.3.36.3.3.2.8.1.1.9', + 'brainpoolP320t1' => '1.3.36.3.3.2.8.1.1.10', + 'brainpoolP384r1' => '1.3.36.3.3.2.8.1.1.11', + 'brainpoolP384t1' => '1.3.36.3.3.2.8.1.1.12', + 'brainpoolP512r1' => '1.3.36.3.3.2.8.1.1.13', + 'brainpoolP512t1' => '1.3.36.3.3.2.8.1.1.14' + ]; + ASN1::loadOIDs([ + 'prime-field' => '1.2.840.10045.1.1', + 'characteristic-two-field' => '1.2.840.10045.1.2', + 'characteristic-two-basis' => '1.2.840.10045.1.2.3', + // per http://www.secg.org/SEC1-Ver-1.0.pdf#page=84, gnBasis "not used here" + 'gnBasis' => '1.2.840.10045.1.2.3.1', // NULL + 'tpBasis' => '1.2.840.10045.1.2.3.2', // Trinomial + 'ppBasis' => '1.2.840.10045.1.2.3.3' // Pentanomial + ] + self::$curveOIDs); + } + } + + /** + * Explicitly set the curve + * + * If the key contains an implicit curve phpseclib needs the curve + * to be explicitly provided + * + * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + */ + public static function setImplicitCurve(BaseCurve $curve) + { + self::$implicitCurve = $curve; + } + + /** + * Returns an instance of \phpseclib3\Crypt\EC\BaseCurves\Base based + * on the curve parameters + * + * @param array $params + * @return \phpseclib3\Crypt\EC\BaseCurves\Base|false + */ + protected static function loadCurveByParam(array $params) + { + if (count($params) > 1) { + throw new \RuntimeException('No parameters are present'); + } + if (isset($params['namedCurve'])) { + $curve = '\phpseclib3\Crypt\EC\Curves\\' . $params['namedCurve']; + if (!class_exists($curve)) { + throw new UnsupportedCurveException('Named Curve of ' . $params['namedCurve'] . ' is not supported'); + } + return new $curve(); + } + if (isset($params['implicitCurve'])) { + if (!isset(self::$implicitCurve)) { + throw new \RuntimeException('Implicit curves can be provided by calling setImplicitCurve'); + } + return self::$implicitCurve; + } + if (isset($params['specifiedCurve'])) { + $data = $params['specifiedCurve']; + switch ($data['fieldID']['fieldType']) { + case 'prime-field': + $curve = new PrimeCurve(); + $curve->setModulo($data['fieldID']['parameters']); + $curve->setCoefficients( + new BigInteger($data['curve']['a'], 256), + new BigInteger($data['curve']['b'], 256) + ); + $point = self::extractPoint("\0" . $data['base'], $curve); + $curve->setBasePoint(...$point); + $curve->setOrder($data['order']); + return $curve; + case 'characteristic-two-field': + $curve = new BinaryCurve(); + $params = ASN1::decodeBER($data['fieldID']['parameters']); + $params = ASN1::asn1map($params[0], Maps\Characteristic_two::MAP); + $modulo = [(int) $params['m']->toString()]; + switch ($params['basis']) { + case 'tpBasis': + $modulo[] = (int) $params['parameters']->toString(); + break; + case 'ppBasis': + $temp = ASN1::decodeBER($params['parameters']); + $temp = ASN1::asn1map($temp[0], Maps\Pentanomial::MAP); + $modulo[] = (int) $temp['k3']->toString(); + $modulo[] = (int) $temp['k2']->toString(); + $modulo[] = (int) $temp['k1']->toString(); + } + $modulo[] = 0; + $curve->setModulo(...$modulo); + $len = ceil($modulo[0] / 8); + $curve->setCoefficients( + Strings::bin2hex($data['curve']['a']), + Strings::bin2hex($data['curve']['b']) + ); + $point = self::extractPoint("\0" . $data['base'], $curve); + $curve->setBasePoint(...$point); + $curve->setOrder($data['order']); + return $curve; + default: + throw new UnsupportedCurveException('Field Type of ' . $data['fieldID']['fieldType'] . ' is not supported'); + } + } + throw new \RuntimeException('No valid parameters are present'); + } + + /** + * Extract points from a string + * + * Supports both compressed and uncompressed points + * + * @param string $str + * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + * @return object[] + */ + public static function extractPoint($str, BaseCurve $curve) + { + if ($curve instanceof TwistedEdwardsCurve) { + // first step of point deciding as discussed at the following URL's: + // https://tools.ietf.org/html/rfc8032#section-5.1.3 + // https://tools.ietf.org/html/rfc8032#section-5.2.3 + $y = $str; + $y = strrev($y); + $sign = (bool) (ord($y[0]) & 0x80); + $y[0] = $y[0] & chr(0x7F); + $y = new BigInteger($y, 256); + if ($y->compare($curve->getModulo()) >= 0) { + throw new \RuntimeException('The Y coordinate should not be >= the modulo'); + } + $point = $curve->recoverX($y, $sign); + if (!$curve->verifyPoint($point)) { + throw new \RuntimeException('Unable to verify that point exists on curve'); + } + return $point; + } + + // the first byte of a bit string represents the number of bits in the last byte that are to be ignored but, + // currently, bit strings wanting a non-zero amount of bits trimmed are not supported + if (($val = Strings::shift($str)) != "\0") { + throw new \UnexpectedValueException('extractPoint expects the first byte to be null - not ' . Strings::bin2hex($val)); + } + if ($str == "\0") { + return []; + } + + $keylen = strlen($str); + $order = $curve->getLengthInBytes(); + // point compression is being used + if ($keylen == $order + 1) { + return $curve->derivePoint($str); + } + + // point compression is not being used + if ($keylen == 2 * $order + 1) { + preg_match("#(.)(.{{$order}})(.{{$order}})#s", $str, $matches); + list(, $w, $x, $y) = $matches; + if ($w != "\4") { + throw new \UnexpectedValueException('The first byte of an uncompressed point should be 04 - not ' . Strings::bin2hex($val)); + } + $point = [ + $curve->convertInteger(new BigInteger($x, 256)), + $curve->convertInteger(new BigInteger($y, 256)) + ]; + + if (!$curve->verifyPoint($point)) { + throw new \RuntimeException('Unable to verify that point exists on curve'); + } + + return $point; + } + + throw new \UnexpectedValueException('The string representation of the points is not of an appropriate length'); + } + + /** + * Encode Parameters + * + * @todo Maybe at some point this could be moved to __toString() for each of the curves? + * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + * @param bool $returnArray optional + * @param array $options optional + * @return string|false + */ + private static function encodeParameters(BaseCurve $curve, $returnArray = false, array $options = []) + { + $useNamedCurves = isset($options['namedCurve']) ? $options['namedCurve'] : self::$useNamedCurves; + + $reflect = new \ReflectionClass($curve); + $name = $reflect->getShortName(); + if ($useNamedCurves) { + if (isset(self::$curveOIDs[$name])) { + if ($reflect->isFinal()) { + $reflect = $reflect->getParentClass(); + $name = $reflect->getShortName(); + } + return $returnArray ? + ['namedCurve' => $name] : + ASN1::encodeDER(['namedCurve' => $name], Maps\ECParameters::MAP); + } + foreach (new \DirectoryIterator(__DIR__ . '/../../Curves/') as $file) { + if ($file->getExtension() != 'php') { + continue; + } + $testName = $file->getBasename('.php'); + $class = 'phpseclib3\Crypt\EC\Curves\\' . $testName; + $reflect = new \ReflectionClass($class); + if ($reflect->isFinal()) { + continue; + } + $candidate = new $class(); + switch ($name) { + case 'Prime': + if (!$candidate instanceof PrimeCurve) { + break; + } + if (!$candidate->getModulo()->equals($curve->getModulo())) { + break; + } + if ($candidate->getA()->toBytes() != $curve->getA()->toBytes()) { + break; + } + if ($candidate->getB()->toBytes() != $curve->getB()->toBytes()) { + break; + } + + list($candidateX, $candidateY) = $candidate->getBasePoint(); + list($curveX, $curveY) = $curve->getBasePoint(); + if ($candidateX->toBytes() != $curveX->toBytes()) { + break; + } + if ($candidateY->toBytes() != $curveY->toBytes()) { + break; + } + + return $returnArray ? + ['namedCurve' => $testName] : + ASN1::encodeDER(['namedCurve' => $testName], Maps\ECParameters::MAP); + case 'Binary': + if (!$candidate instanceof BinaryCurve) { + break; + } + if ($candidate->getModulo() != $curve->getModulo()) { + break; + } + if ($candidate->getA()->toBytes() != $curve->getA()->toBytes()) { + break; + } + if ($candidate->getB()->toBytes() != $curve->getB()->toBytes()) { + break; + } + + list($candidateX, $candidateY) = $candidate->getBasePoint(); + list($curveX, $curveY) = $curve->getBasePoint(); + if ($candidateX->toBytes() != $curveX->toBytes()) { + break; + } + if ($candidateY->toBytes() != $curveY->toBytes()) { + break; + } + + return $returnArray ? + ['namedCurve' => $testName] : + ASN1::encodeDER(['namedCurve' => $testName], Maps\ECParameters::MAP); + } + } + } + + $order = $curve->getOrder(); + // we could try to calculate the order thusly: + // https://crypto.stackexchange.com/a/27914/4520 + // https://en.wikipedia.org/wiki/Schoof%E2%80%93Elkies%E2%80%93Atkin_algorithm + if (!$order) { + throw new \RuntimeException('Specified Curves need the order to be specified'); + } + $point = $curve->getBasePoint(); + $x = $point[0]->toBytes(); + $y = $point[1]->toBytes(); + + if ($curve instanceof PrimeCurve) { + /* + * valid versions are: + * + * ecdpVer1: + * - neither the curve or the base point are generated verifiably randomly. + * ecdpVer2: + * - curve and base point are generated verifiably at random and curve.seed is present + * ecdpVer3: + * - base point is generated verifiably at random but curve is not. curve.seed is present + */ + // other (optional) parameters can be calculated using the methods discused at + // https://crypto.stackexchange.com/q/28947/4520 + $data = [ + 'version' => 'ecdpVer1', + 'fieldID' => [ + 'fieldType' => 'prime-field', + 'parameters' => $curve->getModulo() + ], + 'curve' => [ + 'a' => $curve->getA()->toBytes(), + 'b' => $curve->getB()->toBytes() + ], + 'base' => "\4" . $x . $y, + 'order' => $order + ]; + + return $returnArray ? + ['specifiedCurve' => $data] : + ASN1::encodeDER(['specifiedCurve' => $data], Maps\ECParameters::MAP); + } + if ($curve instanceof BinaryCurve) { + $modulo = $curve->getModulo(); + $basis = count($modulo); + $m = array_shift($modulo); + array_pop($modulo); // the last parameter should always be 0 + //rsort($modulo); + switch ($basis) { + case 3: + $basis = 'tpBasis'; + $modulo = new BigInteger($modulo[0]); + break; + case 5: + $basis = 'ppBasis'; + // these should be in strictly ascending order (hence the commented out rsort above) + $modulo = [ + 'k1' => new BigInteger($modulo[2]), + 'k2' => new BigInteger($modulo[1]), + 'k3' => new BigInteger($modulo[0]) + ]; + $modulo = ASN1::encodeDER($modulo, Maps\Pentanomial::MAP); + $modulo = new ASN1\Element($modulo); + } + $params = ASN1::encodeDER([ + 'm' => new BigInteger($m), + 'basis' => $basis, + 'parameters' => $modulo + ], Maps\Characteristic_two::MAP); + $params = new ASN1\Element($params); + $a = ltrim($curve->getA()->toBytes(), "\0"); + if (!strlen($a)) { + $a = "\0"; + } + $b = ltrim($curve->getB()->toBytes(), "\0"); + if (!strlen($b)) { + $b = "\0"; + } + $data = [ + 'version' => 'ecdpVer1', + 'fieldID' => [ + 'fieldType' => 'characteristic-two-field', + 'parameters' => $params + ], + 'curve' => [ + 'a' => $a, + 'b' => $b + ], + 'base' => "\4" . $x . $y, + 'order' => $order + ]; + + return $returnArray ? + ['specifiedCurve' => $data] : + ASN1::encodeDER(['specifiedCurve' => $data], Maps\ECParameters::MAP); + } + + throw new UnsupportedCurveException('Curve cannot be serialized'); + } + + /** + * Use Specified Curve + * + * A specified curve has all the coefficients, the base points, etc, explicitely included. + * A specified curve is a more verbose way of representing a curve + */ + public static function useSpecifiedCurve() + { + self::$useNamedCurves = false; + } + + /** + * Use Named Curve + * + * A named curve does not include any parameters. It is up to the EC parameters to + * know what the coefficients, the base points, etc, are from the name of the curve. + * A named curve is a more concise way of representing a curve + */ + public static function useNamedCurve() + { + self::$useNamedCurves = true; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/JWK.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/JWK.php new file mode 100644 index 0000000..fd18a98 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/JWK.php @@ -0,0 +1,189 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\EC\Formats\Keys; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\Common\Formats\Keys\JWK as Progenitor; +use phpseclib3\Crypt\EC\BaseCurves\Base as BaseCurve; +use phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards as TwistedEdwardsCurve; +use phpseclib3\Crypt\EC\Curves\Ed25519; +use phpseclib3\Crypt\EC\Curves\secp256k1; +use phpseclib3\Crypt\EC\Curves\secp256r1; +use phpseclib3\Crypt\EC\Curves\secp384r1; +use phpseclib3\Crypt\EC\Curves\secp521r1; +use phpseclib3\Exception\UnsupportedCurveException; +use phpseclib3\Math\BigInteger; + +/** + * JWK Formatted EC Handler + * + * @author Jim Wigginton + */ +abstract class JWK extends Progenitor +{ + use Common; + + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password optional + * @return array + */ + public static function load($key, $password = '') + { + $key = parent::load($key, $password); + + switch ($key->kty) { + case 'EC': + switch ($key->crv) { + case 'P-256': + case 'P-384': + case 'P-521': + case 'secp256k1': + break; + default: + throw new UnsupportedCurveException('Only P-256, P-384, P-521 and secp256k1 curves are accepted (' . $key->crv . ' provided)'); + } + break; + case 'OKP': + switch ($key->crv) { + case 'Ed25519': + case 'Ed448': + break; + default: + throw new UnsupportedCurveException('Only Ed25519 and Ed448 curves are accepted (' . $key->crv . ' provided)'); + } + break; + default: + throw new \Exception('Only EC and OKP JWK keys are supported'); + } + + $curve = '\phpseclib3\Crypt\EC\Curves\\' . str_replace('P-', 'nistp', $key->crv); + $curve = new $curve(); + + if ($curve instanceof TwistedEdwardsCurve) { + $QA = self::extractPoint(Strings::base64url_decode($key->x), $curve); + if (!isset($key->d)) { + return compact('curve', 'QA'); + } + $arr = $curve->extractSecret(Strings::base64url_decode($key->d)); + return compact('curve', 'QA') + $arr; + } + + $QA = [ + $curve->convertInteger(new BigInteger(Strings::base64url_decode($key->x), 256)), + $curve->convertInteger(new BigInteger(Strings::base64url_decode($key->y), 256)) + ]; + + if (!$curve->verifyPoint($QA)) { + throw new \RuntimeException('Unable to verify that point exists on curve'); + } + + if (!isset($key->d)) { + return compact('curve', 'QA'); + } + + $dA = new BigInteger(Strings::base64url_decode($key->d), 256); + + $curve->rangeCheck($dA); + + return compact('curve', 'dA', 'QA'); + } + + /** + * Returns the alias that corresponds to a curve + * + * @return string + */ + private static function getAlias(BaseCurve $curve) + { + switch (true) { + case $curve instanceof secp256r1: + return 'P-256'; + case $curve instanceof secp384r1: + return 'P-384'; + case $curve instanceof secp521r1: + return 'P-521'; + case $curve instanceof secp256k1: + return 'secp256k1'; + } + + $reflect = new \ReflectionClass($curve); + $curveName = $reflect->isFinal() ? + $reflect->getParentClass()->getShortName() : + $reflect->getShortName(); + throw new UnsupportedCurveException("$curveName is not a supported curve"); + } + + /** + * Return the array superstructure for an EC public key + * + * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey + * @return array + */ + private static function savePublicKeyHelper(BaseCurve $curve, array $publicKey) + { + if ($curve instanceof TwistedEdwardsCurve) { + return [ + 'kty' => 'OKP', + 'crv' => $curve instanceof Ed25519 ? 'Ed25519' : 'Ed448', + 'x' => Strings::base64url_encode($curve->encodePoint($publicKey)) + ]; + } + + return [ + 'kty' => 'EC', + 'crv' => self::getAlias($curve), + 'x' => Strings::base64url_encode($publicKey[0]->toBytes()), + 'y' => Strings::base64url_encode($publicKey[1]->toBytes()) + ]; + } + + /** + * Convert an EC public key to the appropriate format + * + * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey + * @param array $options optional + * @return string + */ + public static function savePublicKey(BaseCurve $curve, array $publicKey, array $options = []) + { + $key = self::savePublicKeyHelper($curve, $publicKey); + + return self::wrapKey($key, $options); + } + + /** + * Convert a private key to the appropriate format. + * + * @param \phpseclib3\Math\BigInteger $privateKey + * @param \phpseclib3\Crypt\EC\Curves\Ed25519 $curve + * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey + * @param string $secret optional + * @param string $password optional + * @param array $options optional + * @return string + */ + public static function savePrivateKey(BigInteger $privateKey, BaseCurve $curve, array $publicKey, $secret = null, $password = '', array $options = []) + { + $key = self::savePublicKeyHelper($curve, $publicKey); + $key['d'] = $curve instanceof TwistedEdwardsCurve ? $secret : $privateKey->toBytes(); + $key['d'] = Strings::base64url_encode($key['d']); + + return self::wrapKey($key, $options); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPrivate.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPrivate.php new file mode 100644 index 0000000..5741b05 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPrivate.php @@ -0,0 +1,101 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\EC\Formats\Keys; + +use phpseclib3\Crypt\EC\BaseCurves\Montgomery as MontgomeryCurve; +use phpseclib3\Crypt\EC\Curves\Curve25519; +use phpseclib3\Crypt\EC\Curves\Curve448; +use phpseclib3\Exception\UnsupportedFormatException; +use phpseclib3\Math\BigInteger; + +/** + * Montgomery Curve Private Key Handler + * + * @author Jim Wigginton + */ +abstract class MontgomeryPrivate +{ + /** + * Is invisible flag + * + */ + const IS_INVISIBLE = true; + + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password optional + * @return array + */ + public static function load($key, $password = '') + { + switch (strlen($key)) { + case 32: + $curve = new Curve25519(); + break; + case 56: + $curve = new Curve448(); + break; + default: + throw new \LengthException('The only supported lengths are 32 and 56'); + } + + $components = ['curve' => $curve]; + $components['dA'] = new BigInteger($key, 256); + $curve->rangeCheck($components['dA']); + // note that EC::getEncodedCoordinates does some additional "magic" (it does strrev on the result) + $components['QA'] = $components['curve']->multiplyPoint($components['curve']->getBasePoint(), $components['dA']); + + return $components; + } + + /** + * Convert an EC public key to the appropriate format + * + * @param \phpseclib3\Crypt\EC\BaseCurves\Montgomery $curve + * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey + * @return string + */ + public static function savePublicKey(MontgomeryCurve $curve, array $publicKey) + { + return strrev($publicKey[0]->toBytes()); + } + + /** + * Convert a private key to the appropriate format. + * + * @param \phpseclib3\Math\BigInteger $privateKey + * @param \phpseclib3\Crypt\EC\BaseCurves\Montgomery $curve + * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey + * @param string $secret optional + * @param string $password optional + * @return string + */ + public static function savePrivateKey(BigInteger $privateKey, MontgomeryCurve $curve, array $publicKey, $secret = null, $password = '') + { + if (!empty($password) && is_string($password)) { + throw new UnsupportedFormatException('MontgomeryPrivate private keys do not support encryption'); + } + + return $privateKey->toBytes(); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPublic.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPublic.php new file mode 100644 index 0000000..d1ad48a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPublic.php @@ -0,0 +1,71 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\EC\Formats\Keys; + +use phpseclib3\Crypt\EC\BaseCurves\Montgomery as MontgomeryCurve; +use phpseclib3\Crypt\EC\Curves\Curve25519; +use phpseclib3\Crypt\EC\Curves\Curve448; +use phpseclib3\Math\BigInteger; + +/** + * Montgomery Public Key Handler + * + * @author Jim Wigginton + */ +abstract class MontgomeryPublic +{ + /** + * Is invisible flag + * + */ + const IS_INVISIBLE = true; + + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password optional + * @return array + */ + public static function load($key, $password = '') + { + switch (strlen($key)) { + case 32: + $curve = new Curve25519(); + break; + case 56: + $curve = new Curve448(); + break; + default: + throw new \LengthException('The only supported lengths are 32 and 56'); + } + + $components = ['curve' => $curve]; + $components['QA'] = [$components['curve']->convertInteger(new BigInteger(strrev($key), 256))]; + + return $components; + } + + /** + * Convert an EC public key to the appropriate format + * + * @param \phpseclib3\Crypt\EC\BaseCurves\Montgomery $curve + * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey + * @return string + */ + public static function savePublicKey(MontgomeryCurve $curve, array $publicKey) + { + return strrev($publicKey[0]->toBytes()); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/OpenSSH.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/OpenSSH.php new file mode 100644 index 0000000..2cd3e19 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/OpenSSH.php @@ -0,0 +1,209 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\EC\Formats\Keys; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\Common\Formats\Keys\OpenSSH as Progenitor; +use phpseclib3\Crypt\EC\BaseCurves\Base as BaseCurve; +use phpseclib3\Crypt\EC\Curves\Ed25519; +use phpseclib3\Exception\UnsupportedCurveException; +use phpseclib3\Math\BigInteger; + +/** + * OpenSSH Formatted EC Key Handler + * + * @author Jim Wigginton + */ +abstract class OpenSSH extends Progenitor +{ + use Common; + + /** + * Supported Key Types + * + * @var array + */ + protected static $types = [ + 'ecdsa-sha2-nistp256', + 'ecdsa-sha2-nistp384', + 'ecdsa-sha2-nistp521', + 'ssh-ed25519' + ]; + + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password optional + * @return array + */ + public static function load($key, $password = '') + { + $parsed = parent::load($key, $password); + + if (isset($parsed['paddedKey'])) { + $paddedKey = $parsed['paddedKey']; + list($type) = Strings::unpackSSH2('s', $paddedKey); + if ($type != $parsed['type']) { + throw new \RuntimeException("The public and private keys are not of the same type ($type vs $parsed[type])"); + } + if ($type == 'ssh-ed25519') { + list(, $key, $comment) = Strings::unpackSSH2('sss', $paddedKey); + $key = libsodium::load($key); + $key['comment'] = $comment; + return $key; + } + list($curveName, $publicKey, $privateKey, $comment) = Strings::unpackSSH2('ssis', $paddedKey); + $curve = self::loadCurveByParam(['namedCurve' => $curveName]); + $curve->rangeCheck($privateKey); + return [ + 'curve' => $curve, + 'dA' => $privateKey, + 'QA' => self::extractPoint("\0$publicKey", $curve), + 'comment' => $comment + ]; + } + + if ($parsed['type'] == 'ssh-ed25519') { + if (Strings::shift($parsed['publicKey'], 4) != "\0\0\0\x20") { + throw new \RuntimeException('Length of ssh-ed25519 key should be 32'); + } + + $curve = new Ed25519(); + $qa = self::extractPoint($parsed['publicKey'], $curve); + } else { + list($curveName, $publicKey) = Strings::unpackSSH2('ss', $parsed['publicKey']); + $curveName = '\phpseclib3\Crypt\EC\Curves\\' . $curveName; + $curve = new $curveName(); + + $qa = self::extractPoint("\0" . $publicKey, $curve); + } + + return [ + 'curve' => $curve, + 'QA' => $qa, + 'comment' => $parsed['comment'] + ]; + } + + /** + * Returns the alias that corresponds to a curve + * + * @return string + */ + private static function getAlias(BaseCurve $curve) + { + self::initialize_static_variables(); + + $reflect = new \ReflectionClass($curve); + $name = $reflect->getShortName(); + + $oid = self::$curveOIDs[$name]; + $aliases = array_filter(self::$curveOIDs, function ($v) use ($oid) { + return $v == $oid; + }); + $aliases = array_keys($aliases); + + for ($i = 0; $i < count($aliases); $i++) { + if (in_array('ecdsa-sha2-' . $aliases[$i], self::$types)) { + $alias = $aliases[$i]; + break; + } + } + + if (!isset($alias)) { + throw new UnsupportedCurveException($name . ' is not a curve that the OpenSSH plugin supports'); + } + + return $alias; + } + + /** + * Convert an EC public key to the appropriate format + * + * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey + * @param array $options optional + * @return string + */ + public static function savePublicKey(BaseCurve $curve, array $publicKey, array $options = []) + { + $comment = isset($options['comment']) ? $options['comment'] : self::$comment; + + if ($curve instanceof Ed25519) { + $key = Strings::packSSH2('ss', 'ssh-ed25519', $curve->encodePoint($publicKey)); + + if (isset($options['binary']) ? $options['binary'] : self::$binary) { + return $key; + } + + $key = 'ssh-ed25519 ' . base64_encode($key) . ' ' . $comment; + return $key; + } + + $alias = self::getAlias($curve); + + $points = "\4" . $publicKey[0]->toBytes() . $publicKey[1]->toBytes(); + $key = Strings::packSSH2('sss', 'ecdsa-sha2-' . $alias, $alias, $points); + + if (isset($options['binary']) ? $options['binary'] : self::$binary) { + return $key; + } + + $key = 'ecdsa-sha2-' . $alias . ' ' . base64_encode($key) . ' ' . $comment; + + return $key; + } + + /** + * Convert a private key to the appropriate format. + * + * @param \phpseclib3\Math\BigInteger $privateKey + * @param \phpseclib3\Crypt\EC\Curves\Ed25519 $curve + * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey + * @param string $secret optional + * @param string $password optional + * @param array $options optional + * @return string + */ + public static function savePrivateKey(BigInteger $privateKey, BaseCurve $curve, array $publicKey, $secret = null, $password = '', array $options = []) + { + if ($curve instanceof Ed25519) { + if (!isset($secret)) { + throw new \RuntimeException('Private Key does not have a secret set'); + } + if (strlen($secret) != 32) { + throw new \RuntimeException('Private Key secret is not of the correct length'); + } + + $pubKey = $curve->encodePoint($publicKey); + + $publicKey = Strings::packSSH2('ss', 'ssh-ed25519', $pubKey); + $privateKey = Strings::packSSH2('sss', 'ssh-ed25519', $pubKey, $secret . $pubKey); + + return self::wrapPrivateKey($publicKey, $privateKey, $password, $options); + } + + $alias = self::getAlias($curve); + + $points = "\4" . $publicKey[0]->toBytes() . $publicKey[1]->toBytes(); + $publicKey = self::savePublicKey($curve, $publicKey, ['binary' => true]); + + $privateKey = Strings::packSSH2('sssi', 'ecdsa-sha2-' . $alias, $alias, $points, $privateKey); + + return self::wrapPrivateKey($publicKey, $privateKey, $password, $options); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS1.php new file mode 100644 index 0000000..9f4b330 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS1.php @@ -0,0 +1,194 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\EC\Formats\Keys; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\Common\Formats\Keys\PKCS1 as Progenitor; +use phpseclib3\Crypt\EC\BaseCurves\Base as BaseCurve; +use phpseclib3\Crypt\EC\BaseCurves\Montgomery as MontgomeryCurve; +use phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards as TwistedEdwardsCurve; +use phpseclib3\Exception\UnsupportedCurveException; +use phpseclib3\File\ASN1; +use phpseclib3\File\ASN1\Maps; +use phpseclib3\Math\BigInteger; + +/** + * "PKCS1" (RFC5915) Formatted EC Key Handler + * + * @author Jim Wigginton + */ +abstract class PKCS1 extends Progenitor +{ + use Common; + + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password optional + * @return array + */ + public static function load($key, $password = '') + { + self::initialize_static_variables(); + + if (!Strings::is_stringable($key)) { + throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); + } + + if (strpos($key, 'BEGIN EC PARAMETERS') && strpos($key, 'BEGIN EC PRIVATE KEY')) { + $components = []; + + preg_match('#-*BEGIN EC PRIVATE KEY-*[^-]*-*END EC PRIVATE KEY-*#s', $key, $matches); + $decoded = parent::load($matches[0], $password); + $decoded = ASN1::decodeBER($decoded); + if (!$decoded) { + throw new \RuntimeException('Unable to decode BER'); + } + + $ecPrivate = ASN1::asn1map($decoded[0], Maps\ECPrivateKey::MAP); + if (!is_array($ecPrivate)) { + throw new \RuntimeException('Unable to perform ASN1 mapping'); + } + + if (isset($ecPrivate['parameters'])) { + $components['curve'] = self::loadCurveByParam($ecPrivate['parameters']); + } + + preg_match('#-*BEGIN EC PARAMETERS-*[^-]*-*END EC PARAMETERS-*#s', $key, $matches); + $decoded = parent::load($matches[0], ''); + $decoded = ASN1::decodeBER($decoded); + if (!$decoded) { + throw new \RuntimeException('Unable to decode BER'); + } + $ecParams = ASN1::asn1map($decoded[0], Maps\ECParameters::MAP); + if (!is_array($ecParams)) { + throw new \RuntimeException('Unable to perform ASN1 mapping'); + } + $ecParams = self::loadCurveByParam($ecParams); + + // comparing $ecParams and $components['curve'] directly won't work because they'll have different Math\Common\FiniteField classes + // even if the modulo is the same + if (isset($components['curve']) && self::encodeParameters($ecParams, false, []) != self::encodeParameters($components['curve'], false, [])) { + throw new \RuntimeException('EC PARAMETERS does not correspond to EC PRIVATE KEY'); + } + + if (!isset($components['curve'])) { + $components['curve'] = $ecParams; + } + + $components['dA'] = new BigInteger($ecPrivate['privateKey'], 256); + $components['curve']->rangeCheck($components['dA']); + $components['QA'] = isset($ecPrivate['publicKey']) ? + self::extractPoint($ecPrivate['publicKey'], $components['curve']) : + $components['curve']->multiplyPoint($components['curve']->getBasePoint(), $components['dA']); + + return $components; + } + + $key = parent::load($key, $password); + + $decoded = ASN1::decodeBER($key); + if (!$decoded) { + throw new \RuntimeException('Unable to decode BER'); + } + + $key = ASN1::asn1map($decoded[0], Maps\ECParameters::MAP); + if (is_array($key)) { + return ['curve' => self::loadCurveByParam($key)]; + } + + $key = ASN1::asn1map($decoded[0], Maps\ECPrivateKey::MAP); + if (!is_array($key)) { + throw new \RuntimeException('Unable to perform ASN1 mapping'); + } + if (!isset($key['parameters'])) { + throw new \RuntimeException('Key cannot be loaded without parameters'); + } + + $components = []; + $components['curve'] = self::loadCurveByParam($key['parameters']); + $components['dA'] = new BigInteger($key['privateKey'], 256); + $components['QA'] = isset($ecPrivate['publicKey']) ? + self::extractPoint($ecPrivate['publicKey'], $components['curve']) : + $components['curve']->multiplyPoint($components['curve']->getBasePoint(), $components['dA']); + + return $components; + } + + /** + * Convert EC parameters to the appropriate format + * + * @return string + */ + public static function saveParameters(BaseCurve $curve, array $options = []) + { + self::initialize_static_variables(); + + if ($curve instanceof TwistedEdwardsCurve || $curve instanceof MontgomeryCurve) { + throw new UnsupportedCurveException('TwistedEdwards and Montgomery Curves are not supported'); + } + + $key = self::encodeParameters($curve, false, $options); + + return "-----BEGIN EC PARAMETERS-----\r\n" . + chunk_split(Strings::base64_encode($key), 64) . + "-----END EC PARAMETERS-----\r\n"; + } + + /** + * Convert a private key to the appropriate format. + * + * @param \phpseclib3\Math\BigInteger $privateKey + * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey + * @param string $secret optional + * @param string $password optional + * @param array $options optional + * @return string + */ + public static function savePrivateKey(BigInteger $privateKey, BaseCurve $curve, array $publicKey, $secret = null, $password = '', array $options = []) + { + self::initialize_static_variables(); + + if ($curve instanceof TwistedEdwardsCurve || $curve instanceof MontgomeryCurve) { + throw new UnsupportedCurveException('TwistedEdwards Curves are not supported'); + } + + $publicKey = "\4" . $publicKey[0]->toBytes() . $publicKey[1]->toBytes(); + + $key = [ + 'version' => 'ecPrivkeyVer1', + 'privateKey' => $privateKey->toBytes(), + 'parameters' => new ASN1\Element(self::encodeParameters($curve)), + 'publicKey' => "\0" . $publicKey + ]; + + $key = ASN1::encodeDER($key, Maps\ECPrivateKey::MAP); + + return self::wrapPrivateKey($key, 'EC', $password, $options); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS8.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS8.php new file mode 100644 index 0000000..0ec7742 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS8.php @@ -0,0 +1,234 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\EC\Formats\Keys; + +use phpseclib3\Crypt\Common\Formats\Keys\PKCS8 as Progenitor; +use phpseclib3\Crypt\EC\BaseCurves\Base as BaseCurve; +use phpseclib3\Crypt\EC\BaseCurves\Montgomery as MontgomeryCurve; +use phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards as TwistedEdwardsCurve; +use phpseclib3\Crypt\EC\Curves\Ed25519; +use phpseclib3\Crypt\EC\Curves\Ed448; +use phpseclib3\Exception\UnsupportedCurveException; +use phpseclib3\File\ASN1; +use phpseclib3\File\ASN1\Maps; +use phpseclib3\Math\BigInteger; + +/** + * PKCS#8 Formatted EC Key Handler + * + * @author Jim Wigginton + */ +abstract class PKCS8 extends Progenitor +{ + use Common; + + /** + * OID Name + * + * @var array + */ + const OID_NAME = ['id-ecPublicKey', 'id-Ed25519', 'id-Ed448']; + + /** + * OID Value + * + * @var string + */ + const OID_VALUE = ['1.2.840.10045.2.1', '1.3.101.112', '1.3.101.113']; + + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password optional + * @return array + */ + public static function load($key, $password = '') + { + // initialize_static_variables() is defined in both the trait and the parent class + // when it's defined in two places it's the traits one that's called + // the parent one is needed, as well, but the parent one is called by other methods + // in the parent class as needed and in the context of the parent it's the parent + // one that's called + self::initialize_static_variables(); + + $key = parent::load($key, $password); + + $type = isset($key['privateKey']) ? 'privateKey' : 'publicKey'; + + switch ($key[$type . 'Algorithm']['algorithm']) { + case 'id-Ed25519': + case 'id-Ed448': + return self::loadEdDSA($key); + } + + $decoded = ASN1::decodeBER($key[$type . 'Algorithm']['parameters']->element); + if (!$decoded) { + throw new \RuntimeException('Unable to decode BER'); + } + $params = ASN1::asn1map($decoded[0], Maps\ECParameters::MAP); + if (!$params) { + throw new \RuntimeException('Unable to decode the parameters using Maps\ECParameters'); + } + + $components = []; + $components['curve'] = self::loadCurveByParam($params); + + if ($type == 'publicKey') { + $components['QA'] = self::extractPoint("\0" . $key['publicKey'], $components['curve']); + + return $components; + } + + $decoded = ASN1::decodeBER($key['privateKey']); + if (!$decoded) { + throw new \RuntimeException('Unable to decode BER'); + } + $key = ASN1::asn1map($decoded[0], Maps\ECPrivateKey::MAP); + if (isset($key['parameters']) && $params != $key['parameters']) { + throw new \RuntimeException('The PKCS8 parameter field does not match the private key parameter field'); + } + + $components['dA'] = new BigInteger($key['privateKey'], 256); + $components['curve']->rangeCheck($components['dA']); + $components['QA'] = isset($key['publicKey']) ? + self::extractPoint($key['publicKey'], $components['curve']) : + $components['curve']->multiplyPoint($components['curve']->getBasePoint(), $components['dA']); + + return $components; + } + + /** + * Break a public or private EdDSA key down into its constituent components + * + * @return array + */ + private static function loadEdDSA(array $key) + { + $components = []; + + if (isset($key['privateKey'])) { + $components['curve'] = $key['privateKeyAlgorithm']['algorithm'] == 'id-Ed25519' ? new Ed25519() : new Ed448(); + + // 0x04 == octet string + // 0x20 == length (32 bytes) + if (substr($key['privateKey'], 0, 2) != "\x04\x20") { + throw new \RuntimeException('The first two bytes of the private key field should be 0x0420'); + } + $arr = $components['curve']->extractSecret(substr($key['privateKey'], 2)); + $components['dA'] = $arr['dA']; + $components['secret'] = $arr['secret']; + } + + if (isset($key['publicKey'])) { + if (!isset($components['curve'])) { + $components['curve'] = $key['publicKeyAlgorithm']['algorithm'] == 'id-Ed25519' ? new Ed25519() : new Ed448(); + } + + $components['QA'] = self::extractPoint($key['publicKey'], $components['curve']); + } + + if (isset($key['privateKey']) && !isset($components['QA'])) { + $components['QA'] = $components['curve']->multiplyPoint($components['curve']->getBasePoint(), $components['dA']); + } + + return $components; + } + + /** + * Convert an EC public key to the appropriate format + * + * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey + * @param array $options optional + * @return string + */ + public static function savePublicKey(BaseCurve $curve, array $publicKey, array $options = []) + { + self::initialize_static_variables(); + + if ($curve instanceof MontgomeryCurve) { + throw new UnsupportedCurveException('Montgomery Curves are not supported'); + } + + if ($curve instanceof TwistedEdwardsCurve) { + return self::wrapPublicKey( + $curve->encodePoint($publicKey), + null, + $curve instanceof Ed25519 ? 'id-Ed25519' : 'id-Ed448' + ); + } + + $params = new ASN1\Element(self::encodeParameters($curve, false, $options)); + + $key = "\4" . $publicKey[0]->toBytes() . $publicKey[1]->toBytes(); + + return self::wrapPublicKey($key, $params, 'id-ecPublicKey'); + } + + /** + * Convert a private key to the appropriate format. + * + * @param \phpseclib3\Math\BigInteger $privateKey + * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey + * @param string $secret optional + * @param string $password optional + * @param array $options optional + * @return string + */ + public static function savePrivateKey(BigInteger $privateKey, BaseCurve $curve, array $publicKey, $secret = null, $password = '', array $options = []) + { + self::initialize_static_variables(); + + if ($curve instanceof MontgomeryCurve) { + throw new UnsupportedCurveException('Montgomery Curves are not supported'); + } + + if ($curve instanceof TwistedEdwardsCurve) { + return self::wrapPrivateKey( + "\x04\x20" . $secret, + [], + null, + $password, + $curve instanceof Ed25519 ? 'id-Ed25519' : 'id-Ed448' + ); + } + + $publicKey = "\4" . $publicKey[0]->toBytes() . $publicKey[1]->toBytes(); + + $params = new ASN1\Element(self::encodeParameters($curve, false, $options)); + + $key = [ + 'version' => 'ecPrivkeyVer1', + 'privateKey' => $privateKey->toBytes(), + //'parameters' => $params, + 'publicKey' => "\0" . $publicKey + ]; + + $key = ASN1::encodeDER($key, Maps\ECPrivateKey::MAP); + + return self::wrapPrivateKey($key, [], $params, $password, 'id-ecPublicKey', '', $options); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PuTTY.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PuTTY.php new file mode 100644 index 0000000..866c883 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PuTTY.php @@ -0,0 +1,138 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\EC\Formats\Keys; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\Common\Formats\Keys\PuTTY as Progenitor; +use phpseclib3\Crypt\EC\BaseCurves\Base as BaseCurve; +use phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards as TwistedEdwardsCurve; +use phpseclib3\Math\BigInteger; + +/** + * PuTTY Formatted EC Key Handler + * + * @author Jim Wigginton + */ +abstract class PuTTY extends Progenitor +{ + use Common; + + /** + * Public Handler + * + * @var string + */ + const PUBLIC_HANDLER = 'phpseclib3\Crypt\EC\Formats\Keys\OpenSSH'; + + /** + * Supported Key Types + * + * @var array + */ + protected static $types = [ + 'ecdsa-sha2-nistp256', + 'ecdsa-sha2-nistp384', + 'ecdsa-sha2-nistp521', + 'ssh-ed25519' + ]; + + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password optional + * @return array + */ + public static function load($key, $password = '') + { + $components = parent::load($key, $password); + if (!isset($components['private'])) { + return $components; + } + + $private = $components['private']; + + $temp = Strings::base64_encode(Strings::packSSH2('s', $components['type']) . $components['public']); + $components = OpenSSH::load($components['type'] . ' ' . $temp . ' ' . $components['comment']); + + if ($components['curve'] instanceof TwistedEdwardsCurve) { + if (Strings::shift($private, 4) != "\0\0\0\x20") { + throw new \RuntimeException('Length of ssh-ed25519 key should be 32'); + } + $arr = $components['curve']->extractSecret($private); + $components['dA'] = $arr['dA']; + $components['secret'] = $arr['secret']; + } else { + list($components['dA']) = Strings::unpackSSH2('i', $private); + $components['curve']->rangeCheck($components['dA']); + } + + return $components; + } + + /** + * Convert a private key to the appropriate format. + * + * @param \phpseclib3\Math\BigInteger $privateKey + * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey + * @param string $secret optional + * @param string $password optional + * @param array $options optional + * @return string + */ + public static function savePrivateKey(BigInteger $privateKey, BaseCurve $curve, array $publicKey, $secret = null, $password = false, array $options = []) + { + self::initialize_static_variables(); + + $public = explode(' ', OpenSSH::savePublicKey($curve, $publicKey)); + $name = $public[0]; + $public = Strings::base64_decode($public[1]); + list(, $length) = unpack('N', Strings::shift($public, 4)); + Strings::shift($public, $length); + + // PuTTY pads private keys with a null byte per the following: + // https://github.com/github/putty/blob/a3d14d77f566a41fc61dfdc5c2e0e384c9e6ae8b/sshecc.c#L1926 + if (!$curve instanceof TwistedEdwardsCurve) { + $private = $privateKey->toBytes(); + if (!(strlen($privateKey->toBits()) & 7)) { + $private = "\0$private"; + } + } + + $private = $curve instanceof TwistedEdwardsCurve ? + Strings::packSSH2('s', $secret) : + Strings::packSSH2('s', $private); + + return self::wrapPrivateKey($public, $private, $name, $password, $options); + } + + /** + * Convert an EC public key to the appropriate format + * + * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + * @param \phpseclib3\Math\Common\FiniteField[] $publicKey + * @return string + */ + public static function savePublicKey(BaseCurve $curve, array $publicKey) + { + $public = explode(' ', OpenSSH::savePublicKey($curve, $publicKey)); + $type = $public[0]; + $public = Strings::base64_decode($public[1]); + list(, $length) = unpack('N', Strings::shift($public, 4)); + Strings::shift($public, $length); + + return self::wrapPublicKey($public, $type); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/XML.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/XML.php new file mode 100644 index 0000000..27d9218 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/XML.php @@ -0,0 +1,485 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\EC\Formats\Keys; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\EC\BaseCurves\Base as BaseCurve; +use phpseclib3\Crypt\EC\BaseCurves\Montgomery as MontgomeryCurve; +use phpseclib3\Crypt\EC\BaseCurves\Prime as PrimeCurve; +use phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards as TwistedEdwardsCurve; +use phpseclib3\Exception\BadConfigurationException; +use phpseclib3\Exception\UnsupportedCurveException; +use phpseclib3\Math\BigInteger; + +/** + * XML Formatted EC Key Handler + * + * @author Jim Wigginton + */ +abstract class XML +{ + use Common; + + /** + * Default namespace + * + * @var string + */ + private static $namespace; + + /** + * Flag for using RFC4050 syntax + * + * @var bool + */ + private static $rfc4050 = false; + + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password optional + * @return array + */ + public static function load($key, $password = '') + { + self::initialize_static_variables(); + + if (!Strings::is_stringable($key)) { + throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); + } + + if (!class_exists('DOMDocument')) { + throw new BadConfigurationException('The dom extension is not setup correctly on this system'); + } + + $use_errors = libxml_use_internal_errors(true); + + $temp = self::isolateNamespace($key, 'http://www.w3.org/2009/xmldsig11#'); + if ($temp) { + $key = $temp; + } + + $temp = self::isolateNamespace($key, 'http://www.w3.org/2001/04/xmldsig-more#'); + if ($temp) { + $key = $temp; + } + + $dom = new \DOMDocument(); + if (substr($key, 0, 5) != '' . $key . ''; + } + + if (!$dom->loadXML($key)) { + libxml_use_internal_errors($use_errors); + throw new \UnexpectedValueException('Key does not appear to contain XML'); + } + $xpath = new \DOMXPath($dom); + libxml_use_internal_errors($use_errors); + $curve = self::loadCurveByParam($xpath); + + $pubkey = self::query($xpath, 'publickey', 'Public Key is not present'); + + $QA = self::query($xpath, 'ecdsakeyvalue')->length ? + self::extractPointRFC4050($xpath, $curve) : + self::extractPoint("\0" . $pubkey, $curve); + + libxml_use_internal_errors($use_errors); + + return compact('curve', 'QA'); + } + + /** + * Case-insensitive xpath query + * + * @param \DOMXPath $xpath + * @param string $name + * @param string $error optional + * @param bool $decode optional + * @return \DOMNodeList + */ + private static function query(\DOMXPath $xpath, $name, $error = null, $decode = true) + { + $query = '/'; + $names = explode('/', $name); + foreach ($names as $name) { + $query .= "/*[translate(local-name(), 'ABCDEFGHIJKLMNOPQRSTUVWXYZ','abcdefghijklmnopqrstuvwxyz')='$name']"; + } + $result = $xpath->query($query); + if (!isset($error)) { + return $result; + } + + if (!$result->length) { + throw new \RuntimeException($error); + } + return $decode ? self::decodeValue($result->item(0)->textContent) : $result->item(0)->textContent; + } + + /** + * Finds the first element in the relevant namespace, strips the namespacing and returns the XML for that element. + * + * @param string $xml + * @param string $ns + */ + private static function isolateNamespace($xml, $ns) + { + $dom = new \DOMDocument(); + if (!$dom->loadXML($xml)) { + return false; + } + $xpath = new \DOMXPath($dom); + $nodes = $xpath->query("//*[namespace::*[.='$ns'] and not(../namespace::*[.='$ns'])]"); + if (!$nodes->length) { + return false; + } + $node = $nodes->item(0); + $ns_name = $node->lookupPrefix($ns); + if ($ns_name) { + $node->removeAttributeNS($ns, $ns_name); + } + return $dom->saveXML($node); + } + + /** + * Decodes the value + * + * @param string $value + */ + private static function decodeValue($value) + { + return Strings::base64_decode(str_replace(["\r", "\n", ' ', "\t"], '', $value)); + } + + /** + * Extract points from an XML document + * + * @param \DOMXPath $xpath + * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + * @return object[] + */ + private static function extractPointRFC4050(\DOMXPath $xpath, BaseCurve $curve) + { + $x = self::query($xpath, 'publickey/x'); + $y = self::query($xpath, 'publickey/y'); + if (!$x->length || !$x->item(0)->hasAttribute('Value')) { + throw new \RuntimeException('Public Key / X coordinate not found'); + } + if (!$y->length || !$y->item(0)->hasAttribute('Value')) { + throw new \RuntimeException('Public Key / Y coordinate not found'); + } + $point = [ + $curve->convertInteger(new BigInteger($x->item(0)->getAttribute('Value'))), + $curve->convertInteger(new BigInteger($y->item(0)->getAttribute('Value'))) + ]; + if (!$curve->verifyPoint($point)) { + throw new \RuntimeException('Unable to verify that point exists on curve'); + } + return $point; + } + + /** + * Returns an instance of \phpseclib3\Crypt\EC\BaseCurves\Base based + * on the curve parameters + * + * @param \DomXPath $xpath + * @return \phpseclib3\Crypt\EC\BaseCurves\Base|false + */ + private static function loadCurveByParam(\DOMXPath $xpath) + { + $namedCurve = self::query($xpath, 'namedcurve'); + if ($namedCurve->length == 1) { + $oid = $namedCurve->item(0)->getAttribute('URN'); + $oid = preg_replace('#[^\d.]#', '', $oid); + $name = array_search($oid, self::$curveOIDs); + if ($name === false) { + throw new UnsupportedCurveException('Curve with OID of ' . $oid . ' is not supported'); + } + + $curve = '\phpseclib3\Crypt\EC\Curves\\' . $name; + if (!class_exists($curve)) { + throw new UnsupportedCurveException('Named Curve of ' . $name . ' is not supported'); + } + return new $curve(); + } + + $params = self::query($xpath, 'explicitparams'); + if ($params->length) { + return self::loadCurveByParamRFC4050($xpath); + } + + $params = self::query($xpath, 'ecparameters'); + if (!$params->length) { + throw new \RuntimeException('No parameters are present'); + } + + $fieldTypes = [ + 'prime-field' => ['fieldid/prime/p'], + 'gnb' => ['fieldid/gnb/m'], + 'tnb' => ['fieldid/tnb/k'], + 'pnb' => ['fieldid/pnb/k1', 'fieldid/pnb/k2', 'fieldid/pnb/k3'], + 'unknown' => [] + ]; + + foreach ($fieldTypes as $type => $queries) { + foreach ($queries as $query) { + $result = self::query($xpath, $query); + if (!$result->length) { + continue 2; + } + $param = preg_replace('#.*/#', '', $query); + $$param = self::decodeValue($result->item(0)->textContent); + } + break; + } + + $a = self::query($xpath, 'curve/a', 'A coefficient is not present'); + $b = self::query($xpath, 'curve/b', 'B coefficient is not present'); + $base = self::query($xpath, 'base', 'Base point is not present'); + $order = self::query($xpath, 'order', 'Order is not present'); + + switch ($type) { + case 'prime-field': + $curve = new PrimeCurve(); + $curve->setModulo(new BigInteger($p, 256)); + $curve->setCoefficients( + new BigInteger($a, 256), + new BigInteger($b, 256) + ); + $point = self::extractPoint("\0" . $base, $curve); + $curve->setBasePoint(...$point); + $curve->setOrder(new BigInteger($order, 256)); + return $curve; + case 'gnb': + case 'tnb': + case 'pnb': + default: + throw new UnsupportedCurveException('Field Type of ' . $type . ' is not supported'); + } + } + + /** + * Returns an instance of \phpseclib3\Crypt\EC\BaseCurves\Base based + * on the curve parameters + * + * @param \DomXPath $xpath + * @return \phpseclib3\Crypt\EC\BaseCurves\Base|false + */ + private static function loadCurveByParamRFC4050(\DOMXPath $xpath) + { + $fieldTypes = [ + 'prime-field' => ['primefieldparamstype/p'], + 'unknown' => [] + ]; + + foreach ($fieldTypes as $type => $queries) { + foreach ($queries as $query) { + $result = self::query($xpath, $query); + if (!$result->length) { + continue 2; + } + $param = preg_replace('#.*/#', '', $query); + $$param = $result->item(0)->textContent; + } + break; + } + + $a = self::query($xpath, 'curveparamstype/a', 'A coefficient is not present', false); + $b = self::query($xpath, 'curveparamstype/b', 'B coefficient is not present', false); + $x = self::query($xpath, 'basepointparams/basepoint/ecpointtype/x', 'Base Point X is not present', false); + $y = self::query($xpath, 'basepointparams/basepoint/ecpointtype/y', 'Base Point Y is not present', false); + $order = self::query($xpath, 'order', 'Order is not present', false); + + switch ($type) { + case 'prime-field': + $curve = new PrimeCurve(); + + $p = str_replace(["\r", "\n", ' ', "\t"], '', $p); + $curve->setModulo(new BigInteger($p)); + + $a = str_replace(["\r", "\n", ' ', "\t"], '', $a); + $b = str_replace(["\r", "\n", ' ', "\t"], '', $b); + $curve->setCoefficients( + new BigInteger($a), + new BigInteger($b) + ); + + $x = str_replace(["\r", "\n", ' ', "\t"], '', $x); + $y = str_replace(["\r", "\n", ' ', "\t"], '', $y); + $curve->setBasePoint( + new BigInteger($x), + new BigInteger($y) + ); + + $order = str_replace(["\r", "\n", ' ', "\t"], '', $order); + $curve->setOrder(new BigInteger($order)); + return $curve; + default: + throw new UnsupportedCurveException('Field Type of ' . $type . ' is not supported'); + } + } + + /** + * Sets the namespace. dsig11 is the most common one. + * + * Set to null to unset. Used only for creating public keys. + * + * @param string $namespace + */ + public static function setNamespace($namespace) + { + self::$namespace = $namespace; + } + + /** + * Uses the XML syntax specified in https://tools.ietf.org/html/rfc4050 + */ + public static function enableRFC4050Syntax() + { + self::$rfc4050 = true; + } + + /** + * Uses the XML syntax specified in https://www.w3.org/TR/xmldsig-core/#sec-ECParameters + */ + public static function disableRFC4050Syntax() + { + self::$rfc4050 = false; + } + + /** + * Convert a public key to the appropriate format + * + * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey + * @param array $options optional + * @return string + */ + public static function savePublicKey(BaseCurve $curve, array $publicKey, array $options = []) + { + self::initialize_static_variables(); + + if ($curve instanceof TwistedEdwardsCurve || $curve instanceof MontgomeryCurve) { + throw new UnsupportedCurveException('TwistedEdwards and Montgomery Curves are not supported'); + } + + if (empty(static::$namespace)) { + $pre = $post = ''; + } else { + $pre = static::$namespace . ':'; + $post = ':' . static::$namespace; + } + + if (self::$rfc4050) { + return '<' . $pre . 'ECDSAKeyValue xmlns' . $post . '="http://www.w3.org/2001/04/xmldsig-more#">' . "\r\n" . + self::encodeXMLParameters($curve, $pre, $options) . "\r\n" . + '<' . $pre . 'PublicKey>' . "\r\n" . + '<' . $pre . 'X Value="' . $publicKey[0] . '" />' . "\r\n" . + '<' . $pre . 'Y Value="' . $publicKey[1] . '" />' . "\r\n" . + '' . "\r\n" . + ''; + } + + $publicKey = "\4" . $publicKey[0]->toBytes() . $publicKey[1]->toBytes(); + + return '<' . $pre . 'ECDSAKeyValue xmlns' . $post . '="http://www.w3.org/2009/xmldsig11#">' . "\r\n" . + self::encodeXMLParameters($curve, $pre, $options) . "\r\n" . + '<' . $pre . 'PublicKey>' . Strings::base64_encode($publicKey) . '' . "\r\n" . + ''; + } + + /** + * Encode Parameters + * + * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + * @param string $pre + * @param array $options optional + * @return string|false + */ + private static function encodeXMLParameters(BaseCurve $curve, $pre, array $options = []) + { + $result = self::encodeParameters($curve, true, $options); + + if (isset($result['namedCurve'])) { + $namedCurve = '<' . $pre . 'NamedCurve URI="urn:oid:' . self::$curveOIDs[$result['namedCurve']] . '" />'; + return self::$rfc4050 ? + '' . str_replace('URI', 'URN', $namedCurve) . '' : + $namedCurve; + } + + if (self::$rfc4050) { + $xml = '<' . $pre . 'ExplicitParams>' . "\r\n" . + '<' . $pre . 'FieldParams>' . "\r\n"; + $temp = $result['specifiedCurve']; + switch ($temp['fieldID']['fieldType']) { + case 'prime-field': + $xml .= '<' . $pre . 'PrimeFieldParamsType>' . "\r\n" . + '<' . $pre . 'P>' . $temp['fieldID']['parameters'] . '' . "\r\n" . + '' . "\r\n"; + $a = $curve->getA(); + $b = $curve->getB(); + list($x, $y) = $curve->getBasePoint(); + break; + default: + throw new UnsupportedCurveException('Field Type of ' . $temp['fieldID']['fieldType'] . ' is not supported'); + } + $xml .= '' . "\r\n" . + '<' . $pre . 'CurveParamsType>' . "\r\n" . + '<' . $pre . 'A>' . $a . '' . "\r\n" . + '<' . $pre . 'B>' . $b . '' . "\r\n" . + '' . "\r\n" . + '<' . $pre . 'BasePointParams>' . "\r\n" . + '<' . $pre . 'BasePoint>' . "\r\n" . + '<' . $pre . 'ECPointType>' . "\r\n" . + '<' . $pre . 'X>' . $x . '' . "\r\n" . + '<' . $pre . 'Y>' . $y . '' . "\r\n" . + '' . "\r\n" . + '' . "\r\n" . + '<' . $pre . 'Order>' . $curve->getOrder() . '' . "\r\n" . + '' . "\r\n" . + '' . "\r\n"; + + return $xml; + } + + if (isset($result['specifiedCurve'])) { + $xml = '<' . $pre . 'ECParameters>' . "\r\n" . + '<' . $pre . 'FieldID>' . "\r\n"; + $temp = $result['specifiedCurve']; + switch ($temp['fieldID']['fieldType']) { + case 'prime-field': + $xml .= '<' . $pre . 'Prime>' . "\r\n" . + '<' . $pre . 'P>' . Strings::base64_encode($temp['fieldID']['parameters']->toBytes()) . '' . "\r\n" . + '' . "\r\n" ; + break; + default: + throw new UnsupportedCurveException('Field Type of ' . $temp['fieldID']['fieldType'] . ' is not supported'); + } + $xml .= '' . "\r\n" . + '<' . $pre . 'Curve>' . "\r\n" . + '<' . $pre . 'A>' . Strings::base64_encode($temp['curve']['a']) . '' . "\r\n" . + '<' . $pre . 'B>' . Strings::base64_encode($temp['curve']['b']) . '' . "\r\n" . + '' . "\r\n" . + '<' . $pre . 'Base>' . Strings::base64_encode($temp['base']) . '' . "\r\n" . + '<' . $pre . 'Order>' . Strings::base64_encode($temp['order']) . '' . "\r\n" . + ''; + return $xml; + } + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/libsodium.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/libsodium.php new file mode 100644 index 0000000..2be6ba5 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/libsodium.php @@ -0,0 +1,116 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\EC\Formats\Keys; + +use phpseclib3\Crypt\EC\Curves\Ed25519; +use phpseclib3\Exception\UnsupportedFormatException; +use phpseclib3\Math\BigInteger; + +/** + * libsodium Key Handler + * + * @author Jim Wigginton + */ +abstract class libsodium +{ + use Common; + + /** + * Is invisible flag + * + */ + const IS_INVISIBLE = true; + + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password optional + * @return array + */ + public static function load($key, $password = '') + { + switch (strlen($key)) { + case 32: + $public = $key; + break; + case 64: + $private = substr($key, 0, 32); + $public = substr($key, -32); + break; + case 96: + $public = substr($key, -32); + if (substr($key, 32, 32) != $public) { + throw new \RuntimeException('Keys with 96 bytes should have the 2nd and 3rd set of 32 bytes match'); + } + $private = substr($key, 0, 32); + break; + default: + throw new \RuntimeException('libsodium keys need to either be 32 bytes long, 64 bytes long or 96 bytes long'); + } + + $curve = new Ed25519(); + $components = ['curve' => $curve]; + if (isset($private)) { + $arr = $curve->extractSecret($private); + $components['dA'] = $arr['dA']; + $components['secret'] = $arr['secret']; + } + $components['QA'] = isset($public) ? + self::extractPoint($public, $curve) : + $curve->multiplyPoint($curve->getBasePoint(), $components['dA']); + + return $components; + } + + /** + * Convert an EC public key to the appropriate format + * + * @param \phpseclib3\Crypt\EC\Curves\Ed25519 $curve + * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey + * @return string + */ + public static function savePublicKey(Ed25519 $curve, array $publicKey) + { + return $curve->encodePoint($publicKey); + } + + /** + * Convert a private key to the appropriate format. + * + * @param \phpseclib3\Math\BigInteger $privateKey + * @param \phpseclib3\Crypt\EC\Curves\Ed25519 $curve + * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey + * @param string $secret optional + * @param string $password optional + * @return string + */ + public static function savePrivateKey(BigInteger $privateKey, Ed25519 $curve, array $publicKey, $secret = null, $password = '') + { + if (!isset($secret)) { + throw new \RuntimeException('Private Key does not have a secret set'); + } + if (strlen($secret) != 32) { + throw new \RuntimeException('Private Key secret is not of the correct length'); + } + if (!empty($password) && is_string($password)) { + throw new UnsupportedFormatException('libsodium private keys do not support encryption'); + } + return $secret . $curve->encodePoint($publicKey); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/ASN1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/ASN1.php new file mode 100644 index 0000000..d2a80a1 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/ASN1.php @@ -0,0 +1,62 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\EC\Formats\Signature; + +use phpseclib3\File\ASN1 as Encoder; +use phpseclib3\File\ASN1\Maps\EcdsaSigValue; +use phpseclib3\Math\BigInteger; + +/** + * ASN1 Signature Handler + * + * @author Jim Wigginton + */ +abstract class ASN1 +{ + /** + * Loads a signature + * + * @param string $sig + * @return array + */ + public static function load($sig) + { + if (!is_string($sig)) { + return false; + } + + $decoded = Encoder::decodeBER($sig); + if (empty($decoded)) { + return false; + } + $components = Encoder::asn1map($decoded[0], EcdsaSigValue::MAP); + + return $components; + } + + /** + * Returns a signature in the appropriate format + * + * @param \phpseclib3\Math\BigInteger $r + * @param \phpseclib3\Math\BigInteger $s + * @return string + */ + public static function save(BigInteger $r, BigInteger $s) + { + return Encoder::encodeDER(compact('r', 's'), EcdsaSigValue::MAP); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/IEEE.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/IEEE.php new file mode 100644 index 0000000..69139da --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/IEEE.php @@ -0,0 +1,66 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\EC\Formats\Signature; + +use phpseclib3\Math\BigInteger; + +/** + * ASN1 Signature Handler + * + * @author Jim Wigginton + */ +abstract class IEEE +{ + /** + * Loads a signature + * + * @param string $sig + * @return array + */ + public static function load($sig) + { + if (!is_string($sig)) { + return false; + } + + $len = strlen($sig); + if ($len & 1) { + return false; + } + + $r = new BigInteger(substr($sig, 0, $len >> 1), 256); + $s = new BigInteger(substr($sig, $len >> 1), 256); + + return compact('r', 's'); + } + + /** + * Returns a signature in the appropriate format + * + * @param \phpseclib3\Math\BigInteger $r + * @param \phpseclib3\Math\BigInteger $s + * @return string + */ + public static function save(BigInteger $r, BigInteger $s) + { + $r = $r->toBytes(); + $s = $s->toBytes(); + $len = max(strlen($r), strlen($s)); + return str_pad($r, $len, "\0", STR_PAD_LEFT) . str_pad($s, $len, "\0", STR_PAD_LEFT); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/Raw.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/Raw.php new file mode 100644 index 0000000..7e4b47f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/Raw.php @@ -0,0 +1,25 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\EC\Formats\Signature; + +use phpseclib3\Crypt\Common\Formats\Signature\Raw as Progenitor; + +/** + * Raw DSA Signature Handler + * + * @author Jim Wigginton + */ +abstract class Raw extends Progenitor +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/SSH2.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/SSH2.php new file mode 100644 index 0000000..e064442 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/SSH2.php @@ -0,0 +1,94 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\EC\Formats\Signature; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Math\BigInteger; + +/** + * SSH2 Signature Handler + * + * @author Jim Wigginton + */ +abstract class SSH2 +{ + /** + * Loads a signature + * + * @param string $sig + * @return mixed + */ + public static function load($sig) + { + if (!is_string($sig)) { + return false; + } + + $result = Strings::unpackSSH2('ss', $sig); + if ($result === false) { + return false; + } + list($type, $blob) = $result; + switch ($type) { + // see https://tools.ietf.org/html/rfc5656#section-3.1.2 + case 'ecdsa-sha2-nistp256': + case 'ecdsa-sha2-nistp384': + case 'ecdsa-sha2-nistp521': + break; + default: + return false; + } + + $result = Strings::unpackSSH2('ii', $blob); + if ($result === false) { + return false; + } + + return [ + 'r' => $result[0], + 's' => $result[1] + ]; + } + + /** + * Returns a signature in the appropriate format + * + * @param \phpseclib3\Math\BigInteger $r + * @param \phpseclib3\Math\BigInteger $s + * @param string $curve + * @return string + */ + public static function save(BigInteger $r, BigInteger $s, $curve) + { + switch ($curve) { + case 'secp256r1': + $curve = 'nistp256'; + break; + case 'secp384r1': + $curve = 'nistp384'; + break; + case 'secp521r1': + $curve = 'nistp521'; + break; + default: + return false; + } + + $blob = Strings::packSSH2('ii', $r, $s); + + return Strings::packSSH2('ss', 'ecdsa-sha2-' . $curve, $blob); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Parameters.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Parameters.php new file mode 100644 index 0000000..c0ed64a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Parameters.php @@ -0,0 +1,36 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\EC; + +use phpseclib3\Crypt\EC; + +/** + * EC Parameters + * + * @author Jim Wigginton + */ +final class Parameters extends EC +{ + /** + * Returns the parameters + * + * @param string $type + * @param array $options optional + * @return string + */ + public function toString($type = 'PKCS1', array $options = []) + { + $type = self::validatePlugin('Keys', 'PKCS1', 'saveParameters'); + + return $type::saveParameters($this->curve, $options); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/PrivateKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/PrivateKey.php new file mode 100644 index 0000000..462ea1a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/PrivateKey.php @@ -0,0 +1,256 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\EC; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\Common; +use phpseclib3\Crypt\EC; +use phpseclib3\Crypt\EC\BaseCurves\Montgomery as MontgomeryCurve; +use phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards as TwistedEdwardsCurve; +use phpseclib3\Crypt\EC\Curves\Curve25519; +use phpseclib3\Crypt\EC\Curves\Ed25519; +use phpseclib3\Crypt\EC\Formats\Keys\PKCS1; +use phpseclib3\Crypt\EC\Formats\Signature\ASN1 as ASN1Signature; +use phpseclib3\Crypt\Hash; +use phpseclib3\Exception\UnsupportedOperationException; +use phpseclib3\Math\BigInteger; + +/** + * EC Private Key + * + * @author Jim Wigginton + */ +final class PrivateKey extends EC implements Common\PrivateKey +{ + use Common\Traits\PasswordProtected; + + /** + * Private Key dA + * + * sign() converts this to a BigInteger so one might wonder why this is a FiniteFieldInteger instead of + * a BigInteger. That's because a FiniteFieldInteger, when converted to a byte string, is null padded by + * a certain amount whereas a BigInteger isn't. + * + * @var object + */ + protected $dA; + + /** + * @var string + */ + protected $secret; + + /** + * Multiplies an encoded point by the private key + * + * Used by ECDH + * + * @param string $coordinates + * @return string + */ + public function multiply($coordinates) + { + if ($this->curve instanceof MontgomeryCurve) { + if ($this->curve instanceof Curve25519 && self::$engines['libsodium']) { + return sodium_crypto_scalarmult($this->dA->toBytes(), $coordinates); + } + + $point = [$this->curve->convertInteger(new BigInteger(strrev($coordinates), 256))]; + $point = $this->curve->multiplyPoint($point, $this->dA); + return strrev($point[0]->toBytes(true)); + } + if (!$this->curve instanceof TwistedEdwardsCurve) { + $coordinates = "\0$coordinates"; + } + $point = PKCS1::extractPoint($coordinates, $this->curve); + $point = $this->curve->multiplyPoint($point, $this->dA); + if ($this->curve instanceof TwistedEdwardsCurve) { + return $this->curve->encodePoint($point); + } + if (empty($point)) { + throw new \RuntimeException('The infinity point is invalid'); + } + return "\4" . $point[0]->toBytes(true) . $point[1]->toBytes(true); + } + + /** + * Create a signature + * + * @see self::verify() + * @param string $message + * @return mixed + */ + public function sign($message) + { + if ($this->curve instanceof MontgomeryCurve) { + throw new UnsupportedOperationException('Montgomery Curves cannot be used to create signatures'); + } + + $dA = $this->dA; + $order = $this->curve->getOrder(); + + $shortFormat = $this->shortFormat; + $format = $this->sigFormat; + if ($format === false) { + return false; + } + + if ($this->curve instanceof TwistedEdwardsCurve) { + if ($this->curve instanceof Ed25519 && self::$engines['libsodium'] && !isset($this->context)) { + $result = sodium_crypto_sign_detached($message, $this->withPassword()->toString('libsodium')); + return $shortFormat == 'SSH2' ? Strings::packSSH2('ss', 'ssh-' . strtolower($this->getCurve()), $result) : $result; + } + + // contexts (Ed25519ctx) are supported but prehashing (Ed25519ph) is not. + // quoting https://tools.ietf.org/html/rfc8032#section-8.5 , + // "The Ed25519ph and Ed448ph variants ... SHOULD NOT be used" + $A = $this->curve->encodePoint($this->QA); + $curve = $this->curve; + $hash = new Hash($curve::HASH); + + $secret = substr($hash->hash($this->secret), $curve::SIZE); + + if ($curve instanceof Ed25519) { + $dom = !isset($this->context) ? '' : + 'SigEd25519 no Ed25519 collisions' . "\0" . chr(strlen($this->context)) . $this->context; + } else { + $context = isset($this->context) ? $this->context : ''; + $dom = 'SigEd448' . "\0" . chr(strlen($context)) . $context; + } + // SHA-512(dom2(F, C) || prefix || PH(M)) + $r = $hash->hash($dom . $secret . $message); + $r = strrev($r); + $r = new BigInteger($r, 256); + list(, $r) = $r->divide($order); + $R = $curve->multiplyPoint($curve->getBasePoint(), $r); + $R = $curve->encodePoint($R); + $k = $hash->hash($dom . $R . $A . $message); + $k = strrev($k); + $k = new BigInteger($k, 256); + list(, $k) = $k->divide($order); + $S = $k->multiply($dA)->add($r); + list(, $S) = $S->divide($order); + $S = str_pad(strrev($S->toBytes()), $curve::SIZE, "\0"); + return $shortFormat == 'SSH2' ? Strings::packSSH2('ss', 'ssh-' . strtolower($this->getCurve()), $R . $S) : $R . $S; + } + + if (self::$engines['OpenSSL'] && in_array($this->hash->getHash(), openssl_get_md_methods())) { + $signature = ''; + // altho PHP's OpenSSL bindings only supported EC key creation in PHP 7.1 they've long + // supported signing / verification + // we use specified curves to avoid issues with OpenSSL possibly not supporting a given named curve; + // doing this may mean some curve-specific optimizations can't be used but idk if OpenSSL even + // has curve-specific optimizations + $result = openssl_sign($message, $signature, $this->toString('PKCS8', ['namedCurve' => false]), $this->hash->getHash()); + + if ($result) { + if ($shortFormat == 'ASN1') { + return $signature; + } + + extract(ASN1Signature::load($signature)); + + return $shortFormat == 'SSH2' ? $format::save($r, $s, $this->getCurve()) : $format::save($r, $s); + } + } + + $e = $this->hash->hash($message); + $e = new BigInteger($e, 256); + + $Ln = $this->hash->getLength() - $order->getLength(); + $z = $Ln > 0 ? $e->bitwise_rightShift($Ln) : $e; + + while (true) { + $k = BigInteger::randomRange(self::$one, $order->subtract(self::$one)); + list($x, $y) = $this->curve->multiplyPoint($this->curve->getBasePoint(), $k); + $x = $x->toBigInteger(); + list(, $r) = $x->divide($order); + if ($r->equals(self::$zero)) { + continue; + } + $kinv = $k->modInverse($order); + $temp = $z->add($dA->multiply($r)); + $temp = $kinv->multiply($temp); + list(, $s) = $temp->divide($order); + if (!$s->equals(self::$zero)) { + break; + } + } + + // the following is an RFC6979 compliant implementation of deterministic ECDSA + // it's unused because it's mainly intended for use when a good CSPRNG isn't + // available. if phpseclib's CSPRNG isn't good then even key generation is + // suspect + /* + // if this were actually being used it'd probably be better if this lived in load() and createKey() + $this->q = $this->curve->getOrder(); + $dA = $this->dA->toBigInteger(); + $this->x = $dA; + + $h1 = $this->hash->hash($message); + $k = $this->computek($h1); + list($x, $y) = $this->curve->multiplyPoint($this->curve->getBasePoint(), $k); + $x = $x->toBigInteger(); + list(, $r) = $x->divide($this->q); + $kinv = $k->modInverse($this->q); + $h1 = $this->bits2int($h1); + $temp = $h1->add($dA->multiply($r)); + $temp = $kinv->multiply($temp); + list(, $s) = $temp->divide($this->q); + */ + + return $shortFormat == 'SSH2' ? $format::save($r, $s, $this->getCurve()) : $format::save($r, $s); + } + + /** + * Returns the private key + * + * @param string $type + * @param array $options optional + * @return string + */ + public function toString($type, array $options = []) + { + $type = self::validatePlugin('Keys', $type, 'savePrivateKey'); + + return $type::savePrivateKey($this->dA, $this->curve, $this->QA, $this->secret, $this->password, $options); + } + + /** + * Returns the public key + * + * @see self::getPrivateKey() + * @return mixed + */ + public function getPublicKey() + { + $format = 'PKCS8'; + if ($this->curve instanceof MontgomeryCurve) { + $format = 'MontgomeryPublic'; + } + + $type = self::validatePlugin('Keys', $format, 'savePublicKey'); + + $key = $type::savePublicKey($this->curve, $this->QA); + $key = EC::loadFormat($format, $key); + if ($this->curve instanceof MontgomeryCurve) { + return $key; + } + $key = $key + ->withHash($this->hash->getHash()) + ->withSignatureFormat($this->shortFormat); + if ($this->curve instanceof TwistedEdwardsCurve) { + $key = $key->withContext($this->context); + } + return $key; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/PublicKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/PublicKey.php new file mode 100644 index 0000000..4558ce3 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/PublicKey.php @@ -0,0 +1,172 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\EC; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\Common; +use phpseclib3\Crypt\EC; +use phpseclib3\Crypt\EC\BaseCurves\Montgomery as MontgomeryCurve; +use phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards as TwistedEdwardsCurve; +use phpseclib3\Crypt\EC\Curves\Ed25519; +use phpseclib3\Crypt\EC\Formats\Keys\PKCS1; +use phpseclib3\Crypt\EC\Formats\Signature\ASN1 as ASN1Signature; +use phpseclib3\Crypt\Hash; +use phpseclib3\Exception\UnsupportedOperationException; +use phpseclib3\Math\BigInteger; + +/** + * EC Public Key + * + * @author Jim Wigginton + */ +final class PublicKey extends EC implements Common\PublicKey +{ + use Common\Traits\Fingerprint; + + /** + * Verify a signature + * + * @see self::verify() + * @param string $message + * @param string $signature + * @return mixed + */ + public function verify($message, $signature) + { + if ($this->curve instanceof MontgomeryCurve) { + throw new UnsupportedOperationException('Montgomery Curves cannot be used to create signatures'); + } + + $shortFormat = $this->shortFormat; + $format = $this->sigFormat; + if ($format === false) { + return false; + } + + $order = $this->curve->getOrder(); + + if ($this->curve instanceof TwistedEdwardsCurve) { + if ($shortFormat == 'SSH2') { + list(, $signature) = Strings::unpackSSH2('ss', $signature); + } + + if ($this->curve instanceof Ed25519 && self::$engines['libsodium'] && !isset($this->context)) { + return sodium_crypto_sign_verify_detached($signature, $message, $this->toString('libsodium')); + } + + $curve = $this->curve; + if (strlen($signature) != 2 * $curve::SIZE) { + return false; + } + + $R = substr($signature, 0, $curve::SIZE); + $S = substr($signature, $curve::SIZE); + + try { + $R = PKCS1::extractPoint($R, $curve); + $R = $this->curve->convertToInternal($R); + } catch (\Exception $e) { + return false; + } + + $S = strrev($S); + $S = new BigInteger($S, 256); + + if ($S->compare($order) >= 0) { + return false; + } + + $A = $curve->encodePoint($this->QA); + + if ($curve instanceof Ed25519) { + $dom2 = !isset($this->context) ? '' : + 'SigEd25519 no Ed25519 collisions' . "\0" . chr(strlen($this->context)) . $this->context; + } else { + $context = isset($this->context) ? $this->context : ''; + $dom2 = 'SigEd448' . "\0" . chr(strlen($context)) . $context; + } + + $hash = new Hash($curve::HASH); + $k = $hash->hash($dom2 . substr($signature, 0, $curve::SIZE) . $A . $message); + $k = strrev($k); + $k = new BigInteger($k, 256); + list(, $k) = $k->divide($order); + + $qa = $curve->convertToInternal($this->QA); + + $lhs = $curve->multiplyPoint($curve->getBasePoint(), $S); + $rhs = $curve->multiplyPoint($qa, $k); + $rhs = $curve->addPoint($rhs, $R); + $rhs = $curve->convertToAffine($rhs); + + return $lhs[0]->equals($rhs[0]) && $lhs[1]->equals($rhs[1]); + } + + $params = $format::load($signature); + if ($params === false || count($params) != 2) { + return false; + } + extract($params); + + if (self::$engines['OpenSSL'] && in_array($this->hash->getHash(), openssl_get_md_methods())) { + $sig = $format != 'ASN1' ? ASN1Signature::save($r, $s) : $signature; + + $result = openssl_verify($message, $sig, $this->toString('PKCS8', ['namedCurve' => false]), $this->hash->getHash()); + + if ($result != -1) { + return (bool) $result; + } + } + + $n_1 = $order->subtract(self::$one); + if (!$r->between(self::$one, $n_1) || !$s->between(self::$one, $n_1)) { + return false; + } + + $e = $this->hash->hash($message); + $e = new BigInteger($e, 256); + + $Ln = $this->hash->getLength() - $order->getLength(); + $z = $Ln > 0 ? $e->bitwise_rightShift($Ln) : $e; + + $w = $s->modInverse($order); + list(, $u1) = $z->multiply($w)->divide($order); + list(, $u2) = $r->multiply($w)->divide($order); + + $u1 = $this->curve->convertInteger($u1); + $u2 = $this->curve->convertInteger($u2); + + list($x1, $y1) = $this->curve->multiplyAddPoints( + [$this->curve->getBasePoint(), $this->QA], + [$u1, $u2] + ); + + $x1 = $x1->toBigInteger(); + list(, $x1) = $x1->divide($order); + + return $x1->equals($r); + } + + /** + * Returns the public key + * + * @param string $type + * @param array $options optional + * @return string + */ + public function toString($type, array $options = []) + { + $type = self::validatePlugin('Keys', $type, 'savePublicKey'); + + return $type::savePublicKey($this->curve, $this->QA, $options); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Hash.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Hash.php new file mode 100644 index 0000000..0e02544 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Hash.php @@ -0,0 +1,1455 @@ + + * setKey('abcdefg'); + * + * echo base64_encode($hash->hash('abcdefg')); + * ?> + * + * + * @author Jim Wigginton + * @copyright 2015 Jim Wigginton + * @author Andreas Fischer + * @copyright 2015 Andreas Fischer + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Exception\InsufficientSetupException; +use phpseclib3\Exception\UnsupportedAlgorithmException; +use phpseclib3\Math\BigInteger; +use phpseclib3\Math\PrimeField; + +/** + * @author Jim Wigginton + * @author Andreas Fischer + */ +class Hash +{ + /** + * Padding Types + * + */ + const PADDING_KECCAK = 1; + + /** + * Padding Types + * + */ + const PADDING_SHA3 = 2; + + /** + * Padding Types + * + */ + const PADDING_SHAKE = 3; + + /** + * Padding Type + * + * Only used by SHA3 + * + * @var int + */ + private $paddingType = 0; + + /** + * Hash Parameter + * + * @see self::setHash() + * @var int + */ + private $hashParam; + + /** + * Byte-length of hash output (Internal HMAC) + * + * @see self::setHash() + * @var int + */ + private $length; + + /** + * Hash Algorithm + * + * @see self::setHash() + * @var string + */ + private $algo; + + /** + * Key + * + * @see self::setKey() + * @var string + */ + private $key = false; + + /** + * Nonce + * + * @see self::setNonce() + * @var string + */ + private $nonce = false; + + /** + * Hash Parameters + * + * @var array + */ + private $parameters = []; + + /** + * Computed Key + * + * @see self::_computeKey() + * @var string + */ + private $computedKey = false; + + /** + * Outer XOR (Internal HMAC) + * + * Used only for sha512/* + * + * @see self::hash() + * @var string + */ + private $opad; + + /** + * Inner XOR (Internal HMAC) + * + * Used only for sha512/* + * + * @see self::hash() + * @var string + */ + private $ipad; + + /** + * Recompute AES Key + * + * Used only for umac + * + * @see self::hash() + * @var boolean + */ + private $recomputeAESKey; + + /** + * umac cipher object + * + * @see self::hash() + * @var \phpseclib3\Crypt\AES + */ + private $c; + + /** + * umac pad + * + * @see self::hash() + * @var string + */ + private $pad; + + /** + * Block Size + * + * @var int + */ + private $blockSize; + + /**#@+ + * UMAC variables + * + * @var PrimeField + */ + private static $factory36; + private static $factory64; + private static $factory128; + private static $offset64; + private static $offset128; + private static $marker64; + private static $marker128; + private static $maxwordrange64; + private static $maxwordrange128; + /**#@-*/ + + /** + * Default Constructor. + * + * @param string $hash + */ + public function __construct($hash = 'sha256') + { + $this->setHash($hash); + } + + /** + * Sets the key for HMACs + * + * Keys can be of any length. + * + * @param string $key + */ + public function setKey($key = false) + { + $this->key = $key; + $this->computeKey(); + $this->recomputeAESKey = true; + } + + /** + * Sets the nonce for UMACs + * + * Keys can be of any length. + * + * @param string $nonce + */ + public function setNonce($nonce = false) + { + switch (true) { + case !is_string($nonce): + case strlen($nonce) > 0 && strlen($nonce) <= 16: + $this->recomputeAESKey = true; + $this->nonce = $nonce; + return; + } + + throw new \LengthException('The nonce length must be between 1 and 16 bytes, inclusive'); + } + + /** + * Pre-compute the key used by the HMAC + * + * Quoting http://tools.ietf.org/html/rfc2104#section-2, "Applications that use keys longer than B bytes + * will first hash the key using H and then use the resultant L byte string as the actual key to HMAC." + * + * As documented in https://www.reddit.com/r/PHP/comments/9nct2l/symfonypolyfill_hash_pbkdf2_correct_fix_for/ + * when doing an HMAC multiple times it's faster to compute the hash once instead of computing it during + * every call + * + */ + private function computeKey() + { + if ($this->key === false) { + $this->computedKey = false; + return; + } + + if (strlen($this->key) <= $this->getBlockLengthInBytes()) { + $this->computedKey = $this->key; + return; + } + + $this->computedKey = is_array($this->algo) ? + call_user_func($this->algo, $this->key) : + hash($this->algo, $this->key, true); + } + + /** + * Gets the hash function. + * + * As set by the constructor or by the setHash() method. + * + * @return string + */ + public function getHash() + { + return $this->hashParam; + } + + /** + * Sets the hash function. + * + * @param string $hash + */ + public function setHash($hash) + { + $this->hashParam = $hash = strtolower($hash); + switch ($hash) { + case 'umac-32': + case 'umac-64': + case 'umac-96': + case 'umac-128': + $this->blockSize = 128; + $this->length = abs(substr($hash, -3)) >> 3; + $this->algo = 'umac'; + return; + case 'md2-96': + case 'md5-96': + case 'sha1-96': + case 'sha224-96': + case 'sha256-96': + case 'sha384-96': + case 'sha512-96': + case 'sha512/224-96': + case 'sha512/256-96': + $hash = substr($hash, 0, -3); + $this->length = 12; // 96 / 8 = 12 + break; + case 'md2': + case 'md5': + $this->length = 16; + break; + case 'sha1': + $this->length = 20; + break; + case 'sha224': + case 'sha512/224': + case 'sha3-224': + $this->length = 28; + break; + case 'keccak256': + $this->paddingType = self::PADDING_KECCAK; + // fall-through + case 'sha256': + case 'sha512/256': + case 'sha3-256': + $this->length = 32; + break; + case 'sha384': + case 'sha3-384': + $this->length = 48; + break; + case 'sha512': + case 'sha3-512': + $this->length = 64; + break; + default: + if (preg_match('#^(shake(?:128|256))-(\d+)$#', $hash, $matches)) { + $this->paddingType = self::PADDING_SHAKE; + $hash = $matches[1]; + $this->length = $matches[2] >> 3; + } else { + throw new UnsupportedAlgorithmException( + "$hash is not a supported algorithm" + ); + } + } + + switch ($hash) { + case 'md2': + case 'md2-96': + $this->blockSize = 128; + break; + case 'md5-96': + case 'sha1-96': + case 'sha224-96': + case 'sha256-96': + case 'md5': + case 'sha1': + case 'sha224': + case 'sha256': + $this->blockSize = 512; + break; + case 'sha3-224': + $this->blockSize = 1152; // 1600 - 2*224 + break; + case 'sha3-256': + case 'shake256': + case 'keccak256': + $this->blockSize = 1088; // 1600 - 2*256 + break; + case 'sha3-384': + $this->blockSize = 832; // 1600 - 2*384 + break; + case 'sha3-512': + $this->blockSize = 576; // 1600 - 2*512 + break; + case 'shake128': + $this->blockSize = 1344; // 1600 - 2*128 + break; + default: + $this->blockSize = 1024; + } + + if (in_array(substr($hash, 0, 5), ['sha3-', 'shake', 'kecca'])) { + // PHP 7.1.0 introduced support for "SHA3 fixed mode algorithms": + // http://php.net/ChangeLog-7.php#7.1.0 + if (version_compare(PHP_VERSION, '7.1.0') < 0 || substr($hash, 0, 5) != 'sha3-') { + //preg_match('#(\d+)$#', $hash, $matches); + //$this->parameters['capacity'] = 2 * $matches[1]; // 1600 - $this->blockSize + //$this->parameters['rate'] = 1600 - $this->parameters['capacity']; // == $this->blockSize + if (!$this->paddingType) { + $this->paddingType = self::PADDING_SHA3; + } + $this->parameters = [ + 'capacity' => 1600 - $this->blockSize, + 'rate' => $this->blockSize, + 'length' => $this->length, + 'padding' => $this->paddingType + ]; + $hash = ['phpseclib3\Crypt\Hash', PHP_INT_SIZE == 8 ? 'sha3_64' : 'sha3_32']; + } + } + + if ($hash == 'sha512/224' || $hash == 'sha512/256') { + // PHP 7.1.0 introduced sha512/224 and sha512/256 support: + // http://php.net/ChangeLog-7.php#7.1.0 + if (version_compare(PHP_VERSION, '7.1.0') < 0) { + // from http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf#page=24 + $initial = $hash == 'sha512/256' ? + [ + '22312194FC2BF72C', '9F555FA3C84C64C2', '2393B86B6F53B151', '963877195940EABD', + '96283EE2A88EFFE3', 'BE5E1E2553863992', '2B0199FC2C85B8AA', '0EB72DDC81C52CA2' + ] : + [ + '8C3D37C819544DA2', '73E1996689DCD4D6', '1DFAB7AE32FF9C82', '679DD514582F9FCF', + '0F6D2B697BD44DA8', '77E36F7304C48942', '3F9D85A86A1D36C8', '1112E6AD91D692A1' + ]; + for ($i = 0; $i < 8; $i++) { + $initial[$i] = new BigInteger($initial[$i], 16); + $initial[$i]->setPrecision(64); + } + + $this->parameters = compact('initial'); + + $hash = ['phpseclib3\Crypt\Hash', 'sha512']; + } + } + + if (is_array($hash)) { + $b = $this->blockSize >> 3; + $this->ipad = str_repeat(chr(0x36), $b); + $this->opad = str_repeat(chr(0x5C), $b); + } + + $this->algo = $hash; + + $this->computeKey(); + } + + /** + * KDF: Key-Derivation Function + * + * The key-derivation function generates pseudorandom bits used to key the hash functions. + * + * @param int $index a non-negative integer less than 2^64 + * @param int $numbytes a non-negative integer less than 2^64 + * @return string string of length numbytes bytes + */ + private function kdf($index, $numbytes) + { + $this->c->setIV(pack('N4', 0, $index, 0, 1)); + + return $this->c->encrypt(str_repeat("\0", $numbytes)); + } + + /** + * PDF Algorithm + * + * @return string string of length taglen bytes. + */ + private function pdf() + { + $k = $this->key; + $nonce = $this->nonce; + $taglen = $this->length; + + // + // Extract and zero low bit(s) of Nonce if needed + // + if ($taglen <= 8) { + $last = strlen($nonce) - 1; + $mask = $taglen == 4 ? "\3" : "\1"; + $index = $nonce[$last] & $mask; + $nonce[$last] = $nonce[$last] ^ $index; + } + + // + // Make Nonce BLOCKLEN bytes by appending zeroes if needed + // + $nonce = str_pad($nonce, 16, "\0"); + + // + // Generate subkey, encipher and extract indexed substring + // + $kp = $this->kdf(0, 16); + $c = new AES('ctr'); + $c->disablePadding(); + $c->setKey($kp); + $c->setIV($nonce); + $t = $c->encrypt("\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"); + + // we could use ord() but per https://paragonie.com/blog/2016/06/constant-time-encoding-boring-cryptography-rfc-4648-and-you + // unpack() doesn't leak timing info + return $taglen <= 8 ? + substr($t, unpack('C', $index)[1] * $taglen, $taglen) : + substr($t, 0, $taglen); + } + + /** + * UHASH Algorithm + * + * @param string $m string of length less than 2^67 bits. + * @param int $taglen the integer 4, 8, 12 or 16. + * @return string string of length taglen bytes. + */ + private function uhash($m, $taglen) + { + // + // One internal iteration per 4 bytes of output + // + $iters = $taglen >> 2; + + // + // Define total key needed for all iterations using KDF. + // L1Key reuses most key material between iterations. + // + //$L1Key = $this->kdf(1, 1024 + ($iters - 1) * 16); + $L1Key = $this->kdf(1, (1024 + ($iters - 1)) * 16); + $L2Key = $this->kdf(2, $iters * 24); + $L3Key1 = $this->kdf(3, $iters * 64); + $L3Key2 = $this->kdf(4, $iters * 4); + + // + // For each iteration, extract key and do three-layer hash. + // If bytelength(M) <= 1024, then skip L2-HASH. + // + $y = ''; + for ($i = 0; $i < $iters; $i++) { + $L1Key_i = substr($L1Key, $i * 16, 1024); + $L2Key_i = substr($L2Key, $i * 24, 24); + $L3Key1_i = substr($L3Key1, $i * 64, 64); + $L3Key2_i = substr($L3Key2, $i * 4, 4); + + $a = self::L1Hash($L1Key_i, $m); + $b = strlen($m) <= 1024 ? "\0\0\0\0\0\0\0\0$a" : self::L2Hash($L2Key_i, $a); + $c = self::L3Hash($L3Key1_i, $L3Key2_i, $b); + $y .= $c; + } + + return $y; + } + + /** + * L1-HASH Algorithm + * + * The first-layer hash breaks the message into 1024-byte chunks and + * hashes each with a function called NH. Concatenating the results + * forms a string, which is up to 128 times shorter than the original. + * + * @param string $k string of length 1024 bytes. + * @param string $m string of length less than 2^67 bits. + * @return string string of length (8 * ceil(bitlength(M)/8192)) bytes. + */ + private static function L1Hash($k, $m) + { + // + // Break M into 1024 byte chunks (final chunk may be shorter) + // + $m = str_split($m, 1024); + + // + // For each chunk, except the last: endian-adjust, NH hash + // and add bit-length. Use results to build Y. + // + $length = new BigInteger(1024 * 8); + $y = ''; + for ($i = 0; $i < count($m) - 1; $i++) { + $m[$i] = pack('N*', ...unpack('V*', $m[$i])); // ENDIAN-SWAP + $y .= static::nh($k, $m[$i], $length); + } + + // + // For the last chunk: pad to 32-byte boundary, endian-adjust, + // NH hash and add bit-length. Concatenate the result to Y. + // + $length = count($m) ? strlen($m[$i]) : 0; + $pad = 32 - ($length % 32); + $pad = max(32, $length + $pad % 32); + $m[$i] = str_pad(isset($m[$i]) ? $m[$i] : '', $pad, "\0"); // zeropad + $m[$i] = pack('N*', ...unpack('V*', $m[$i])); // ENDIAN-SWAP + + $y .= static::nh($k, $m[$i], new BigInteger($length * 8)); + + return $y; + } + + /** + * NH Algorithm + * + * @param string $k string of length 1024 bytes. + * @param string $m string with length divisible by 32 bytes. + * @return string string of length 8 bytes. + */ + private static function nh($k, $m, $length) + { + $toUInt32 = function ($x) { + $x = new BigInteger($x, 256); + $x->setPrecision(32); + return $x; + }; + + // + // Break M and K into 4-byte chunks + // + //$t = strlen($m) >> 2; + $m = str_split($m, 4); + $t = count($m); + $k = str_split($k, 4); + $k = array_pad(array_slice($k, 0, $t), $t, 0); + + $m = array_map($toUInt32, $m); + $k = array_map($toUInt32, $k); + + // + // Perform NH hash on the chunks, pairing words for multiplication + // which are 4 apart to accommodate vector-parallelism. + // + $y = new BigInteger(); + $y->setPrecision(64); + $i = 0; + while ($i < $t) { + $temp = $m[$i]->add($k[$i]); + $temp->setPrecision(64); + $temp = $temp->multiply($m[$i + 4]->add($k[$i + 4])); + $y = $y->add($temp); + + $temp = $m[$i + 1]->add($k[$i + 1]); + $temp->setPrecision(64); + $temp = $temp->multiply($m[$i + 5]->add($k[$i + 5])); + $y = $y->add($temp); + + $temp = $m[$i + 2]->add($k[$i + 2]); + $temp->setPrecision(64); + $temp = $temp->multiply($m[$i + 6]->add($k[$i + 6])); + $y = $y->add($temp); + + $temp = $m[$i + 3]->add($k[$i + 3]); + $temp->setPrecision(64); + $temp = $temp->multiply($m[$i + 7]->add($k[$i + 7])); + $y = $y->add($temp); + + $i += 8; + } + + return $y->add($length)->toBytes(); + } + + /** + * L2-HASH: Second-Layer Hash + * + * The second-layer rehashes the L1-HASH output using a polynomial hash + * called POLY. If the L1-HASH output is long, then POLY is called once + * on a prefix of the L1-HASH output and called using different settings + * on the remainder. (This two-step hashing of the L1-HASH output is + * needed only if the message length is greater than 16 megabytes.) + * Careful implementation of POLY is necessary to avoid a possible + * timing attack (see Section 6.6 for more information). + * + * @param string $k string of length 24 bytes. + * @param string $m string of length less than 2^64 bytes. + * @return string string of length 16 bytes. + */ + private static function L2Hash($k, $m) + { + // + // Extract keys and restrict to special key-sets + // + $k64 = $k & "\x01\xFF\xFF\xFF\x01\xFF\xFF\xFF"; + $k64 = new BigInteger($k64, 256); + $k128 = substr($k, 8) & "\x01\xFF\xFF\xFF\x01\xFF\xFF\xFF\x01\xFF\xFF\xFF\x01\xFF\xFF\xFF"; + $k128 = new BigInteger($k128, 256); + + // + // If M is no more than 2^17 bytes, hash under 64-bit prime, + // otherwise, hash first 2^17 bytes under 64-bit prime and + // remainder under 128-bit prime. + // + if (strlen($m) <= 0x20000) { // 2^14 64-bit words + $y = self::poly(64, self::$maxwordrange64, $k64, $m); + } else { + $m_1 = substr($m, 0, 0x20000); // 1 << 17 + $m_2 = substr($m, 0x20000) . "\x80"; + $length = strlen($m_2); + $pad = 16 - ($length % 16); + $pad %= 16; + $m_2 = str_pad($m_2, $length + $pad, "\0"); // zeropad + $y = self::poly(64, self::$maxwordrange64, $k64, $m_1); + $y = str_pad($y, 16, "\0", STR_PAD_LEFT); + $y = self::poly(128, self::$maxwordrange128, $k128, $y . $m_2); + } + + return str_pad($y, 16, "\0", STR_PAD_LEFT); + } + + /** + * POLY Algorithm + * + * @param int $wordbits the integer 64 or 128. + * @param BigInteger $maxwordrange positive integer less than 2^wordbits. + * @param BigInteger $k integer in the range 0 ... prime(wordbits) - 1. + * @param string $m string with length divisible by (wordbits / 8) bytes. + * @return integer in the range 0 ... prime(wordbits) - 1. + */ + private static function poly($wordbits, $maxwordrange, $k, $m) + { + // + // Define constants used for fixing out-of-range words + // + $wordbytes = $wordbits >> 3; + if ($wordbits == 128) { + $factory = self::$factory128; + $offset = self::$offset128; + $marker = self::$marker128; + } else { + $factory = self::$factory64; + $offset = self::$offset64; + $marker = self::$marker64; + } + + $k = $factory->newInteger($k); + + // + // Break M into chunks of length wordbytes bytes + // + $m_i = str_split($m, $wordbytes); + + // + // Each input word m is compared with maxwordrange. If not smaller + // then 'marker' and (m - offset), both in range, are hashed. + // + $y = $factory->newInteger(new BigInteger(1)); + foreach ($m_i as $m) { + $m = $factory->newInteger(new BigInteger($m, 256)); + if ($m->compare($maxwordrange) >= 0) { + $y = $k->multiply($y)->add($marker); + $y = $k->multiply($y)->add($m->subtract($offset)); + } else { + $y = $k->multiply($y)->add($m); + } + } + + return $y->toBytes(); + } + + /** + * L3-HASH: Third-Layer Hash + * + * The output from L2-HASH is 16 bytes long. This final hash function + * hashes the 16-byte string to a fixed length of 4 bytes. + * + * @param string $k1 string of length 64 bytes. + * @param string $k2 string of length 4 bytes. + * @param string $m string of length 16 bytes. + * @return string string of length 4 bytes. + */ + private static function L3Hash($k1, $k2, $m) + { + $factory = self::$factory36; + + $y = $factory->newInteger(new BigInteger()); + for ($i = 0; $i < 8; $i++) { + $m_i = $factory->newInteger(new BigInteger(substr($m, 2 * $i, 2), 256)); + $k_i = $factory->newInteger(new BigInteger(substr($k1, 8 * $i, 8), 256)); + $y = $y->add($m_i->multiply($k_i)); + } + $y = str_pad(substr($y->toBytes(), -4), 4, "\0", STR_PAD_LEFT); + $y = $y ^ $k2; + + return $y; + } + + /** + * Compute the Hash / HMAC / UMAC. + * + * @param string $text + * @return string + */ + public function hash($text) + { + $algo = $this->algo; + if ($algo == 'umac') { + if ($this->recomputeAESKey) { + if (!is_string($this->nonce)) { + throw new InsufficientSetupException('No nonce has been set'); + } + if (!is_string($this->key)) { + throw new InsufficientSetupException('No key has been set'); + } + if (strlen($this->key) != 16) { + throw new \LengthException('Key must be 16 bytes long'); + } + + if (!isset(self::$maxwordrange64)) { + $one = new BigInteger(1); + + $prime36 = new BigInteger("\x00\x00\x00\x0F\xFF\xFF\xFF\xFB", 256); + self::$factory36 = new PrimeField($prime36); + + $prime64 = new BigInteger("\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xC5", 256); + self::$factory64 = new PrimeField($prime64); + + $prime128 = new BigInteger("\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\x61", 256); + self::$factory128 = new PrimeField($prime128); + + self::$offset64 = new BigInteger("\1\0\0\0\0\0\0\0\0", 256); + self::$offset64 = self::$factory64->newInteger(self::$offset64->subtract($prime64)); + self::$offset128 = new BigInteger("\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", 256); + self::$offset128 = self::$factory128->newInteger(self::$offset128->subtract($prime128)); + + self::$marker64 = self::$factory64->newInteger($prime64->subtract($one)); + self::$marker128 = self::$factory128->newInteger($prime128->subtract($one)); + + $maxwordrange64 = $one->bitwise_leftShift(64)->subtract($one->bitwise_leftShift(32)); + self::$maxwordrange64 = self::$factory64->newInteger($maxwordrange64); + + $maxwordrange128 = $one->bitwise_leftShift(128)->subtract($one->bitwise_leftShift(96)); + self::$maxwordrange128 = self::$factory128->newInteger($maxwordrange128); + } + + $this->c = new AES('ctr'); + $this->c->disablePadding(); + $this->c->setKey($this->key); + + $this->pad = $this->pdf(); + + $this->recomputeAESKey = false; + } + + $hashedmessage = $this->uhash($text, $this->length); + return $hashedmessage ^ $this->pad; + } + + if (is_array($algo)) { + if (empty($this->key) || !is_string($this->key)) { + return substr($algo($text, ...array_values($this->parameters)), 0, $this->length); + } + + // SHA3 HMACs are discussed at https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf#page=30 + + $key = str_pad($this->computedKey, $b, chr(0)); + $temp = $this->ipad ^ $key; + $temp .= $text; + $temp = substr($algo($temp, ...array_values($this->parameters)), 0, $this->length); + $output = $this->opad ^ $key; + $output .= $temp; + $output = $algo($output, ...array_values($this->parameters)); + + return substr($output, 0, $this->length); + } + + $output = !empty($this->key) || is_string($this->key) ? + hash_hmac($algo, $text, $this->computedKey, true) : + hash($algo, $text, true); + + return strlen($output) > $this->length + ? substr($output, 0, $this->length) + : $output; + } + + /** + * Returns the hash length (in bits) + * + * @return int + */ + public function getLength() + { + return $this->length << 3; + } + + /** + * Returns the hash length (in bytes) + * + * @return int + */ + public function getLengthInBytes() + { + return $this->length; + } + + /** + * Returns the block length (in bits) + * + * @return int + */ + public function getBlockLength() + { + return $this->blockSize; + } + + /** + * Returns the block length (in bytes) + * + * @return int + */ + public function getBlockLengthInBytes() + { + return $this->blockSize >> 3; + } + + /** + * Pads SHA3 based on the mode + * + * @param int $padLength + * @param int $padType + * @return string + */ + private static function sha3_pad($padLength, $padType) + { + switch ($padType) { + case self::PADDING_KECCAK: + $temp = chr(0x01) . str_repeat("\0", $padLength - 1); + $temp[$padLength - 1] = $temp[$padLength - 1] | chr(0x80); + return $temp; + case self::PADDING_SHAKE: + $temp = chr(0x1F) . str_repeat("\0", $padLength - 1); + $temp[$padLength - 1] = $temp[$padLength - 1] | chr(0x80); + return $temp; + //case self::PADDING_SHA3: + default: + // from https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf#page=36 + return $padLength == 1 ? chr(0x86) : chr(0x06) . str_repeat("\0", $padLength - 2) . chr(0x80); + } + } + + /** + * Pure-PHP 32-bit implementation of SHA3 + * + * Whereas BigInteger.php's 32-bit engine works on PHP 64-bit this 32-bit implementation + * of SHA3 will *not* work on PHP 64-bit. This is because this implementation + * employees bitwise NOTs and bitwise left shifts. And the round constants only work + * on 32-bit PHP. eg. dechex(-2147483648) returns 80000000 on 32-bit PHP and + * FFFFFFFF80000000 on 64-bit PHP. Sure, we could do bitwise ANDs but that would slow + * things down. + * + * SHA512 requires BigInteger to simulate 64-bit unsigned integers because SHA2 employees + * addition whereas SHA3 just employees bitwise operators. PHP64 only supports signed + * 64-bit integers, which complicates addition, whereas that limitation isn't an issue + * for SHA3. + * + * In https://ws680.nist.gov/publication/get_pdf.cfm?pub_id=919061#page=16 KECCAK[C] is + * defined as "the KECCAK instance with KECCAK-f[1600] as the underlying permutation and + * capacity c". This is relevant because, altho the KECCAK standard defines a mode + * (KECCAK-f[800]) designed for 32-bit machines that mode is incompatible with SHA3 + * + * @param string $p + * @param int $c + * @param int $r + * @param int $d + * @param int $padType + */ + private static function sha3_32($p, $c, $r, $d, $padType) + { + $block_size = $r >> 3; + $padLength = $block_size - (strlen($p) % $block_size); + $num_ints = $block_size >> 2; + + $p .= static::sha3_pad($padLength, $padType); + + $n = strlen($p) / $r; // number of blocks + + $s = [ + [[0, 0], [0, 0], [0, 0], [0, 0], [0, 0]], + [[0, 0], [0, 0], [0, 0], [0, 0], [0, 0]], + [[0, 0], [0, 0], [0, 0], [0, 0], [0, 0]], + [[0, 0], [0, 0], [0, 0], [0, 0], [0, 0]], + [[0, 0], [0, 0], [0, 0], [0, 0], [0, 0]] + ]; + + $p = str_split($p, $block_size); + + foreach ($p as $pi) { + $pi = unpack('V*', $pi); + $x = $y = 0; + for ($i = 1; $i <= $num_ints; $i += 2) { + $s[$x][$y][0] ^= $pi[$i + 1]; + $s[$x][$y][1] ^= $pi[$i]; + if (++$y == 5) { + $y = 0; + $x++; + } + } + static::processSHA3Block32($s); + } + + $z = ''; + $i = $j = 0; + while (strlen($z) < $d) { + $z .= pack('V2', $s[$i][$j][1], $s[$i][$j++][0]); + if ($j == 5) { + $j = 0; + $i++; + if ($i == 5) { + $i = 0; + static::processSHA3Block32($s); + } + } + } + + return $z; + } + + /** + * 32-bit block processing method for SHA3 + * + * @param array $s + */ + private static function processSHA3Block32(&$s) + { + static $rotationOffsets = [ + [ 0, 1, 62, 28, 27], + [36, 44, 6, 55, 20], + [ 3, 10, 43, 25, 39], + [41, 45, 15, 21, 8], + [18, 2, 61, 56, 14] + ]; + + // the standards give these constants in hexadecimal notation. it's tempting to want to use + // that same notation, here, however, we can't, because 0x80000000, on PHP32, is a positive + // float - not the negative int that we need to be in PHP32. so we use -2147483648 instead + static $roundConstants = [ + [0, 1], + [0, 32898], + [-2147483648, 32906], + [-2147483648, -2147450880], + [0, 32907], + [0, -2147483647], + [-2147483648, -2147450751], + [-2147483648, 32777], + [0, 138], + [0, 136], + [0, -2147450871], + [0, -2147483638], + [0, -2147450741], + [-2147483648, 139], + [-2147483648, 32905], + [-2147483648, 32771], + [-2147483648, 32770], + [-2147483648, 128], + [0, 32778], + [-2147483648, -2147483638], + [-2147483648, -2147450751], + [-2147483648, 32896], + [0, -2147483647], + [-2147483648, -2147450872] + ]; + + for ($round = 0; $round < 24; $round++) { + // theta step + $parity = $rotated = []; + for ($i = 0; $i < 5; $i++) { + $parity[] = [ + $s[0][$i][0] ^ $s[1][$i][0] ^ $s[2][$i][0] ^ $s[3][$i][0] ^ $s[4][$i][0], + $s[0][$i][1] ^ $s[1][$i][1] ^ $s[2][$i][1] ^ $s[3][$i][1] ^ $s[4][$i][1] + ]; + $rotated[] = static::rotateLeft32($parity[$i], 1); + } + + $temp = [ + [$parity[4][0] ^ $rotated[1][0], $parity[4][1] ^ $rotated[1][1]], + [$parity[0][0] ^ $rotated[2][0], $parity[0][1] ^ $rotated[2][1]], + [$parity[1][0] ^ $rotated[3][0], $parity[1][1] ^ $rotated[3][1]], + [$parity[2][0] ^ $rotated[4][0], $parity[2][1] ^ $rotated[4][1]], + [$parity[3][0] ^ $rotated[0][0], $parity[3][1] ^ $rotated[0][1]] + ]; + for ($i = 0; $i < 5; $i++) { + for ($j = 0; $j < 5; $j++) { + $s[$i][$j][0] ^= $temp[$j][0]; + $s[$i][$j][1] ^= $temp[$j][1]; + } + } + + $st = $s; + + // rho and pi steps + for ($i = 0; $i < 5; $i++) { + for ($j = 0; $j < 5; $j++) { + $st[(2 * $i + 3 * $j) % 5][$j] = static::rotateLeft32($s[$j][$i], $rotationOffsets[$j][$i]); + } + } + + // chi step + for ($i = 0; $i < 5; $i++) { + $s[$i][0] = [ + $st[$i][0][0] ^ (~$st[$i][1][0] & $st[$i][2][0]), + $st[$i][0][1] ^ (~$st[$i][1][1] & $st[$i][2][1]) + ]; + $s[$i][1] = [ + $st[$i][1][0] ^ (~$st[$i][2][0] & $st[$i][3][0]), + $st[$i][1][1] ^ (~$st[$i][2][1] & $st[$i][3][1]) + ]; + $s[$i][2] = [ + $st[$i][2][0] ^ (~$st[$i][3][0] & $st[$i][4][0]), + $st[$i][2][1] ^ (~$st[$i][3][1] & $st[$i][4][1]) + ]; + $s[$i][3] = [ + $st[$i][3][0] ^ (~$st[$i][4][0] & $st[$i][0][0]), + $st[$i][3][1] ^ (~$st[$i][4][1] & $st[$i][0][1]) + ]; + $s[$i][4] = [ + $st[$i][4][0] ^ (~$st[$i][0][0] & $st[$i][1][0]), + $st[$i][4][1] ^ (~$st[$i][0][1] & $st[$i][1][1]) + ]; + } + + // iota step + $s[0][0][0] ^= $roundConstants[$round][0]; + $s[0][0][1] ^= $roundConstants[$round][1]; + } + } + + /** + * Rotate 32-bit int + * + * @param array $x + * @param int $shift + */ + private static function rotateLeft32($x, $shift) + { + if ($shift < 32) { + list($hi, $lo) = $x; + } else { + $shift -= 32; + list($lo, $hi) = $x; + } + + return [ + ($hi << $shift) | (($lo >> (32 - $shift)) & (1 << $shift) - 1), + ($lo << $shift) | (($hi >> (32 - $shift)) & (1 << $shift) - 1) + ]; + } + + /** + * Pure-PHP 64-bit implementation of SHA3 + * + * @param string $p + * @param int $c + * @param int $r + * @param int $d + * @param int $padType + */ + private static function sha3_64($p, $c, $r, $d, $padType) + { + $block_size = $r >> 3; + $padLength = $block_size - (strlen($p) % $block_size); + $num_ints = $block_size >> 2; + + $p .= static::sha3_pad($padLength, $padType); + + $n = strlen($p) / $r; // number of blocks + + $s = [ + [0, 0, 0, 0, 0], + [0, 0, 0, 0, 0], + [0, 0, 0, 0, 0], + [0, 0, 0, 0, 0], + [0, 0, 0, 0, 0] + ]; + + $p = str_split($p, $block_size); + + foreach ($p as $pi) { + $pi = unpack('P*', $pi); + $x = $y = 0; + foreach ($pi as $subpi) { + $s[$x][$y++] ^= $subpi; + if ($y == 5) { + $y = 0; + $x++; + } + } + static::processSHA3Block64($s); + } + + $z = ''; + $i = $j = 0; + while (strlen($z) < $d) { + $z .= pack('P', $s[$i][$j++]); + if ($j == 5) { + $j = 0; + $i++; + if ($i == 5) { + $i = 0; + static::processSHA3Block64($s); + } + } + } + + return $z; + } + + /** + * 64-bit block processing method for SHA3 + * + * @param array $s + */ + private static function processSHA3Block64(&$s) + { + static $rotationOffsets = [ + [ 0, 1, 62, 28, 27], + [36, 44, 6, 55, 20], + [ 3, 10, 43, 25, 39], + [41, 45, 15, 21, 8], + [18, 2, 61, 56, 14] + ]; + + static $roundConstants = [ + 1, + 32898, + -9223372036854742902, + -9223372034707259392, + 32907, + 2147483649, + -9223372034707259263, + -9223372036854743031, + 138, + 136, + 2147516425, + 2147483658, + 2147516555, + -9223372036854775669, + -9223372036854742903, + -9223372036854743037, + -9223372036854743038, + -9223372036854775680, + 32778, + -9223372034707292150, + -9223372034707259263, + -9223372036854742912, + 2147483649, + -9223372034707259384 + ]; + + for ($round = 0; $round < 24; $round++) { + // theta step + $parity = []; + for ($i = 0; $i < 5; $i++) { + $parity[] = $s[0][$i] ^ $s[1][$i] ^ $s[2][$i] ^ $s[3][$i] ^ $s[4][$i]; + } + $temp = [ + $parity[4] ^ static::rotateLeft64($parity[1], 1), + $parity[0] ^ static::rotateLeft64($parity[2], 1), + $parity[1] ^ static::rotateLeft64($parity[3], 1), + $parity[2] ^ static::rotateLeft64($parity[4], 1), + $parity[3] ^ static::rotateLeft64($parity[0], 1) + ]; + for ($i = 0; $i < 5; $i++) { + for ($j = 0; $j < 5; $j++) { + $s[$i][$j] ^= $temp[$j]; + } + } + + $st = $s; + + // rho and pi steps + for ($i = 0; $i < 5; $i++) { + for ($j = 0; $j < 5; $j++) { + $st[(2 * $i + 3 * $j) % 5][$j] = static::rotateLeft64($s[$j][$i], $rotationOffsets[$j][$i]); + } + } + + // chi step + for ($i = 0; $i < 5; $i++) { + $s[$i] = [ + $st[$i][0] ^ (~$st[$i][1] & $st[$i][2]), + $st[$i][1] ^ (~$st[$i][2] & $st[$i][3]), + $st[$i][2] ^ (~$st[$i][3] & $st[$i][4]), + $st[$i][3] ^ (~$st[$i][4] & $st[$i][0]), + $st[$i][4] ^ (~$st[$i][0] & $st[$i][1]) + ]; + } + + // iota step + $s[0][0] ^= $roundConstants[$round]; + } + } + + /** + * Rotate 64-bit int + * + * @param int $x + * @param int $shift + */ + private static function rotateLeft64($x, $shift) + { + return ($x << $shift) | (($x >> (64 - $shift)) & ((1 << $shift) - 1)); + } + + /** + * Pure-PHP implementation of SHA512 + * + * @param string $m + * @param array $hash + * @return string + */ + private static function sha512($m, $hash) + { + static $k; + + if (!isset($k)) { + // Initialize table of round constants + // (first 64 bits of the fractional parts of the cube roots of the first 80 primes 2..409) + $k = [ + '428a2f98d728ae22', '7137449123ef65cd', 'b5c0fbcfec4d3b2f', 'e9b5dba58189dbbc', + '3956c25bf348b538', '59f111f1b605d019', '923f82a4af194f9b', 'ab1c5ed5da6d8118', + 'd807aa98a3030242', '12835b0145706fbe', '243185be4ee4b28c', '550c7dc3d5ffb4e2', + '72be5d74f27b896f', '80deb1fe3b1696b1', '9bdc06a725c71235', 'c19bf174cf692694', + 'e49b69c19ef14ad2', 'efbe4786384f25e3', '0fc19dc68b8cd5b5', '240ca1cc77ac9c65', + '2de92c6f592b0275', '4a7484aa6ea6e483', '5cb0a9dcbd41fbd4', '76f988da831153b5', + '983e5152ee66dfab', 'a831c66d2db43210', 'b00327c898fb213f', 'bf597fc7beef0ee4', + 'c6e00bf33da88fc2', 'd5a79147930aa725', '06ca6351e003826f', '142929670a0e6e70', + '27b70a8546d22ffc', '2e1b21385c26c926', '4d2c6dfc5ac42aed', '53380d139d95b3df', + '650a73548baf63de', '766a0abb3c77b2a8', '81c2c92e47edaee6', '92722c851482353b', + 'a2bfe8a14cf10364', 'a81a664bbc423001', 'c24b8b70d0f89791', 'c76c51a30654be30', + 'd192e819d6ef5218', 'd69906245565a910', 'f40e35855771202a', '106aa07032bbd1b8', + '19a4c116b8d2d0c8', '1e376c085141ab53', '2748774cdf8eeb99', '34b0bcb5e19b48a8', + '391c0cb3c5c95a63', '4ed8aa4ae3418acb', '5b9cca4f7763e373', '682e6ff3d6b2b8a3', + '748f82ee5defb2fc', '78a5636f43172f60', '84c87814a1f0ab72', '8cc702081a6439ec', + '90befffa23631e28', 'a4506cebde82bde9', 'bef9a3f7b2c67915', 'c67178f2e372532b', + 'ca273eceea26619c', 'd186b8c721c0c207', 'eada7dd6cde0eb1e', 'f57d4f7fee6ed178', + '06f067aa72176fba', '0a637dc5a2c898a6', '113f9804bef90dae', '1b710b35131c471b', + '28db77f523047d84', '32caab7b40c72493', '3c9ebe0a15c9bebc', '431d67c49c100d4c', + '4cc5d4becb3e42b6', '597f299cfc657e2a', '5fcb6fab3ad6faec', '6c44198c4a475817' + ]; + + for ($i = 0; $i < 80; $i++) { + $k[$i] = new BigInteger($k[$i], 16); + } + } + + // Pre-processing + $length = strlen($m); + // to round to nearest 112 mod 128, we'll add 128 - (length + (128 - 112)) % 128 + $m .= str_repeat(chr(0), 128 - (($length + 16) & 0x7F)); + $m[$length] = chr(0x80); + // we don't support hashing strings 512MB long + $m .= pack('N4', 0, 0, 0, $length << 3); + + // Process the message in successive 1024-bit chunks + $chunks = str_split($m, 128); + foreach ($chunks as $chunk) { + $w = []; + for ($i = 0; $i < 16; $i++) { + $temp = new BigInteger(Strings::shift($chunk, 8), 256); + $temp->setPrecision(64); + $w[] = $temp; + } + + // Extend the sixteen 32-bit words into eighty 32-bit words + for ($i = 16; $i < 80; $i++) { + $temp = [ + $w[$i - 15]->bitwise_rightRotate(1), + $w[$i - 15]->bitwise_rightRotate(8), + $w[$i - 15]->bitwise_rightShift(7) + ]; + $s0 = $temp[0]->bitwise_xor($temp[1]); + $s0 = $s0->bitwise_xor($temp[2]); + $temp = [ + $w[$i - 2]->bitwise_rightRotate(19), + $w[$i - 2]->bitwise_rightRotate(61), + $w[$i - 2]->bitwise_rightShift(6) + ]; + $s1 = $temp[0]->bitwise_xor($temp[1]); + $s1 = $s1->bitwise_xor($temp[2]); + $w[$i] = clone $w[$i - 16]; + $w[$i] = $w[$i]->add($s0); + $w[$i] = $w[$i]->add($w[$i - 7]); + $w[$i] = $w[$i]->add($s1); + } + + // Initialize hash value for this chunk + $a = clone $hash[0]; + $b = clone $hash[1]; + $c = clone $hash[2]; + $d = clone $hash[3]; + $e = clone $hash[4]; + $f = clone $hash[5]; + $g = clone $hash[6]; + $h = clone $hash[7]; + + // Main loop + for ($i = 0; $i < 80; $i++) { + $temp = [ + $a->bitwise_rightRotate(28), + $a->bitwise_rightRotate(34), + $a->bitwise_rightRotate(39) + ]; + $s0 = $temp[0]->bitwise_xor($temp[1]); + $s0 = $s0->bitwise_xor($temp[2]); + $temp = [ + $a->bitwise_and($b), + $a->bitwise_and($c), + $b->bitwise_and($c) + ]; + $maj = $temp[0]->bitwise_xor($temp[1]); + $maj = $maj->bitwise_xor($temp[2]); + $t2 = $s0->add($maj); + + $temp = [ + $e->bitwise_rightRotate(14), + $e->bitwise_rightRotate(18), + $e->bitwise_rightRotate(41) + ]; + $s1 = $temp[0]->bitwise_xor($temp[1]); + $s1 = $s1->bitwise_xor($temp[2]); + $temp = [ + $e->bitwise_and($f), + $g->bitwise_and($e->bitwise_not()) + ]; + $ch = $temp[0]->bitwise_xor($temp[1]); + $t1 = $h->add($s1); + $t1 = $t1->add($ch); + $t1 = $t1->add($k[$i]); + $t1 = $t1->add($w[$i]); + + $h = clone $g; + $g = clone $f; + $f = clone $e; + $e = $d->add($t1); + $d = clone $c; + $c = clone $b; + $b = clone $a; + $a = $t1->add($t2); + } + + // Add this chunk's hash to result so far + $hash = [ + $hash[0]->add($a), + $hash[1]->add($b), + $hash[2]->add($c), + $hash[3]->add($d), + $hash[4]->add($e), + $hash[5]->add($f), + $hash[6]->add($g), + $hash[7]->add($h) + ]; + } + + // Produce the final hash value (big-endian) + // (\phpseclib3\Crypt\Hash::hash() trims the output for hashes but not for HMACs. as such, we trim the output here) + $temp = $hash[0]->toBytes() . $hash[1]->toBytes() . $hash[2]->toBytes() . $hash[3]->toBytes() . + $hash[4]->toBytes() . $hash[5]->toBytes() . $hash[6]->toBytes() . $hash[7]->toBytes(); + + return $temp; + } + + /** + * __toString() magic method + */ + public function __toString() + { + return $this->getHash(); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/PublicKeyLoader.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/PublicKeyLoader.php new file mode 100644 index 0000000..61afbae --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/PublicKeyLoader.php @@ -0,0 +1,111 @@ + + * @copyright 2009 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt; + +use phpseclib3\Crypt\Common\AsymmetricKey; +use phpseclib3\Crypt\Common\PrivateKey; +use phpseclib3\Crypt\Common\PublicKey; +use phpseclib3\Exception\NoKeyLoadedException; +use phpseclib3\File\X509; + +/** + * PublicKeyLoader + * + * @author Jim Wigginton + */ +abstract class PublicKeyLoader +{ + /** + * Loads a public or private key + * + * @return AsymmetricKey + * @param string|array $key + * @param string $password optional + */ + public static function load($key, $password = false) + { + try { + return EC::load($key, $password); + } catch (NoKeyLoadedException $e) { + } + + try { + return RSA::load($key, $password); + } catch (NoKeyLoadedException $e) { + } + + try { + return DSA::load($key, $password); + } catch (NoKeyLoadedException $e) { + } + + try { + $x509 = new X509(); + $x509->loadX509($key); + $key = $x509->getPublicKey(); + if ($key) { + return $key; + } + } catch (\Exception $e) { + } + + throw new NoKeyLoadedException('Unable to read key'); + } + + /** + * Loads a private key + * + * @return PrivateKey + * @param string|array $key + * @param string $password optional + */ + public static function loadPrivateKey($key, $password = false) + { + $key = self::load($key, $password); + if (!$key instanceof PrivateKey) { + throw new NoKeyLoadedException('The key that was loaded was not a private key'); + } + return $key; + } + + /** + * Loads a public key + * + * @return PublicKey + * @param string|array $key + */ + public static function loadPublicKey($key) + { + $key = self::load($key); + if (!$key instanceof PublicKey) { + throw new NoKeyLoadedException('The key that was loaded was not a public key'); + } + return $key; + } + + /** + * Loads parameters + * + * @return AsymmetricKey + * @param string|array $key + */ + public static function loadParameters($key) + { + $key = self::load($key); + if (!$key instanceof PrivateKey && !$key instanceof PublicKey) { + throw new NoKeyLoadedException('The key that was loaded was not a parameter'); + } + return $key; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RC2.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RC2.php new file mode 100644 index 0000000..654c906 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RC2.php @@ -0,0 +1,640 @@ + + * setKey('abcdefgh'); + * + * $plaintext = str_repeat('a', 1024); + * + * echo $rc2->decrypt($rc2->encrypt($plaintext)); + * ?> + * + * + * @author Patrick Monnerat + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt; + +use phpseclib3\Crypt\Common\BlockCipher; +use phpseclib3\Exception\BadModeException; + +/** + * Pure-PHP implementation of RC2. + * + */ +class RC2 extends BlockCipher +{ + /** + * Block Length of the cipher + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::block_size + * @var int + */ + protected $block_size = 8; + + /** + * The Key + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::key + * @see self::setKey() + * @var string + */ + protected $key; + + /** + * The Original (unpadded) Key + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::key + * @see self::setKey() + * @see self::encrypt() + * @see self::decrypt() + * @var string + */ + private $orig_key; + + /** + * Key Length (in bytes) + * + * @see \phpseclib3\Crypt\RC2::setKeyLength() + * @var int + */ + protected $key_length = 16; // = 128 bits + + /** + * The mcrypt specific name of the cipher + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::cipher_name_mcrypt + * @var string + */ + protected $cipher_name_mcrypt = 'rc2'; + + /** + * Optimizing value while CFB-encrypting + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::cfb_init_len + * @var int + */ + protected $cfb_init_len = 500; + + /** + * The key length in bits. + * + * {@internal Should be in range [1..1024].} + * + * {@internal Changing this value after setting the key has no effect.} + * + * @see self::setKeyLength() + * @see self::setKey() + * @var int + */ + private $default_key_length = 1024; + + /** + * The key length in bits. + * + * {@internal Should be in range [1..1024].} + * + * @see self::isValidEnine() + * @see self::setKey() + * @var int + */ + private $current_key_length; + + /** + * The Key Schedule + * + * @see self::setupKey() + * @var array + */ + private $keys; + + /** + * Key expansion randomization table. + * Twice the same 256-value sequence to save a modulus in key expansion. + * + * @see self::setKey() + * @var array + */ + private static $pitable = [ + 0xD9, 0x78, 0xF9, 0xC4, 0x19, 0xDD, 0xB5, 0xED, + 0x28, 0xE9, 0xFD, 0x79, 0x4A, 0xA0, 0xD8, 0x9D, + 0xC6, 0x7E, 0x37, 0x83, 0x2B, 0x76, 0x53, 0x8E, + 0x62, 0x4C, 0x64, 0x88, 0x44, 0x8B, 0xFB, 0xA2, + 0x17, 0x9A, 0x59, 0xF5, 0x87, 0xB3, 0x4F, 0x13, + 0x61, 0x45, 0x6D, 0x8D, 0x09, 0x81, 0x7D, 0x32, + 0xBD, 0x8F, 0x40, 0xEB, 0x86, 0xB7, 0x7B, 0x0B, + 0xF0, 0x95, 0x21, 0x22, 0x5C, 0x6B, 0x4E, 0x82, + 0x54, 0xD6, 0x65, 0x93, 0xCE, 0x60, 0xB2, 0x1C, + 0x73, 0x56, 0xC0, 0x14, 0xA7, 0x8C, 0xF1, 0xDC, + 0x12, 0x75, 0xCA, 0x1F, 0x3B, 0xBE, 0xE4, 0xD1, + 0x42, 0x3D, 0xD4, 0x30, 0xA3, 0x3C, 0xB6, 0x26, + 0x6F, 0xBF, 0x0E, 0xDA, 0x46, 0x69, 0x07, 0x57, + 0x27, 0xF2, 0x1D, 0x9B, 0xBC, 0x94, 0x43, 0x03, + 0xF8, 0x11, 0xC7, 0xF6, 0x90, 0xEF, 0x3E, 0xE7, + 0x06, 0xC3, 0xD5, 0x2F, 0xC8, 0x66, 0x1E, 0xD7, + 0x08, 0xE8, 0xEA, 0xDE, 0x80, 0x52, 0xEE, 0xF7, + 0x84, 0xAA, 0x72, 0xAC, 0x35, 0x4D, 0x6A, 0x2A, + 0x96, 0x1A, 0xD2, 0x71, 0x5A, 0x15, 0x49, 0x74, + 0x4B, 0x9F, 0xD0, 0x5E, 0x04, 0x18, 0xA4, 0xEC, + 0xC2, 0xE0, 0x41, 0x6E, 0x0F, 0x51, 0xCB, 0xCC, + 0x24, 0x91, 0xAF, 0x50, 0xA1, 0xF4, 0x70, 0x39, + 0x99, 0x7C, 0x3A, 0x85, 0x23, 0xB8, 0xB4, 0x7A, + 0xFC, 0x02, 0x36, 0x5B, 0x25, 0x55, 0x97, 0x31, + 0x2D, 0x5D, 0xFA, 0x98, 0xE3, 0x8A, 0x92, 0xAE, + 0x05, 0xDF, 0x29, 0x10, 0x67, 0x6C, 0xBA, 0xC9, + 0xD3, 0x00, 0xE6, 0xCF, 0xE1, 0x9E, 0xA8, 0x2C, + 0x63, 0x16, 0x01, 0x3F, 0x58, 0xE2, 0x89, 0xA9, + 0x0D, 0x38, 0x34, 0x1B, 0xAB, 0x33, 0xFF, 0xB0, + 0xBB, 0x48, 0x0C, 0x5F, 0xB9, 0xB1, 0xCD, 0x2E, + 0xC5, 0xF3, 0xDB, 0x47, 0xE5, 0xA5, 0x9C, 0x77, + 0x0A, 0xA6, 0x20, 0x68, 0xFE, 0x7F, 0xC1, 0xAD, + 0xD9, 0x78, 0xF9, 0xC4, 0x19, 0xDD, 0xB5, 0xED, + 0x28, 0xE9, 0xFD, 0x79, 0x4A, 0xA0, 0xD8, 0x9D, + 0xC6, 0x7E, 0x37, 0x83, 0x2B, 0x76, 0x53, 0x8E, + 0x62, 0x4C, 0x64, 0x88, 0x44, 0x8B, 0xFB, 0xA2, + 0x17, 0x9A, 0x59, 0xF5, 0x87, 0xB3, 0x4F, 0x13, + 0x61, 0x45, 0x6D, 0x8D, 0x09, 0x81, 0x7D, 0x32, + 0xBD, 0x8F, 0x40, 0xEB, 0x86, 0xB7, 0x7B, 0x0B, + 0xF0, 0x95, 0x21, 0x22, 0x5C, 0x6B, 0x4E, 0x82, + 0x54, 0xD6, 0x65, 0x93, 0xCE, 0x60, 0xB2, 0x1C, + 0x73, 0x56, 0xC0, 0x14, 0xA7, 0x8C, 0xF1, 0xDC, + 0x12, 0x75, 0xCA, 0x1F, 0x3B, 0xBE, 0xE4, 0xD1, + 0x42, 0x3D, 0xD4, 0x30, 0xA3, 0x3C, 0xB6, 0x26, + 0x6F, 0xBF, 0x0E, 0xDA, 0x46, 0x69, 0x07, 0x57, + 0x27, 0xF2, 0x1D, 0x9B, 0xBC, 0x94, 0x43, 0x03, + 0xF8, 0x11, 0xC7, 0xF6, 0x90, 0xEF, 0x3E, 0xE7, + 0x06, 0xC3, 0xD5, 0x2F, 0xC8, 0x66, 0x1E, 0xD7, + 0x08, 0xE8, 0xEA, 0xDE, 0x80, 0x52, 0xEE, 0xF7, + 0x84, 0xAA, 0x72, 0xAC, 0x35, 0x4D, 0x6A, 0x2A, + 0x96, 0x1A, 0xD2, 0x71, 0x5A, 0x15, 0x49, 0x74, + 0x4B, 0x9F, 0xD0, 0x5E, 0x04, 0x18, 0xA4, 0xEC, + 0xC2, 0xE0, 0x41, 0x6E, 0x0F, 0x51, 0xCB, 0xCC, + 0x24, 0x91, 0xAF, 0x50, 0xA1, 0xF4, 0x70, 0x39, + 0x99, 0x7C, 0x3A, 0x85, 0x23, 0xB8, 0xB4, 0x7A, + 0xFC, 0x02, 0x36, 0x5B, 0x25, 0x55, 0x97, 0x31, + 0x2D, 0x5D, 0xFA, 0x98, 0xE3, 0x8A, 0x92, 0xAE, + 0x05, 0xDF, 0x29, 0x10, 0x67, 0x6C, 0xBA, 0xC9, + 0xD3, 0x00, 0xE6, 0xCF, 0xE1, 0x9E, 0xA8, 0x2C, + 0x63, 0x16, 0x01, 0x3F, 0x58, 0xE2, 0x89, 0xA9, + 0x0D, 0x38, 0x34, 0x1B, 0xAB, 0x33, 0xFF, 0xB0, + 0xBB, 0x48, 0x0C, 0x5F, 0xB9, 0xB1, 0xCD, 0x2E, + 0xC5, 0xF3, 0xDB, 0x47, 0xE5, 0xA5, 0x9C, 0x77, + 0x0A, 0xA6, 0x20, 0x68, 0xFE, 0x7F, 0xC1, 0xAD + ]; + + /** + * Inverse key expansion randomization table. + * + * @see self::setKey() + * @var array + */ + private static $invpitable = [ + 0xD1, 0xDA, 0xB9, 0x6F, 0x9C, 0xC8, 0x78, 0x66, + 0x80, 0x2C, 0xF8, 0x37, 0xEA, 0xE0, 0x62, 0xA4, + 0xCB, 0x71, 0x50, 0x27, 0x4B, 0x95, 0xD9, 0x20, + 0x9D, 0x04, 0x91, 0xE3, 0x47, 0x6A, 0x7E, 0x53, + 0xFA, 0x3A, 0x3B, 0xB4, 0xA8, 0xBC, 0x5F, 0x68, + 0x08, 0xCA, 0x8F, 0x14, 0xD7, 0xC0, 0xEF, 0x7B, + 0x5B, 0xBF, 0x2F, 0xE5, 0xE2, 0x8C, 0xBA, 0x12, + 0xE1, 0xAF, 0xB2, 0x54, 0x5D, 0x59, 0x76, 0xDB, + 0x32, 0xA2, 0x58, 0x6E, 0x1C, 0x29, 0x64, 0xF3, + 0xE9, 0x96, 0x0C, 0x98, 0x19, 0x8D, 0x3E, 0x26, + 0xAB, 0xA5, 0x85, 0x16, 0x40, 0xBD, 0x49, 0x67, + 0xDC, 0x22, 0x94, 0xBB, 0x3C, 0xC1, 0x9B, 0xEB, + 0x45, 0x28, 0x18, 0xD8, 0x1A, 0x42, 0x7D, 0xCC, + 0xFB, 0x65, 0x8E, 0x3D, 0xCD, 0x2A, 0xA3, 0x60, + 0xAE, 0x93, 0x8A, 0x48, 0x97, 0x51, 0x15, 0xF7, + 0x01, 0x0B, 0xB7, 0x36, 0xB1, 0x2E, 0x11, 0xFD, + 0x84, 0x2D, 0x3F, 0x13, 0x88, 0xB3, 0x34, 0x24, + 0x1B, 0xDE, 0xC5, 0x1D, 0x4D, 0x2B, 0x17, 0x31, + 0x74, 0xA9, 0xC6, 0x43, 0x6D, 0x39, 0x90, 0xBE, + 0xC3, 0xB0, 0x21, 0x6B, 0xF6, 0x0F, 0xD5, 0x99, + 0x0D, 0xAC, 0x1F, 0x5C, 0x9E, 0xF5, 0xF9, 0x4C, + 0xD6, 0xDF, 0x89, 0xE4, 0x8B, 0xFF, 0xC7, 0xAA, + 0xE7, 0xED, 0x46, 0x25, 0xB6, 0x06, 0x5E, 0x35, + 0xB5, 0xEC, 0xCE, 0xE8, 0x6C, 0x30, 0x55, 0x61, + 0x4A, 0xFE, 0xA0, 0x79, 0x03, 0xF0, 0x10, 0x72, + 0x7C, 0xCF, 0x52, 0xA6, 0xA7, 0xEE, 0x44, 0xD3, + 0x9A, 0x57, 0x92, 0xD0, 0x5A, 0x7A, 0x41, 0x7F, + 0x0E, 0x00, 0x63, 0xF2, 0x4F, 0x05, 0x83, 0xC9, + 0xA1, 0xD4, 0xDD, 0xC4, 0x56, 0xF4, 0xD2, 0x77, + 0x81, 0x09, 0x82, 0x33, 0x9F, 0x07, 0x86, 0x75, + 0x38, 0x4E, 0x69, 0xF1, 0xAD, 0x23, 0x73, 0x87, + 0x70, 0x02, 0xC2, 0x1E, 0xB8, 0x0A, 0xFC, 0xE6 + ]; + + /** + * Default Constructor. + * + * @param string $mode + * @throws \InvalidArgumentException if an invalid / unsupported mode is provided + */ + public function __construct($mode) + { + parent::__construct($mode); + + if ($this->mode == self::MODE_STREAM) { + throw new BadModeException('Block ciphers cannot be ran in stream mode'); + } + } + + /** + * Test for engine validity + * + * This is mainly just a wrapper to set things up for \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine() + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() + * @param int $engine + * @return bool + */ + protected function isValidEngineHelper($engine) + { + switch ($engine) { + case self::ENGINE_OPENSSL: + if ($this->current_key_length != 128 || strlen($this->orig_key) < 16) { + return false; + } + // quoting https://www.openssl.org/news/openssl-3.0-notes.html, OpenSSL 3.0.1 + // "Moved all variations of the EVP ciphers CAST5, BF, IDEA, SEED, RC2, RC4, RC5, and DES to the legacy provider" + // in theory openssl_get_cipher_methods() should catch this but, on GitHub Actions, at least, it does not + if (defined('OPENSSL_VERSION_TEXT') && version_compare(preg_replace('#OpenSSL (\d+\.\d+\.\d+) .*#', '$1', OPENSSL_VERSION_TEXT), '3.0.1', '>=')) { + return false; + } + $this->cipher_name_openssl_ecb = 'rc2-ecb'; + $this->cipher_name_openssl = 'rc2-' . $this->openssl_translate_mode(); + } + + return parent::isValidEngineHelper($engine); + } + + /** + * Sets the key length. + * + * Valid key lengths are 8 to 1024. + * Calling this function after setting the key has no effect until the next + * \phpseclib3\Crypt\RC2::setKey() call. + * + * @param int $length in bits + * @throws \LengthException if the key length isn't supported + */ + public function setKeyLength($length) + { + if ($length < 8 || $length > 1024) { + throw new \LengthException('Key size of ' . $length . ' bits is not supported by this algorithm. Only keys between 1 and 1024 bits, inclusive, are supported'); + } + + $this->default_key_length = $this->current_key_length = $length; + $this->explicit_key_length = $length >> 3; + } + + /** + * Returns the current key length + * + * @return int + */ + public function getKeyLength() + { + return $this->current_key_length; + } + + /** + * Sets the key. + * + * Keys can be of any length. RC2, itself, uses 8 to 1024 bit keys (eg. + * strlen($key) <= 128), however, we only use the first 128 bytes if $key + * has more then 128 bytes in it, and set $key to a single null byte if + * it is empty. + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::setKey() + * @param string $key + * @param int|boolean $t1 optional Effective key length in bits. + * @throws \LengthException if the key length isn't supported + */ + public function setKey($key, $t1 = false) + { + $this->orig_key = $key; + + if ($t1 === false) { + $t1 = $this->default_key_length; + } + + if ($t1 < 1 || $t1 > 1024) { + throw new \LengthException('Key size of ' . $length . ' bits is not supported by this algorithm. Only keys between 1 and 1024 bits, inclusive, are supported'); + } + + $this->current_key_length = $t1; + if (strlen($key) < 1 || strlen($key) > 128) { + throw new \LengthException('Key of size ' . strlen($key) . ' not supported by this algorithm. Only keys of sizes between 8 and 1024 bits, inclusive, are supported'); + } + + $t = strlen($key); + + // The mcrypt RC2 implementation only supports effective key length + // of 1024 bits. It is however possible to handle effective key + // lengths in range 1..1024 by expanding the key and applying + // inverse pitable mapping to the first byte before submitting it + // to mcrypt. + + // Key expansion. + $l = array_values(unpack('C*', $key)); + $t8 = ($t1 + 7) >> 3; + $tm = 0xFF >> (8 * $t8 - $t1); + + // Expand key. + $pitable = self::$pitable; + for ($i = $t; $i < 128; $i++) { + $l[$i] = $pitable[$l[$i - 1] + $l[$i - $t]]; + } + $i = 128 - $t8; + $l[$i] = $pitable[$l[$i] & $tm]; + while ($i--) { + $l[$i] = $pitable[$l[$i + 1] ^ $l[$i + $t8]]; + } + + // Prepare the key for mcrypt. + $l[0] = self::$invpitable[$l[0]]; + array_unshift($l, 'C*'); + + $this->key = pack(...$l); + $this->key_length = strlen($this->key); + $this->changed = $this->nonIVChanged = true; + $this->setEngine(); + } + + /** + * Encrypts a message. + * + * Mostly a wrapper for \phpseclib3\Crypt\Common\SymmetricKey::encrypt, with some additional OpenSSL handling code + * + * @see self::decrypt() + * @param string $plaintext + * @return string $ciphertext + */ + public function encrypt($plaintext) + { + if ($this->engine == self::ENGINE_OPENSSL) { + $temp = $this->key; + $this->key = $this->orig_key; + $result = parent::encrypt($plaintext); + $this->key = $temp; + return $result; + } + + return parent::encrypt($plaintext); + } + + /** + * Decrypts a message. + * + * Mostly a wrapper for \phpseclib3\Crypt\Common\SymmetricKey::decrypt, with some additional OpenSSL handling code + * + * @see self::encrypt() + * @param string $ciphertext + * @return string $plaintext + */ + public function decrypt($ciphertext) + { + if ($this->engine == self::ENGINE_OPENSSL) { + $temp = $this->key; + $this->key = $this->orig_key; + $result = parent::decrypt($ciphertext); + $this->key = $temp; + return $result; + } + + return parent::decrypt($ciphertext); + } + + /** + * Encrypts a block + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::encryptBlock() + * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() + * @param string $in + * @return string + */ + protected function encryptBlock($in) + { + list($r0, $r1, $r2, $r3) = array_values(unpack('v*', $in)); + $keys = $this->keys; + $limit = 20; + $actions = [$limit => 44, 44 => 64]; + $j = 0; + + for (;;) { + // Mixing round. + $r0 = (($r0 + $keys[$j++] + ((($r1 ^ $r2) & $r3) ^ $r1)) & 0xFFFF) << 1; + $r0 |= $r0 >> 16; + $r1 = (($r1 + $keys[$j++] + ((($r2 ^ $r3) & $r0) ^ $r2)) & 0xFFFF) << 2; + $r1 |= $r1 >> 16; + $r2 = (($r2 + $keys[$j++] + ((($r3 ^ $r0) & $r1) ^ $r3)) & 0xFFFF) << 3; + $r2 |= $r2 >> 16; + $r3 = (($r3 + $keys[$j++] + ((($r0 ^ $r1) & $r2) ^ $r0)) & 0xFFFF) << 5; + $r3 |= $r3 >> 16; + + if ($j === $limit) { + if ($limit === 64) { + break; + } + + // Mashing round. + $r0 += $keys[$r3 & 0x3F]; + $r1 += $keys[$r0 & 0x3F]; + $r2 += $keys[$r1 & 0x3F]; + $r3 += $keys[$r2 & 0x3F]; + $limit = $actions[$limit]; + } + } + + return pack('vvvv', $r0, $r1, $r2, $r3); + } + + /** + * Decrypts a block + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::decryptBlock() + * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() + * @param string $in + * @return string + */ + protected function decryptBlock($in) + { + list($r0, $r1, $r2, $r3) = array_values(unpack('v*', $in)); + $keys = $this->keys; + $limit = 44; + $actions = [$limit => 20, 20 => 0]; + $j = 64; + + for (;;) { + // R-mixing round. + $r3 = ($r3 | ($r3 << 16)) >> 5; + $r3 = ($r3 - $keys[--$j] - ((($r0 ^ $r1) & $r2) ^ $r0)) & 0xFFFF; + $r2 = ($r2 | ($r2 << 16)) >> 3; + $r2 = ($r2 - $keys[--$j] - ((($r3 ^ $r0) & $r1) ^ $r3)) & 0xFFFF; + $r1 = ($r1 | ($r1 << 16)) >> 2; + $r1 = ($r1 - $keys[--$j] - ((($r2 ^ $r3) & $r0) ^ $r2)) & 0xFFFF; + $r0 = ($r0 | ($r0 << 16)) >> 1; + $r0 = ($r0 - $keys[--$j] - ((($r1 ^ $r2) & $r3) ^ $r1)) & 0xFFFF; + + if ($j === $limit) { + if ($limit === 0) { + break; + } + + // R-mashing round. + $r3 = ($r3 - $keys[$r2 & 0x3F]) & 0xFFFF; + $r2 = ($r2 - $keys[$r1 & 0x3F]) & 0xFFFF; + $r1 = ($r1 - $keys[$r0 & 0x3F]) & 0xFFFF; + $r0 = ($r0 - $keys[$r3 & 0x3F]) & 0xFFFF; + $limit = $actions[$limit]; + } + } + + return pack('vvvv', $r0, $r1, $r2, $r3); + } + + /** + * Creates the key schedule + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::setupKey() + */ + protected function setupKey() + { + if (!isset($this->key)) { + $this->setKey(''); + } + + // Key has already been expanded in \phpseclib3\Crypt\RC2::setKey(): + // Only the first value must be altered. + $l = unpack('Ca/Cb/v*', $this->key); + array_unshift($l, self::$pitable[$l['a']] | ($l['b'] << 8)); + unset($l['a']); + unset($l['b']); + $this->keys = $l; + } + + /** + * Setup the performance-optimized function for de/encrypt() + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::setupInlineCrypt() + */ + protected function setupInlineCrypt() + { + // Init code for both, encrypt and decrypt. + $init_crypt = '$keys = $this->keys;'; + + $keys = $this->keys; + + // $in is the current 8 bytes block which has to be en/decrypt + $encrypt_block = $decrypt_block = ' + $in = unpack("v4", $in); + $r0 = $in[1]; + $r1 = $in[2]; + $r2 = $in[3]; + $r3 = $in[4]; + '; + + // Create code for encryption. + $limit = 20; + $actions = [$limit => 44, 44 => 64]; + $j = 0; + + for (;;) { + // Mixing round. + $encrypt_block .= ' + $r0 = (($r0 + ' . $keys[$j++] . ' + + ((($r1 ^ $r2) & $r3) ^ $r1)) & 0xFFFF) << 1; + $r0 |= $r0 >> 16; + $r1 = (($r1 + ' . $keys[$j++] . ' + + ((($r2 ^ $r3) & $r0) ^ $r2)) & 0xFFFF) << 2; + $r1 |= $r1 >> 16; + $r2 = (($r2 + ' . $keys[$j++] . ' + + ((($r3 ^ $r0) & $r1) ^ $r3)) & 0xFFFF) << 3; + $r2 |= $r2 >> 16; + $r3 = (($r3 + ' . $keys[$j++] . ' + + ((($r0 ^ $r1) & $r2) ^ $r0)) & 0xFFFF) << 5; + $r3 |= $r3 >> 16;'; + + if ($j === $limit) { + if ($limit === 64) { + break; + } + + // Mashing round. + $encrypt_block .= ' + $r0 += $keys[$r3 & 0x3F]; + $r1 += $keys[$r0 & 0x3F]; + $r2 += $keys[$r1 & 0x3F]; + $r3 += $keys[$r2 & 0x3F];'; + $limit = $actions[$limit]; + } + } + + $encrypt_block .= '$in = pack("v4", $r0, $r1, $r2, $r3);'; + + // Create code for decryption. + $limit = 44; + $actions = [$limit => 20, 20 => 0]; + $j = 64; + + for (;;) { + // R-mixing round. + $decrypt_block .= ' + $r3 = ($r3 | ($r3 << 16)) >> 5; + $r3 = ($r3 - ' . $keys[--$j] . ' - + ((($r0 ^ $r1) & $r2) ^ $r0)) & 0xFFFF; + $r2 = ($r2 | ($r2 << 16)) >> 3; + $r2 = ($r2 - ' . $keys[--$j] . ' - + ((($r3 ^ $r0) & $r1) ^ $r3)) & 0xFFFF; + $r1 = ($r1 | ($r1 << 16)) >> 2; + $r1 = ($r1 - ' . $keys[--$j] . ' - + ((($r2 ^ $r3) & $r0) ^ $r2)) & 0xFFFF; + $r0 = ($r0 | ($r0 << 16)) >> 1; + $r0 = ($r0 - ' . $keys[--$j] . ' - + ((($r1 ^ $r2) & $r3) ^ $r1)) & 0xFFFF;'; + + if ($j === $limit) { + if ($limit === 0) { + break; + } + + // R-mashing round. + $decrypt_block .= ' + $r3 = ($r3 - $keys[$r2 & 0x3F]) & 0xFFFF; + $r2 = ($r2 - $keys[$r1 & 0x3F]) & 0xFFFF; + $r1 = ($r1 - $keys[$r0 & 0x3F]) & 0xFFFF; + $r0 = ($r0 - $keys[$r3 & 0x3F]) & 0xFFFF;'; + $limit = $actions[$limit]; + } + } + + $decrypt_block .= '$in = pack("v4", $r0, $r1, $r2, $r3);'; + + // Creates the inline-crypt function + $this->inline_crypt = $this->createInlineCryptFunction( + [ + 'init_crypt' => $init_crypt, + 'encrypt_block' => $encrypt_block, + 'decrypt_block' => $decrypt_block + ] + ); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RC4.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RC4.php new file mode 100644 index 0000000..5f3bff2 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RC4.php @@ -0,0 +1,280 @@ + + * setKey('abcdefgh'); + * + * $size = 10 * 1024; + * $plaintext = ''; + * for ($i = 0; $i < $size; $i++) { + * $plaintext.= 'a'; + * } + * + * echo $rc4->decrypt($rc4->encrypt($plaintext)); + * ?> + * + * + * @author Jim Wigginton + * @copyright 2007 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt; + +use phpseclib3\Crypt\Common\StreamCipher; + +/** + * Pure-PHP implementation of RC4. + * + * @author Jim Wigginton + */ +class RC4 extends StreamCipher +{ + /** + * @see \phpseclib3\Crypt\RC4::_crypt() + */ + const ENCRYPT = 0; + + /** + * @see \phpseclib3\Crypt\RC4::_crypt() + */ + const DECRYPT = 1; + + /** + * Key Length (in bytes) + * + * @see \phpseclib3\Crypt\RC4::setKeyLength() + * @var int + */ + protected $key_length = 128; // = 1024 bits + + /** + * The mcrypt specific name of the cipher + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::cipher_name_mcrypt + * @var string + */ + protected $cipher_name_mcrypt = 'arcfour'; + + /** + * The Key + * + * @see self::setKey() + * @var string + */ + protected $key; + + /** + * The Key Stream for decryption and encryption + * + * @see self::setKey() + * @var array + */ + private $stream; + + /** + * Test for engine validity + * + * This is mainly just a wrapper to set things up for \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine() + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() + * @param int $engine + * @return bool + */ + protected function isValidEngineHelper($engine) + { + if ($engine == self::ENGINE_OPENSSL) { + if ($this->continuousBuffer) { + return false; + } + // quoting https://www.openssl.org/news/openssl-3.0-notes.html, OpenSSL 3.0.1 + // "Moved all variations of the EVP ciphers CAST5, BF, IDEA, SEED, RC2, RC4, RC5, and DES to the legacy provider" + // in theory openssl_get_cipher_methods() should catch this but, on GitHub Actions, at least, it does not + if (defined('OPENSSL_VERSION_TEXT') && version_compare(preg_replace('#OpenSSL (\d+\.\d+\.\d+) .*#', '$1', OPENSSL_VERSION_TEXT), '3.0.1', '>=')) { + return false; + } + $this->cipher_name_openssl = 'rc4-40'; + } + + return parent::isValidEngineHelper($engine); + } + + /** + * Sets the key length + * + * Keys can be between 1 and 256 bytes long. + * + * @param int $length + * @throws \LengthException if the key length is invalid + */ + public function setKeyLength($length) + { + if ($length < 8 || $length > 2048) { + throw new \LengthException('Key size of ' . $length . ' bits is not supported by this algorithm. Only keys between 1 and 256 bytes are supported'); + } + + $this->key_length = $length >> 3; + + parent::setKeyLength($length); + } + + /** + * Sets the key length + * + * Keys can be between 1 and 256 bytes long. + * + * @param string $key + */ + public function setKey($key) + { + $length = strlen($key); + if ($length < 1 || $length > 256) { + throw new \LengthException('Key size of ' . $length . ' bytes is not supported by RC4. Keys must be between 1 and 256 bytes long'); + } + + parent::setKey($key); + } + + /** + * Encrypts a message. + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() + * @see self::crypt() + * @param string $plaintext + * @return string $ciphertext + */ + public function encrypt($plaintext) + { + if ($this->engine != self::ENGINE_INTERNAL) { + return parent::encrypt($plaintext); + } + return $this->crypt($plaintext, self::ENCRYPT); + } + + /** + * Decrypts a message. + * + * $this->decrypt($this->encrypt($plaintext)) == $this->encrypt($this->encrypt($plaintext)). + * At least if the continuous buffer is disabled. + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() + * @see self::crypt() + * @param string $ciphertext + * @return string $plaintext + */ + public function decrypt($ciphertext) + { + if ($this->engine != self::ENGINE_INTERNAL) { + return parent::decrypt($ciphertext); + } + return $this->crypt($ciphertext, self::DECRYPT); + } + + /** + * Encrypts a block + * + * @param string $in + */ + protected function encryptBlock($in) + { + // RC4 does not utilize this method + } + + /** + * Decrypts a block + * + * @param string $in + */ + protected function decryptBlock($in) + { + // RC4 does not utilize this method + } + + /** + * Setup the key (expansion) + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::_setupKey() + */ + protected function setupKey() + { + $key = $this->key; + $keyLength = strlen($key); + $keyStream = range(0, 255); + $j = 0; + for ($i = 0; $i < 256; $i++) { + $j = ($j + $keyStream[$i] + ord($key[$i % $keyLength])) & 255; + $temp = $keyStream[$i]; + $keyStream[$i] = $keyStream[$j]; + $keyStream[$j] = $temp; + } + + $this->stream = []; + $this->stream[self::DECRYPT] = $this->stream[self::ENCRYPT] = [ + 0, // index $i + 0, // index $j + $keyStream + ]; + } + + /** + * Encrypts or decrypts a message. + * + * @see self::encrypt() + * @see self::decrypt() + * @param string $text + * @param int $mode + * @return string $text + */ + private function crypt($text, $mode) + { + if ($this->changed) { + $this->setup(); + } + + $stream = &$this->stream[$mode]; + if ($this->continuousBuffer) { + $i = &$stream[0]; + $j = &$stream[1]; + $keyStream = &$stream[2]; + } else { + $i = $stream[0]; + $j = $stream[1]; + $keyStream = $stream[2]; + } + + $len = strlen($text); + for ($k = 0; $k < $len; ++$k) { + $i = ($i + 1) & 255; + $ksi = $keyStream[$i]; + $j = ($j + $ksi) & 255; + $ksj = $keyStream[$j]; + + $keyStream[$i] = $ksj; + $keyStream[$j] = $ksi; + $text[$k] = $text[$k] ^ chr($keyStream[($ksj + $ksi) & 255]); + } + + return $text; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA.php new file mode 100644 index 0000000..19dcfea --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA.php @@ -0,0 +1,934 @@ + + * getPublicKey(); + * + * $plaintext = 'terrafrost'; + * + * $ciphertext = $public->encrypt($plaintext); + * + * echo $private->decrypt($ciphertext); + * ?> + * + * + * Here's an example of how to create signatures and verify signatures with this library: + * + * getPublicKey(); + * + * $plaintext = 'terrafrost'; + * + * $signature = $private->sign($plaintext); + * + * echo $public->verify($plaintext, $signature) ? 'verified' : 'unverified'; + * ?> + * + * + * One thing to consider when using this: so phpseclib uses PSS mode by default. + * Technically, id-RSASSA-PSS has a different key format than rsaEncryption. So + * should phpseclib save to the id-RSASSA-PSS format by default or the + * rsaEncryption format? For stand-alone keys I figure rsaEncryption is better + * because SSH doesn't use PSS and idk how many SSH servers would be able to + * decode an id-RSASSA-PSS key. For X.509 certificates the id-RSASSA-PSS + * format is used by default (unless you change it up to use PKCS1 instead) + * + * @author Jim Wigginton + * @copyright 2009 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt; + +use phpseclib3\Crypt\Common\AsymmetricKey; +use phpseclib3\Crypt\RSA\Formats\Keys\PSS; +use phpseclib3\Crypt\RSA\PrivateKey; +use phpseclib3\Crypt\RSA\PublicKey; +use phpseclib3\Exception\InconsistentSetupException; +use phpseclib3\Exception\UnsupportedAlgorithmException; +use phpseclib3\Math\BigInteger; + +/** + * Pure-PHP PKCS#1 compliant implementation of RSA. + * + * @author Jim Wigginton + */ +abstract class RSA extends AsymmetricKey +{ + /** + * Algorithm Name + * + * @var string + */ + const ALGORITHM = 'RSA'; + + /** + * Use {@link http://en.wikipedia.org/wiki/Optimal_Asymmetric_Encryption_Padding Optimal Asymmetric Encryption Padding} + * (OAEP) for encryption / decryption. + * + * Uses sha256 by default + * + * @see self::setHash() + * @see self::setMGFHash() + * @see self::encrypt() + * @see self::decrypt() + */ + const ENCRYPTION_OAEP = 1; + + /** + * Use PKCS#1 padding. + * + * Although self::PADDING_OAEP / self::PADDING_PSS offers more security, including PKCS#1 padding is necessary for purposes of backwards + * compatibility with protocols (like SSH-1) written before OAEP's introduction. + * + * @see self::encrypt() + * @see self::decrypt() + */ + const ENCRYPTION_PKCS1 = 2; + + /** + * Do not use any padding + * + * Although this method is not recommended it can none-the-less sometimes be useful if you're trying to decrypt some legacy + * stuff, if you're trying to diagnose why an encrypted message isn't decrypting, etc. + * + * @see self::encrypt() + * @see self::decrypt() + */ + const ENCRYPTION_NONE = 4; + + /** + * Use the Probabilistic Signature Scheme for signing + * + * Uses sha256 and 0 as the salt length + * + * @see self::setSaltLength() + * @see self::setMGFHash() + * @see self::setHash() + * @see self::sign() + * @see self::verify() + * @see self::setHash() + */ + const SIGNATURE_PSS = 16; + + /** + * Use a relaxed version of PKCS#1 padding for signature verification + * + * @see self::sign() + * @see self::verify() + * @see self::setHash() + */ + const SIGNATURE_RELAXED_PKCS1 = 32; + + /** + * Use PKCS#1 padding for signature verification + * + * @see self::sign() + * @see self::verify() + * @see self::setHash() + */ + const SIGNATURE_PKCS1 = 64; + + /** + * Encryption padding mode + * + * @var int + */ + protected $encryptionPadding = self::ENCRYPTION_OAEP; + + /** + * Signature padding mode + * + * @var int + */ + protected $signaturePadding = self::SIGNATURE_PSS; + + /** + * Length of hash function output + * + * @var int + */ + protected $hLen; + + /** + * Length of salt + * + * @var int + */ + protected $sLen; + + /** + * Label + * + * @var string + */ + protected $label = ''; + + /** + * Hash function for the Mask Generation Function + * + * @var \phpseclib3\Crypt\Hash + */ + protected $mgfHash; + + /** + * Length of MGF hash function output + * + * @var int + */ + protected $mgfHLen; + + /** + * Modulus (ie. n) + * + * @var \phpseclib3\Math\BigInteger + */ + protected $modulus; + + /** + * Modulus length + * + * @var \phpseclib3\Math\BigInteger + */ + protected $k; + + /** + * Exponent (ie. e or d) + * + * @var \phpseclib3\Math\BigInteger + */ + protected $exponent; + + /** + * Default public exponent + * + * @var int + * @link http://en.wikipedia.org/wiki/65537_%28number%29 + */ + private static $defaultExponent = 65537; + + /** + * Enable Blinding? + * + * @var bool + */ + protected static $enableBlinding = true; + + /** + * OpenSSL configuration file name. + * + * @see self::createKey() + * @var ?string + */ + protected static $configFile; + + /** + * Smallest Prime + * + * Per , this number ought not result in primes smaller + * than 256 bits. As a consequence if the key you're trying to create is 1024 bits and you've set smallestPrime + * to 384 bits then you're going to get a 384 bit prime and a 640 bit prime (384 + 1024 % 384). At least if + * engine is set to self::ENGINE_INTERNAL. If Engine is set to self::ENGINE_OPENSSL then smallest Prime is + * ignored (ie. multi-prime RSA support is more intended as a way to speed up RSA key generation when there's + * a chance neither gmp nor OpenSSL are installed) + * + * @var int + */ + private static $smallestPrime = 4096; + + /** + * Public Exponent + * + * @var \phpseclib3\Math\BigInteger + */ + protected $publicExponent; + + /** + * Sets the public exponent for key generation + * + * This will be 65537 unless changed. + * + * @param int $val + */ + public static function setExponent($val) + { + self::$defaultExponent = $val; + } + + /** + * Sets the smallest prime number in bits. Used for key generation + * + * This will be 4096 unless changed. + * + * @param int $val + */ + public static function setSmallestPrime($val) + { + self::$smallestPrime = $val; + } + + /** + * Sets the OpenSSL config file path + * + * Set to the empty string to use the default config file + * + * @param string $val + */ + public static function setOpenSSLConfigPath($val) + { + self::$configFile = $val; + } + + /** + * Create a private key + * + * The public key can be extracted from the private key + * + * @return RSA\PrivateKey + * @param int $bits + */ + public static function createKey($bits = 2048) + { + self::initialize_static_variables(); + + $class = new \ReflectionClass(static::class); + if ($class->isFinal()) { + throw new \RuntimeException('createKey() should not be called from final classes (' . static::class . ')'); + } + + $regSize = $bits >> 1; // divide by two to see how many bits P and Q would be + if ($regSize > self::$smallestPrime) { + $num_primes = floor($bits / self::$smallestPrime); + $regSize = self::$smallestPrime; + } else { + $num_primes = 2; + } + + if ($num_primes == 2 && $bits >= 384 && self::$defaultExponent == 65537) { + if (!isset(self::$engines['PHP'])) { + self::useBestEngine(); + } + + // OpenSSL uses 65537 as the exponent and requires RSA keys be 384 bits minimum + if (self::$engines['OpenSSL']) { + $config = []; + if (self::$configFile) { + $config['config'] = self::$configFile; + } + $rsa = openssl_pkey_new(['private_key_bits' => $bits] + $config); + openssl_pkey_export($rsa, $privatekeystr, null, $config); + + // clear the buffer of error strings stemming from a minimalistic openssl.cnf + // https://github.com/php/php-src/issues/11054 talks about other errors this'll pick up + while (openssl_error_string() !== false) { + } + + return RSA::load($privatekeystr); + } + } + + static $e; + if (!isset($e)) { + $e = new BigInteger(self::$defaultExponent); + } + + $n = clone self::$one; + $exponents = $coefficients = $primes = []; + $lcm = [ + 'top' => clone self::$one, + 'bottom' => false + ]; + + do { + for ($i = 1; $i <= $num_primes; $i++) { + if ($i != $num_primes) { + $primes[$i] = BigInteger::randomPrime($regSize); + } else { + extract(BigInteger::minMaxBits($bits)); + /** @var BigInteger $min + * @var BigInteger $max + */ + list($min) = $min->divide($n); + $min = $min->add(self::$one); + list($max) = $max->divide($n); + $primes[$i] = BigInteger::randomRangePrime($min, $max); + } + + // the first coefficient is calculated differently from the rest + // ie. instead of being $primes[1]->modInverse($primes[2]), it's $primes[2]->modInverse($primes[1]) + if ($i > 2) { + $coefficients[$i] = $n->modInverse($primes[$i]); + } + + $n = $n->multiply($primes[$i]); + + $temp = $primes[$i]->subtract(self::$one); + + // textbook RSA implementations use Euler's totient function instead of the least common multiple. + // see http://en.wikipedia.org/wiki/Euler%27s_totient_function + $lcm['top'] = $lcm['top']->multiply($temp); + $lcm['bottom'] = $lcm['bottom'] === false ? $temp : $lcm['bottom']->gcd($temp); + } + + list($temp) = $lcm['top']->divide($lcm['bottom']); + $gcd = $temp->gcd($e); + $i0 = 1; + } while (!$gcd->equals(self::$one)); + + $coefficients[2] = $primes[2]->modInverse($primes[1]); + + $d = $e->modInverse($temp); + + foreach ($primes as $i => $prime) { + $temp = $prime->subtract(self::$one); + $exponents[$i] = $e->modInverse($temp); + } + + // from : + // RSAPrivateKey ::= SEQUENCE { + // version Version, + // modulus INTEGER, -- n + // publicExponent INTEGER, -- e + // privateExponent INTEGER, -- d + // prime1 INTEGER, -- p + // prime2 INTEGER, -- q + // exponent1 INTEGER, -- d mod (p-1) + // exponent2 INTEGER, -- d mod (q-1) + // coefficient INTEGER, -- (inverse of q) mod p + // otherPrimeInfos OtherPrimeInfos OPTIONAL + // } + $privatekey = new PrivateKey(); + $privatekey->modulus = $n; + $privatekey->k = $bits >> 3; + $privatekey->publicExponent = $e; + $privatekey->exponent = $d; + $privatekey->primes = $primes; + $privatekey->exponents = $exponents; + $privatekey->coefficients = $coefficients; + + /* + $publickey = new PublicKey; + $publickey->modulus = $n; + $publickey->k = $bits >> 3; + $publickey->exponent = $e; + $publickey->publicExponent = $e; + $publickey->isPublic = true; + */ + + return $privatekey; + } + + /** + * OnLoad Handler + * + * @return bool + */ + protected static function onLoad(array $components) + { + $key = $components['isPublicKey'] ? + new PublicKey() : + new PrivateKey(); + + $key->modulus = $components['modulus']; + $key->publicExponent = $components['publicExponent']; + $key->k = $key->modulus->getLengthInBytes(); + + if ($components['isPublicKey'] || !isset($components['privateExponent'])) { + $key->exponent = $key->publicExponent; + } else { + $key->privateExponent = $components['privateExponent']; + $key->exponent = $key->privateExponent; + $key->primes = $components['primes']; + $key->exponents = $components['exponents']; + $key->coefficients = $components['coefficients']; + } + + if ($components['format'] == PSS::class) { + // in the X509 world RSA keys are assumed to use PKCS1 padding by default. only if the key is + // explicitly a PSS key is the use of PSS assumed. phpseclib does not work like this. phpseclib + // uses PSS padding by default. it assumes the more secure method by default and altho it provides + // for the less secure PKCS1 method you have to go out of your way to use it. this is consistent + // with the latest trends in crypto. libsodium (NaCl) is actually a little more extreme in that + // not only does it defaults to the most secure methods - it doesn't even let you choose less + // secure methods + //$key = $key->withPadding(self::SIGNATURE_PSS); + if (isset($components['hash'])) { + $key = $key->withHash($components['hash']); + } + if (isset($components['MGFHash'])) { + $key = $key->withMGFHash($components['MGFHash']); + } + if (isset($components['saltLength'])) { + $key = $key->withSaltLength($components['saltLength']); + } + } + + return $key; + } + + /** + * Initialize static variables + */ + protected static function initialize_static_variables() + { + if (!isset(self::$configFile)) { + self::$configFile = dirname(__FILE__) . '/../openssl.cnf'; + } + + parent::initialize_static_variables(); + } + + /** + * Constructor + * + * PublicKey and PrivateKey objects can only be created from abstract RSA class + */ + protected function __construct() + { + parent::__construct(); + + $this->hLen = $this->hash->getLengthInBytes(); + $this->mgfHash = new Hash('sha256'); + $this->mgfHLen = $this->mgfHash->getLengthInBytes(); + } + + /** + * Integer-to-Octet-String primitive + * + * See {@link http://tools.ietf.org/html/rfc3447#section-4.1 RFC3447#section-4.1}. + * + * @param bool|\phpseclib3\Math\BigInteger $x + * @param int $xLen + * @return bool|string + */ + protected function i2osp($x, $xLen) + { + if ($x === false) { + return false; + } + $x = $x->toBytes(); + if (strlen($x) > $xLen) { + throw new \OutOfRangeException('Resultant string length out of range'); + } + return str_pad($x, $xLen, chr(0), STR_PAD_LEFT); + } + + /** + * Octet-String-to-Integer primitive + * + * See {@link http://tools.ietf.org/html/rfc3447#section-4.2 RFC3447#section-4.2}. + * + * @param string $x + * @return \phpseclib3\Math\BigInteger + */ + protected function os2ip($x) + { + return new BigInteger($x, 256); + } + + /** + * EMSA-PKCS1-V1_5-ENCODE + * + * See {@link http://tools.ietf.org/html/rfc3447#section-9.2 RFC3447#section-9.2}. + * + * @param string $m + * @param int $emLen + * @throws \LengthException if the intended encoded message length is too short + * @return string + */ + protected function emsa_pkcs1_v1_5_encode($m, $emLen) + { + $h = $this->hash->hash($m); + + // see http://tools.ietf.org/html/rfc3447#page-43 + switch ($this->hash->getHash()) { + case 'md2': + $t = "\x30\x20\x30\x0c\x06\x08\x2a\x86\x48\x86\xf7\x0d\x02\x02\x05\x00\x04\x10"; + break; + case 'md5': + $t = "\x30\x20\x30\x0c\x06\x08\x2a\x86\x48\x86\xf7\x0d\x02\x05\x05\x00\x04\x10"; + break; + case 'sha1': + $t = "\x30\x21\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14"; + break; + case 'sha256': + $t = "\x30\x31\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x01\x05\x00\x04\x20"; + break; + case 'sha384': + $t = "\x30\x41\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x02\x05\x00\x04\x30"; + break; + case 'sha512': + $t = "\x30\x51\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x03\x05\x00\x04\x40"; + break; + // from https://www.emc.com/collateral/white-papers/h11300-pkcs-1v2-2-rsa-cryptography-standard-wp.pdf#page=40 + case 'sha224': + $t = "\x30\x2d\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x04\x05\x00\x04\x1c"; + break; + case 'sha512/224': + $t = "\x30\x2d\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x05\x05\x00\x04\x1c"; + break; + case 'sha512/256': + $t = "\x30\x31\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x06\x05\x00\x04\x20"; + } + $t .= $h; + $tLen = strlen($t); + + if ($emLen < $tLen + 11) { + throw new \LengthException('Intended encoded message length too short'); + } + + $ps = str_repeat(chr(0xFF), $emLen - $tLen - 3); + + $em = "\0\1$ps\0$t"; + + return $em; + } + + /** + * EMSA-PKCS1-V1_5-ENCODE (without NULL) + * + * Quoting https://tools.ietf.org/html/rfc8017#page-65, + * + * "The parameters field associated with id-sha1, id-sha224, id-sha256, + * id-sha384, id-sha512, id-sha512/224, and id-sha512/256 should + * generally be omitted, but if present, it shall have a value of type + * NULL" + * + * @param string $m + * @param int $emLen + * @return string + */ + protected function emsa_pkcs1_v1_5_encode_without_null($m, $emLen) + { + $h = $this->hash->hash($m); + + // see http://tools.ietf.org/html/rfc3447#page-43 + switch ($this->hash->getHash()) { + case 'sha1': + $t = "\x30\x1f\x30\x07\x06\x05\x2b\x0e\x03\x02\x1a\x04\x14"; + break; + case 'sha256': + $t = "\x30\x2f\x30\x0b\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x01\x04\x20"; + break; + case 'sha384': + $t = "\x30\x3f\x30\x0b\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x02\x04\x30"; + break; + case 'sha512': + $t = "\x30\x4f\x30\x0b\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x03\x04\x40"; + break; + // from https://www.emc.com/collateral/white-papers/h11300-pkcs-1v2-2-rsa-cryptography-standard-wp.pdf#page=40 + case 'sha224': + $t = "\x30\x2b\x30\x0b\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x04\x04\x1c"; + break; + case 'sha512/224': + $t = "\x30\x2b\x30\x0b\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x05\x04\x1c"; + break; + case 'sha512/256': + $t = "\x30\x2f\x30\x0b\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x06\x04\x20"; + break; + default: + throw new UnsupportedAlgorithmException('md2 and md5 require NULLs'); + } + $t .= $h; + $tLen = strlen($t); + + if ($emLen < $tLen + 11) { + throw new \LengthException('Intended encoded message length too short'); + } + + $ps = str_repeat(chr(0xFF), $emLen - $tLen - 3); + + $em = "\0\1$ps\0$t"; + + return $em; + } + + /** + * MGF1 + * + * See {@link http://tools.ietf.org/html/rfc3447#appendix-B.2.1 RFC3447#appendix-B.2.1}. + * + * @param string $mgfSeed + * @param int $maskLen + * @return string + */ + protected function mgf1($mgfSeed, $maskLen) + { + // if $maskLen would yield strings larger than 4GB, PKCS#1 suggests a "Mask too long" error be output. + + $t = ''; + $count = ceil($maskLen / $this->mgfHLen); + for ($i = 0; $i < $count; $i++) { + $c = pack('N', $i); + $t .= $this->mgfHash->hash($mgfSeed . $c); + } + + return substr($t, 0, $maskLen); + } + + /** + * Returns the key size + * + * More specifically, this returns the size of the modulo in bits. + * + * @return int + */ + public function getLength() + { + return !isset($this->modulus) ? 0 : $this->modulus->getLength(); + } + + /** + * Determines which hashing function should be used + * + * Used with signature production / verification and (if the encryption mode is self::PADDING_OAEP) encryption and + * decryption. + * + * @param string $hash + */ + public function withHash($hash) + { + $new = clone $this; + + // \phpseclib3\Crypt\Hash supports algorithms that PKCS#1 doesn't support. md5-96 and sha1-96, for example. + switch (strtolower($hash)) { + case 'md2': + case 'md5': + case 'sha1': + case 'sha256': + case 'sha384': + case 'sha512': + case 'sha224': + case 'sha512/224': + case 'sha512/256': + $new->hash = new Hash($hash); + break; + default: + throw new UnsupportedAlgorithmException( + 'The only supported hash algorithms are: md2, md5, sha1, sha256, sha384, sha512, sha224, sha512/224, sha512/256' + ); + } + $new->hLen = $new->hash->getLengthInBytes(); + + return $new; + } + + /** + * Determines which hashing function should be used for the mask generation function + * + * The mask generation function is used by self::PADDING_OAEP and self::PADDING_PSS and although it's + * best if Hash and MGFHash are set to the same thing this is not a requirement. + * + * @param string $hash + */ + public function withMGFHash($hash) + { + $new = clone $this; + + // \phpseclib3\Crypt\Hash supports algorithms that PKCS#1 doesn't support. md5-96 and sha1-96, for example. + switch (strtolower($hash)) { + case 'md2': + case 'md5': + case 'sha1': + case 'sha256': + case 'sha384': + case 'sha512': + case 'sha224': + case 'sha512/224': + case 'sha512/256': + $new->mgfHash = new Hash($hash); + break; + default: + throw new UnsupportedAlgorithmException( + 'The only supported hash algorithms are: md2, md5, sha1, sha256, sha384, sha512, sha224, sha512/224, sha512/256' + ); + } + $new->mgfHLen = $new->mgfHash->getLengthInBytes(); + + return $new; + } + + /** + * Returns the MGF hash algorithm currently being used + * + */ + public function getMGFHash() + { + return clone $this->mgfHash; + } + + /** + * Determines the salt length + * + * Used by RSA::PADDING_PSS + * + * To quote from {@link http://tools.ietf.org/html/rfc3447#page-38 RFC3447#page-38}: + * + * Typical salt lengths in octets are hLen (the length of the output + * of the hash function Hash) and 0. + * + * @param int $sLen + */ + public function withSaltLength($sLen) + { + $new = clone $this; + $new->sLen = $sLen; + return $new; + } + + /** + * Returns the salt length currently being used + * + */ + public function getSaltLength() + { + return $this->sLen !== null ? $this->sLen : $this->hLen; + } + + /** + * Determines the label + * + * Used by RSA::PADDING_OAEP + * + * To quote from {@link http://tools.ietf.org/html/rfc3447#page-17 RFC3447#page-17}: + * + * Both the encryption and the decryption operations of RSAES-OAEP take + * the value of a label L as input. In this version of PKCS #1, L is + * the empty string; other uses of the label are outside the scope of + * this document. + * + * @param string $label + */ + public function withLabel($label) + { + $new = clone $this; + $new->label = $label; + return $new; + } + + /** + * Returns the label currently being used + * + */ + public function getLabel() + { + return $this->label; + } + + /** + * Determines the padding modes + * + * Example: $key->withPadding(RSA::ENCRYPTION_PKCS1 | RSA::SIGNATURE_PKCS1); + * + * @param int $padding + */ + public function withPadding($padding) + { + $masks = [ + self::ENCRYPTION_OAEP, + self::ENCRYPTION_PKCS1, + self::ENCRYPTION_NONE + ]; + $encryptedCount = 0; + $selected = 0; + foreach ($masks as $mask) { + if ($padding & $mask) { + $selected = $mask; + $encryptedCount++; + } + } + if ($encryptedCount > 1) { + throw new InconsistentSetupException('Multiple encryption padding modes have been selected; at most only one should be selected'); + } + $encryptionPadding = $selected; + + $masks = [ + self::SIGNATURE_PSS, + self::SIGNATURE_RELAXED_PKCS1, + self::SIGNATURE_PKCS1 + ]; + $signatureCount = 0; + $selected = 0; + foreach ($masks as $mask) { + if ($padding & $mask) { + $selected = $mask; + $signatureCount++; + } + } + if ($signatureCount > 1) { + throw new InconsistentSetupException('Multiple signature padding modes have been selected; at most only one should be selected'); + } + $signaturePadding = $selected; + + $new = clone $this; + if ($encryptedCount) { + $new->encryptionPadding = $encryptionPadding; + } + if ($signatureCount) { + $new->signaturePadding = $signaturePadding; + } + return $new; + } + + /** + * Returns the padding currently being used + * + */ + public function getPadding() + { + return $this->signaturePadding | $this->encryptionPadding; + } + + /** + * Returns the current engine being used + * + * OpenSSL is only used in this class (and it's subclasses) for key generation + * Even then it depends on the parameters you're using. It's not used for + * multi-prime RSA nor is it used if the key length is outside of the range + * supported by OpenSSL + * + * @see self::useInternalEngine() + * @see self::useBestEngine() + * @return string + */ + public function getEngine() + { + if (!isset(self::$engines['PHP'])) { + self::useBestEngine(); + } + return self::$engines['OpenSSL'] && self::$defaultExponent == 65537 ? + 'OpenSSL' : + 'PHP'; + } + + /** + * Enable RSA Blinding + * + */ + public static function enableBlinding() + { + static::$enableBlinding = true; + } + + /** + * Disable RSA Blinding + * + */ + public static function disableBlinding() + { + static::$enableBlinding = false; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/JWK.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/JWK.php new file mode 100644 index 0000000..87f543d --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/JWK.php @@ -0,0 +1,142 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\RSA\Formats\Keys; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\Common\Formats\Keys\JWK as Progenitor; +use phpseclib3\Math\BigInteger; + +/** + * JWK Formatted RSA Handler + * + * @author Jim Wigginton + */ +abstract class JWK extends Progenitor +{ + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password optional + * @return array + */ + public static function load($key, $password = '') + { + $key = parent::load($key, $password); + + if ($key->kty != 'RSA') { + throw new \RuntimeException('Only RSA JWK keys are supported'); + } + + $count = $publicCount = 0; + $vars = ['n', 'e', 'd', 'p', 'q', 'dp', 'dq', 'qi']; + foreach ($vars as $var) { + if (!isset($key->$var) || !is_string($key->$var)) { + continue; + } + $count++; + $value = new BigInteger(Strings::base64url_decode($key->$var), 256); + switch ($var) { + case 'n': + $publicCount++; + $components['modulus'] = $value; + break; + case 'e': + $publicCount++; + $components['publicExponent'] = $value; + break; + case 'd': + $components['privateExponent'] = $value; + break; + case 'p': + $components['primes'][1] = $value; + break; + case 'q': + $components['primes'][2] = $value; + break; + case 'dp': + $components['exponents'][1] = $value; + break; + case 'dq': + $components['exponents'][2] = $value; + break; + case 'qi': + $components['coefficients'][2] = $value; + } + } + + if ($count == count($vars)) { + return $components + ['isPublicKey' => false]; + } + + if ($count == 2 && $publicCount == 2) { + return $components + ['isPublicKey' => true]; + } + + throw new \UnexpectedValueException('Key does not have an appropriate number of RSA parameters'); + } + + /** + * Convert a private key to the appropriate format. + * + * @param \phpseclib3\Math\BigInteger $n + * @param \phpseclib3\Math\BigInteger $e + * @param \phpseclib3\Math\BigInteger $d + * @param array $primes + * @param array $exponents + * @param array $coefficients + * @param string $password optional + * @param array $options optional + * @return string + */ + public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, $password = '', array $options = []) + { + if (count($primes) != 2) { + throw new \InvalidArgumentException('JWK does not support multi-prime RSA keys'); + } + + $key = [ + 'kty' => 'RSA', + 'n' => Strings::base64url_encode($n->toBytes()), + 'e' => Strings::base64url_encode($e->toBytes()), + 'd' => Strings::base64url_encode($d->toBytes()), + 'p' => Strings::base64url_encode($primes[1]->toBytes()), + 'q' => Strings::base64url_encode($primes[2]->toBytes()), + 'dp' => Strings::base64url_encode($exponents[1]->toBytes()), + 'dq' => Strings::base64url_encode($exponents[2]->toBytes()), + 'qi' => Strings::base64url_encode($coefficients[2]->toBytes()) + ]; + + return self::wrapKey($key, $options); + } + + /** + * Convert a public key to the appropriate format + * + * @param \phpseclib3\Math\BigInteger $n + * @param \phpseclib3\Math\BigInteger $e + * @param array $options optional + * @return string + */ + public static function savePublicKey(BigInteger $n, BigInteger $e, array $options = []) + { + $key = [ + 'kty' => 'RSA', + 'n' => Strings::base64url_encode($n->toBytes()), + 'e' => Strings::base64url_encode($e->toBytes()) + ]; + + return self::wrapKey($key, $options); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/MSBLOB.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/MSBLOB.php new file mode 100644 index 0000000..e9a0c4f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/MSBLOB.php @@ -0,0 +1,228 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\RSA\Formats\Keys; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Exception\UnsupportedFormatException; +use phpseclib3\Math\BigInteger; + +/** + * Microsoft BLOB Formatted RSA Key Handler + * + * @author Jim Wigginton + */ +abstract class MSBLOB +{ + /** + * Public/Private Key Pair + * + */ + const PRIVATEKEYBLOB = 0x7; + /** + * Public Key + * + */ + const PUBLICKEYBLOB = 0x6; + /** + * Public Key + * + */ + const PUBLICKEYBLOBEX = 0xA; + /** + * RSA public key exchange algorithm + * + */ + const CALG_RSA_KEYX = 0x0000A400; + /** + * RSA public key exchange algorithm + * + */ + const CALG_RSA_SIGN = 0x00002400; + /** + * Public Key + * + */ + const RSA1 = 0x31415352; + /** + * Private Key + * + */ + const RSA2 = 0x32415352; + + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password optional + * @return array + */ + public static function load($key, $password = '') + { + if (!Strings::is_stringable($key)) { + throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); + } + + $key = Strings::base64_decode($key); + + if (!is_string($key)) { + throw new \UnexpectedValueException('Base64 decoding produced an error'); + } + if (strlen($key) < 20) { + throw new \UnexpectedValueException('Key appears to be malformed'); + } + + // PUBLICKEYSTRUC publickeystruc + // https://msdn.microsoft.com/en-us/library/windows/desktop/aa387453(v=vs.85).aspx + extract(unpack('atype/aversion/vreserved/Valgo', Strings::shift($key, 8))); + /** + * @var string $type + * @var string $version + * @var integer $reserved + * @var integer $algo + */ + switch (ord($type)) { + case self::PUBLICKEYBLOB: + case self::PUBLICKEYBLOBEX: + $publickey = true; + break; + case self::PRIVATEKEYBLOB: + $publickey = false; + break; + default: + throw new \UnexpectedValueException('Key appears to be malformed'); + } + + $components = ['isPublicKey' => $publickey]; + + // https://msdn.microsoft.com/en-us/library/windows/desktop/aa375549(v=vs.85).aspx + switch ($algo) { + case self::CALG_RSA_KEYX: + case self::CALG_RSA_SIGN: + break; + default: + throw new \UnexpectedValueException('Key appears to be malformed'); + } + + // RSAPUBKEY rsapubkey + // https://msdn.microsoft.com/en-us/library/windows/desktop/aa387685(v=vs.85).aspx + // could do V for pubexp but that's unsigned 32-bit whereas some PHP installs only do signed 32-bit + extract(unpack('Vmagic/Vbitlen/a4pubexp', Strings::shift($key, 12))); + /** + * @var integer $magic + * @var integer $bitlen + * @var string $pubexp + */ + switch ($magic) { + case self::RSA2: + $components['isPublicKey'] = false; + // fall-through + case self::RSA1: + break; + default: + throw new \UnexpectedValueException('Key appears to be malformed'); + } + + $baseLength = $bitlen / 16; + if (strlen($key) != 2 * $baseLength && strlen($key) != 9 * $baseLength) { + throw new \UnexpectedValueException('Key appears to be malformed'); + } + + $components[$components['isPublicKey'] ? 'publicExponent' : 'privateExponent'] = new BigInteger(strrev($pubexp), 256); + // BYTE modulus[rsapubkey.bitlen/8] + $components['modulus'] = new BigInteger(strrev(Strings::shift($key, $bitlen / 8)), 256); + + if ($publickey) { + return $components; + } + + $components['isPublicKey'] = false; + + // BYTE prime1[rsapubkey.bitlen/16] + $components['primes'] = [1 => new BigInteger(strrev(Strings::shift($key, $bitlen / 16)), 256)]; + // BYTE prime2[rsapubkey.bitlen/16] + $components['primes'][] = new BigInteger(strrev(Strings::shift($key, $bitlen / 16)), 256); + // BYTE exponent1[rsapubkey.bitlen/16] + $components['exponents'] = [1 => new BigInteger(strrev(Strings::shift($key, $bitlen / 16)), 256)]; + // BYTE exponent2[rsapubkey.bitlen/16] + $components['exponents'][] = new BigInteger(strrev(Strings::shift($key, $bitlen / 16)), 256); + // BYTE coefficient[rsapubkey.bitlen/16] + $components['coefficients'] = [2 => new BigInteger(strrev(Strings::shift($key, $bitlen / 16)), 256)]; + if (isset($components['privateExponent'])) { + $components['publicExponent'] = $components['privateExponent']; + } + // BYTE privateExponent[rsapubkey.bitlen/8] + $components['privateExponent'] = new BigInteger(strrev(Strings::shift($key, $bitlen / 8)), 256); + + return $components; + } + + /** + * Convert a private key to the appropriate format. + * + * @param \phpseclib3\Math\BigInteger $n + * @param \phpseclib3\Math\BigInteger $e + * @param \phpseclib3\Math\BigInteger $d + * @param array $primes + * @param array $exponents + * @param array $coefficients + * @param string $password optional + * @return string + */ + public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, $password = '') + { + if (count($primes) != 2) { + throw new \InvalidArgumentException('MSBLOB does not support multi-prime RSA keys'); + } + + if (!empty($password) && is_string($password)) { + throw new UnsupportedFormatException('MSBLOB private keys do not support encryption'); + } + + $n = strrev($n->toBytes()); + $e = str_pad(strrev($e->toBytes()), 4, "\0"); + $key = pack('aavV', chr(self::PRIVATEKEYBLOB), chr(2), 0, self::CALG_RSA_KEYX); + $key .= pack('VVa*', self::RSA2, 8 * strlen($n), $e); + $key .= $n; + $key .= strrev($primes[1]->toBytes()); + $key .= strrev($primes[2]->toBytes()); + $key .= strrev($exponents[1]->toBytes()); + $key .= strrev($exponents[2]->toBytes()); + $key .= strrev($coefficients[2]->toBytes()); + $key .= strrev($d->toBytes()); + + return Strings::base64_encode($key); + } + + /** + * Convert a public key to the appropriate format + * + * @param \phpseclib3\Math\BigInteger $n + * @param \phpseclib3\Math\BigInteger $e + * @return string + */ + public static function savePublicKey(BigInteger $n, BigInteger $e) + { + $n = strrev($n->toBytes()); + $e = str_pad(strrev($e->toBytes()), 4, "\0"); + $key = pack('aavV', chr(self::PUBLICKEYBLOB), chr(2), 0, self::CALG_RSA_KEYX); + $key .= pack('VVa*', self::RSA1, 8 * strlen($n), $e); + $key .= $n; + + return Strings::base64_encode($key); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/OpenSSH.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/OpenSSH.php new file mode 100644 index 0000000..2367810 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/OpenSSH.php @@ -0,0 +1,132 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\RSA\Formats\Keys; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\Common\Formats\Keys\OpenSSH as Progenitor; +use phpseclib3\Math\BigInteger; + +/** + * OpenSSH Formatted RSA Key Handler + * + * @author Jim Wigginton + */ +abstract class OpenSSH extends Progenitor +{ + /** + * Supported Key Types + * + * @var array + */ + protected static $types = ['ssh-rsa']; + + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password optional + * @return array + */ + public static function load($key, $password = '') + { + static $one; + if (!isset($one)) { + $one = new BigInteger(1); + } + + $parsed = parent::load($key, $password); + + if (isset($parsed['paddedKey'])) { + list($type) = Strings::unpackSSH2('s', $parsed['paddedKey']); + if ($type != $parsed['type']) { + throw new \RuntimeException("The public and private keys are not of the same type ($type vs $parsed[type])"); + } + + $primes = $coefficients = []; + + list( + $modulus, + $publicExponent, + $privateExponent, + $coefficients[2], + $primes[1], + $primes[2], + $comment, + ) = Strings::unpackSSH2('i6s', $parsed['paddedKey']); + + $temp = $primes[1]->subtract($one); + $exponents = [1 => $publicExponent->modInverse($temp)]; + $temp = $primes[2]->subtract($one); + $exponents[] = $publicExponent->modInverse($temp); + + $isPublicKey = false; + + return compact('publicExponent', 'modulus', 'privateExponent', 'primes', 'coefficients', 'exponents', 'comment', 'isPublicKey'); + } + + list($publicExponent, $modulus) = Strings::unpackSSH2('ii', $parsed['publicKey']); + + return [ + 'isPublicKey' => true, + 'modulus' => $modulus, + 'publicExponent' => $publicExponent, + 'comment' => $parsed['comment'] + ]; + } + + /** + * Convert a public key to the appropriate format + * + * @param \phpseclib3\Math\BigInteger $n + * @param \phpseclib3\Math\BigInteger $e + * @param array $options optional + * @return string + */ + public static function savePublicKey(BigInteger $n, BigInteger $e, array $options = []) + { + $RSAPublicKey = Strings::packSSH2('sii', 'ssh-rsa', $e, $n); + + if (isset($options['binary']) ? $options['binary'] : self::$binary) { + return $RSAPublicKey; + } + + $comment = isset($options['comment']) ? $options['comment'] : self::$comment; + $RSAPublicKey = 'ssh-rsa ' . base64_encode($RSAPublicKey) . ' ' . $comment; + + return $RSAPublicKey; + } + + /** + * Convert a private key to the appropriate format. + * + * @param \phpseclib3\Math\BigInteger $n + * @param \phpseclib3\Math\BigInteger $e + * @param \phpseclib3\Math\BigInteger $d + * @param array $primes + * @param array $exponents + * @param array $coefficients + * @param string $password optional + * @param array $options optional + * @return string + */ + public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, $password = '', array $options = []) + { + $publicKey = self::savePublicKey($n, $e, ['binary' => true]); + $privateKey = Strings::packSSH2('si6', 'ssh-rsa', $n, $e, $d, $coefficients[2], $primes[1], $primes[2]); + + return self::wrapPrivateKey($publicKey, $privateKey, $password, $options); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PKCS1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PKCS1.php new file mode 100644 index 0000000..276c602 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PKCS1.php @@ -0,0 +1,160 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\RSA\Formats\Keys; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\Common\Formats\Keys\PKCS1 as Progenitor; +use phpseclib3\File\ASN1; +use phpseclib3\File\ASN1\Maps; +use phpseclib3\Math\BigInteger; + +/** + * PKCS#1 Formatted RSA Key Handler + * + * @author Jim Wigginton + */ +abstract class PKCS1 extends Progenitor +{ + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password optional + * @return array + */ + public static function load($key, $password = '') + { + if (!Strings::is_stringable($key)) { + throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); + } + + if (strpos($key, 'PUBLIC') !== false) { + $components = ['isPublicKey' => true]; + } elseif (strpos($key, 'PRIVATE') !== false) { + $components = ['isPublicKey' => false]; + } else { + $components = []; + } + + $key = parent::load($key, $password); + + $decoded = ASN1::decodeBER($key); + if (!$decoded) { + throw new \RuntimeException('Unable to decode BER'); + } + + $key = ASN1::asn1map($decoded[0], Maps\RSAPrivateKey::MAP); + if (is_array($key)) { + $components += [ + 'modulus' => $key['modulus'], + 'publicExponent' => $key['publicExponent'], + 'privateExponent' => $key['privateExponent'], + 'primes' => [1 => $key['prime1'], $key['prime2']], + 'exponents' => [1 => $key['exponent1'], $key['exponent2']], + 'coefficients' => [2 => $key['coefficient']] + ]; + if ($key['version'] == 'multi') { + foreach ($key['otherPrimeInfos'] as $primeInfo) { + $components['primes'][] = $primeInfo['prime']; + $components['exponents'][] = $primeInfo['exponent']; + $components['coefficients'][] = $primeInfo['coefficient']; + } + } + if (!isset($components['isPublicKey'])) { + $components['isPublicKey'] = false; + } + return $components; + } + + $key = ASN1::asn1map($decoded[0], Maps\RSAPublicKey::MAP); + + if (!is_array($key)) { + throw new \RuntimeException('Unable to perform ASN1 mapping'); + } + + if (!isset($components['isPublicKey'])) { + $components['isPublicKey'] = true; + } + + return $components + $key; + } + + /** + * Convert a private key to the appropriate format. + * + * @param \phpseclib3\Math\BigInteger $n + * @param \phpseclib3\Math\BigInteger $e + * @param \phpseclib3\Math\BigInteger $d + * @param array $primes + * @param array $exponents + * @param array $coefficients + * @param string $password optional + * @param array $options optional + * @return string + */ + public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, $password = '', array $options = []) + { + $num_primes = count($primes); + $key = [ + 'version' => $num_primes == 2 ? 'two-prime' : 'multi', + 'modulus' => $n, + 'publicExponent' => $e, + 'privateExponent' => $d, + 'prime1' => $primes[1], + 'prime2' => $primes[2], + 'exponent1' => $exponents[1], + 'exponent2' => $exponents[2], + 'coefficient' => $coefficients[2] + ]; + for ($i = 3; $i <= $num_primes; $i++) { + $key['otherPrimeInfos'][] = [ + 'prime' => $primes[$i], + 'exponent' => $exponents[$i], + 'coefficient' => $coefficients[$i] + ]; + } + + $key = ASN1::encodeDER($key, Maps\RSAPrivateKey::MAP); + + return self::wrapPrivateKey($key, 'RSA', $password, $options); + } + + /** + * Convert a public key to the appropriate format + * + * @param \phpseclib3\Math\BigInteger $n + * @param \phpseclib3\Math\BigInteger $e + * @return string + */ + public static function savePublicKey(BigInteger $n, BigInteger $e) + { + $key = [ + 'modulus' => $n, + 'publicExponent' => $e + ]; + + $key = ASN1::encodeDER($key, Maps\RSAPublicKey::MAP); + + return self::wrapPublicKey($key, 'RSA'); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PKCS8.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PKCS8.php new file mode 100644 index 0000000..1eaac6e --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PKCS8.php @@ -0,0 +1,122 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\RSA\Formats\Keys; + +use phpseclib3\Crypt\Common\Formats\Keys\PKCS8 as Progenitor; +use phpseclib3\File\ASN1; +use phpseclib3\Math\BigInteger; + +/** + * PKCS#8 Formatted RSA Key Handler + * + * @author Jim Wigginton + */ +abstract class PKCS8 extends Progenitor +{ + /** + * OID Name + * + * @var string + */ + const OID_NAME = 'rsaEncryption'; + + /** + * OID Value + * + * @var string + */ + const OID_VALUE = '1.2.840.113549.1.1.1'; + + /** + * Child OIDs loaded + * + * @var bool + */ + protected static $childOIDsLoaded = false; + + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password optional + * @return array + */ + public static function load($key, $password = '') + { + $key = parent::load($key, $password); + + if (isset($key['privateKey'])) { + $components['isPublicKey'] = false; + $type = 'private'; + } else { + $components['isPublicKey'] = true; + $type = 'public'; + } + + $result = $components + PKCS1::load($key[$type . 'Key']); + + if (isset($key['meta'])) { + $result['meta'] = $key['meta']; + } + + return $result; + } + + /** + * Convert a private key to the appropriate format. + * + * @param \phpseclib3\Math\BigInteger $n + * @param \phpseclib3\Math\BigInteger $e + * @param \phpseclib3\Math\BigInteger $d + * @param array $primes + * @param array $exponents + * @param array $coefficients + * @param string $password optional + * @param array $options optional + * @return string + */ + public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, $password = '', array $options = []) + { + $key = PKCS1::savePrivateKey($n, $e, $d, $primes, $exponents, $coefficients); + $key = ASN1::extractBER($key); + return self::wrapPrivateKey($key, [], null, $password, null, '', $options); + } + + /** + * Convert a public key to the appropriate format + * + * @param \phpseclib3\Math\BigInteger $n + * @param \phpseclib3\Math\BigInteger $e + * @param array $options optional + * @return string + */ + public static function savePublicKey(BigInteger $n, BigInteger $e, array $options = []) + { + $key = PKCS1::savePublicKey($n, $e); + $key = ASN1::extractBER($key); + return self::wrapPublicKey($key, null); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PSS.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PSS.php new file mode 100644 index 0000000..ed75b9b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PSS.php @@ -0,0 +1,238 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\RSA\Formats\Keys; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\Common\Formats\Keys\PKCS8 as Progenitor; +use phpseclib3\File\ASN1; +use phpseclib3\File\ASN1\Maps; +use phpseclib3\Math\BigInteger; + +/** + * PKCS#8 Formatted RSA-PSS Key Handler + * + * @author Jim Wigginton + */ +abstract class PSS extends Progenitor +{ + /** + * OID Name + * + * @var string + */ + const OID_NAME = 'id-RSASSA-PSS'; + + /** + * OID Value + * + * @var string + */ + const OID_VALUE = '1.2.840.113549.1.1.10'; + + /** + * OIDs loaded + * + * @var bool + */ + private static $oidsLoaded = false; + + /** + * Child OIDs loaded + * + * @var bool + */ + protected static $childOIDsLoaded = false; + + /** + * Initialize static variables + */ + private static function initialize_static_variables() + { + if (!self::$oidsLoaded) { + ASN1::loadOIDs([ + 'md2' => '1.2.840.113549.2.2', + 'md4' => '1.2.840.113549.2.4', + 'md5' => '1.2.840.113549.2.5', + 'id-sha1' => '1.3.14.3.2.26', + 'id-sha256' => '2.16.840.1.101.3.4.2.1', + 'id-sha384' => '2.16.840.1.101.3.4.2.2', + 'id-sha512' => '2.16.840.1.101.3.4.2.3', + 'id-sha224' => '2.16.840.1.101.3.4.2.4', + 'id-sha512/224' => '2.16.840.1.101.3.4.2.5', + 'id-sha512/256' => '2.16.840.1.101.3.4.2.6', + + 'id-mgf1' => '1.2.840.113549.1.1.8' + ]); + self::$oidsLoaded = true; + } + } + + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password optional + * @return array + */ + public static function load($key, $password = '') + { + self::initialize_static_variables(); + + if (!Strings::is_stringable($key)) { + throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); + } + + $components = ['isPublicKey' => strpos($key, 'PUBLIC') !== false]; + + $key = parent::load($key, $password); + + $type = isset($key['privateKey']) ? 'private' : 'public'; + + $result = $components + PKCS1::load($key[$type . 'Key']); + + if (isset($key[$type . 'KeyAlgorithm']['parameters'])) { + $decoded = ASN1::decodeBER($key[$type . 'KeyAlgorithm']['parameters']); + if ($decoded === false) { + throw new \UnexpectedValueException('Unable to decode parameters'); + } + $params = ASN1::asn1map($decoded[0], Maps\RSASSA_PSS_params::MAP); + } else { + $params = []; + } + + if (isset($params['maskGenAlgorithm']['parameters'])) { + $decoded = ASN1::decodeBER($params['maskGenAlgorithm']['parameters']); + if ($decoded === false) { + throw new \UnexpectedValueException('Unable to decode parameters'); + } + $params['maskGenAlgorithm']['parameters'] = ASN1::asn1map($decoded[0], Maps\HashAlgorithm::MAP); + } else { + $params['maskGenAlgorithm'] = [ + 'algorithm' => 'id-mgf1', + 'parameters' => ['algorithm' => 'id-sha1'] + ]; + } + + if (!isset($params['hashAlgorithm']['algorithm'])) { + $params['hashAlgorithm']['algorithm'] = 'id-sha1'; + } + + $result['hash'] = str_replace('id-', '', $params['hashAlgorithm']['algorithm']); + $result['MGFHash'] = str_replace('id-', '', $params['maskGenAlgorithm']['parameters']['algorithm']); + if (isset($params['saltLength'])) { + $result['saltLength'] = (int) $params['saltLength']->toString(); + } + + if (isset($key['meta'])) { + $result['meta'] = $key['meta']; + } + + return $result; + } + + /** + * Convert a private key to the appropriate format. + * + * @param \phpseclib3\Math\BigInteger $n + * @param \phpseclib3\Math\BigInteger $e + * @param \phpseclib3\Math\BigInteger $d + * @param array $primes + * @param array $exponents + * @param array $coefficients + * @param string $password optional + * @param array $options optional + * @return string + */ + public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, $password = '', array $options = []) + { + self::initialize_static_variables(); + + $key = PKCS1::savePrivateKey($n, $e, $d, $primes, $exponents, $coefficients); + $key = ASN1::extractBER($key); + $params = self::savePSSParams($options); + return self::wrapPrivateKey($key, [], $params, $password, null, '', $options); + } + + /** + * Convert a public key to the appropriate format + * + * @param \phpseclib3\Math\BigInteger $n + * @param \phpseclib3\Math\BigInteger $e + * @param array $options optional + * @return string + */ + public static function savePublicKey(BigInteger $n, BigInteger $e, array $options = []) + { + self::initialize_static_variables(); + + $key = PKCS1::savePublicKey($n, $e); + $key = ASN1::extractBER($key); + $params = self::savePSSParams($options); + return self::wrapPublicKey($key, $params); + } + + /** + * Encodes PSS parameters + * + * @param array $options + * @return string + */ + public static function savePSSParams(array $options) + { + /* + The trailerField field is an integer. It provides + compatibility with IEEE Std 1363a-2004 [P1363A]. The value + MUST be 1, which represents the trailer field with hexadecimal + value 0xBC. Other trailer fields, including the trailer field + composed of HashID concatenated with 0xCC that is specified in + IEEE Std 1363a, are not supported. Implementations that + perform signature generation MUST omit the trailerField field, + indicating that the default trailer field value was used. + Implementations that perform signature validation MUST + recognize both a present trailerField field with value 1 and an + absent trailerField field. + + source: https://tools.ietf.org/html/rfc4055#page-9 + */ + $params = [ + 'trailerField' => new BigInteger(1) + ]; + if (isset($options['hash'])) { + $params['hashAlgorithm']['algorithm'] = 'id-' . $options['hash']; + } + if (isset($options['MGFHash'])) { + $temp = ['algorithm' => 'id-' . $options['MGFHash']]; + $temp = ASN1::encodeDER($temp, Maps\HashAlgorithm::MAP); + $params['maskGenAlgorithm'] = [ + 'algorithm' => 'id-mgf1', + 'parameters' => new ASN1\Element($temp) + ]; + } + if (isset($options['saltLength'])) { + $params['saltLength'] = new BigInteger($options['saltLength']); + } + + return new ASN1\Element(ASN1::encodeDER($params, Maps\RSASSA_PSS_params::MAP)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PuTTY.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PuTTY.php new file mode 100644 index 0000000..fe35717 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PuTTY.php @@ -0,0 +1,121 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\RSA\Formats\Keys; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\Common\Formats\Keys\PuTTY as Progenitor; +use phpseclib3\Math\BigInteger; + +/** + * PuTTY Formatted RSA Key Handler + * + * @author Jim Wigginton + */ +abstract class PuTTY extends Progenitor +{ + /** + * Public Handler + * + * @var string + */ + const PUBLIC_HANDLER = 'phpseclib3\Crypt\RSA\Formats\Keys\OpenSSH'; + + /** + * Algorithm Identifier + * + * @var array + */ + protected static $types = ['ssh-rsa']; + + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password optional + * @return array + */ + public static function load($key, $password = '') + { + static $one; + if (!isset($one)) { + $one = new BigInteger(1); + } + + $components = parent::load($key, $password); + if (!isset($components['private'])) { + return $components; + } + extract($components); + unset($components['public'], $components['private']); + + $isPublicKey = false; + + $result = Strings::unpackSSH2('ii', $public); + if ($result === false) { + throw new \UnexpectedValueException('Key appears to be malformed'); + } + list($publicExponent, $modulus) = $result; + + $result = Strings::unpackSSH2('iiii', $private); + if ($result === false) { + throw new \UnexpectedValueException('Key appears to be malformed'); + } + $primes = $coefficients = []; + list($privateExponent, $primes[1], $primes[2], $coefficients[2]) = $result; + + $temp = $primes[1]->subtract($one); + $exponents = [1 => $publicExponent->modInverse($temp)]; + $temp = $primes[2]->subtract($one); + $exponents[] = $publicExponent->modInverse($temp); + + return compact('publicExponent', 'modulus', 'privateExponent', 'primes', 'coefficients', 'exponents', 'comment', 'isPublicKey'); + } + + /** + * Convert a private key to the appropriate format. + * + * @param \phpseclib3\Math\BigInteger $n + * @param \phpseclib3\Math\BigInteger $e + * @param \phpseclib3\Math\BigInteger $d + * @param array $primes + * @param array $exponents + * @param array $coefficients + * @param string $password optional + * @param array $options optional + * @return string + */ + public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, $password = '', array $options = []) + { + if (count($primes) != 2) { + throw new \InvalidArgumentException('PuTTY does not support multi-prime RSA keys'); + } + + $public = Strings::packSSH2('ii', $e, $n); + $private = Strings::packSSH2('iiii', $d, $primes[1], $primes[2], $coefficients[2]); + + return self::wrapPrivateKey($public, $private, 'ssh-rsa', $password, $options); + } + + /** + * Convert a public key to the appropriate format + * + * @param \phpseclib3\Math\BigInteger $n + * @param \phpseclib3\Math\BigInteger $e + * @return string + */ + public static function savePublicKey(BigInteger $n, BigInteger $e) + { + return self::wrapPublicKey(Strings::packSSH2('ii', $e, $n), 'ssh-rsa'); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/Raw.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/Raw.php new file mode 100644 index 0000000..db72878 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/Raw.php @@ -0,0 +1,184 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\RSA\Formats\Keys; + +use phpseclib3\Math\BigInteger; + +/** + * Raw RSA Key Handler + * + * @author Jim Wigginton + */ +abstract class Raw +{ + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password optional + * @return array + */ + public static function load($key, $password = '') + { + if (!is_array($key)) { + throw new \UnexpectedValueException('Key should be a array - not a ' . gettype($key)); + } + + $key = array_change_key_case($key, CASE_LOWER); + + $components = ['isPublicKey' => false]; + + foreach (['e', 'exponent', 'publicexponent', 0, 'privateexponent', 'd'] as $index) { + if (isset($key[$index])) { + $components['publicExponent'] = $key[$index]; + break; + } + } + + foreach (['n', 'modulo', 'modulus', 1] as $index) { + if (isset($key[$index])) { + $components['modulus'] = $key[$index]; + break; + } + } + + if (!isset($components['publicExponent']) || !isset($components['modulus'])) { + throw new \UnexpectedValueException('Modulus / exponent not present'); + } + + if (isset($key['primes'])) { + $components['primes'] = $key['primes']; + } elseif (isset($key['p']) && isset($key['q'])) { + $indices = [ + ['p', 'q'], + ['prime1', 'prime2'] + ]; + foreach ($indices as $index) { + list($i0, $i1) = $index; + if (isset($key[$i0]) && isset($key[$i1])) { + $components['primes'] = [1 => $key[$i0], $key[$i1]]; + } + } + } + + if (isset($key['exponents'])) { + $components['exponents'] = $key['exponents']; + } else { + $indices = [ + ['dp', 'dq'], + ['exponent1', 'exponent2'] + ]; + foreach ($indices as $index) { + list($i0, $i1) = $index; + if (isset($key[$i0]) && isset($key[$i1])) { + $components['exponents'] = [1 => $key[$i0], $key[$i1]]; + } + } + } + + if (isset($key['coefficients'])) { + $components['coefficients'] = $key['coefficients']; + } else { + foreach (['inverseq', 'q\'', 'coefficient'] as $index) { + if (isset($key[$index])) { + $components['coefficients'] = [2 => $key[$index]]; + } + } + } + + if (!isset($components['primes'])) { + $components['isPublicKey'] = true; + return $components; + } + + if (!isset($components['exponents'])) { + $one = new BigInteger(1); + $temp = $components['primes'][1]->subtract($one); + $exponents = [1 => $components['publicExponent']->modInverse($temp)]; + $temp = $components['primes'][2]->subtract($one); + $exponents[] = $components['publicExponent']->modInverse($temp); + $components['exponents'] = $exponents; + } + + if (!isset($components['coefficients'])) { + $components['coefficients'] = [2 => $components['primes'][2]->modInverse($components['primes'][1])]; + } + + foreach (['privateexponent', 'd'] as $index) { + if (isset($key[$index])) { + $components['privateExponent'] = $key[$index]; + break; + } + } + + return $components; + } + + /** + * Convert a private key to the appropriate format. + * + * @param \phpseclib3\Math\BigInteger $n + * @param \phpseclib3\Math\BigInteger $e + * @param \phpseclib3\Math\BigInteger $d + * @param array $primes + * @param array $exponents + * @param array $coefficients + * @param string $password optional + * @param array $options optional + * @return array + */ + public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, $password = '', array $options = []) + { + if (!empty($password) && is_string($password)) { + throw new UnsupportedFormatException('Raw private keys do not support encryption'); + } + + return [ + 'e' => clone $e, + 'n' => clone $n, + 'd' => clone $d, + 'primes' => array_map(function ($var) { + return clone $var; + }, $primes), + 'exponents' => array_map(function ($var) { + return clone $var; + }, $exponents), + 'coefficients' => array_map(function ($var) { + return clone $var; + }, $coefficients) + ]; + } + + /** + * Convert a public key to the appropriate format + * + * @param \phpseclib3\Math\BigInteger $n + * @param \phpseclib3\Math\BigInteger $e + * @return array + */ + public static function savePublicKey(BigInteger $n, BigInteger $e) + { + return ['e' => clone $e, 'n' => clone $n]; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/XML.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/XML.php new file mode 100644 index 0000000..280048c --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/XML.php @@ -0,0 +1,171 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\RSA\Formats\Keys; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Exception\BadConfigurationException; +use phpseclib3\Exception\UnsupportedFormatException; +use phpseclib3\Math\BigInteger; + +/** + * XML Formatted RSA Key Handler + * + * @author Jim Wigginton + */ +abstract class XML +{ + /** + * Break a public or private key down into its constituent components + * + * @param string $key + * @param string $password optional + * @return array + */ + public static function load($key, $password = '') + { + if (!Strings::is_stringable($key)) { + throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); + } + + if (!class_exists('DOMDocument')) { + throw new BadConfigurationException('The dom extension is not setup correctly on this system'); + } + + $components = [ + 'isPublicKey' => false, + 'primes' => [], + 'exponents' => [], + 'coefficients' => [] + ]; + + $use_errors = libxml_use_internal_errors(true); + + $dom = new \DOMDocument(); + if (substr($key, 0, 5) != '' . $key . ''; + } + if (!$dom->loadXML($key)) { + libxml_use_internal_errors($use_errors); + throw new \UnexpectedValueException('Key does not appear to contain XML'); + } + $xpath = new \DOMXPath($dom); + $keys = ['modulus', 'exponent', 'p', 'q', 'dp', 'dq', 'inverseq', 'd']; + foreach ($keys as $key) { + // $dom->getElementsByTagName($key) is case-sensitive + $temp = $xpath->query("//*[translate(local-name(), 'ABCDEFGHIJKLMNOPQRSTUVWXYZ','abcdefghijklmnopqrstuvwxyz')='$key']"); + if (!$temp->length) { + continue; + } + $value = new BigInteger(Strings::base64_decode($temp->item(0)->nodeValue), 256); + switch ($key) { + case 'modulus': + $components['modulus'] = $value; + break; + case 'exponent': + $components['publicExponent'] = $value; + break; + case 'p': + $components['primes'][1] = $value; + break; + case 'q': + $components['primes'][2] = $value; + break; + case 'dp': + $components['exponents'][1] = $value; + break; + case 'dq': + $components['exponents'][2] = $value; + break; + case 'inverseq': + $components['coefficients'][2] = $value; + break; + case 'd': + $components['privateExponent'] = $value; + } + } + + libxml_use_internal_errors($use_errors); + + foreach ($components as $key => $value) { + if (is_array($value) && !count($value)) { + unset($components[$key]); + } + } + + if (isset($components['modulus']) && isset($components['publicExponent'])) { + if (count($components) == 3) { + $components['isPublicKey'] = true; + } + return $components; + } + + throw new \UnexpectedValueException('Modulus / exponent not present'); + } + + /** + * Convert a private key to the appropriate format. + * + * @param \phpseclib3\Math\BigInteger $n + * @param \phpseclib3\Math\BigInteger $e + * @param \phpseclib3\Math\BigInteger $d + * @param array $primes + * @param array $exponents + * @param array $coefficients + * @param string $password optional + * @return string + */ + public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, $password = '') + { + if (count($primes) != 2) { + throw new \InvalidArgumentException('XML does not support multi-prime RSA keys'); + } + + if (!empty($password) && is_string($password)) { + throw new UnsupportedFormatException('XML private keys do not support encryption'); + } + + return "\r\n" . + ' ' . Strings::base64_encode($n->toBytes()) . "\r\n" . + ' ' . Strings::base64_encode($e->toBytes()) . "\r\n" . + '

' . Strings::base64_encode($primes[1]->toBytes()) . "

\r\n" . + ' ' . Strings::base64_encode($primes[2]->toBytes()) . "\r\n" . + ' ' . Strings::base64_encode($exponents[1]->toBytes()) . "\r\n" . + ' ' . Strings::base64_encode($exponents[2]->toBytes()) . "\r\n" . + ' ' . Strings::base64_encode($coefficients[2]->toBytes()) . "\r\n" . + ' ' . Strings::base64_encode($d->toBytes()) . "\r\n" . + ''; + } + + /** + * Convert a public key to the appropriate format + * + * @param \phpseclib3\Math\BigInteger $n + * @param \phpseclib3\Math\BigInteger $e + * @return string + */ + public static function savePublicKey(BigInteger $n, BigInteger $e) + { + return "\r\n" . + ' ' . Strings::base64_encode($n->toBytes()) . "\r\n" . + ' ' . Strings::base64_encode($e->toBytes()) . "\r\n" . + ''; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/PrivateKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/PrivateKey.php new file mode 100644 index 0000000..37dd09a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/PrivateKey.php @@ -0,0 +1,530 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\RSA; + +use phpseclib3\Crypt\Common; +use phpseclib3\Crypt\Random; +use phpseclib3\Crypt\RSA; +use phpseclib3\Crypt\RSA\Formats\Keys\PSS; +use phpseclib3\Exception\UnsupportedFormatException; +use phpseclib3\Math\BigInteger; + +/** + * Raw RSA Key Handler + * + * @author Jim Wigginton + */ +final class PrivateKey extends RSA implements Common\PrivateKey +{ + use Common\Traits\PasswordProtected; + + /** + * Primes for Chinese Remainder Theorem (ie. p and q) + * + * @var array + */ + protected $primes; + + /** + * Exponents for Chinese Remainder Theorem (ie. dP and dQ) + * + * @var array + */ + protected $exponents; + + /** + * Coefficients for Chinese Remainder Theorem (ie. qInv) + * + * @var array + */ + protected $coefficients; + + /** + * Private Exponent + * + * @var \phpseclib3\Math\BigInteger + */ + protected $privateExponent; + + /** + * RSADP + * + * See {@link http://tools.ietf.org/html/rfc3447#section-5.1.2 RFC3447#section-5.1.2}. + * + * @return bool|\phpseclib3\Math\BigInteger + */ + private function rsadp(BigInteger $c) + { + if ($c->compare(self::$zero) < 0 || $c->compare($this->modulus) > 0) { + throw new \OutOfRangeException('Ciphertext representative out of range'); + } + return $this->exponentiate($c); + } + + /** + * RSASP1 + * + * See {@link http://tools.ietf.org/html/rfc3447#section-5.2.1 RFC3447#section-5.2.1}. + * + * @return bool|\phpseclib3\Math\BigInteger + */ + private function rsasp1(BigInteger $m) + { + if ($m->compare(self::$zero) < 0 || $m->compare($this->modulus) > 0) { + throw new \OutOfRangeException('Signature representative out of range'); + } + return $this->exponentiate($m); + } + + /** + * Exponentiate + * + * @param \phpseclib3\Math\BigInteger $x + * @return \phpseclib3\Math\BigInteger + */ + protected function exponentiate(BigInteger $x) + { + switch (true) { + case empty($this->primes): + case $this->primes[1]->equals(self::$zero): + case empty($this->coefficients): + case $this->coefficients[2]->equals(self::$zero): + case empty($this->exponents): + case $this->exponents[1]->equals(self::$zero): + return $x->modPow($this->exponent, $this->modulus); + } + + $num_primes = count($this->primes); + + if (!static::$enableBlinding) { + $m_i = [ + 1 => $x->modPow($this->exponents[1], $this->primes[1]), + 2 => $x->modPow($this->exponents[2], $this->primes[2]) + ]; + $h = $m_i[1]->subtract($m_i[2]); + $h = $h->multiply($this->coefficients[2]); + list(, $h) = $h->divide($this->primes[1]); + $m = $m_i[2]->add($h->multiply($this->primes[2])); + + $r = $this->primes[1]; + for ($i = 3; $i <= $num_primes; $i++) { + $m_i = $x->modPow($this->exponents[$i], $this->primes[$i]); + + $r = $r->multiply($this->primes[$i - 1]); + + $h = $m_i->subtract($m); + $h = $h->multiply($this->coefficients[$i]); + list(, $h) = $h->divide($this->primes[$i]); + + $m = $m->add($r->multiply($h)); + } + } else { + $smallest = $this->primes[1]; + for ($i = 2; $i <= $num_primes; $i++) { + if ($smallest->compare($this->primes[$i]) > 0) { + $smallest = $this->primes[$i]; + } + } + + $r = BigInteger::randomRange(self::$one, $smallest->subtract(self::$one)); + + $m_i = [ + 1 => $this->blind($x, $r, 1), + 2 => $this->blind($x, $r, 2) + ]; + $h = $m_i[1]->subtract($m_i[2]); + $h = $h->multiply($this->coefficients[2]); + list(, $h) = $h->divide($this->primes[1]); + $m = $m_i[2]->add($h->multiply($this->primes[2])); + + $r = $this->primes[1]; + for ($i = 3; $i <= $num_primes; $i++) { + $m_i = $this->blind($x, $r, $i); + + $r = $r->multiply($this->primes[$i - 1]); + + $h = $m_i->subtract($m); + $h = $h->multiply($this->coefficients[$i]); + list(, $h) = $h->divide($this->primes[$i]); + + $m = $m->add($r->multiply($h)); + } + } + + return $m; + } + + /** + * Performs RSA Blinding + * + * Protects against timing attacks by employing RSA Blinding. + * Returns $x->modPow($this->exponents[$i], $this->primes[$i]) + * + * @param \phpseclib3\Math\BigInteger $x + * @param \phpseclib3\Math\BigInteger $r + * @param int $i + * @return \phpseclib3\Math\BigInteger + */ + private function blind(BigInteger $x, BigInteger $r, $i) + { + $x = $x->multiply($r->modPow($this->publicExponent, $this->primes[$i])); + $x = $x->modPow($this->exponents[$i], $this->primes[$i]); + + $r = $r->modInverse($this->primes[$i]); + $x = $x->multiply($r); + list(, $x) = $x->divide($this->primes[$i]); + + return $x; + } + + /** + * EMSA-PSS-ENCODE + * + * See {@link http://tools.ietf.org/html/rfc3447#section-9.1.1 RFC3447#section-9.1.1}. + * + * @return string + * @param string $m + * @throws \RuntimeException on encoding error + * @param int $emBits + */ + private function emsa_pss_encode($m, $emBits) + { + // if $m is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error + // be output. + + $emLen = ($emBits + 1) >> 3; // ie. ceil($emBits / 8) + $sLen = $this->sLen !== null ? $this->sLen : $this->hLen; + + $mHash = $this->hash->hash($m); + if ($emLen < $this->hLen + $sLen + 2) { + throw new \LengthException('RSA modulus too short'); + } + + $salt = Random::string($sLen); + $m2 = "\0\0\0\0\0\0\0\0" . $mHash . $salt; + $h = $this->hash->hash($m2); + $ps = str_repeat(chr(0), $emLen - $sLen - $this->hLen - 2); + $db = $ps . chr(1) . $salt; + $dbMask = $this->mgf1($h, $emLen - $this->hLen - 1); // ie. stlren($db) + $maskedDB = $db ^ $dbMask; + $maskedDB[0] = ~chr(0xFF << ($emBits & 7)) & $maskedDB[0]; + $em = $maskedDB . $h . chr(0xBC); + + return $em; + } + + /** + * RSASSA-PSS-SIGN + * + * See {@link http://tools.ietf.org/html/rfc3447#section-8.1.1 RFC3447#section-8.1.1}. + * + * @param string $m + * @return bool|string + */ + private function rsassa_pss_sign($m) + { + // EMSA-PSS encoding + + $em = $this->emsa_pss_encode($m, 8 * $this->k - 1); + + // RSA signature + + $m = $this->os2ip($em); + $s = $this->rsasp1($m); + $s = $this->i2osp($s, $this->k); + + // Output the signature S + + return $s; + } + + /** + * RSASSA-PKCS1-V1_5-SIGN + * + * See {@link http://tools.ietf.org/html/rfc3447#section-8.2.1 RFC3447#section-8.2.1}. + * + * @param string $m + * @throws \LengthException if the RSA modulus is too short + * @return bool|string + */ + private function rsassa_pkcs1_v1_5_sign($m) + { + // EMSA-PKCS1-v1_5 encoding + + // If the encoding operation outputs "intended encoded message length too short," output "RSA modulus + // too short" and stop. + try { + $em = $this->emsa_pkcs1_v1_5_encode($m, $this->k); + } catch (\LengthException $e) { + throw new \LengthException('RSA modulus too short'); + } + + // RSA signature + + $m = $this->os2ip($em); + $s = $this->rsasp1($m); + $s = $this->i2osp($s, $this->k); + + // Output the signature S + + return $s; + } + + /** + * Create a signature + * + * @see self::verify() + * @param string $message + * @return string + */ + public function sign($message) + { + switch ($this->signaturePadding) { + case self::SIGNATURE_PKCS1: + case self::SIGNATURE_RELAXED_PKCS1: + return $this->rsassa_pkcs1_v1_5_sign($message); + //case self::SIGNATURE_PSS: + default: + return $this->rsassa_pss_sign($message); + } + } + + /** + * RSAES-PKCS1-V1_5-DECRYPT + * + * See {@link http://tools.ietf.org/html/rfc3447#section-7.2.2 RFC3447#section-7.2.2}. + * + * @param string $c + * @return bool|string + */ + private function rsaes_pkcs1_v1_5_decrypt($c) + { + // Length checking + + if (strlen($c) != $this->k) { // or if k < 11 + throw new \LengthException('Ciphertext representative too long'); + } + + // RSA decryption + + $c = $this->os2ip($c); + $m = $this->rsadp($c); + $em = $this->i2osp($m, $this->k); + + // EME-PKCS1-v1_5 decoding + + if (ord($em[0]) != 0 || ord($em[1]) > 2) { + throw new \RuntimeException('Decryption error'); + } + + $ps = substr($em, 2, strpos($em, chr(0), 2) - 2); + $m = substr($em, strlen($ps) + 3); + + if (strlen($ps) < 8) { + throw new \RuntimeException('Decryption error'); + } + + // Output M + + return $m; + } + + /** + * RSAES-OAEP-DECRYPT + * + * See {@link http://tools.ietf.org/html/rfc3447#section-7.1.2 RFC3447#section-7.1.2}. The fact that the error + * messages aren't distinguishable from one another hinders debugging, but, to quote from RFC3447#section-7.1.2: + * + * Note. Care must be taken to ensure that an opponent cannot + * distinguish the different error conditions in Step 3.g, whether by + * error message or timing, or, more generally, learn partial + * information about the encoded message EM. Otherwise an opponent may + * be able to obtain useful information about the decryption of the + * ciphertext C, leading to a chosen-ciphertext attack such as the one + * observed by Manger [36]. + * + * @param string $c + * @return bool|string + */ + private function rsaes_oaep_decrypt($c) + { + // Length checking + + // if $l is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error + // be output. + + if (strlen($c) != $this->k || $this->k < 2 * $this->hLen + 2) { + throw new \LengthException('Ciphertext representative too long'); + } + + // RSA decryption + + $c = $this->os2ip($c); + $m = $this->rsadp($c); + $em = $this->i2osp($m, $this->k); + + // EME-OAEP decoding + + $lHash = $this->hash->hash($this->label); + $y = ord($em[0]); + $maskedSeed = substr($em, 1, $this->hLen); + $maskedDB = substr($em, $this->hLen + 1); + $seedMask = $this->mgf1($maskedDB, $this->hLen); + $seed = $maskedSeed ^ $seedMask; + $dbMask = $this->mgf1($seed, $this->k - $this->hLen - 1); + $db = $maskedDB ^ $dbMask; + $lHash2 = substr($db, 0, $this->hLen); + $m = substr($db, $this->hLen); + $hashesMatch = hash_equals($lHash, $lHash2); + $leadingZeros = 1; + $patternMatch = 0; + $offset = 0; + for ($i = 0; $i < strlen($m); $i++) { + $patternMatch |= $leadingZeros & ($m[$i] === "\1"); + $leadingZeros &= $m[$i] === "\0"; + $offset += $patternMatch ? 0 : 1; + } + + // we do | instead of || to avoid https://en.wikipedia.org/wiki/Short-circuit_evaluation + // to protect against timing attacks + if (!$hashesMatch | !$patternMatch) { + throw new \RuntimeException('Decryption error'); + } + + // Output the message M + + return substr($m, $offset + 1); + } + + /** + * Raw Encryption / Decryption + * + * Doesn't use padding and is not recommended. + * + * @param string $m + * @return bool|string + * @throws \LengthException if strlen($m) > $this->k + */ + private function raw_encrypt($m) + { + if (strlen($m) > $this->k) { + throw new \LengthException('Ciphertext representative too long'); + } + + $temp = $this->os2ip($m); + $temp = $this->rsadp($temp); + return $this->i2osp($temp, $this->k); + } + + /** + * Decryption + * + * @see self::encrypt() + * @param string $ciphertext + * @return bool|string + */ + public function decrypt($ciphertext) + { + switch ($this->encryptionPadding) { + case self::ENCRYPTION_NONE: + return $this->raw_encrypt($ciphertext); + case self::ENCRYPTION_PKCS1: + return $this->rsaes_pkcs1_v1_5_decrypt($ciphertext); + //case self::ENCRYPTION_OAEP: + default: + return $this->rsaes_oaep_decrypt($ciphertext); + } + } + + /** + * Returns the public key + * + * @return mixed + */ + public function getPublicKey() + { + $type = self::validatePlugin('Keys', 'PKCS8', 'savePublicKey'); + if (empty($this->modulus) || empty($this->publicExponent)) { + throw new \RuntimeException('Public key components not found'); + } + + $key = $type::savePublicKey($this->modulus, $this->publicExponent); + return RSA::loadFormat('PKCS8', $key) + ->withHash($this->hash->getHash()) + ->withMGFHash($this->mgfHash->getHash()) + ->withSaltLength($this->sLen) + ->withLabel($this->label) + ->withPadding($this->signaturePadding | $this->encryptionPadding); + } + + /** + * Returns the private key + * + * @param string $type + * @param array $options optional + * @return string + */ + public function toString($type, array $options = []) + { + $type = self::validatePlugin( + 'Keys', + $type, + empty($this->primes) ? 'savePublicKey' : 'savePrivateKey' + ); + + if ($type == PSS::class) { + if ($this->signaturePadding == self::SIGNATURE_PSS) { + $options += [ + 'hash' => $this->hash->getHash(), + 'MGFHash' => $this->mgfHash->getHash(), + 'saltLength' => $this->getSaltLength() + ]; + } else { + throw new UnsupportedFormatException('The PSS format can only be used when the signature method has been explicitly set to PSS'); + } + } + + if (empty($this->primes)) { + return $type::savePublicKey($this->modulus, $this->exponent, $options); + } + + return $type::savePrivateKey($this->modulus, $this->publicExponent, $this->exponent, $this->primes, $this->exponents, $this->coefficients, $this->password, $options); + + /* + $key = $type::savePrivateKey($this->modulus, $this->publicExponent, $this->exponent, $this->primes, $this->exponents, $this->coefficients, $this->password, $options); + if ($key !== false || count($this->primes) == 2) { + return $key; + } + + $nSize = $this->getSize() >> 1; + + $primes = [1 => clone self::$one, clone self::$one]; + $i = 1; + foreach ($this->primes as $prime) { + $primes[$i] = $primes[$i]->multiply($prime); + if ($primes[$i]->getLength() >= $nSize) { + $i++; + } + } + + $exponents = []; + $coefficients = [2 => $primes[2]->modInverse($primes[1])]; + + foreach ($primes as $i => $prime) { + $temp = $prime->subtract(self::$one); + $exponents[$i] = $this->modulus->modInverse($temp); + } + + return $type::savePrivateKey($this->modulus, $this->publicExponent, $this->exponent, $primes, $exponents, $coefficients, $this->password, $options); + */ + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/PublicKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/PublicKey.php new file mode 100644 index 0000000..58939a9 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/PublicKey.php @@ -0,0 +1,513 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt\RSA; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\Common; +use phpseclib3\Crypt\Hash; +use phpseclib3\Crypt\Random; +use phpseclib3\Crypt\RSA; +use phpseclib3\Crypt\RSA\Formats\Keys\PSS; +use phpseclib3\Exception\UnsupportedAlgorithmException; +use phpseclib3\Exception\UnsupportedFormatException; +use phpseclib3\File\ASN1; +use phpseclib3\File\ASN1\Maps\DigestInfo; +use phpseclib3\Math\BigInteger; + +/** + * Raw RSA Key Handler + * + * @author Jim Wigginton + */ +final class PublicKey extends RSA implements Common\PublicKey +{ + use Common\Traits\Fingerprint; + + /** + * Exponentiate + * + * @param \phpseclib3\Math\BigInteger $x + * @return \phpseclib3\Math\BigInteger + */ + private function exponentiate(BigInteger $x) + { + return $x->modPow($this->exponent, $this->modulus); + } + + /** + * RSAVP1 + * + * See {@link http://tools.ietf.org/html/rfc3447#section-5.2.2 RFC3447#section-5.2.2}. + * + * @param \phpseclib3\Math\BigInteger $s + * @return bool|\phpseclib3\Math\BigInteger + */ + private function rsavp1($s) + { + if ($s->compare(self::$zero) < 0 || $s->compare($this->modulus) > 0) { + return false; + } + return $this->exponentiate($s); + } + + /** + * RSASSA-PKCS1-V1_5-VERIFY + * + * See {@link http://tools.ietf.org/html/rfc3447#section-8.2.2 RFC3447#section-8.2.2}. + * + * @param string $m + * @param string $s + * @throws \LengthException if the RSA modulus is too short + * @return bool + */ + private function rsassa_pkcs1_v1_5_verify($m, $s) + { + // Length checking + + if (strlen($s) != $this->k) { + return false; + } + + // RSA verification + + $s = $this->os2ip($s); + $m2 = $this->rsavp1($s); + if ($m2 === false) { + return false; + } + $em = $this->i2osp($m2, $this->k); + if ($em === false) { + return false; + } + + // EMSA-PKCS1-v1_5 encoding + + $exception = false; + + // If the encoding operation outputs "intended encoded message length too short," output "RSA modulus + // too short" and stop. + try { + $em2 = $this->emsa_pkcs1_v1_5_encode($m, $this->k); + $r1 = hash_equals($em, $em2); + } catch (\LengthException $e) { + $exception = true; + } + + try { + $em3 = $this->emsa_pkcs1_v1_5_encode_without_null($m, $this->k); + $r2 = hash_equals($em, $em3); + } catch (\LengthException $e) { + $exception = true; + } catch (UnsupportedAlgorithmException $e) { + $r2 = false; + } + + if ($exception) { + throw new \LengthException('RSA modulus too short'); + } + + // Compare + return $r1 || $r2; + } + + /** + * RSASSA-PKCS1-V1_5-VERIFY (relaxed matching) + * + * Per {@link http://tools.ietf.org/html/rfc3447#page-43 RFC3447#page-43} PKCS1 v1.5 + * specified the use BER encoding rather than DER encoding that PKCS1 v2.0 specified. + * This means that under rare conditions you can have a perfectly valid v1.5 signature + * that fails to validate with _rsassa_pkcs1_v1_5_verify(). PKCS1 v2.1 also recommends + * that if you're going to validate these types of signatures you "should indicate + * whether the underlying BER encoding is a DER encoding and hence whether the signature + * is valid with respect to the specification given in [PKCS1 v2.0+]". so if you do + * $rsa->getLastPadding() and get RSA::PADDING_RELAXED_PKCS1 back instead of + * RSA::PADDING_PKCS1... that means BER encoding was used. + * + * @param string $m + * @param string $s + * @return bool + */ + private function rsassa_pkcs1_v1_5_relaxed_verify($m, $s) + { + // Length checking + + if (strlen($s) != $this->k) { + return false; + } + + // RSA verification + + $s = $this->os2ip($s); + $m2 = $this->rsavp1($s); + if ($m2 === false) { + return false; + } + $em = $this->i2osp($m2, $this->k); + if ($em === false) { + return false; + } + + if (Strings::shift($em, 2) != "\0\1") { + return false; + } + + $em = ltrim($em, "\xFF"); + if (Strings::shift($em) != "\0") { + return false; + } + + $decoded = ASN1::decodeBER($em); + if (!is_array($decoded) || empty($decoded[0]) || strlen($em) > $decoded[0]['length']) { + return false; + } + + static $oids; + if (!isset($oids)) { + $oids = [ + 'md2' => '1.2.840.113549.2.2', + 'md4' => '1.2.840.113549.2.4', // from PKCS1 v1.5 + 'md5' => '1.2.840.113549.2.5', + 'id-sha1' => '1.3.14.3.2.26', + 'id-sha256' => '2.16.840.1.101.3.4.2.1', + 'id-sha384' => '2.16.840.1.101.3.4.2.2', + 'id-sha512' => '2.16.840.1.101.3.4.2.3', + // from PKCS1 v2.2 + 'id-sha224' => '2.16.840.1.101.3.4.2.4', + 'id-sha512/224' => '2.16.840.1.101.3.4.2.5', + 'id-sha512/256' => '2.16.840.1.101.3.4.2.6', + ]; + ASN1::loadOIDs($oids); + } + + $decoded = ASN1::asn1map($decoded[0], DigestInfo::MAP); + if (!isset($decoded) || $decoded === false) { + return false; + } + + if (!isset($oids[$decoded['digestAlgorithm']['algorithm']])) { + return false; + } + + if (isset($decoded['digestAlgorithm']['parameters']) && $decoded['digestAlgorithm']['parameters'] !== ['null' => '']) { + return false; + } + + $hash = $decoded['digestAlgorithm']['algorithm']; + $hash = substr($hash, 0, 3) == 'id-' ? + substr($hash, 3) : + $hash; + $hash = new Hash($hash); + $em = $hash->hash($m); + $em2 = $decoded['digest']; + + return hash_equals($em, $em2); + } + + /** + * EMSA-PSS-VERIFY + * + * See {@link http://tools.ietf.org/html/rfc3447#section-9.1.2 RFC3447#section-9.1.2}. + * + * @param string $m + * @param string $em + * @param int $emBits + * @return string + */ + private function emsa_pss_verify($m, $em, $emBits) + { + // if $m is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error + // be output. + + $emLen = ($emBits + 7) >> 3; // ie. ceil($emBits / 8); + $sLen = $this->sLen !== null ? $this->sLen : $this->hLen; + + $mHash = $this->hash->hash($m); + if ($emLen < $this->hLen + $sLen + 2) { + return false; + } + + if ($em[strlen($em) - 1] != chr(0xBC)) { + return false; + } + + $maskedDB = substr($em, 0, -$this->hLen - 1); + $h = substr($em, -$this->hLen - 1, $this->hLen); + $temp = chr(0xFF << ($emBits & 7)); + if ((~$maskedDB[0] & $temp) != $temp) { + return false; + } + $dbMask = $this->mgf1($h, $emLen - $this->hLen - 1); + $db = $maskedDB ^ $dbMask; + $db[0] = ~chr(0xFF << ($emBits & 7)) & $db[0]; + $temp = $emLen - $this->hLen - $sLen - 2; + if (substr($db, 0, $temp) != str_repeat(chr(0), $temp) || ord($db[$temp]) != 1) { + return false; + } + $salt = substr($db, $temp + 1); // should be $sLen long + $m2 = "\0\0\0\0\0\0\0\0" . $mHash . $salt; + $h2 = $this->hash->hash($m2); + return hash_equals($h, $h2); + } + + /** + * RSASSA-PSS-VERIFY + * + * See {@link http://tools.ietf.org/html/rfc3447#section-8.1.2 RFC3447#section-8.1.2}. + * + * @param string $m + * @param string $s + * @return bool|string + */ + private function rsassa_pss_verify($m, $s) + { + // Length checking + + if (strlen($s) != $this->k) { + return false; + } + + // RSA verification + + $modBits = strlen($this->modulus->toBits()); + + $s2 = $this->os2ip($s); + $m2 = $this->rsavp1($s2); + $em = $this->i2osp($m2, $this->k); + if ($em === false) { + return false; + } + + // EMSA-PSS verification + + return $this->emsa_pss_verify($m, $em, $modBits - 1); + } + + /** + * Verifies a signature + * + * @see self::sign() + * @param string $message + * @param string $signature + * @return bool + */ + public function verify($message, $signature) + { + switch ($this->signaturePadding) { + case self::SIGNATURE_RELAXED_PKCS1: + return $this->rsassa_pkcs1_v1_5_relaxed_verify($message, $signature); + case self::SIGNATURE_PKCS1: + return $this->rsassa_pkcs1_v1_5_verify($message, $signature); + //case self::SIGNATURE_PSS: + default: + return $this->rsassa_pss_verify($message, $signature); + } + } + + /** + * RSAES-PKCS1-V1_5-ENCRYPT + * + * See {@link http://tools.ietf.org/html/rfc3447#section-7.2.1 RFC3447#section-7.2.1}. + * + * @param string $m + * @param bool $pkcs15_compat optional + * @throws \LengthException if strlen($m) > $this->k - 11 + * @return bool|string + */ + private function rsaes_pkcs1_v1_5_encrypt($m, $pkcs15_compat = false) + { + $mLen = strlen($m); + + // Length checking + + if ($mLen > $this->k - 11) { + throw new \LengthException('Message too long'); + } + + // EME-PKCS1-v1_5 encoding + + $psLen = $this->k - $mLen - 3; + $ps = ''; + while (strlen($ps) != $psLen) { + $temp = Random::string($psLen - strlen($ps)); + $temp = str_replace("\x00", '', $temp); + $ps .= $temp; + } + $type = 2; + $em = chr(0) . chr($type) . $ps . chr(0) . $m; + + // RSA encryption + $m = $this->os2ip($em); + $c = $this->rsaep($m); + $c = $this->i2osp($c, $this->k); + + // Output the ciphertext C + + return $c; + } + + /** + * RSAES-OAEP-ENCRYPT + * + * See {@link http://tools.ietf.org/html/rfc3447#section-7.1.1 RFC3447#section-7.1.1} and + * {http://en.wikipedia.org/wiki/Optimal_Asymmetric_Encryption_Padding OAES}. + * + * @param string $m + * @throws \LengthException if strlen($m) > $this->k - 2 * $this->hLen - 2 + * @return string + */ + private function rsaes_oaep_encrypt($m) + { + $mLen = strlen($m); + + // Length checking + + // if $l is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error + // be output. + + if ($mLen > $this->k - 2 * $this->hLen - 2) { + throw new \LengthException('Message too long'); + } + + // EME-OAEP encoding + + $lHash = $this->hash->hash($this->label); + $ps = str_repeat(chr(0), $this->k - $mLen - 2 * $this->hLen - 2); + $db = $lHash . $ps . chr(1) . $m; + $seed = Random::string($this->hLen); + $dbMask = $this->mgf1($seed, $this->k - $this->hLen - 1); + $maskedDB = $db ^ $dbMask; + $seedMask = $this->mgf1($maskedDB, $this->hLen); + $maskedSeed = $seed ^ $seedMask; + $em = chr(0) . $maskedSeed . $maskedDB; + + // RSA encryption + + $m = $this->os2ip($em); + $c = $this->rsaep($m); + $c = $this->i2osp($c, $this->k); + + // Output the ciphertext C + + return $c; + } + + /** + * RSAEP + * + * See {@link http://tools.ietf.org/html/rfc3447#section-5.1.1 RFC3447#section-5.1.1}. + * + * @param \phpseclib3\Math\BigInteger $m + * @return bool|\phpseclib3\Math\BigInteger + */ + private function rsaep($m) + { + if ($m->compare(self::$zero) < 0 || $m->compare($this->modulus) > 0) { + throw new \OutOfRangeException('Message representative out of range'); + } + return $this->exponentiate($m); + } + + /** + * Raw Encryption / Decryption + * + * Doesn't use padding and is not recommended. + * + * @param string $m + * @return bool|string + * @throws \LengthException if strlen($m) > $this->k + */ + private function raw_encrypt($m) + { + if (strlen($m) > $this->k) { + throw new \LengthException('Message too long'); + } + + $temp = $this->os2ip($m); + $temp = $this->rsaep($temp); + return $this->i2osp($temp, $this->k); + } + + /** + * Encryption + * + * Both self::PADDING_OAEP and self::PADDING_PKCS1 both place limits on how long $plaintext can be. + * If $plaintext exceeds those limits it will be broken up so that it does and the resultant ciphertext's will + * be concatenated together. + * + * @see self::decrypt() + * @param string $plaintext + * @return bool|string + * @throws \LengthException if the RSA modulus is too short + */ + public function encrypt($plaintext) + { + switch ($this->encryptionPadding) { + case self::ENCRYPTION_NONE: + return $this->raw_encrypt($plaintext); + case self::ENCRYPTION_PKCS1: + return $this->rsaes_pkcs1_v1_5_encrypt($plaintext); + //case self::ENCRYPTION_OAEP: + default: + return $this->rsaes_oaep_encrypt($plaintext); + } + } + + /** + * Returns the public key + * + * The public key is only returned under two circumstances - if the private key had the public key embedded within it + * or if the public key was set via setPublicKey(). If the currently loaded key is supposed to be the public key this + * function won't return it since this library, for the most part, doesn't distinguish between public and private keys. + * + * @param string $type + * @param array $options optional + * @return mixed + */ + public function toString($type, array $options = []) + { + $type = self::validatePlugin('Keys', $type, 'savePublicKey'); + + if ($type == PSS::class) { + if ($this->signaturePadding == self::SIGNATURE_PSS) { + $options += [ + 'hash' => $this->hash->getHash(), + 'MGFHash' => $this->mgfHash->getHash(), + 'saltLength' => $this->getSaltLength() + ]; + } else { + throw new UnsupportedFormatException('The PSS format can only be used when the signature method has been explicitly set to PSS'); + } + } + + return $type::savePublicKey($this->modulus, $this->publicExponent, $options); + } + + /** + * Converts a public key to a private key + * + * @return RSA + */ + public function asPrivateKey() + { + $new = new PrivateKey(); + $new->exponent = $this->exponent; + $new->modulus = $this->modulus; + $new->k = $this->k; + $new->format = $this->format; + return $new + ->withHash($this->hash->getHash()) + ->withMGFHash($this->mgfHash->getHash()) + ->withSaltLength($this->sLen) + ->withLabel($this->label) + ->withPadding($this->signaturePadding | $this->encryptionPadding); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Random.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Random.php new file mode 100644 index 0000000..f813a2e --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Random.php @@ -0,0 +1,222 @@ + + * + * + * + * @author Jim Wigginton + * @copyright 2007 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt; + +/** + * Pure-PHP Random Number Generator + * + * @author Jim Wigginton + */ +abstract class Random +{ + /** + * Generate a random string. + * + * Although microoptimizations are generally discouraged as they impair readability this function is ripe with + * microoptimizations because this function has the potential of being called a huge number of times. + * eg. for RSA key generation. + * + * @param int $length + * @throws \RuntimeException if a symmetric cipher is needed but not loaded + * @return string + */ + public static function string($length) + { + if (!$length) { + return ''; + } + + try { + return random_bytes($length); + } catch (\Exception $e) { + // random_compat will throw an Exception, which in PHP 5 does not implement Throwable + } catch (\Throwable $e) { + // If a sufficient source of randomness is unavailable, random_bytes() will throw an + // object that implements the Throwable interface (Exception, TypeError, Error). + // We don't actually need to do anything here. The string() method should just continue + // as normal. Note, however, that if we don't have a sufficient source of randomness for + // random_bytes(), most of the other calls here will fail too, so we'll end up using + // the PHP implementation. + } + // at this point we have no choice but to use a pure-PHP CSPRNG + + // cascade entropy across multiple PHP instances by fixing the session and collecting all + // environmental variables, including the previous session data and the current session + // data. + // + // mt_rand seeds itself by looking at the PID and the time, both of which are (relatively) + // easy to guess at. linux uses mouse clicks, keyboard timings, etc, as entropy sources, but + // PHP isn't low level to be able to use those as sources and on a web server there's not likely + // going to be a ton of keyboard or mouse action. web servers do have one thing that we can use + // however, a ton of people visiting the website. obviously you don't want to base your seeding + // solely on parameters a potential attacker sends but (1) not everything in $_SERVER is controlled + // by the user and (2) this isn't just looking at the data sent by the current user - it's based + // on the data sent by all users. one user requests the page and a hash of their info is saved. + // another user visits the page and the serialization of their data is utilized along with the + // server environment stuff and a hash of the previous http request data (which itself utilizes + // a hash of the session data before that). certainly an attacker should be assumed to have + // full control over his own http requests. he, however, is not going to have control over + // everyone's http requests. + static $crypto = false, $v; + if ($crypto === false) { + // save old session data + $old_session_id = session_id(); + $old_use_cookies = ini_get('session.use_cookies'); + $old_session_cache_limiter = session_cache_limiter(); + $_OLD_SESSION = isset($_SESSION) ? $_SESSION : false; + if ($old_session_id != '') { + session_write_close(); + } + + session_id(1); + ini_set('session.use_cookies', 0); + session_cache_limiter(''); + session_start(); + + $v = (isset($_SERVER) ? self::safe_serialize($_SERVER) : '') . + (isset($_POST) ? self::safe_serialize($_POST) : '') . + (isset($_GET) ? self::safe_serialize($_GET) : '') . + (isset($_COOKIE) ? self::safe_serialize($_COOKIE) : '') . + // as of PHP 8.1 $GLOBALS can't be accessed by reference, which eliminates + // the need for phpseclib_safe_serialize. see https://wiki.php.net/rfc/restrict_globals_usage + // for more info + (version_compare(PHP_VERSION, '8.1.0', '>=') ? serialize($GLOBALS) : self::safe_serialize($GLOBALS)) . + self::safe_serialize($_SESSION) . + self::safe_serialize($_OLD_SESSION); + $v = $seed = $_SESSION['seed'] = sha1($v, true); + if (!isset($_SESSION['count'])) { + $_SESSION['count'] = 0; + } + $_SESSION['count']++; + + session_write_close(); + + // restore old session data + if ($old_session_id != '') { + session_id($old_session_id); + session_start(); + ini_set('session.use_cookies', $old_use_cookies); + session_cache_limiter($old_session_cache_limiter); + } else { + if ($_OLD_SESSION !== false) { + $_SESSION = $_OLD_SESSION; + unset($_OLD_SESSION); + } else { + unset($_SESSION); + } + } + + // in SSH2 a shared secret and an exchange hash are generated through the key exchange process. + // the IV client to server is the hash of that "nonce" with the letter A and for the encryption key it's the letter C. + // if the hash doesn't produce enough a key or an IV that's long enough concat successive hashes of the + // original hash and the current hash. we'll be emulating that. for more info see the following URL: + // + // http://tools.ietf.org/html/rfc4253#section-7.2 + // + // see the is_string($crypto) part for an example of how to expand the keys + $key = sha1($seed . 'A', true); + $iv = sha1($seed . 'C', true); + + // ciphers are used as per the nist.gov link below. also, see this link: + // + // http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator#Designs_based_on_cryptographic_primitives + switch (true) { + case class_exists('\phpseclib3\Crypt\AES'): + $crypto = new AES('ctr'); + break; + case class_exists('\phpseclib3\Crypt\Twofish'): + $crypto = new Twofish('ctr'); + break; + case class_exists('\phpseclib3\Crypt\Blowfish'): + $crypto = new Blowfish('ctr'); + break; + case class_exists('\phpseclib3\Crypt\TripleDES'): + $crypto = new TripleDES('ctr'); + break; + case class_exists('\phpseclib3\Crypt\DES'): + $crypto = new DES('ctr'); + break; + case class_exists('\phpseclib3\Crypt\RC4'): + $crypto = new RC4(); + break; + default: + throw new \RuntimeException(__CLASS__ . ' requires at least one symmetric cipher be loaded'); + } + + $crypto->setKey(substr($key, 0, $crypto->getKeyLength() >> 3)); + $crypto->setIV(substr($iv, 0, $crypto->getBlockLength() >> 3)); + $crypto->enableContinuousBuffer(); + } + + //return $crypto->encrypt(str_repeat("\0", $length)); + + // the following is based off of ANSI X9.31: + // + // http://csrc.nist.gov/groups/STM/cavp/documents/rng/931rngext.pdf + // + // OpenSSL uses that same standard for it's random numbers: + // + // http://www.opensource.apple.com/source/OpenSSL/OpenSSL-38/openssl/fips-1.0/rand/fips_rand.c + // (do a search for "ANS X9.31 A.2.4") + $result = ''; + while (strlen($result) < $length) { + $i = $crypto->encrypt(microtime()); // strlen(microtime()) == 21 + $r = $crypto->encrypt($i ^ $v); // strlen($v) == 20 + $v = $crypto->encrypt($r ^ $i); // strlen($r) == 20 + $result .= $r; + } + + return substr($result, 0, $length); + } + + /** + * Safely serialize variables + * + * If a class has a private __sleep() it'll emit a warning + * @return mixed + * @param mixed $arr + */ + private static function safe_serialize(&$arr) + { + if (is_object($arr)) { + return ''; + } + if (!is_array($arr)) { + return serialize($arr); + } + // prevent circular array recursion + if (isset($arr['__phpseclib_marker'])) { + return ''; + } + $safearr = []; + $arr['__phpseclib_marker'] = true; + foreach (array_keys($arr) as $key) { + // do not recurse on the '__phpseclib_marker' key itself, for smaller memory usage + if ($key !== '__phpseclib_marker') { + $safearr[$key] = self::safe_serialize($arr[$key]); + } + } + unset($arr['__phpseclib_marker']); + return serialize($safearr); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Rijndael.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Rijndael.php new file mode 100644 index 0000000..ff31f9c --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Rijndael.php @@ -0,0 +1,1036 @@ + + * setKey('abcdefghijklmnop'); + * + * $size = 10 * 1024; + * $plaintext = ''; + * for ($i = 0; $i < $size; $i++) { + * $plaintext.= 'a'; + * } + * + * echo $rijndael->decrypt($rijndael->encrypt($plaintext)); + * ?> + * + * + * @author Jim Wigginton + * @copyright 2008 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\Common\BlockCipher; +use phpseclib3\Exception\BadDecryptionException; +use phpseclib3\Exception\BadModeException; +use phpseclib3\Exception\InconsistentSetupException; +use phpseclib3\Exception\InsufficientSetupException; + +/** + * Pure-PHP implementation of Rijndael. + * + * @author Jim Wigginton + */ +class Rijndael extends BlockCipher +{ + /** + * The mcrypt specific name of the cipher + * + * Mcrypt is useable for 128/192/256-bit $block_size/$key_length. For 160/224 not. + * \phpseclib3\Crypt\Rijndael determines automatically whether mcrypt is useable + * or not for the current $block_size/$key_length. + * In case of, $cipher_name_mcrypt will be set dynamically at run time accordingly. + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::cipher_name_mcrypt + * @see \phpseclib3\Crypt\Common\SymmetricKey::engine + * @see self::isValidEngine() + * @var string + */ + protected $cipher_name_mcrypt = 'rijndael-128'; + + /** + * The Key Schedule + * + * @see self::setup() + * @var array + */ + private $w; + + /** + * The Inverse Key Schedule + * + * @see self::setup() + * @var array + */ + private $dw; + + /** + * The Block Length divided by 32 + * + * {@internal The max value is 256 / 32 = 8, the min value is 128 / 32 = 4. Exists in conjunction with $block_size + * because the encryption / decryption / key schedule creation requires this number and not $block_size. We could + * derive this from $block_size or vice versa, but that'd mean we'd have to do multiple shift operations, so in lieu + * of that, we'll just precompute it once.} + * + * @see self::setBlockLength() + * @var int + */ + private $Nb = 4; + + /** + * The Key Length (in bytes) + * + * {@internal The max value is 256 / 8 = 32, the min value is 128 / 8 = 16. Exists in conjunction with $Nk + * because the encryption / decryption / key schedule creation requires this number and not $key_length. We could + * derive this from $key_length or vice versa, but that'd mean we'd have to do multiple shift operations, so in lieu + * of that, we'll just precompute it once.} + * + * @see self::setKeyLength() + * @var int + */ + protected $key_length = 16; + + /** + * The Key Length divided by 32 + * + * @see self::setKeyLength() + * @var int + * @internal The max value is 256 / 32 = 8, the min value is 128 / 32 = 4 + */ + private $Nk = 4; + + /** + * The Number of Rounds + * + * {@internal The max value is 14, the min value is 10.} + * + * @var int + */ + private $Nr; + + /** + * Shift offsets + * + * @var array + */ + private $c; + + /** + * Holds the last used key- and block_size information + * + * @var array + */ + private $kl; + + /** + * Default Constructor. + * + * @param string $mode + * @throws \InvalidArgumentException if an invalid / unsupported mode is provided + */ + public function __construct($mode) + { + parent::__construct($mode); + + if ($this->mode == self::MODE_STREAM) { + throw new BadModeException('Block ciphers cannot be ran in stream mode'); + } + } + + /** + * Sets the key length. + * + * Valid key lengths are 128, 160, 192, 224, and 256. + * + * Note: phpseclib extends Rijndael (and AES) for using 160- and 224-bit keys but they are officially not defined + * and the most (if not all) implementations are not able using 160/224-bit keys but round/pad them up to + * 192/256 bits as, for example, mcrypt will do. + * + * That said, if you want be compatible with other Rijndael and AES implementations, + * you should not setKeyLength(160) or setKeyLength(224). + * + * Additional: In case of 160- and 224-bit keys, phpseclib will/can, for that reason, not use + * the mcrypt php extension, even if available. + * This results then in slower encryption. + * + * @throws \LengthException if the key length is invalid + * @param int $length + */ + public function setKeyLength($length) + { + switch ($length) { + case 128: + case 160: + case 192: + case 224: + case 256: + $this->key_length = $length >> 3; + break; + default: + throw new \LengthException('Key size of ' . $length . ' bits is not supported by this algorithm. Only keys of sizes 128, 160, 192, 224 or 256 bits are supported'); + } + + parent::setKeyLength($length); + } + + /** + * Sets the key. + * + * Rijndael supports five different key lengths + * + * @see setKeyLength() + * @param string $key + * @throws \LengthException if the key length isn't supported + */ + public function setKey($key) + { + switch (strlen($key)) { + case 16: + case 20: + case 24: + case 28: + case 32: + break; + default: + throw new \LengthException('Key of size ' . strlen($key) . ' not supported by this algorithm. Only keys of sizes 16, 20, 24, 28 or 32 are supported'); + } + + parent::setKey($key); + } + + /** + * Sets the block length + * + * Valid block lengths are 128, 160, 192, 224, and 256. + * + * @param int $length + */ + public function setBlockLength($length) + { + switch ($length) { + case 128: + case 160: + case 192: + case 224: + case 256: + break; + default: + throw new \LengthException('Key size of ' . $length . ' bits is not supported by this algorithm. Only keys of sizes 128, 160, 192, 224 or 256 bits are supported'); + } + + $this->Nb = $length >> 5; + $this->block_size = $length >> 3; + $this->changed = $this->nonIVChanged = true; + $this->setEngine(); + } + + /** + * Test for engine validity + * + * This is mainly just a wrapper to set things up for \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine() + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() + * @param int $engine + * @return bool + */ + protected function isValidEngineHelper($engine) + { + switch ($engine) { + case self::ENGINE_LIBSODIUM: + return function_exists('sodium_crypto_aead_aes256gcm_is_available') && + sodium_crypto_aead_aes256gcm_is_available() && + $this->mode == self::MODE_GCM && + $this->key_length == 32 && + $this->nonce && strlen($this->nonce) == 12 && + $this->block_size == 16; + case self::ENGINE_OPENSSL_GCM: + if (!extension_loaded('openssl')) { + return false; + } + $methods = openssl_get_cipher_methods(); + return $this->mode == self::MODE_GCM && + version_compare(PHP_VERSION, '7.1.0', '>=') && + in_array('aes-' . $this->getKeyLength() . '-gcm', $methods) && + $this->block_size == 16; + case self::ENGINE_OPENSSL: + if ($this->block_size != 16) { + return false; + } + $this->cipher_name_openssl_ecb = 'aes-' . ($this->key_length << 3) . '-ecb'; + $this->cipher_name_openssl = 'aes-' . ($this->key_length << 3) . '-' . $this->openssl_translate_mode(); + break; + case self::ENGINE_MCRYPT: + $this->cipher_name_mcrypt = 'rijndael-' . ($this->block_size << 3); + if ($this->key_length % 8) { // is it a 160/224-bit key? + // mcrypt is not usable for them, only for 128/192/256-bit keys + return false; + } + } + + return parent::isValidEngineHelper($engine); + } + + /** + * Encrypts a block + * + * @param string $in + * @return string + */ + protected function encryptBlock($in) + { + static $tables; + if (empty($tables)) { + $tables = &$this->getTables(); + } + $t0 = $tables[0]; + $t1 = $tables[1]; + $t2 = $tables[2]; + $t3 = $tables[3]; + $sbox = $tables[4]; + + $state = []; + $words = unpack('N*', $in); + + $c = $this->c; + $w = $this->w; + $Nb = $this->Nb; + $Nr = $this->Nr; + + // addRoundKey + $wc = $Nb - 1; + foreach ($words as $word) { + $state[] = $word ^ $w[++$wc]; + } + + // fips-197.pdf#page=19, "Figure 5. Pseudo Code for the Cipher", states that this loop has four components - + // subBytes, shiftRows, mixColumns, and addRoundKey. fips-197.pdf#page=30, "Implementation Suggestions Regarding + // Various Platforms" suggests that performs enhanced implementations are described in Rijndael-ammended.pdf. + // Rijndael-ammended.pdf#page=20, "Implementation aspects / 32-bit processor", discusses such an optimization. + // Unfortunately, the description given there is not quite correct. Per aes.spec.v316.pdf#page=19 [1], + // equation (7.4.7) is supposed to use addition instead of subtraction, so we'll do that here, as well. + + // [1] http://fp.gladman.plus.com/cryptography_technology/rijndael/aes.spec.v316.pdf + $temp = []; + for ($round = 1; $round < $Nr; ++$round) { + $i = 0; // $c[0] == 0 + $j = $c[1]; + $k = $c[2]; + $l = $c[3]; + + while ($i < $Nb) { + $temp[$i] = $t0[$state[$i] >> 24 & 0x000000FF] ^ + $t1[$state[$j] >> 16 & 0x000000FF] ^ + $t2[$state[$k] >> 8 & 0x000000FF] ^ + $t3[$state[$l] & 0x000000FF] ^ + $w[++$wc]; + ++$i; + $j = ($j + 1) % $Nb; + $k = ($k + 1) % $Nb; + $l = ($l + 1) % $Nb; + } + $state = $temp; + } + + // subWord + for ($i = 0; $i < $Nb; ++$i) { + $state[$i] = $sbox[$state[$i] & 0x000000FF] | + ($sbox[$state[$i] >> 8 & 0x000000FF] << 8) | + ($sbox[$state[$i] >> 16 & 0x000000FF] << 16) | + ($sbox[$state[$i] >> 24 & 0x000000FF] << 24); + } + + // shiftRows + addRoundKey + $i = 0; // $c[0] == 0 + $j = $c[1]; + $k = $c[2]; + $l = $c[3]; + while ($i < $Nb) { + $temp[$i] = ($state[$i] & intval(0xFF000000)) ^ + ($state[$j] & 0x00FF0000) ^ + ($state[$k] & 0x0000FF00) ^ + ($state[$l] & 0x000000FF) ^ + $w[$i]; + ++$i; + $j = ($j + 1) % $Nb; + $k = ($k + 1) % $Nb; + $l = ($l + 1) % $Nb; + } + + return pack('N*', ...$temp); + } + + /** + * Decrypts a block + * + * @param string $in + * @return string + */ + protected function decryptBlock($in) + { + static $invtables; + if (empty($invtables)) { + $invtables = &$this->getInvTables(); + } + $dt0 = $invtables[0]; + $dt1 = $invtables[1]; + $dt2 = $invtables[2]; + $dt3 = $invtables[3]; + $isbox = $invtables[4]; + + $state = []; + $words = unpack('N*', $in); + + $c = $this->c; + $dw = $this->dw; + $Nb = $this->Nb; + $Nr = $this->Nr; + + // addRoundKey + $wc = $Nb - 1; + foreach ($words as $word) { + $state[] = $word ^ $dw[++$wc]; + } + + $temp = []; + for ($round = $Nr - 1; $round > 0; --$round) { + $i = 0; // $c[0] == 0 + $j = $Nb - $c[1]; + $k = $Nb - $c[2]; + $l = $Nb - $c[3]; + + while ($i < $Nb) { + $temp[$i] = $dt0[$state[$i] >> 24 & 0x000000FF] ^ + $dt1[$state[$j] >> 16 & 0x000000FF] ^ + $dt2[$state[$k] >> 8 & 0x000000FF] ^ + $dt3[$state[$l] & 0x000000FF] ^ + $dw[++$wc]; + ++$i; + $j = ($j + 1) % $Nb; + $k = ($k + 1) % $Nb; + $l = ($l + 1) % $Nb; + } + $state = $temp; + } + + // invShiftRows + invSubWord + addRoundKey + $i = 0; // $c[0] == 0 + $j = $Nb - $c[1]; + $k = $Nb - $c[2]; + $l = $Nb - $c[3]; + + while ($i < $Nb) { + $word = ($state[$i] & intval(0xFF000000)) | + ($state[$j] & 0x00FF0000) | + ($state[$k] & 0x0000FF00) | + ($state[$l] & 0x000000FF); + + $temp[$i] = $dw[$i] ^ ($isbox[$word & 0x000000FF] | + ($isbox[$word >> 8 & 0x000000FF] << 8) | + ($isbox[$word >> 16 & 0x000000FF] << 16) | + ($isbox[$word >> 24 & 0x000000FF] << 24)); + ++$i; + $j = ($j + 1) % $Nb; + $k = ($k + 1) % $Nb; + $l = ($l + 1) % $Nb; + } + + return pack('N*', ...$temp); + } + + /** + * Setup the self::ENGINE_INTERNAL $engine + * + * (re)init, if necessary, the internal cipher $engine and flush all $buffers + * Used (only) if $engine == self::ENGINE_INTERNAL + * + * _setup() will be called each time if $changed === true + * typically this happens when using one or more of following public methods: + * + * - setKey() + * + * - setIV() + * + * - disableContinuousBuffer() + * + * - First run of encrypt() / decrypt() with no init-settings + * + * {@internal setup() is always called before en/decryption.} + * + * {@internal Could, but not must, extend by the child Crypt_* class} + * + * @see self::setKey() + * @see self::setIV() + * @see self::disableContinuousBuffer() + */ + protected function setup() + { + if (!$this->changed) { + return; + } + + parent::setup(); + + if (is_string($this->iv) && strlen($this->iv) != $this->block_size) { + throw new InconsistentSetupException('The IV length (' . strlen($this->iv) . ') does not match the block size (' . $this->block_size . ')'); + } + } + + /** + * Setup the key (expansion) + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::setupKey() + */ + protected function setupKey() + { + // Each number in $rcon is equal to the previous number multiplied by two in Rijndael's finite field. + // See http://en.wikipedia.org/wiki/Finite_field_arithmetic#Multiplicative_inverse + static $rcon; + + if (!isset($rcon)) { + $rcon = [0, + 0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, + 0x20000000, 0x40000000, 0x80000000, 0x1B000000, 0x36000000, + 0x6C000000, 0xD8000000, 0xAB000000, 0x4D000000, 0x9A000000, + 0x2F000000, 0x5E000000, 0xBC000000, 0x63000000, 0xC6000000, + 0x97000000, 0x35000000, 0x6A000000, 0xD4000000, 0xB3000000, + 0x7D000000, 0xFA000000, 0xEF000000, 0xC5000000, 0x91000000 + ]; + $rcon = array_map('intval', $rcon); + } + + if (isset($this->kl['key']) && $this->key === $this->kl['key'] && $this->key_length === $this->kl['key_length'] && $this->block_size === $this->kl['block_size']) { + // already expanded + return; + } + $this->kl = ['key' => $this->key, 'key_length' => $this->key_length, 'block_size' => $this->block_size]; + + $this->Nk = $this->key_length >> 2; + // see Rijndael-ammended.pdf#page=44 + $this->Nr = max($this->Nk, $this->Nb) + 6; + + // shift offsets for Nb = 5, 7 are defined in Rijndael-ammended.pdf#page=44, + // "Table 8: Shift offsets in Shiftrow for the alternative block lengths" + // shift offsets for Nb = 4, 6, 8 are defined in Rijndael-ammended.pdf#page=14, + // "Table 2: Shift offsets for different block lengths" + switch ($this->Nb) { + case 4: + case 5: + case 6: + $this->c = [0, 1, 2, 3]; + break; + case 7: + $this->c = [0, 1, 2, 4]; + break; + case 8: + $this->c = [0, 1, 3, 4]; + } + + $w = array_values(unpack('N*words', $this->key)); + + $length = $this->Nb * ($this->Nr + 1); + for ($i = $this->Nk; $i < $length; $i++) { + $temp = $w[$i - 1]; + if ($i % $this->Nk == 0) { + // according to , "the size of an integer is platform-dependent". + // on a 32-bit machine, it's 32-bits, and on a 64-bit machine, it's 64-bits. on a 32-bit machine, + // 0xFFFFFFFF << 8 == 0xFFFFFF00, but on a 64-bit machine, it equals 0xFFFFFFFF00. as such, doing 'and' + // with 0xFFFFFFFF (or 0xFFFFFF00) on a 32-bit machine is unnecessary, but on a 64-bit machine, it is. + $temp = (($temp << 8) & intval(0xFFFFFF00)) | (($temp >> 24) & 0x000000FF); // rotWord + $temp = $this->subWord($temp) ^ $rcon[$i / $this->Nk]; + } elseif ($this->Nk > 6 && $i % $this->Nk == 4) { + $temp = $this->subWord($temp); + } + $w[$i] = $w[$i - $this->Nk] ^ $temp; + } + + // convert the key schedule from a vector of $Nb * ($Nr + 1) length to a matrix with $Nr + 1 rows and $Nb columns + // and generate the inverse key schedule. more specifically, + // according to (section 5.3.3), + // "The key expansion for the Inverse Cipher is defined as follows: + // 1. Apply the Key Expansion. + // 2. Apply InvMixColumn to all Round Keys except the first and the last one." + // also, see fips-197.pdf#page=27, "5.3.5 Equivalent Inverse Cipher" + list($dt0, $dt1, $dt2, $dt3) = $this->getInvTables(); + $temp = $this->w = $this->dw = []; + for ($i = $row = $col = 0; $i < $length; $i++, $col++) { + if ($col == $this->Nb) { + if ($row == 0) { + $this->dw[0] = $this->w[0]; + } else { + // subWord + invMixColumn + invSubWord = invMixColumn + $j = 0; + while ($j < $this->Nb) { + $dw = $this->subWord($this->w[$row][$j]); + $temp[$j] = $dt0[$dw >> 24 & 0x000000FF] ^ + $dt1[$dw >> 16 & 0x000000FF] ^ + $dt2[$dw >> 8 & 0x000000FF] ^ + $dt3[$dw & 0x000000FF]; + $j++; + } + $this->dw[$row] = $temp; + } + + $col = 0; + $row++; + } + $this->w[$row][$col] = $w[$i]; + } + + $this->dw[$row] = $this->w[$row]; + + // Converting to 1-dim key arrays (both ascending) + $this->dw = array_reverse($this->dw); + $w = array_pop($this->w); + $dw = array_pop($this->dw); + foreach ($this->w as $r => $wr) { + foreach ($wr as $c => $wc) { + $w[] = $wc; + $dw[] = $this->dw[$r][$c]; + } + } + $this->w = $w; + $this->dw = $dw; + } + + /** + * Performs S-Box substitutions + * + * @return array + * @param int $word + */ + private function subWord($word) + { + static $sbox; + if (empty($sbox)) { + list(, , , , $sbox) = self::getTables(); + } + + return $sbox[$word & 0x000000FF] | + ($sbox[$word >> 8 & 0x000000FF] << 8) | + ($sbox[$word >> 16 & 0x000000FF] << 16) | + ($sbox[$word >> 24 & 0x000000FF] << 24); + } + + /** + * Provides the mixColumns and sboxes tables + * + * @see self::encryptBlock() + * @see self::setupInlineCrypt() + * @see self::subWord() + * @return array &$tables + */ + protected function &getTables() + { + static $tables; + if (empty($tables)) { + // according to (section 5.2.1), + // precomputed tables can be used in the mixColumns phase. in that example, they're assigned t0...t3, so + // those are the names we'll use. + $t3 = array_map('intval', [ + // with array_map('intval', ...) we ensure we have only int's and not + // some slower floats converted by php automatically on high values + 0x6363A5C6, 0x7C7C84F8, 0x777799EE, 0x7B7B8DF6, 0xF2F20DFF, 0x6B6BBDD6, 0x6F6FB1DE, 0xC5C55491, + 0x30305060, 0x01010302, 0x6767A9CE, 0x2B2B7D56, 0xFEFE19E7, 0xD7D762B5, 0xABABE64D, 0x76769AEC, + 0xCACA458F, 0x82829D1F, 0xC9C94089, 0x7D7D87FA, 0xFAFA15EF, 0x5959EBB2, 0x4747C98E, 0xF0F00BFB, + 0xADADEC41, 0xD4D467B3, 0xA2A2FD5F, 0xAFAFEA45, 0x9C9CBF23, 0xA4A4F753, 0x727296E4, 0xC0C05B9B, + 0xB7B7C275, 0xFDFD1CE1, 0x9393AE3D, 0x26266A4C, 0x36365A6C, 0x3F3F417E, 0xF7F702F5, 0xCCCC4F83, + 0x34345C68, 0xA5A5F451, 0xE5E534D1, 0xF1F108F9, 0x717193E2, 0xD8D873AB, 0x31315362, 0x15153F2A, + 0x04040C08, 0xC7C75295, 0x23236546, 0xC3C35E9D, 0x18182830, 0x9696A137, 0x05050F0A, 0x9A9AB52F, + 0x0707090E, 0x12123624, 0x80809B1B, 0xE2E23DDF, 0xEBEB26CD, 0x2727694E, 0xB2B2CD7F, 0x75759FEA, + 0x09091B12, 0x83839E1D, 0x2C2C7458, 0x1A1A2E34, 0x1B1B2D36, 0x6E6EB2DC, 0x5A5AEEB4, 0xA0A0FB5B, + 0x5252F6A4, 0x3B3B4D76, 0xD6D661B7, 0xB3B3CE7D, 0x29297B52, 0xE3E33EDD, 0x2F2F715E, 0x84849713, + 0x5353F5A6, 0xD1D168B9, 0x00000000, 0xEDED2CC1, 0x20206040, 0xFCFC1FE3, 0xB1B1C879, 0x5B5BEDB6, + 0x6A6ABED4, 0xCBCB468D, 0xBEBED967, 0x39394B72, 0x4A4ADE94, 0x4C4CD498, 0x5858E8B0, 0xCFCF4A85, + 0xD0D06BBB, 0xEFEF2AC5, 0xAAAAE54F, 0xFBFB16ED, 0x4343C586, 0x4D4DD79A, 0x33335566, 0x85859411, + 0x4545CF8A, 0xF9F910E9, 0x02020604, 0x7F7F81FE, 0x5050F0A0, 0x3C3C4478, 0x9F9FBA25, 0xA8A8E34B, + 0x5151F3A2, 0xA3A3FE5D, 0x4040C080, 0x8F8F8A05, 0x9292AD3F, 0x9D9DBC21, 0x38384870, 0xF5F504F1, + 0xBCBCDF63, 0xB6B6C177, 0xDADA75AF, 0x21216342, 0x10103020, 0xFFFF1AE5, 0xF3F30EFD, 0xD2D26DBF, + 0xCDCD4C81, 0x0C0C1418, 0x13133526, 0xECEC2FC3, 0x5F5FE1BE, 0x9797A235, 0x4444CC88, 0x1717392E, + 0xC4C45793, 0xA7A7F255, 0x7E7E82FC, 0x3D3D477A, 0x6464ACC8, 0x5D5DE7BA, 0x19192B32, 0x737395E6, + 0x6060A0C0, 0x81819819, 0x4F4FD19E, 0xDCDC7FA3, 0x22226644, 0x2A2A7E54, 0x9090AB3B, 0x8888830B, + 0x4646CA8C, 0xEEEE29C7, 0xB8B8D36B, 0x14143C28, 0xDEDE79A7, 0x5E5EE2BC, 0x0B0B1D16, 0xDBDB76AD, + 0xE0E03BDB, 0x32325664, 0x3A3A4E74, 0x0A0A1E14, 0x4949DB92, 0x06060A0C, 0x24246C48, 0x5C5CE4B8, + 0xC2C25D9F, 0xD3D36EBD, 0xACACEF43, 0x6262A6C4, 0x9191A839, 0x9595A431, 0xE4E437D3, 0x79798BF2, + 0xE7E732D5, 0xC8C8438B, 0x3737596E, 0x6D6DB7DA, 0x8D8D8C01, 0xD5D564B1, 0x4E4ED29C, 0xA9A9E049, + 0x6C6CB4D8, 0x5656FAAC, 0xF4F407F3, 0xEAEA25CF, 0x6565AFCA, 0x7A7A8EF4, 0xAEAEE947, 0x08081810, + 0xBABAD56F, 0x787888F0, 0x25256F4A, 0x2E2E725C, 0x1C1C2438, 0xA6A6F157, 0xB4B4C773, 0xC6C65197, + 0xE8E823CB, 0xDDDD7CA1, 0x74749CE8, 0x1F1F213E, 0x4B4BDD96, 0xBDBDDC61, 0x8B8B860D, 0x8A8A850F, + 0x707090E0, 0x3E3E427C, 0xB5B5C471, 0x6666AACC, 0x4848D890, 0x03030506, 0xF6F601F7, 0x0E0E121C, + 0x6161A3C2, 0x35355F6A, 0x5757F9AE, 0xB9B9D069, 0x86869117, 0xC1C15899, 0x1D1D273A, 0x9E9EB927, + 0xE1E138D9, 0xF8F813EB, 0x9898B32B, 0x11113322, 0x6969BBD2, 0xD9D970A9, 0x8E8E8907, 0x9494A733, + 0x9B9BB62D, 0x1E1E223C, 0x87879215, 0xE9E920C9, 0xCECE4987, 0x5555FFAA, 0x28287850, 0xDFDF7AA5, + 0x8C8C8F03, 0xA1A1F859, 0x89898009, 0x0D0D171A, 0xBFBFDA65, 0xE6E631D7, 0x4242C684, 0x6868B8D0, + 0x4141C382, 0x9999B029, 0x2D2D775A, 0x0F0F111E, 0xB0B0CB7B, 0x5454FCA8, 0xBBBBD66D, 0x16163A2C + ]); + + foreach ($t3 as $t3i) { + $t0[] = (($t3i << 24) & intval(0xFF000000)) | (($t3i >> 8) & 0x00FFFFFF); + $t1[] = (($t3i << 16) & intval(0xFFFF0000)) | (($t3i >> 16) & 0x0000FFFF); + $t2[] = (($t3i << 8) & intval(0xFFFFFF00)) | (($t3i >> 24) & 0x000000FF); + } + + $tables = [ + // The Precomputed mixColumns tables t0 - t3 + $t0, + $t1, + $t2, + $t3, + // The SubByte S-Box + [ + 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, 0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76, + 0xCA, 0x82, 0xC9, 0x7D, 0xFA, 0x59, 0x47, 0xF0, 0xAD, 0xD4, 0xA2, 0xAF, 0x9C, 0xA4, 0x72, 0xC0, + 0xB7, 0xFD, 0x93, 0x26, 0x36, 0x3F, 0xF7, 0xCC, 0x34, 0xA5, 0xE5, 0xF1, 0x71, 0xD8, 0x31, 0x15, + 0x04, 0xC7, 0x23, 0xC3, 0x18, 0x96, 0x05, 0x9A, 0x07, 0x12, 0x80, 0xE2, 0xEB, 0x27, 0xB2, 0x75, + 0x09, 0x83, 0x2C, 0x1A, 0x1B, 0x6E, 0x5A, 0xA0, 0x52, 0x3B, 0xD6, 0xB3, 0x29, 0xE3, 0x2F, 0x84, + 0x53, 0xD1, 0x00, 0xED, 0x20, 0xFC, 0xB1, 0x5B, 0x6A, 0xCB, 0xBE, 0x39, 0x4A, 0x4C, 0x58, 0xCF, + 0xD0, 0xEF, 0xAA, 0xFB, 0x43, 0x4D, 0x33, 0x85, 0x45, 0xF9, 0x02, 0x7F, 0x50, 0x3C, 0x9F, 0xA8, + 0x51, 0xA3, 0x40, 0x8F, 0x92, 0x9D, 0x38, 0xF5, 0xBC, 0xB6, 0xDA, 0x21, 0x10, 0xFF, 0xF3, 0xD2, + 0xCD, 0x0C, 0x13, 0xEC, 0x5F, 0x97, 0x44, 0x17, 0xC4, 0xA7, 0x7E, 0x3D, 0x64, 0x5D, 0x19, 0x73, + 0x60, 0x81, 0x4F, 0xDC, 0x22, 0x2A, 0x90, 0x88, 0x46, 0xEE, 0xB8, 0x14, 0xDE, 0x5E, 0x0B, 0xDB, + 0xE0, 0x32, 0x3A, 0x0A, 0x49, 0x06, 0x24, 0x5C, 0xC2, 0xD3, 0xAC, 0x62, 0x91, 0x95, 0xE4, 0x79, + 0xE7, 0xC8, 0x37, 0x6D, 0x8D, 0xD5, 0x4E, 0xA9, 0x6C, 0x56, 0xF4, 0xEA, 0x65, 0x7A, 0xAE, 0x08, + 0xBA, 0x78, 0x25, 0x2E, 0x1C, 0xA6, 0xB4, 0xC6, 0xE8, 0xDD, 0x74, 0x1F, 0x4B, 0xBD, 0x8B, 0x8A, + 0x70, 0x3E, 0xB5, 0x66, 0x48, 0x03, 0xF6, 0x0E, 0x61, 0x35, 0x57, 0xB9, 0x86, 0xC1, 0x1D, 0x9E, + 0xE1, 0xF8, 0x98, 0x11, 0x69, 0xD9, 0x8E, 0x94, 0x9B, 0x1E, 0x87, 0xE9, 0xCE, 0x55, 0x28, 0xDF, + 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16 + ] + ]; + } + return $tables; + } + + /** + * Provides the inverse mixColumns and inverse sboxes tables + * + * @see self::decryptBlock() + * @see self::setupInlineCrypt() + * @see self::setupKey() + * @return array &$tables + */ + protected function &getInvTables() + { + static $tables; + if (empty($tables)) { + $dt3 = array_map('intval', [ + 0xF4A75051, 0x4165537E, 0x17A4C31A, 0x275E963A, 0xAB6BCB3B, 0x9D45F11F, 0xFA58ABAC, 0xE303934B, + 0x30FA5520, 0x766DF6AD, 0xCC769188, 0x024C25F5, 0xE5D7FC4F, 0x2ACBD7C5, 0x35448026, 0x62A38FB5, + 0xB15A49DE, 0xBA1B6725, 0xEA0E9845, 0xFEC0E15D, 0x2F7502C3, 0x4CF01281, 0x4697A38D, 0xD3F9C66B, + 0x8F5FE703, 0x929C9515, 0x6D7AEBBF, 0x5259DA95, 0xBE832DD4, 0x7421D358, 0xE0692949, 0xC9C8448E, + 0xC2896A75, 0x8E7978F4, 0x583E6B99, 0xB971DD27, 0xE14FB6BE, 0x88AD17F0, 0x20AC66C9, 0xCE3AB47D, + 0xDF4A1863, 0x1A3182E5, 0x51336097, 0x537F4562, 0x6477E0B1, 0x6BAE84BB, 0x81A01CFE, 0x082B94F9, + 0x48685870, 0x45FD198F, 0xDE6C8794, 0x7BF8B752, 0x73D323AB, 0x4B02E272, 0x1F8F57E3, 0x55AB2A66, + 0xEB2807B2, 0xB5C2032F, 0xC57B9A86, 0x3708A5D3, 0x2887F230, 0xBFA5B223, 0x036ABA02, 0x16825CED, + 0xCF1C2B8A, 0x79B492A7, 0x07F2F0F3, 0x69E2A14E, 0xDAF4CD65, 0x05BED506, 0x34621FD1, 0xA6FE8AC4, + 0x2E539D34, 0xF355A0A2, 0x8AE13205, 0xF6EB75A4, 0x83EC390B, 0x60EFAA40, 0x719F065E, 0x6E1051BD, + 0x218AF93E, 0xDD063D96, 0x3E05AEDD, 0xE6BD464D, 0x548DB591, 0xC45D0571, 0x06D46F04, 0x5015FF60, + 0x98FB2419, 0xBDE997D6, 0x4043CC89, 0xD99E7767, 0xE842BDB0, 0x898B8807, 0x195B38E7, 0xC8EEDB79, + 0x7C0A47A1, 0x420FE97C, 0x841EC9F8, 0x00000000, 0x80868309, 0x2BED4832, 0x1170AC1E, 0x5A724E6C, + 0x0EFFFBFD, 0x8538560F, 0xAED51E3D, 0x2D392736, 0x0FD9640A, 0x5CA62168, 0x5B54D19B, 0x362E3A24, + 0x0A67B10C, 0x57E70F93, 0xEE96D2B4, 0x9B919E1B, 0xC0C54F80, 0xDC20A261, 0x774B695A, 0x121A161C, + 0x93BA0AE2, 0xA02AE5C0, 0x22E0433C, 0x1B171D12, 0x090D0B0E, 0x8BC7ADF2, 0xB6A8B92D, 0x1EA9C814, + 0xF1198557, 0x75074CAF, 0x99DDBBEE, 0x7F60FDA3, 0x01269FF7, 0x72F5BC5C, 0x663BC544, 0xFB7E345B, + 0x4329768B, 0x23C6DCCB, 0xEDFC68B6, 0xE4F163B8, 0x31DCCAD7, 0x63851042, 0x97224013, 0xC6112084, + 0x4A247D85, 0xBB3DF8D2, 0xF93211AE, 0x29A16DC7, 0x9E2F4B1D, 0xB230F3DC, 0x8652EC0D, 0xC1E3D077, + 0xB3166C2B, 0x70B999A9, 0x9448FA11, 0xE9642247, 0xFC8CC4A8, 0xF03F1AA0, 0x7D2CD856, 0x3390EF22, + 0x494EC787, 0x38D1C1D9, 0xCAA2FE8C, 0xD40B3698, 0xF581CFA6, 0x7ADE28A5, 0xB78E26DA, 0xADBFA43F, + 0x3A9DE42C, 0x78920D50, 0x5FCC9B6A, 0x7E466254, 0x8D13C2F6, 0xD8B8E890, 0x39F75E2E, 0xC3AFF582, + 0x5D80BE9F, 0xD0937C69, 0xD52DA96F, 0x2512B3CF, 0xAC993BC8, 0x187DA710, 0x9C636EE8, 0x3BBB7BDB, + 0x267809CD, 0x5918F46E, 0x9AB701EC, 0x4F9AA883, 0x956E65E6, 0xFFE67EAA, 0xBCCF0821, 0x15E8E6EF, + 0xE79BD9BA, 0x6F36CE4A, 0x9F09D4EA, 0xB07CD629, 0xA4B2AF31, 0x3F23312A, 0xA59430C6, 0xA266C035, + 0x4EBC3774, 0x82CAA6FC, 0x90D0B0E0, 0xA7D81533, 0x04984AF1, 0xECDAF741, 0xCD500E7F, 0x91F62F17, + 0x4DD68D76, 0xEFB04D43, 0xAA4D54CC, 0x9604DFE4, 0xD1B5E39E, 0x6A881B4C, 0x2C1FB8C1, 0x65517F46, + 0x5EEA049D, 0x8C355D01, 0x877473FA, 0x0B412EFB, 0x671D5AB3, 0xDBD25292, 0x105633E9, 0xD647136D, + 0xD7618C9A, 0xA10C7A37, 0xF8148E59, 0x133C89EB, 0xA927EECE, 0x61C935B7, 0x1CE5EDE1, 0x47B13C7A, + 0xD2DF599C, 0xF2733F55, 0x14CE7918, 0xC737BF73, 0xF7CDEA53, 0xFDAA5B5F, 0x3D6F14DF, 0x44DB8678, + 0xAFF381CA, 0x68C43EB9, 0x24342C38, 0xA3405FC2, 0x1DC37216, 0xE2250CBC, 0x3C498B28, 0x0D9541FF, + 0xA8017139, 0x0CB3DE08, 0xB4E49CD8, 0x56C19064, 0xCB84617B, 0x32B670D5, 0x6C5C7448, 0xB85742D0 + ]); + + foreach ($dt3 as $dt3i) { + $dt0[] = (($dt3i << 24) & intval(0xFF000000)) | (($dt3i >> 8) & 0x00FFFFFF); + $dt1[] = (($dt3i << 16) & intval(0xFFFF0000)) | (($dt3i >> 16) & 0x0000FFFF); + $dt2[] = (($dt3i << 8) & intval(0xFFFFFF00)) | (($dt3i >> 24) & 0x000000FF); + }; + + $tables = [ + // The Precomputed inverse mixColumns tables dt0 - dt3 + $dt0, + $dt1, + $dt2, + $dt3, + // The inverse SubByte S-Box + [ + 0x52, 0x09, 0x6A, 0xD5, 0x30, 0x36, 0xA5, 0x38, 0xBF, 0x40, 0xA3, 0x9E, 0x81, 0xF3, 0xD7, 0xFB, + 0x7C, 0xE3, 0x39, 0x82, 0x9B, 0x2F, 0xFF, 0x87, 0x34, 0x8E, 0x43, 0x44, 0xC4, 0xDE, 0xE9, 0xCB, + 0x54, 0x7B, 0x94, 0x32, 0xA6, 0xC2, 0x23, 0x3D, 0xEE, 0x4C, 0x95, 0x0B, 0x42, 0xFA, 0xC3, 0x4E, + 0x08, 0x2E, 0xA1, 0x66, 0x28, 0xD9, 0x24, 0xB2, 0x76, 0x5B, 0xA2, 0x49, 0x6D, 0x8B, 0xD1, 0x25, + 0x72, 0xF8, 0xF6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xD4, 0xA4, 0x5C, 0xCC, 0x5D, 0x65, 0xB6, 0x92, + 0x6C, 0x70, 0x48, 0x50, 0xFD, 0xED, 0xB9, 0xDA, 0x5E, 0x15, 0x46, 0x57, 0xA7, 0x8D, 0x9D, 0x84, + 0x90, 0xD8, 0xAB, 0x00, 0x8C, 0xBC, 0xD3, 0x0A, 0xF7, 0xE4, 0x58, 0x05, 0xB8, 0xB3, 0x45, 0x06, + 0xD0, 0x2C, 0x1E, 0x8F, 0xCA, 0x3F, 0x0F, 0x02, 0xC1, 0xAF, 0xBD, 0x03, 0x01, 0x13, 0x8A, 0x6B, + 0x3A, 0x91, 0x11, 0x41, 0x4F, 0x67, 0xDC, 0xEA, 0x97, 0xF2, 0xCF, 0xCE, 0xF0, 0xB4, 0xE6, 0x73, + 0x96, 0xAC, 0x74, 0x22, 0xE7, 0xAD, 0x35, 0x85, 0xE2, 0xF9, 0x37, 0xE8, 0x1C, 0x75, 0xDF, 0x6E, + 0x47, 0xF1, 0x1A, 0x71, 0x1D, 0x29, 0xC5, 0x89, 0x6F, 0xB7, 0x62, 0x0E, 0xAA, 0x18, 0xBE, 0x1B, + 0xFC, 0x56, 0x3E, 0x4B, 0xC6, 0xD2, 0x79, 0x20, 0x9A, 0xDB, 0xC0, 0xFE, 0x78, 0xCD, 0x5A, 0xF4, + 0x1F, 0xDD, 0xA8, 0x33, 0x88, 0x07, 0xC7, 0x31, 0xB1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xEC, 0x5F, + 0x60, 0x51, 0x7F, 0xA9, 0x19, 0xB5, 0x4A, 0x0D, 0x2D, 0xE5, 0x7A, 0x9F, 0x93, 0xC9, 0x9C, 0xEF, + 0xA0, 0xE0, 0x3B, 0x4D, 0xAE, 0x2A, 0xF5, 0xB0, 0xC8, 0xEB, 0xBB, 0x3C, 0x83, 0x53, 0x99, 0x61, + 0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D + ] + ]; + } + return $tables; + } + + /** + * Setup the performance-optimized function for de/encrypt() + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::setupInlineCrypt() + */ + protected function setupInlineCrypt() + { + $w = $this->w; + $dw = $this->dw; + $init_encrypt = ''; + $init_decrypt = ''; + + $Nr = $this->Nr; + $Nb = $this->Nb; + $c = $this->c; + + // Generating encrypt code: + $init_encrypt .= ' + if (empty($tables)) { + $tables = &$this->getTables(); + } + $t0 = $tables[0]; + $t1 = $tables[1]; + $t2 = $tables[2]; + $t3 = $tables[3]; + $sbox = $tables[4]; + '; + + $s = 'e'; + $e = 's'; + $wc = $Nb - 1; + + // Preround: addRoundKey + $encrypt_block = '$in = unpack("N*", $in);' . "\n"; + for ($i = 0; $i < $Nb; ++$i) { + $encrypt_block .= '$s' . $i . ' = $in[' . ($i + 1) . '] ^ ' . $w[++$wc] . ";\n"; + } + + // Mainrounds: shiftRows + subWord + mixColumns + addRoundKey + for ($round = 1; $round < $Nr; ++$round) { + list($s, $e) = [$e, $s]; + for ($i = 0; $i < $Nb; ++$i) { + $encrypt_block .= + '$' . $e . $i . ' = + $t0[($' . $s . $i . ' >> 24) & 0xff] ^ + $t1[($' . $s . (($i + $c[1]) % $Nb) . ' >> 16) & 0xff] ^ + $t2[($' . $s . (($i + $c[2]) % $Nb) . ' >> 8) & 0xff] ^ + $t3[ $' . $s . (($i + $c[3]) % $Nb) . ' & 0xff] ^ + ' . $w[++$wc] . ";\n"; + } + } + + // Finalround: subWord + shiftRows + addRoundKey + for ($i = 0; $i < $Nb; ++$i) { + $encrypt_block .= + '$' . $e . $i . ' = + $sbox[ $' . $e . $i . ' & 0xff] | + ($sbox[($' . $e . $i . ' >> 8) & 0xff] << 8) | + ($sbox[($' . $e . $i . ' >> 16) & 0xff] << 16) | + ($sbox[($' . $e . $i . ' >> 24) & 0xff] << 24);' . "\n"; + } + $encrypt_block .= '$in = pack("N*"' . "\n"; + for ($i = 0; $i < $Nb; ++$i) { + $encrypt_block .= ', + ($' . $e . $i . ' & ' . ((int)0xFF000000) . ') ^ + ($' . $e . (($i + $c[1]) % $Nb) . ' & 0x00FF0000 ) ^ + ($' . $e . (($i + $c[2]) % $Nb) . ' & 0x0000FF00 ) ^ + ($' . $e . (($i + $c[3]) % $Nb) . ' & 0x000000FF ) ^ + ' . $w[$i] . "\n"; + } + $encrypt_block .= ');'; + + // Generating decrypt code: + $init_decrypt .= ' + if (empty($invtables)) { + $invtables = &$this->getInvTables(); + } + $dt0 = $invtables[0]; + $dt1 = $invtables[1]; + $dt2 = $invtables[2]; + $dt3 = $invtables[3]; + $isbox = $invtables[4]; + '; + + $s = 'e'; + $e = 's'; + $wc = $Nb - 1; + + // Preround: addRoundKey + $decrypt_block = '$in = unpack("N*", $in);' . "\n"; + for ($i = 0; $i < $Nb; ++$i) { + $decrypt_block .= '$s' . $i . ' = $in[' . ($i + 1) . '] ^ ' . $dw[++$wc] . ';' . "\n"; + } + + // Mainrounds: shiftRows + subWord + mixColumns + addRoundKey + for ($round = 1; $round < $Nr; ++$round) { + list($s, $e) = [$e, $s]; + for ($i = 0; $i < $Nb; ++$i) { + $decrypt_block .= + '$' . $e . $i . ' = + $dt0[($' . $s . $i . ' >> 24) & 0xff] ^ + $dt1[($' . $s . (($Nb + $i - $c[1]) % $Nb) . ' >> 16) & 0xff] ^ + $dt2[($' . $s . (($Nb + $i - $c[2]) % $Nb) . ' >> 8) & 0xff] ^ + $dt3[ $' . $s . (($Nb + $i - $c[3]) % $Nb) . ' & 0xff] ^ + ' . $dw[++$wc] . ";\n"; + } + } + + // Finalround: subWord + shiftRows + addRoundKey + for ($i = 0; $i < $Nb; ++$i) { + $decrypt_block .= + '$' . $e . $i . ' = + $isbox[ $' . $e . $i . ' & 0xff] | + ($isbox[($' . $e . $i . ' >> 8) & 0xff] << 8) | + ($isbox[($' . $e . $i . ' >> 16) & 0xff] << 16) | + ($isbox[($' . $e . $i . ' >> 24) & 0xff] << 24);' . "\n"; + } + $decrypt_block .= '$in = pack("N*"' . "\n"; + for ($i = 0; $i < $Nb; ++$i) { + $decrypt_block .= ', + ($' . $e . $i . ' & ' . ((int)0xFF000000) . ') ^ + ($' . $e . (($Nb + $i - $c[1]) % $Nb) . ' & 0x00FF0000 ) ^ + ($' . $e . (($Nb + $i - $c[2]) % $Nb) . ' & 0x0000FF00 ) ^ + ($' . $e . (($Nb + $i - $c[3]) % $Nb) . ' & 0x000000FF ) ^ + ' . $dw[$i] . "\n"; + } + $decrypt_block .= ');'; + + $this->inline_crypt = $this->createInlineCryptFunction( + [ + 'init_crypt' => 'static $tables; static $invtables;', + 'init_encrypt' => $init_encrypt, + 'init_decrypt' => $init_decrypt, + 'encrypt_block' => $encrypt_block, + 'decrypt_block' => $decrypt_block + ] + ); + } + + /** + * Encrypts a message. + * + * @see self::decrypt() + * @see parent::encrypt() + * @param string $plaintext + * @return string + */ + public function encrypt($plaintext) + { + $this->setup(); + + switch ($this->engine) { + case self::ENGINE_LIBSODIUM: + $this->newtag = sodium_crypto_aead_aes256gcm_encrypt($plaintext, $this->aad, $this->nonce, $this->key); + return Strings::shift($this->newtag, strlen($plaintext)); + case self::ENGINE_OPENSSL_GCM: + return openssl_encrypt( + $plaintext, + 'aes-' . $this->getKeyLength() . '-gcm', + $this->key, + OPENSSL_RAW_DATA, + $this->nonce, + $this->newtag, + $this->aad + ); + } + + return parent::encrypt($plaintext); + } + + /** + * Decrypts a message. + * + * @see self::encrypt() + * @see parent::decrypt() + * @param string $ciphertext + * @return string + */ + public function decrypt($ciphertext) + { + $this->setup(); + + switch ($this->engine) { + case self::ENGINE_LIBSODIUM: + if ($this->oldtag === false) { + throw new InsufficientSetupException('Authentication Tag has not been set'); + } + if (strlen($this->oldtag) != 16) { + break; + } + $plaintext = sodium_crypto_aead_aes256gcm_decrypt($ciphertext . $this->oldtag, $this->aad, $this->nonce, $this->key); + if ($plaintext === false) { + $this->oldtag = false; + throw new BadDecryptionException('Error decrypting ciphertext with libsodium'); + } + return $plaintext; + case self::ENGINE_OPENSSL_GCM: + if ($this->oldtag === false) { + throw new InsufficientSetupException('Authentication Tag has not been set'); + } + $plaintext = openssl_decrypt( + $ciphertext, + 'aes-' . $this->getKeyLength() . '-gcm', + $this->key, + OPENSSL_RAW_DATA, + $this->nonce, + $this->oldtag, + $this->aad + ); + if ($plaintext === false) { + $this->oldtag = false; + throw new BadDecryptionException('Error decrypting ciphertext with OpenSSL'); + } + return $plaintext; + } + + return parent::decrypt($ciphertext); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Salsa20.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Salsa20.php new file mode 100644 index 0000000..0a35f47 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Salsa20.php @@ -0,0 +1,526 @@ + + * @copyright 2019 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\Common\StreamCipher; +use phpseclib3\Exception\BadDecryptionException; +use phpseclib3\Exception\InsufficientSetupException; + +/** + * Pure-PHP implementation of Salsa20. + * + * @author Jim Wigginton + */ +class Salsa20 extends StreamCipher +{ + /** + * Part 1 of the state + * + * @var string|false + */ + protected $p1 = false; + + /** + * Part 2 of the state + * + * @var string|false + */ + protected $p2 = false; + + /** + * Key Length (in bytes) + * + * @var int + */ + protected $key_length = 32; // = 256 bits + + /** + * @see \phpseclib3\Crypt\Salsa20::crypt() + */ + const ENCRYPT = 0; + + /** + * @see \phpseclib3\Crypt\Salsa20::crypt() + */ + const DECRYPT = 1; + + /** + * Encryption buffer for continuous mode + * + * @var array + */ + protected $enbuffer; + + /** + * Decryption buffer for continuous mode + * + * @var array + */ + protected $debuffer; + + /** + * Counter + * + * @var int + */ + protected $counter = 0; + + /** + * Using Generated Poly1305 Key + * + * @var boolean + */ + protected $usingGeneratedPoly1305Key = false; + + /** + * Salsa20 uses a nonce + * + * @return bool + */ + public function usesNonce() + { + return true; + } + + /** + * Sets the key. + * + * @param string $key + * @throws \LengthException if the key length isn't supported + */ + public function setKey($key) + { + switch (strlen($key)) { + case 16: + case 32: + break; + default: + throw new \LengthException('Key of size ' . strlen($key) . ' not supported by this algorithm. Only keys of sizes 16 or 32 are supported'); + } + + parent::setKey($key); + } + + /** + * Sets the nonce. + * + * @param string $nonce + */ + public function setNonce($nonce) + { + if (strlen($nonce) != 8) { + throw new \LengthException('Nonce of size ' . strlen($key) . ' not supported by this algorithm. Only an 64-bit nonce is supported'); + } + + $this->nonce = $nonce; + $this->changed = true; + $this->setEngine(); + } + + /** + * Sets the counter. + * + * @param int $counter + */ + public function setCounter($counter) + { + $this->counter = $counter; + $this->setEngine(); + } + + /** + * Creates a Poly1305 key using the method discussed in RFC8439 + * + * See https://tools.ietf.org/html/rfc8439#section-2.6.1 + */ + protected function createPoly1305Key() + { + if ($this->nonce === false) { + throw new InsufficientSetupException('No nonce has been defined'); + } + + if ($this->key === false) { + throw new InsufficientSetupException('No key has been defined'); + } + + $c = clone $this; + $c->setCounter(0); + $c->usePoly1305 = false; + $block = $c->encrypt(str_repeat("\0", 256)); + $this->setPoly1305Key(substr($block, 0, 32)); + + if ($this->counter == 0) { + $this->counter++; + } + } + + /** + * Setup the self::ENGINE_INTERNAL $engine + * + * (re)init, if necessary, the internal cipher $engine + * + * _setup() will be called each time if $changed === true + * typically this happens when using one or more of following public methods: + * + * - setKey() + * + * - setNonce() + * + * - First run of encrypt() / decrypt() with no init-settings + * + * @see self::setKey() + * @see self::setNonce() + * @see self::disableContinuousBuffer() + */ + protected function setup() + { + if (!$this->changed) { + return; + } + + $this->enbuffer = $this->debuffer = ['ciphertext' => '', 'counter' => $this->counter]; + + $this->changed = $this->nonIVChanged = false; + + if ($this->nonce === false) { + throw new InsufficientSetupException('No nonce has been defined'); + } + + if ($this->key === false) { + throw new InsufficientSetupException('No key has been defined'); + } + + if ($this->usePoly1305 && !isset($this->poly1305Key)) { + $this->usingGeneratedPoly1305Key = true; + $this->createPoly1305Key(); + } + + $key = $this->key; + if (strlen($key) == 16) { + $constant = 'expand 16-byte k'; + $key .= $key; + } else { + $constant = 'expand 32-byte k'; + } + + $this->p1 = substr($constant, 0, 4) . + substr($key, 0, 16) . + substr($constant, 4, 4) . + $this->nonce . + "\0\0\0\0"; + $this->p2 = substr($constant, 8, 4) . + substr($key, 16, 16) . + substr($constant, 12, 4); + } + + /** + * Setup the key (expansion) + */ + protected function setupKey() + { + // Salsa20 does not utilize this method + } + + /** + * Encrypts a message. + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() + * @see self::crypt() + * @param string $plaintext + * @return string $ciphertext + */ + public function encrypt($plaintext) + { + $ciphertext = $this->crypt($plaintext, self::ENCRYPT); + if (isset($this->poly1305Key)) { + $this->newtag = $this->poly1305($ciphertext); + } + return $ciphertext; + } + + /** + * Decrypts a message. + * + * $this->decrypt($this->encrypt($plaintext)) == $this->encrypt($this->encrypt($plaintext)). + * At least if the continuous buffer is disabled. + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() + * @see self::crypt() + * @param string $ciphertext + * @return string $plaintext + */ + public function decrypt($ciphertext) + { + if (isset($this->poly1305Key)) { + if ($this->oldtag === false) { + throw new InsufficientSetupException('Authentication Tag has not been set'); + } + $newtag = $this->poly1305($ciphertext); + if ($this->oldtag != substr($newtag, 0, strlen($this->oldtag))) { + $this->oldtag = false; + throw new BadDecryptionException('Derived authentication tag and supplied authentication tag do not match'); + } + $this->oldtag = false; + } + + return $this->crypt($ciphertext, self::DECRYPT); + } + + /** + * Encrypts a block + * + * @param string $in + */ + protected function encryptBlock($in) + { + // Salsa20 does not utilize this method + } + + /** + * Decrypts a block + * + * @param string $in + */ + protected function decryptBlock($in) + { + // Salsa20 does not utilize this method + } + + /** + * Encrypts or decrypts a message. + * + * @see self::encrypt() + * @see self::decrypt() + * @param string $text + * @param int $mode + * @return string $text + */ + private function crypt($text, $mode) + { + $this->setup(); + if (!$this->continuousBuffer) { + if ($this->engine == self::ENGINE_OPENSSL) { + $iv = pack('V', $this->counter) . $this->p2; + return openssl_encrypt( + $text, + $this->cipher_name_openssl, + $this->key, + OPENSSL_RAW_DATA, + $iv + ); + } + $i = $this->counter; + $blocks = str_split($text, 64); + foreach ($blocks as &$block) { + $block ^= static::salsa20($this->p1 . pack('V', $i++) . $this->p2); + } + + return implode('', $blocks); + } + + if ($mode == self::ENCRYPT) { + $buffer = &$this->enbuffer; + } else { + $buffer = &$this->debuffer; + } + if (!strlen($buffer['ciphertext'])) { + $ciphertext = ''; + } else { + $ciphertext = $text ^ Strings::shift($buffer['ciphertext'], strlen($text)); + $text = substr($text, strlen($ciphertext)); + if (!strlen($text)) { + return $ciphertext; + } + } + + $overflow = strlen($text) % 64; // & 0x3F + if ($overflow) { + $text2 = Strings::pop($text, $overflow); + if ($this->engine == self::ENGINE_OPENSSL) { + $iv = pack('V', $buffer['counter']) . $this->p2; + // at this point $text should be a multiple of 64 + $buffer['counter'] += (strlen($text) >> 6) + 1; // ie. divide by 64 + $encrypted = openssl_encrypt( + $text . str_repeat("\0", 64), + $this->cipher_name_openssl, + $this->key, + OPENSSL_RAW_DATA, + $iv + ); + $temp = Strings::pop($encrypted, 64); + } else { + $blocks = str_split($text, 64); + if (strlen($text)) { + foreach ($blocks as &$block) { + $block ^= static::salsa20($this->p1 . pack('V', $buffer['counter']++) . $this->p2); + } + } + $encrypted = implode('', $blocks); + $temp = static::salsa20($this->p1 . pack('V', $buffer['counter']++) . $this->p2); + } + $ciphertext .= $encrypted . ($text2 ^ $temp); + $buffer['ciphertext'] = substr($temp, $overflow); + } elseif (!strlen($buffer['ciphertext'])) { + if ($this->engine == self::ENGINE_OPENSSL) { + $iv = pack('V', $buffer['counter']) . $this->p2; + $buffer['counter'] += (strlen($text) >> 6); + $ciphertext .= openssl_encrypt( + $text, + $this->cipher_name_openssl, + $this->key, + OPENSSL_RAW_DATA, + $iv + ); + } else { + $blocks = str_split($text, 64); + foreach ($blocks as &$block) { + $block ^= static::salsa20($this->p1 . pack('V', $buffer['counter']++) . $this->p2); + } + $ciphertext .= implode('', $blocks); + } + } + + return $ciphertext; + } + + /** + * Left Rotate + * + * @param int $x + * @param int $n + * @return int + */ + protected static function leftRotate($x, $n) + { + if (PHP_INT_SIZE == 8) { + $r1 = $x << $n; + $r1 &= 0xFFFFFFFF; + $r2 = ($x & 0xFFFFFFFF) >> (32 - $n); + } else { + $x = (int) $x; + $r1 = $x << $n; + $r2 = $x >> (32 - $n); + $r2 &= (1 << $n) - 1; + } + return $r1 | $r2; + } + + /** + * The quarterround function + * + * @param int $a + * @param int $b + * @param int $c + * @param int $d + */ + protected static function quarterRound(&$a, &$b, &$c, &$d) + { + $b ^= self::leftRotate($a + $d, 7); + $c ^= self::leftRotate($b + $a, 9); + $d ^= self::leftRotate($c + $b, 13); + $a ^= self::leftRotate($d + $c, 18); + } + + /** + * The doubleround function + * + * @param int $x0 (by reference) + * @param int $x1 (by reference) + * @param int $x2 (by reference) + * @param int $x3 (by reference) + * @param int $x4 (by reference) + * @param int $x5 (by reference) + * @param int $x6 (by reference) + * @param int $x7 (by reference) + * @param int $x8 (by reference) + * @param int $x9 (by reference) + * @param int $x10 (by reference) + * @param int $x11 (by reference) + * @param int $x12 (by reference) + * @param int $x13 (by reference) + * @param int $x14 (by reference) + * @param int $x15 (by reference) + */ + protected static function doubleRound(&$x0, &$x1, &$x2, &$x3, &$x4, &$x5, &$x6, &$x7, &$x8, &$x9, &$x10, &$x11, &$x12, &$x13, &$x14, &$x15) + { + // columnRound + static::quarterRound($x0, $x4, $x8, $x12); + static::quarterRound($x5, $x9, $x13, $x1); + static::quarterRound($x10, $x14, $x2, $x6); + static::quarterRound($x15, $x3, $x7, $x11); + // rowRound + static::quarterRound($x0, $x1, $x2, $x3); + static::quarterRound($x5, $x6, $x7, $x4); + static::quarterRound($x10, $x11, $x8, $x9); + static::quarterRound($x15, $x12, $x13, $x14); + } + + /** + * The Salsa20 hash function function + * + * @param string $x + */ + protected static function salsa20($x) + { + $z = $x = unpack('V*', $x); + for ($i = 0; $i < 10; $i++) { + static::doubleRound($z[1], $z[2], $z[3], $z[4], $z[5], $z[6], $z[7], $z[8], $z[9], $z[10], $z[11], $z[12], $z[13], $z[14], $z[15], $z[16]); + } + + for ($i = 1; $i <= 16; $i++) { + $x[$i] += $z[$i]; + } + + return pack('V*', ...$x); + } + + /** + * Calculates Poly1305 MAC + * + * @see self::decrypt() + * @see self::encrypt() + * @param string $ciphertext + * @return string + */ + protected function poly1305($ciphertext) + { + if (!$this->usingGeneratedPoly1305Key) { + return parent::poly1305($this->aad . $ciphertext); + } else { + /* + sodium_crypto_aead_chacha20poly1305_encrypt does not calculate the poly1305 tag + the same way sodium_crypto_aead_chacha20poly1305_ietf_encrypt does. you can see + how the latter encrypts it in Salsa20::encrypt(). here's how the former encrypts + it: + + $this->newtag = $this->poly1305( + $this->aad . + pack('V', strlen($this->aad)) . "\0\0\0\0" . + $ciphertext . + pack('V', strlen($ciphertext)) . "\0\0\0\0" + ); + + phpseclib opts to use the IETF construction, even when the nonce is 64-bits + instead of 96-bits + */ + return parent::poly1305( + self::nullPad128($this->aad) . + self::nullPad128($ciphertext) . + pack('V', strlen($this->aad)) . "\0\0\0\0" . + pack('V', strlen($ciphertext)) . "\0\0\0\0" + ); + } + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/TripleDES.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/TripleDES.php new file mode 100644 index 0000000..1ff5ed0 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/TripleDES.php @@ -0,0 +1,436 @@ + + * setKey('abcdefghijklmnopqrstuvwx'); + * + * $size = 10 * 1024; + * $plaintext = ''; + * for ($i = 0; $i < $size; $i++) { + * $plaintext.= 'a'; + * } + * + * echo $des->decrypt($des->encrypt($plaintext)); + * ?> + * + * + * @author Jim Wigginton + * @copyright 2007 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt; + +/** + * Pure-PHP implementation of Triple DES. + * + * @author Jim Wigginton + */ +class TripleDES extends DES +{ + /** + * Encrypt / decrypt using inner chaining + * + * Inner chaining is used by SSH-1 and is generally considered to be less secure then outer chaining (self::MODE_CBC3). + */ + const MODE_3CBC = -2; + + /** + * Encrypt / decrypt using outer chaining + * + * Outer chaining is used by SSH-2 and when the mode is set to \phpseclib3\Crypt\Common\BlockCipher::MODE_CBC. + */ + const MODE_CBC3 = self::MODE_CBC; + + /** + * Key Length (in bytes) + * + * @see \phpseclib3\Crypt\TripleDES::setKeyLength() + * @var int + */ + protected $key_length = 24; + + /** + * The mcrypt specific name of the cipher + * + * @see \phpseclib3\Crypt\DES::cipher_name_mcrypt + * @see \phpseclib3\Crypt\Common\SymmetricKey::cipher_name_mcrypt + * @var string + */ + protected $cipher_name_mcrypt = 'tripledes'; + + /** + * Optimizing value while CFB-encrypting + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::cfb_init_len + * @var int + */ + protected $cfb_init_len = 750; + + /** + * max possible size of $key + * + * @see self::setKey() + * @see \phpseclib3\Crypt\DES::setKey() + * @var string + */ + protected $key_length_max = 24; + + /** + * Internal flag whether using self::MODE_3CBC or not + * + * @var bool + */ + private $mode_3cbc; + + /** + * The \phpseclib3\Crypt\DES objects + * + * Used only if $mode_3cbc === true + * + * @var array + */ + private $des; + + /** + * Default Constructor. + * + * Determines whether or not the mcrypt or OpenSSL extensions should be used. + * + * $mode could be: + * + * - ecb + * + * - cbc + * + * - ctr + * + * - cfb + * + * - ofb + * + * - 3cbc + * + * - cbc3 (same as cbc) + * + * @see \phpseclib3\Crypt\DES::__construct() + * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() + * @param string $mode + */ + public function __construct($mode) + { + switch (strtolower($mode)) { + // In case of self::MODE_3CBC, we init as CRYPT_DES_MODE_CBC + // and additional flag us internally as 3CBC + case '3cbc': + parent::__construct('cbc'); + $this->mode_3cbc = true; + + // This three $des'es will do the 3CBC work (if $key > 64bits) + $this->des = [ + new DES('cbc'), + new DES('cbc'), + new DES('cbc'), + ]; + + // we're going to be doing the padding, ourselves, so disable it in the \phpseclib3\Crypt\DES objects + $this->des[0]->disablePadding(); + $this->des[1]->disablePadding(); + $this->des[2]->disablePadding(); + break; + case 'cbc3': + $mode = 'cbc'; + // fall-through + // If not 3CBC, we init as usual + default: + parent::__construct($mode); + + if ($this->mode == self::MODE_STREAM) { + throw new BadModeException('Block ciphers cannot be ran in stream mode'); + } + } + } + + /** + * Test for engine validity + * + * This is mainly just a wrapper to set things up for \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine() + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() + * @param int $engine + * @return bool + */ + protected function isValidEngineHelper($engine) + { + if ($engine == self::ENGINE_OPENSSL) { + $this->cipher_name_openssl_ecb = 'des-ede3'; + $mode = $this->openssl_translate_mode(); + $this->cipher_name_openssl = $mode == 'ecb' ? 'des-ede3' : 'des-ede3-' . $mode; + } + + return parent::isValidEngineHelper($engine); + } + + /** + * Sets the initialization vector. + * + * SetIV is not required when \phpseclib3\Crypt\Common\SymmetricKey::MODE_ECB is being used. + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::setIV() + * @param string $iv + */ + public function setIV($iv) + { + parent::setIV($iv); + if ($this->mode_3cbc) { + $this->des[0]->setIV($iv); + $this->des[1]->setIV($iv); + $this->des[2]->setIV($iv); + } + } + + /** + * Sets the key length. + * + * Valid key lengths are 128 and 192 bits. + * + * If you want to use a 64-bit key use DES.php + * + * @see \phpseclib3\Crypt\Common\SymmetricKey:setKeyLength() + * @throws \LengthException if the key length is invalid + * @param int $length + */ + public function setKeyLength($length) + { + switch ($length) { + case 128: + case 192: + break; + default: + throw new \LengthException('Key size of ' . $length . ' bits is not supported by this algorithm. Only keys of sizes 128 or 192 bits are supported'); + } + + parent::setKeyLength($length); + } + + /** + * Sets the key. + * + * Triple DES can use 128-bit (eg. strlen($key) == 16) or 192-bit (eg. strlen($key) == 24) keys. + * + * DES also requires that every eighth bit be a parity bit, however, we'll ignore that. + * + * @see \phpseclib3\Crypt\DES::setKey() + * @see \phpseclib3\Crypt\Common\SymmetricKey::setKey() + * @throws \LengthException if the key length is invalid + * @param string $key + */ + public function setKey($key) + { + if ($this->explicit_key_length !== false && strlen($key) != $this->explicit_key_length) { + throw new \LengthException('Key length has already been set to ' . $this->explicit_key_length . ' bytes and this key is ' . strlen($key) . ' bytes'); + } + + switch (strlen($key)) { + case 16: + $key .= substr($key, 0, 8); + break; + case 24: + break; + default: + throw new \LengthException('Key of size ' . strlen($key) . ' not supported by this algorithm. Only keys of sizes 16 or 24 are supported'); + } + + // copied from self::setKey() + $this->key = $key; + $this->key_length = strlen($key); + $this->changed = $this->nonIVChanged = true; + $this->setEngine(); + + if ($this->mode_3cbc) { + $this->des[0]->setKey(substr($key, 0, 8)); + $this->des[1]->setKey(substr($key, 8, 8)); + $this->des[2]->setKey(substr($key, 16, 8)); + } + } + + /** + * Encrypts a message. + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() + * @param string $plaintext + * @return string $cipertext + */ + public function encrypt($plaintext) + { + // parent::en/decrypt() is able to do all the work for all modes and keylengths, + // except for: self::MODE_3CBC (inner chaining CBC) with a key > 64bits + + // if the key is smaller then 8, do what we'd normally do + if ($this->mode_3cbc && strlen($this->key) > 8) { + return $this->des[2]->encrypt( + $this->des[1]->decrypt( + $this->des[0]->encrypt( + $this->pad($plaintext) + ) + ) + ); + } + + return parent::encrypt($plaintext); + } + + /** + * Decrypts a message. + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() + * @param string $ciphertext + * @return string $plaintext + */ + public function decrypt($ciphertext) + { + if ($this->mode_3cbc && strlen($this->key) > 8) { + return $this->unpad( + $this->des[0]->decrypt( + $this->des[1]->encrypt( + $this->des[2]->decrypt( + str_pad($ciphertext, (strlen($ciphertext) + 7) & 0xFFFFFFF8, "\0") + ) + ) + ) + ); + } + + return parent::decrypt($ciphertext); + } + + /** + * Treat consecutive "packets" as if they are a continuous buffer. + * + * Say you have a 16-byte plaintext $plaintext. Using the default behavior, the two following code snippets + * will yield different outputs: + * + * + * echo $des->encrypt(substr($plaintext, 0, 8)); + * echo $des->encrypt(substr($plaintext, 8, 8)); + * + * + * echo $des->encrypt($plaintext); + * + * + * The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates + * another, as demonstrated with the following: + * + * + * $des->encrypt(substr($plaintext, 0, 8)); + * echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8))); + * + * + * echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8))); + * + * + * With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different + * outputs. The reason is due to the fact that the initialization vector's change after every encryption / + * decryption round when the continuous buffer is enabled. When it's disabled, they remain constant. + * + * Put another way, when the continuous buffer is enabled, the state of the \phpseclib3\Crypt\DES() object changes after each + * encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that + * continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them), + * however, they are also less intuitive and more likely to cause you problems. + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::enableContinuousBuffer() + * @see self::disableContinuousBuffer() + */ + public function enableContinuousBuffer() + { + parent::enableContinuousBuffer(); + if ($this->mode_3cbc) { + $this->des[0]->enableContinuousBuffer(); + $this->des[1]->enableContinuousBuffer(); + $this->des[2]->enableContinuousBuffer(); + } + } + + /** + * Treat consecutive packets as if they are a discontinuous buffer. + * + * The default behavior. + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::disableContinuousBuffer() + * @see self::enableContinuousBuffer() + */ + public function disableContinuousBuffer() + { + parent::disableContinuousBuffer(); + if ($this->mode_3cbc) { + $this->des[0]->disableContinuousBuffer(); + $this->des[1]->disableContinuousBuffer(); + $this->des[2]->disableContinuousBuffer(); + } + } + + /** + * Creates the key schedule + * + * @see \phpseclib3\Crypt\DES::setupKey() + * @see \phpseclib3\Crypt\Common\SymmetricKey::setupKey() + */ + protected function setupKey() + { + switch (true) { + // if $key <= 64bits we configure our internal pure-php cipher engine + // to act as regular [1]DES, not as 3DES. mcrypt.so::tripledes does the same. + case strlen($this->key) <= 8: + $this->des_rounds = 1; + break; + + // otherwise, if $key > 64bits, we configure our engine to work as 3DES. + default: + $this->des_rounds = 3; + + // (only) if 3CBC is used we have, of course, to setup the $des[0-2] keys also separately. + if ($this->mode_3cbc) { + $this->des[0]->setupKey(); + $this->des[1]->setupKey(); + $this->des[2]->setupKey(); + + // because $des[0-2] will, now, do all the work we can return here + // not need unnecessary stress parent::setupKey() with our, now unused, $key. + return; + } + } + // setup our key + parent::setupKey(); + } + + /** + * Sets the internal crypt engine + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() + * @see \phpseclib3\Crypt\Common\SymmetricKey::setPreferredEngine() + * @param int $engine + */ + public function setPreferredEngine($engine) + { + if ($this->mode_3cbc) { + $this->des[0]->setPreferredEngine($engine); + $this->des[1]->setPreferredEngine($engine); + $this->des[2]->setPreferredEngine($engine); + } + + parent::setPreferredEngine($engine); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Twofish.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Twofish.php new file mode 100644 index 0000000..bf76563 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Twofish.php @@ -0,0 +1,816 @@ + + * setKey('12345678901234567890123456789012'); + * + * $plaintext = str_repeat('a', 1024); + * + * echo $twofish->decrypt($twofish->encrypt($plaintext)); + * ?> + * + * + * @author Jim Wigginton + * @author Hans-Juergen Petrich + * @copyright 2007 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Crypt; + +use phpseclib3\Crypt\Common\BlockCipher; +use phpseclib3\Exception\BadModeException; + +/** + * Pure-PHP implementation of Twofish. + * + * @author Jim Wigginton + * @author Hans-Juergen Petrich + */ +class Twofish extends BlockCipher +{ + /** + * The mcrypt specific name of the cipher + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::cipher_name_mcrypt + * @var string + */ + protected $cipher_name_mcrypt = 'twofish'; + + /** + * Optimizing value while CFB-encrypting + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::cfb_init_len + * @var int + */ + protected $cfb_init_len = 800; + + /** + * Q-Table + * + * @var array + */ + private static $q0 = [ + 0xA9, 0x67, 0xB3, 0xE8, 0x04, 0xFD, 0xA3, 0x76, + 0x9A, 0x92, 0x80, 0x78, 0xE4, 0xDD, 0xD1, 0x38, + 0x0D, 0xC6, 0x35, 0x98, 0x18, 0xF7, 0xEC, 0x6C, + 0x43, 0x75, 0x37, 0x26, 0xFA, 0x13, 0x94, 0x48, + 0xF2, 0xD0, 0x8B, 0x30, 0x84, 0x54, 0xDF, 0x23, + 0x19, 0x5B, 0x3D, 0x59, 0xF3, 0xAE, 0xA2, 0x82, + 0x63, 0x01, 0x83, 0x2E, 0xD9, 0x51, 0x9B, 0x7C, + 0xA6, 0xEB, 0xA5, 0xBE, 0x16, 0x0C, 0xE3, 0x61, + 0xC0, 0x8C, 0x3A, 0xF5, 0x73, 0x2C, 0x25, 0x0B, + 0xBB, 0x4E, 0x89, 0x6B, 0x53, 0x6A, 0xB4, 0xF1, + 0xE1, 0xE6, 0xBD, 0x45, 0xE2, 0xF4, 0xB6, 0x66, + 0xCC, 0x95, 0x03, 0x56, 0xD4, 0x1C, 0x1E, 0xD7, + 0xFB, 0xC3, 0x8E, 0xB5, 0xE9, 0xCF, 0xBF, 0xBA, + 0xEA, 0x77, 0x39, 0xAF, 0x33, 0xC9, 0x62, 0x71, + 0x81, 0x79, 0x09, 0xAD, 0x24, 0xCD, 0xF9, 0xD8, + 0xE5, 0xC5, 0xB9, 0x4D, 0x44, 0x08, 0x86, 0xE7, + 0xA1, 0x1D, 0xAA, 0xED, 0x06, 0x70, 0xB2, 0xD2, + 0x41, 0x7B, 0xA0, 0x11, 0x31, 0xC2, 0x27, 0x90, + 0x20, 0xF6, 0x60, 0xFF, 0x96, 0x5C, 0xB1, 0xAB, + 0x9E, 0x9C, 0x52, 0x1B, 0x5F, 0x93, 0x0A, 0xEF, + 0x91, 0x85, 0x49, 0xEE, 0x2D, 0x4F, 0x8F, 0x3B, + 0x47, 0x87, 0x6D, 0x46, 0xD6, 0x3E, 0x69, 0x64, + 0x2A, 0xCE, 0xCB, 0x2F, 0xFC, 0x97, 0x05, 0x7A, + 0xAC, 0x7F, 0xD5, 0x1A, 0x4B, 0x0E, 0xA7, 0x5A, + 0x28, 0x14, 0x3F, 0x29, 0x88, 0x3C, 0x4C, 0x02, + 0xB8, 0xDA, 0xB0, 0x17, 0x55, 0x1F, 0x8A, 0x7D, + 0x57, 0xC7, 0x8D, 0x74, 0xB7, 0xC4, 0x9F, 0x72, + 0x7E, 0x15, 0x22, 0x12, 0x58, 0x07, 0x99, 0x34, + 0x6E, 0x50, 0xDE, 0x68, 0x65, 0xBC, 0xDB, 0xF8, + 0xC8, 0xA8, 0x2B, 0x40, 0xDC, 0xFE, 0x32, 0xA4, + 0xCA, 0x10, 0x21, 0xF0, 0xD3, 0x5D, 0x0F, 0x00, + 0x6F, 0x9D, 0x36, 0x42, 0x4A, 0x5E, 0xC1, 0xE0 + ]; + + /** + * Q-Table + * + * @var array + */ + private static $q1 = [ + 0x75, 0xF3, 0xC6, 0xF4, 0xDB, 0x7B, 0xFB, 0xC8, + 0x4A, 0xD3, 0xE6, 0x6B, 0x45, 0x7D, 0xE8, 0x4B, + 0xD6, 0x32, 0xD8, 0xFD, 0x37, 0x71, 0xF1, 0xE1, + 0x30, 0x0F, 0xF8, 0x1B, 0x87, 0xFA, 0x06, 0x3F, + 0x5E, 0xBA, 0xAE, 0x5B, 0x8A, 0x00, 0xBC, 0x9D, + 0x6D, 0xC1, 0xB1, 0x0E, 0x80, 0x5D, 0xD2, 0xD5, + 0xA0, 0x84, 0x07, 0x14, 0xB5, 0x90, 0x2C, 0xA3, + 0xB2, 0x73, 0x4C, 0x54, 0x92, 0x74, 0x36, 0x51, + 0x38, 0xB0, 0xBD, 0x5A, 0xFC, 0x60, 0x62, 0x96, + 0x6C, 0x42, 0xF7, 0x10, 0x7C, 0x28, 0x27, 0x8C, + 0x13, 0x95, 0x9C, 0xC7, 0x24, 0x46, 0x3B, 0x70, + 0xCA, 0xE3, 0x85, 0xCB, 0x11, 0xD0, 0x93, 0xB8, + 0xA6, 0x83, 0x20, 0xFF, 0x9F, 0x77, 0xC3, 0xCC, + 0x03, 0x6F, 0x08, 0xBF, 0x40, 0xE7, 0x2B, 0xE2, + 0x79, 0x0C, 0xAA, 0x82, 0x41, 0x3A, 0xEA, 0xB9, + 0xE4, 0x9A, 0xA4, 0x97, 0x7E, 0xDA, 0x7A, 0x17, + 0x66, 0x94, 0xA1, 0x1D, 0x3D, 0xF0, 0xDE, 0xB3, + 0x0B, 0x72, 0xA7, 0x1C, 0xEF, 0xD1, 0x53, 0x3E, + 0x8F, 0x33, 0x26, 0x5F, 0xEC, 0x76, 0x2A, 0x49, + 0x81, 0x88, 0xEE, 0x21, 0xC4, 0x1A, 0xEB, 0xD9, + 0xC5, 0x39, 0x99, 0xCD, 0xAD, 0x31, 0x8B, 0x01, + 0x18, 0x23, 0xDD, 0x1F, 0x4E, 0x2D, 0xF9, 0x48, + 0x4F, 0xF2, 0x65, 0x8E, 0x78, 0x5C, 0x58, 0x19, + 0x8D, 0xE5, 0x98, 0x57, 0x67, 0x7F, 0x05, 0x64, + 0xAF, 0x63, 0xB6, 0xFE, 0xF5, 0xB7, 0x3C, 0xA5, + 0xCE, 0xE9, 0x68, 0x44, 0xE0, 0x4D, 0x43, 0x69, + 0x29, 0x2E, 0xAC, 0x15, 0x59, 0xA8, 0x0A, 0x9E, + 0x6E, 0x47, 0xDF, 0x34, 0x35, 0x6A, 0xCF, 0xDC, + 0x22, 0xC9, 0xC0, 0x9B, 0x89, 0xD4, 0xED, 0xAB, + 0x12, 0xA2, 0x0D, 0x52, 0xBB, 0x02, 0x2F, 0xA9, + 0xD7, 0x61, 0x1E, 0xB4, 0x50, 0x04, 0xF6, 0xC2, + 0x16, 0x25, 0x86, 0x56, 0x55, 0x09, 0xBE, 0x91 + ]; + + /** + * M-Table + * + * @var array + */ + private static $m0 = [ + 0xBCBC3275, 0xECEC21F3, 0x202043C6, 0xB3B3C9F4, 0xDADA03DB, 0x02028B7B, 0xE2E22BFB, 0x9E9EFAC8, + 0xC9C9EC4A, 0xD4D409D3, 0x18186BE6, 0x1E1E9F6B, 0x98980E45, 0xB2B2387D, 0xA6A6D2E8, 0x2626B74B, + 0x3C3C57D6, 0x93938A32, 0x8282EED8, 0x525298FD, 0x7B7BD437, 0xBBBB3771, 0x5B5B97F1, 0x474783E1, + 0x24243C30, 0x5151E20F, 0xBABAC6F8, 0x4A4AF31B, 0xBFBF4887, 0x0D0D70FA, 0xB0B0B306, 0x7575DE3F, + 0xD2D2FD5E, 0x7D7D20BA, 0x666631AE, 0x3A3AA35B, 0x59591C8A, 0x00000000, 0xCDCD93BC, 0x1A1AE09D, + 0xAEAE2C6D, 0x7F7FABC1, 0x2B2BC7B1, 0xBEBEB90E, 0xE0E0A080, 0x8A8A105D, 0x3B3B52D2, 0x6464BAD5, + 0xD8D888A0, 0xE7E7A584, 0x5F5FE807, 0x1B1B1114, 0x2C2CC2B5, 0xFCFCB490, 0x3131272C, 0x808065A3, + 0x73732AB2, 0x0C0C8173, 0x79795F4C, 0x6B6B4154, 0x4B4B0292, 0x53536974, 0x94948F36, 0x83831F51, + 0x2A2A3638, 0xC4C49CB0, 0x2222C8BD, 0xD5D5F85A, 0xBDBDC3FC, 0x48487860, 0xFFFFCE62, 0x4C4C0796, + 0x4141776C, 0xC7C7E642, 0xEBEB24F7, 0x1C1C1410, 0x5D5D637C, 0x36362228, 0x6767C027, 0xE9E9AF8C, + 0x4444F913, 0x1414EA95, 0xF5F5BB9C, 0xCFCF18C7, 0x3F3F2D24, 0xC0C0E346, 0x7272DB3B, 0x54546C70, + 0x29294CCA, 0xF0F035E3, 0x0808FE85, 0xC6C617CB, 0xF3F34F11, 0x8C8CE4D0, 0xA4A45993, 0xCACA96B8, + 0x68683BA6, 0xB8B84D83, 0x38382820, 0xE5E52EFF, 0xADAD569F, 0x0B0B8477, 0xC8C81DC3, 0x9999FFCC, + 0x5858ED03, 0x19199A6F, 0x0E0E0A08, 0x95957EBF, 0x70705040, 0xF7F730E7, 0x6E6ECF2B, 0x1F1F6EE2, + 0xB5B53D79, 0x09090F0C, 0x616134AA, 0x57571682, 0x9F9F0B41, 0x9D9D803A, 0x111164EA, 0x2525CDB9, + 0xAFAFDDE4, 0x4545089A, 0xDFDF8DA4, 0xA3A35C97, 0xEAEAD57E, 0x353558DA, 0xEDEDD07A, 0x4343FC17, + 0xF8F8CB66, 0xFBFBB194, 0x3737D3A1, 0xFAFA401D, 0xC2C2683D, 0xB4B4CCF0, 0x32325DDE, 0x9C9C71B3, + 0x5656E70B, 0xE3E3DA72, 0x878760A7, 0x15151B1C, 0xF9F93AEF, 0x6363BFD1, 0x3434A953, 0x9A9A853E, + 0xB1B1428F, 0x7C7CD133, 0x88889B26, 0x3D3DA65F, 0xA1A1D7EC, 0xE4E4DF76, 0x8181942A, 0x91910149, + 0x0F0FFB81, 0xEEEEAA88, 0x161661EE, 0xD7D77321, 0x9797F5C4, 0xA5A5A81A, 0xFEFE3FEB, 0x6D6DB5D9, + 0x7878AEC5, 0xC5C56D39, 0x1D1DE599, 0x7676A4CD, 0x3E3EDCAD, 0xCBCB6731, 0xB6B6478B, 0xEFEF5B01, + 0x12121E18, 0x6060C523, 0x6A6AB0DD, 0x4D4DF61F, 0xCECEE94E, 0xDEDE7C2D, 0x55559DF9, 0x7E7E5A48, + 0x2121B24F, 0x03037AF2, 0xA0A02665, 0x5E5E198E, 0x5A5A6678, 0x65654B5C, 0x62624E58, 0xFDFD4519, + 0x0606F48D, 0x404086E5, 0xF2F2BE98, 0x3333AC57, 0x17179067, 0x05058E7F, 0xE8E85E05, 0x4F4F7D64, + 0x89896AAF, 0x10109563, 0x74742FB6, 0x0A0A75FE, 0x5C5C92F5, 0x9B9B74B7, 0x2D2D333C, 0x3030D6A5, + 0x2E2E49CE, 0x494989E9, 0x46467268, 0x77775544, 0xA8A8D8E0, 0x9696044D, 0x2828BD43, 0xA9A92969, + 0xD9D97929, 0x8686912E, 0xD1D187AC, 0xF4F44A15, 0x8D8D1559, 0xD6D682A8, 0xB9B9BC0A, 0x42420D9E, + 0xF6F6C16E, 0x2F2FB847, 0xDDDD06DF, 0x23233934, 0xCCCC6235, 0xF1F1C46A, 0xC1C112CF, 0x8585EBDC, + 0x8F8F9E22, 0x7171A1C9, 0x9090F0C0, 0xAAAA539B, 0x0101F189, 0x8B8BE1D4, 0x4E4E8CED, 0x8E8E6FAB, + 0xABABA212, 0x6F6F3EA2, 0xE6E6540D, 0xDBDBF252, 0x92927BBB, 0xB7B7B602, 0x6969CA2F, 0x3939D9A9, + 0xD3D30CD7, 0xA7A72361, 0xA2A2AD1E, 0xC3C399B4, 0x6C6C4450, 0x07070504, 0x04047FF6, 0x272746C2, + 0xACACA716, 0xD0D07625, 0x50501386, 0xDCDCF756, 0x84841A55, 0xE1E15109, 0x7A7A25BE, 0x1313EF91 + ]; + + /** + * M-Table + * + * @var array + */ + private static $m1 = [ + 0xA9D93939, 0x67901717, 0xB3719C9C, 0xE8D2A6A6, 0x04050707, 0xFD985252, 0xA3658080, 0x76DFE4E4, + 0x9A084545, 0x92024B4B, 0x80A0E0E0, 0x78665A5A, 0xE4DDAFAF, 0xDDB06A6A, 0xD1BF6363, 0x38362A2A, + 0x0D54E6E6, 0xC6432020, 0x3562CCCC, 0x98BEF2F2, 0x181E1212, 0xF724EBEB, 0xECD7A1A1, 0x6C774141, + 0x43BD2828, 0x7532BCBC, 0x37D47B7B, 0x269B8888, 0xFA700D0D, 0x13F94444, 0x94B1FBFB, 0x485A7E7E, + 0xF27A0303, 0xD0E48C8C, 0x8B47B6B6, 0x303C2424, 0x84A5E7E7, 0x54416B6B, 0xDF06DDDD, 0x23C56060, + 0x1945FDFD, 0x5BA33A3A, 0x3D68C2C2, 0x59158D8D, 0xF321ECEC, 0xAE316666, 0xA23E6F6F, 0x82165757, + 0x63951010, 0x015BEFEF, 0x834DB8B8, 0x2E918686, 0xD9B56D6D, 0x511F8383, 0x9B53AAAA, 0x7C635D5D, + 0xA63B6868, 0xEB3FFEFE, 0xA5D63030, 0xBE257A7A, 0x16A7ACAC, 0x0C0F0909, 0xE335F0F0, 0x6123A7A7, + 0xC0F09090, 0x8CAFE9E9, 0x3A809D9D, 0xF5925C5C, 0x73810C0C, 0x2C273131, 0x2576D0D0, 0x0BE75656, + 0xBB7B9292, 0x4EE9CECE, 0x89F10101, 0x6B9F1E1E, 0x53A93434, 0x6AC4F1F1, 0xB499C3C3, 0xF1975B5B, + 0xE1834747, 0xE66B1818, 0xBDC82222, 0x450E9898, 0xE26E1F1F, 0xF4C9B3B3, 0xB62F7474, 0x66CBF8F8, + 0xCCFF9999, 0x95EA1414, 0x03ED5858, 0x56F7DCDC, 0xD4E18B8B, 0x1C1B1515, 0x1EADA2A2, 0xD70CD3D3, + 0xFB2BE2E2, 0xC31DC8C8, 0x8E195E5E, 0xB5C22C2C, 0xE9894949, 0xCF12C1C1, 0xBF7E9595, 0xBA207D7D, + 0xEA641111, 0x77840B0B, 0x396DC5C5, 0xAF6A8989, 0x33D17C7C, 0xC9A17171, 0x62CEFFFF, 0x7137BBBB, + 0x81FB0F0F, 0x793DB5B5, 0x0951E1E1, 0xADDC3E3E, 0x242D3F3F, 0xCDA47676, 0xF99D5555, 0xD8EE8282, + 0xE5864040, 0xC5AE7878, 0xB9CD2525, 0x4D049696, 0x44557777, 0x080A0E0E, 0x86135050, 0xE730F7F7, + 0xA1D33737, 0x1D40FAFA, 0xAA346161, 0xED8C4E4E, 0x06B3B0B0, 0x706C5454, 0xB22A7373, 0xD2523B3B, + 0x410B9F9F, 0x7B8B0202, 0xA088D8D8, 0x114FF3F3, 0x3167CBCB, 0xC2462727, 0x27C06767, 0x90B4FCFC, + 0x20283838, 0xF67F0404, 0x60784848, 0xFF2EE5E5, 0x96074C4C, 0x5C4B6565, 0xB1C72B2B, 0xAB6F8E8E, + 0x9E0D4242, 0x9CBBF5F5, 0x52F2DBDB, 0x1BF34A4A, 0x5FA63D3D, 0x9359A4A4, 0x0ABCB9B9, 0xEF3AF9F9, + 0x91EF1313, 0x85FE0808, 0x49019191, 0xEE611616, 0x2D7CDEDE, 0x4FB22121, 0x8F42B1B1, 0x3BDB7272, + 0x47B82F2F, 0x8748BFBF, 0x6D2CAEAE, 0x46E3C0C0, 0xD6573C3C, 0x3E859A9A, 0x6929A9A9, 0x647D4F4F, + 0x2A948181, 0xCE492E2E, 0xCB17C6C6, 0x2FCA6969, 0xFCC3BDBD, 0x975CA3A3, 0x055EE8E8, 0x7AD0EDED, + 0xAC87D1D1, 0x7F8E0505, 0xD5BA6464, 0x1AA8A5A5, 0x4BB72626, 0x0EB9BEBE, 0xA7608787, 0x5AF8D5D5, + 0x28223636, 0x14111B1B, 0x3FDE7575, 0x2979D9D9, 0x88AAEEEE, 0x3C332D2D, 0x4C5F7979, 0x02B6B7B7, + 0xB896CACA, 0xDA583535, 0xB09CC4C4, 0x17FC4343, 0x551A8484, 0x1FF64D4D, 0x8A1C5959, 0x7D38B2B2, + 0x57AC3333, 0xC718CFCF, 0x8DF40606, 0x74695353, 0xB7749B9B, 0xC4F59797, 0x9F56ADAD, 0x72DAE3E3, + 0x7ED5EAEA, 0x154AF4F4, 0x229E8F8F, 0x12A2ABAB, 0x584E6262, 0x07E85F5F, 0x99E51D1D, 0x34392323, + 0x6EC1F6F6, 0x50446C6C, 0xDE5D3232, 0x68724646, 0x6526A0A0, 0xBC93CDCD, 0xDB03DADA, 0xF8C6BABA, + 0xC8FA9E9E, 0xA882D6D6, 0x2BCF6E6E, 0x40507070, 0xDCEB8585, 0xFE750A0A, 0x328A9393, 0xA48DDFDF, + 0xCA4C2929, 0x10141C1C, 0x2173D7D7, 0xF0CCB4B4, 0xD309D4D4, 0x5D108A8A, 0x0FE25151, 0x00000000, + 0x6F9A1919, 0x9DE01A1A, 0x368F9494, 0x42E6C7C7, 0x4AECC9C9, 0x5EFDD2D2, 0xC1AB7F7F, 0xE0D8A8A8 + ]; + + /** + * M-Table + * + * @var array + */ + private static $m2 = [ + 0xBC75BC32, 0xECF3EC21, 0x20C62043, 0xB3F4B3C9, 0xDADBDA03, 0x027B028B, 0xE2FBE22B, 0x9EC89EFA, + 0xC94AC9EC, 0xD4D3D409, 0x18E6186B, 0x1E6B1E9F, 0x9845980E, 0xB27DB238, 0xA6E8A6D2, 0x264B26B7, + 0x3CD63C57, 0x9332938A, 0x82D882EE, 0x52FD5298, 0x7B377BD4, 0xBB71BB37, 0x5BF15B97, 0x47E14783, + 0x2430243C, 0x510F51E2, 0xBAF8BAC6, 0x4A1B4AF3, 0xBF87BF48, 0x0DFA0D70, 0xB006B0B3, 0x753F75DE, + 0xD25ED2FD, 0x7DBA7D20, 0x66AE6631, 0x3A5B3AA3, 0x598A591C, 0x00000000, 0xCDBCCD93, 0x1A9D1AE0, + 0xAE6DAE2C, 0x7FC17FAB, 0x2BB12BC7, 0xBE0EBEB9, 0xE080E0A0, 0x8A5D8A10, 0x3BD23B52, 0x64D564BA, + 0xD8A0D888, 0xE784E7A5, 0x5F075FE8, 0x1B141B11, 0x2CB52CC2, 0xFC90FCB4, 0x312C3127, 0x80A38065, + 0x73B2732A, 0x0C730C81, 0x794C795F, 0x6B546B41, 0x4B924B02, 0x53745369, 0x9436948F, 0x8351831F, + 0x2A382A36, 0xC4B0C49C, 0x22BD22C8, 0xD55AD5F8, 0xBDFCBDC3, 0x48604878, 0xFF62FFCE, 0x4C964C07, + 0x416C4177, 0xC742C7E6, 0xEBF7EB24, 0x1C101C14, 0x5D7C5D63, 0x36283622, 0x672767C0, 0xE98CE9AF, + 0x441344F9, 0x149514EA, 0xF59CF5BB, 0xCFC7CF18, 0x3F243F2D, 0xC046C0E3, 0x723B72DB, 0x5470546C, + 0x29CA294C, 0xF0E3F035, 0x088508FE, 0xC6CBC617, 0xF311F34F, 0x8CD08CE4, 0xA493A459, 0xCAB8CA96, + 0x68A6683B, 0xB883B84D, 0x38203828, 0xE5FFE52E, 0xAD9FAD56, 0x0B770B84, 0xC8C3C81D, 0x99CC99FF, + 0x580358ED, 0x196F199A, 0x0E080E0A, 0x95BF957E, 0x70407050, 0xF7E7F730, 0x6E2B6ECF, 0x1FE21F6E, + 0xB579B53D, 0x090C090F, 0x61AA6134, 0x57825716, 0x9F419F0B, 0x9D3A9D80, 0x11EA1164, 0x25B925CD, + 0xAFE4AFDD, 0x459A4508, 0xDFA4DF8D, 0xA397A35C, 0xEA7EEAD5, 0x35DA3558, 0xED7AEDD0, 0x431743FC, + 0xF866F8CB, 0xFB94FBB1, 0x37A137D3, 0xFA1DFA40, 0xC23DC268, 0xB4F0B4CC, 0x32DE325D, 0x9CB39C71, + 0x560B56E7, 0xE372E3DA, 0x87A78760, 0x151C151B, 0xF9EFF93A, 0x63D163BF, 0x345334A9, 0x9A3E9A85, + 0xB18FB142, 0x7C337CD1, 0x8826889B, 0x3D5F3DA6, 0xA1ECA1D7, 0xE476E4DF, 0x812A8194, 0x91499101, + 0x0F810FFB, 0xEE88EEAA, 0x16EE1661, 0xD721D773, 0x97C497F5, 0xA51AA5A8, 0xFEEBFE3F, 0x6DD96DB5, + 0x78C578AE, 0xC539C56D, 0x1D991DE5, 0x76CD76A4, 0x3EAD3EDC, 0xCB31CB67, 0xB68BB647, 0xEF01EF5B, + 0x1218121E, 0x602360C5, 0x6ADD6AB0, 0x4D1F4DF6, 0xCE4ECEE9, 0xDE2DDE7C, 0x55F9559D, 0x7E487E5A, + 0x214F21B2, 0x03F2037A, 0xA065A026, 0x5E8E5E19, 0x5A785A66, 0x655C654B, 0x6258624E, 0xFD19FD45, + 0x068D06F4, 0x40E54086, 0xF298F2BE, 0x335733AC, 0x17671790, 0x057F058E, 0xE805E85E, 0x4F644F7D, + 0x89AF896A, 0x10631095, 0x74B6742F, 0x0AFE0A75, 0x5CF55C92, 0x9BB79B74, 0x2D3C2D33, 0x30A530D6, + 0x2ECE2E49, 0x49E94989, 0x46684672, 0x77447755, 0xA8E0A8D8, 0x964D9604, 0x284328BD, 0xA969A929, + 0xD929D979, 0x862E8691, 0xD1ACD187, 0xF415F44A, 0x8D598D15, 0xD6A8D682, 0xB90AB9BC, 0x429E420D, + 0xF66EF6C1, 0x2F472FB8, 0xDDDFDD06, 0x23342339, 0xCC35CC62, 0xF16AF1C4, 0xC1CFC112, 0x85DC85EB, + 0x8F228F9E, 0x71C971A1, 0x90C090F0, 0xAA9BAA53, 0x018901F1, 0x8BD48BE1, 0x4EED4E8C, 0x8EAB8E6F, + 0xAB12ABA2, 0x6FA26F3E, 0xE60DE654, 0xDB52DBF2, 0x92BB927B, 0xB702B7B6, 0x692F69CA, 0x39A939D9, + 0xD3D7D30C, 0xA761A723, 0xA21EA2AD, 0xC3B4C399, 0x6C506C44, 0x07040705, 0x04F6047F, 0x27C22746, + 0xAC16ACA7, 0xD025D076, 0x50865013, 0xDC56DCF7, 0x8455841A, 0xE109E151, 0x7ABE7A25, 0x139113EF + ]; + + /** + * M-Table + * + * @var array + */ + private static $m3 = [ + 0xD939A9D9, 0x90176790, 0x719CB371, 0xD2A6E8D2, 0x05070405, 0x9852FD98, 0x6580A365, 0xDFE476DF, + 0x08459A08, 0x024B9202, 0xA0E080A0, 0x665A7866, 0xDDAFE4DD, 0xB06ADDB0, 0xBF63D1BF, 0x362A3836, + 0x54E60D54, 0x4320C643, 0x62CC3562, 0xBEF298BE, 0x1E12181E, 0x24EBF724, 0xD7A1ECD7, 0x77416C77, + 0xBD2843BD, 0x32BC7532, 0xD47B37D4, 0x9B88269B, 0x700DFA70, 0xF94413F9, 0xB1FB94B1, 0x5A7E485A, + 0x7A03F27A, 0xE48CD0E4, 0x47B68B47, 0x3C24303C, 0xA5E784A5, 0x416B5441, 0x06DDDF06, 0xC56023C5, + 0x45FD1945, 0xA33A5BA3, 0x68C23D68, 0x158D5915, 0x21ECF321, 0x3166AE31, 0x3E6FA23E, 0x16578216, + 0x95106395, 0x5BEF015B, 0x4DB8834D, 0x91862E91, 0xB56DD9B5, 0x1F83511F, 0x53AA9B53, 0x635D7C63, + 0x3B68A63B, 0x3FFEEB3F, 0xD630A5D6, 0x257ABE25, 0xA7AC16A7, 0x0F090C0F, 0x35F0E335, 0x23A76123, + 0xF090C0F0, 0xAFE98CAF, 0x809D3A80, 0x925CF592, 0x810C7381, 0x27312C27, 0x76D02576, 0xE7560BE7, + 0x7B92BB7B, 0xE9CE4EE9, 0xF10189F1, 0x9F1E6B9F, 0xA93453A9, 0xC4F16AC4, 0x99C3B499, 0x975BF197, + 0x8347E183, 0x6B18E66B, 0xC822BDC8, 0x0E98450E, 0x6E1FE26E, 0xC9B3F4C9, 0x2F74B62F, 0xCBF866CB, + 0xFF99CCFF, 0xEA1495EA, 0xED5803ED, 0xF7DC56F7, 0xE18BD4E1, 0x1B151C1B, 0xADA21EAD, 0x0CD3D70C, + 0x2BE2FB2B, 0x1DC8C31D, 0x195E8E19, 0xC22CB5C2, 0x8949E989, 0x12C1CF12, 0x7E95BF7E, 0x207DBA20, + 0x6411EA64, 0x840B7784, 0x6DC5396D, 0x6A89AF6A, 0xD17C33D1, 0xA171C9A1, 0xCEFF62CE, 0x37BB7137, + 0xFB0F81FB, 0x3DB5793D, 0x51E10951, 0xDC3EADDC, 0x2D3F242D, 0xA476CDA4, 0x9D55F99D, 0xEE82D8EE, + 0x8640E586, 0xAE78C5AE, 0xCD25B9CD, 0x04964D04, 0x55774455, 0x0A0E080A, 0x13508613, 0x30F7E730, + 0xD337A1D3, 0x40FA1D40, 0x3461AA34, 0x8C4EED8C, 0xB3B006B3, 0x6C54706C, 0x2A73B22A, 0x523BD252, + 0x0B9F410B, 0x8B027B8B, 0x88D8A088, 0x4FF3114F, 0x67CB3167, 0x4627C246, 0xC06727C0, 0xB4FC90B4, + 0x28382028, 0x7F04F67F, 0x78486078, 0x2EE5FF2E, 0x074C9607, 0x4B655C4B, 0xC72BB1C7, 0x6F8EAB6F, + 0x0D429E0D, 0xBBF59CBB, 0xF2DB52F2, 0xF34A1BF3, 0xA63D5FA6, 0x59A49359, 0xBCB90ABC, 0x3AF9EF3A, + 0xEF1391EF, 0xFE0885FE, 0x01914901, 0x6116EE61, 0x7CDE2D7C, 0xB2214FB2, 0x42B18F42, 0xDB723BDB, + 0xB82F47B8, 0x48BF8748, 0x2CAE6D2C, 0xE3C046E3, 0x573CD657, 0x859A3E85, 0x29A96929, 0x7D4F647D, + 0x94812A94, 0x492ECE49, 0x17C6CB17, 0xCA692FCA, 0xC3BDFCC3, 0x5CA3975C, 0x5EE8055E, 0xD0ED7AD0, + 0x87D1AC87, 0x8E057F8E, 0xBA64D5BA, 0xA8A51AA8, 0xB7264BB7, 0xB9BE0EB9, 0x6087A760, 0xF8D55AF8, + 0x22362822, 0x111B1411, 0xDE753FDE, 0x79D92979, 0xAAEE88AA, 0x332D3C33, 0x5F794C5F, 0xB6B702B6, + 0x96CAB896, 0x5835DA58, 0x9CC4B09C, 0xFC4317FC, 0x1A84551A, 0xF64D1FF6, 0x1C598A1C, 0x38B27D38, + 0xAC3357AC, 0x18CFC718, 0xF4068DF4, 0x69537469, 0x749BB774, 0xF597C4F5, 0x56AD9F56, 0xDAE372DA, + 0xD5EA7ED5, 0x4AF4154A, 0x9E8F229E, 0xA2AB12A2, 0x4E62584E, 0xE85F07E8, 0xE51D99E5, 0x39233439, + 0xC1F66EC1, 0x446C5044, 0x5D32DE5D, 0x72466872, 0x26A06526, 0x93CDBC93, 0x03DADB03, 0xC6BAF8C6, + 0xFA9EC8FA, 0x82D6A882, 0xCF6E2BCF, 0x50704050, 0xEB85DCEB, 0x750AFE75, 0x8A93328A, 0x8DDFA48D, + 0x4C29CA4C, 0x141C1014, 0x73D72173, 0xCCB4F0CC, 0x09D4D309, 0x108A5D10, 0xE2510FE2, 0x00000000, + 0x9A196F9A, 0xE01A9DE0, 0x8F94368F, 0xE6C742E6, 0xECC94AEC, 0xFDD25EFD, 0xAB7FC1AB, 0xD8A8E0D8 + ]; + + /** + * The Key Schedule Array + * + * @var array + */ + private $K = []; + + /** + * The Key depended S-Table 0 + * + * @var array + */ + private $S0 = []; + + /** + * The Key depended S-Table 1 + * + * @var array + */ + private $S1 = []; + + /** + * The Key depended S-Table 2 + * + * @var array + */ + private $S2 = []; + + /** + * The Key depended S-Table 3 + * + * @var array + */ + private $S3 = []; + + /** + * Holds the last used key + * + * @var array + */ + private $kl; + + /** + * The Key Length (in bytes) + * + * @see Crypt_Twofish::setKeyLength() + * @var int + */ + protected $key_length = 16; + + /** + * Default Constructor. + * + * @param string $mode + * @throws BadModeException if an invalid / unsupported mode is provided + */ + public function __construct($mode) + { + parent::__construct($mode); + + if ($this->mode == self::MODE_STREAM) { + throw new BadModeException('Block ciphers cannot be ran in stream mode'); + } + } + + /** + * Initialize Static Variables + */ + protected static function initialize_static_variables() + { + if (is_float(self::$m3[0])) { + self::$m0 = array_map('intval', self::$m0); + self::$m1 = array_map('intval', self::$m1); + self::$m2 = array_map('intval', self::$m2); + self::$m3 = array_map('intval', self::$m3); + self::$q0 = array_map('intval', self::$q0); + self::$q1 = array_map('intval', self::$q1); + } + + parent::initialize_static_variables(); + } + + /** + * Sets the key length. + * + * Valid key lengths are 128, 192 or 256 bits + * + * @param int $length + */ + public function setKeyLength($length) + { + switch ($length) { + case 128: + case 192: + case 256: + break; + default: + throw new \LengthException('Key of size ' . $length . ' not supported by this algorithm. Only keys of sizes 16, 24 or 32 supported'); + } + + parent::setKeyLength($length); + } + + /** + * Sets the key. + * + * Rijndael supports five different key lengths + * + * @see setKeyLength() + * @param string $key + * @throws \LengthException if the key length isn't supported + */ + public function setKey($key) + { + switch (strlen($key)) { + case 16: + case 24: + case 32: + break; + default: + throw new \LengthException('Key of size ' . strlen($key) . ' not supported by this algorithm. Only keys of sizes 16, 24 or 32 supported'); + } + + parent::setKey($key); + } + + /** + * Setup the key (expansion) + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::_setupKey() + */ + protected function setupKey() + { + if (isset($this->kl['key']) && $this->key === $this->kl['key']) { + // already expanded + return; + } + $this->kl = ['key' => $this->key]; + + /* Key expanding and generating the key-depended s-boxes */ + $le_longs = unpack('V*', $this->key); + $key = unpack('C*', $this->key); + $m0 = self::$m0; + $m1 = self::$m1; + $m2 = self::$m2; + $m3 = self::$m3; + $q0 = self::$q0; + $q1 = self::$q1; + + $K = $S0 = $S1 = $S2 = $S3 = []; + + switch (strlen($this->key)) { + case 16: + list($s7, $s6, $s5, $s4) = $this->mdsrem($le_longs[1], $le_longs[2]); + list($s3, $s2, $s1, $s0) = $this->mdsrem($le_longs[3], $le_longs[4]); + for ($i = 0, $j = 1; $i < 40; $i += 2, $j += 2) { + $A = $m0[$q0[$q0[$i] ^ $key[ 9]] ^ $key[1]] ^ + $m1[$q0[$q1[$i] ^ $key[10]] ^ $key[2]] ^ + $m2[$q1[$q0[$i] ^ $key[11]] ^ $key[3]] ^ + $m3[$q1[$q1[$i] ^ $key[12]] ^ $key[4]]; + $B = $m0[$q0[$q0[$j] ^ $key[13]] ^ $key[5]] ^ + $m1[$q0[$q1[$j] ^ $key[14]] ^ $key[6]] ^ + $m2[$q1[$q0[$j] ^ $key[15]] ^ $key[7]] ^ + $m3[$q1[$q1[$j] ^ $key[16]] ^ $key[8]]; + $B = ($B << 8) | ($B >> 24 & 0xff); + $A = self::safe_intval($A + $B); + $K[] = $A; + $A = self::safe_intval($A + $B); + $K[] = ($A << 9 | $A >> 23 & 0x1ff); + } + for ($i = 0; $i < 256; ++$i) { + $S0[$i] = $m0[$q0[$q0[$i] ^ $s4] ^ $s0]; + $S1[$i] = $m1[$q0[$q1[$i] ^ $s5] ^ $s1]; + $S2[$i] = $m2[$q1[$q0[$i] ^ $s6] ^ $s2]; + $S3[$i] = $m3[$q1[$q1[$i] ^ $s7] ^ $s3]; + } + break; + case 24: + list($sb, $sa, $s9, $s8) = $this->mdsrem($le_longs[1], $le_longs[2]); + list($s7, $s6, $s5, $s4) = $this->mdsrem($le_longs[3], $le_longs[4]); + list($s3, $s2, $s1, $s0) = $this->mdsrem($le_longs[5], $le_longs[6]); + for ($i = 0, $j = 1; $i < 40; $i += 2, $j += 2) { + $A = $m0[$q0[$q0[$q1[$i] ^ $key[17]] ^ $key[ 9]] ^ $key[1]] ^ + $m1[$q0[$q1[$q1[$i] ^ $key[18]] ^ $key[10]] ^ $key[2]] ^ + $m2[$q1[$q0[$q0[$i] ^ $key[19]] ^ $key[11]] ^ $key[3]] ^ + $m3[$q1[$q1[$q0[$i] ^ $key[20]] ^ $key[12]] ^ $key[4]]; + $B = $m0[$q0[$q0[$q1[$j] ^ $key[21]] ^ $key[13]] ^ $key[5]] ^ + $m1[$q0[$q1[$q1[$j] ^ $key[22]] ^ $key[14]] ^ $key[6]] ^ + $m2[$q1[$q0[$q0[$j] ^ $key[23]] ^ $key[15]] ^ $key[7]] ^ + $m3[$q1[$q1[$q0[$j] ^ $key[24]] ^ $key[16]] ^ $key[8]]; + $B = ($B << 8) | ($B >> 24 & 0xff); + $A = self::safe_intval($A + $B); + $K[] = $A; + $A = self::safe_intval($A + $B); + $K[] = ($A << 9 | $A >> 23 & 0x1ff); + } + for ($i = 0; $i < 256; ++$i) { + $S0[$i] = $m0[$q0[$q0[$q1[$i] ^ $s8] ^ $s4] ^ $s0]; + $S1[$i] = $m1[$q0[$q1[$q1[$i] ^ $s9] ^ $s5] ^ $s1]; + $S2[$i] = $m2[$q1[$q0[$q0[$i] ^ $sa] ^ $s6] ^ $s2]; + $S3[$i] = $m3[$q1[$q1[$q0[$i] ^ $sb] ^ $s7] ^ $s3]; + } + break; + default: // 32 + list($sf, $se, $sd, $sc) = $this->mdsrem($le_longs[1], $le_longs[2]); + list($sb, $sa, $s9, $s8) = $this->mdsrem($le_longs[3], $le_longs[4]); + list($s7, $s6, $s5, $s4) = $this->mdsrem($le_longs[5], $le_longs[6]); + list($s3, $s2, $s1, $s0) = $this->mdsrem($le_longs[7], $le_longs[8]); + for ($i = 0, $j = 1; $i < 40; $i += 2, $j += 2) { + $A = $m0[$q0[$q0[$q1[$q1[$i] ^ $key[25]] ^ $key[17]] ^ $key[ 9]] ^ $key[1]] ^ + $m1[$q0[$q1[$q1[$q0[$i] ^ $key[26]] ^ $key[18]] ^ $key[10]] ^ $key[2]] ^ + $m2[$q1[$q0[$q0[$q0[$i] ^ $key[27]] ^ $key[19]] ^ $key[11]] ^ $key[3]] ^ + $m3[$q1[$q1[$q0[$q1[$i] ^ $key[28]] ^ $key[20]] ^ $key[12]] ^ $key[4]]; + $B = $m0[$q0[$q0[$q1[$q1[$j] ^ $key[29]] ^ $key[21]] ^ $key[13]] ^ $key[5]] ^ + $m1[$q0[$q1[$q1[$q0[$j] ^ $key[30]] ^ $key[22]] ^ $key[14]] ^ $key[6]] ^ + $m2[$q1[$q0[$q0[$q0[$j] ^ $key[31]] ^ $key[23]] ^ $key[15]] ^ $key[7]] ^ + $m3[$q1[$q1[$q0[$q1[$j] ^ $key[32]] ^ $key[24]] ^ $key[16]] ^ $key[8]]; + $B = ($B << 8) | ($B >> 24 & 0xff); + $A = self::safe_intval($A + $B); + $K[] = $A; + $A = self::safe_intval($A + $B); + $K[] = ($A << 9 | $A >> 23 & 0x1ff); + } + for ($i = 0; $i < 256; ++$i) { + $S0[$i] = $m0[$q0[$q0[$q1[$q1[$i] ^ $sc] ^ $s8] ^ $s4] ^ $s0]; + $S1[$i] = $m1[$q0[$q1[$q1[$q0[$i] ^ $sd] ^ $s9] ^ $s5] ^ $s1]; + $S2[$i] = $m2[$q1[$q0[$q0[$q0[$i] ^ $se] ^ $sa] ^ $s6] ^ $s2]; + $S3[$i] = $m3[$q1[$q1[$q0[$q1[$i] ^ $sf] ^ $sb] ^ $s7] ^ $s3]; + } + } + + $this->K = $K; + $this->S0 = $S0; + $this->S1 = $S1; + $this->S2 = $S2; + $this->S3 = $S3; + } + + /** + * _mdsrem function using by the twofish cipher algorithm + * + * @param string $A + * @param string $B + * @return array + */ + private function mdsrem($A, $B) + { + // No gain by unrolling this loop. + for ($i = 0; $i < 8; ++$i) { + // Get most significant coefficient. + $t = 0xff & ($B >> 24); + + // Shift the others up. + $B = ($B << 8) | (0xff & ($A >> 24)); + $A <<= 8; + + $u = $t << 1; + + // Subtract the modular polynomial on overflow. + if ($t & 0x80) { + $u ^= 0x14d; + } + + // Remove t * (a * x^2 + 1). + $B ^= $t ^ ($u << 16); + + // Form u = a*t + t/a = t*(a + 1/a). + $u ^= 0x7fffffff & ($t >> 1); + + // Add the modular polynomial on underflow. + if ($t & 0x01) { + $u ^= 0xa6 ; + } + + // Remove t * (a + 1/a) * (x^3 + x). + $B ^= ($u << 24) | ($u << 8); + } + + return [ + 0xff & $B >> 24, + 0xff & $B >> 16, + 0xff & $B >> 8, + 0xff & $B]; + } + + /** + * Encrypts a block + * + * @param string $in + * @return string + */ + protected function encryptBlock($in) + { + $S0 = $this->S0; + $S1 = $this->S1; + $S2 = $this->S2; + $S3 = $this->S3; + $K = $this->K; + + $in = unpack("V4", $in); + $R0 = $K[0] ^ $in[1]; + $R1 = $K[1] ^ $in[2]; + $R2 = $K[2] ^ $in[3]; + $R3 = $K[3] ^ $in[4]; + + $ki = 7; + while ($ki < 39) { + $t0 = $S0[ $R0 & 0xff] ^ + $S1[($R0 >> 8) & 0xff] ^ + $S2[($R0 >> 16) & 0xff] ^ + $S3[($R0 >> 24) & 0xff]; + $t1 = $S0[($R1 >> 24) & 0xff] ^ + $S1[ $R1 & 0xff] ^ + $S2[($R1 >> 8) & 0xff] ^ + $S3[($R1 >> 16) & 0xff]; + $R2 ^= self::safe_intval($t0 + $t1 + $K[++$ki]); + $R2 = ($R2 >> 1 & 0x7fffffff) | ($R2 << 31); + $R3 = ((($R3 >> 31) & 1) | ($R3 << 1)) ^ self::safe_intval($t0 + ($t1 << 1) + $K[++$ki]); + + $t0 = $S0[ $R2 & 0xff] ^ + $S1[($R2 >> 8) & 0xff] ^ + $S2[($R2 >> 16) & 0xff] ^ + $S3[($R2 >> 24) & 0xff]; + $t1 = $S0[($R3 >> 24) & 0xff] ^ + $S1[ $R3 & 0xff] ^ + $S2[($R3 >> 8) & 0xff] ^ + $S3[($R3 >> 16) & 0xff]; + $R0 ^= self::safe_intval($t0 + $t1 + $K[++$ki]); + $R0 = ($R0 >> 1 & 0x7fffffff) | ($R0 << 31); + $R1 = ((($R1 >> 31) & 1) | ($R1 << 1)) ^ self::safe_intval($t0 + ($t1 << 1) + $K[++$ki]); + } + + // @codingStandardsIgnoreStart + return pack("V4", $K[4] ^ $R2, + $K[5] ^ $R3, + $K[6] ^ $R0, + $K[7] ^ $R1); + // @codingStandardsIgnoreEnd + } + + /** + * Decrypts a block + * + * @param string $in + * @return string + */ + protected function decryptBlock($in) + { + $S0 = $this->S0; + $S1 = $this->S1; + $S2 = $this->S2; + $S3 = $this->S3; + $K = $this->K; + + $in = unpack("V4", $in); + $R0 = $K[4] ^ $in[1]; + $R1 = $K[5] ^ $in[2]; + $R2 = $K[6] ^ $in[3]; + $R3 = $K[7] ^ $in[4]; + + $ki = 40; + while ($ki > 8) { + $t0 = $S0[$R0 & 0xff] ^ + $S1[$R0 >> 8 & 0xff] ^ + $S2[$R0 >> 16 & 0xff] ^ + $S3[$R0 >> 24 & 0xff]; + $t1 = $S0[$R1 >> 24 & 0xff] ^ + $S1[$R1 & 0xff] ^ + $S2[$R1 >> 8 & 0xff] ^ + $S3[$R1 >> 16 & 0xff]; + $R3 ^= self::safe_intval($t0 + ($t1 << 1) + $K[--$ki]); + $R3 = $R3 >> 1 & 0x7fffffff | $R3 << 31; + $R2 = ($R2 >> 31 & 0x1 | $R2 << 1) ^ self::safe_intval($t0 + $t1 + $K[--$ki]); + + $t0 = $S0[$R2 & 0xff] ^ + $S1[$R2 >> 8 & 0xff] ^ + $S2[$R2 >> 16 & 0xff] ^ + $S3[$R2 >> 24 & 0xff]; + $t1 = $S0[$R3 >> 24 & 0xff] ^ + $S1[$R3 & 0xff] ^ + $S2[$R3 >> 8 & 0xff] ^ + $S3[$R3 >> 16 & 0xff]; + $R1 ^= self::safe_intval($t0 + ($t1 << 1) + $K[--$ki]); + $R1 = $R1 >> 1 & 0x7fffffff | $R1 << 31; + $R0 = ($R0 >> 31 & 0x1 | $R0 << 1) ^ self::safe_intval($t0 + $t1 + $K[--$ki]); + } + + // @codingStandardsIgnoreStart + return pack("V4", $K[0] ^ $R2, + $K[1] ^ $R3, + $K[2] ^ $R0, + $K[3] ^ $R1); + // @codingStandardsIgnoreEnd + } + + /** + * Setup the performance-optimized function for de/encrypt() + * + * @see \phpseclib3\Crypt\Common\SymmetricKey::_setupInlineCrypt() + */ + protected function setupInlineCrypt() + { + $K = $this->K; + $init_crypt = ' + static $S0, $S1, $S2, $S3; + if (!$S0) { + for ($i = 0; $i < 256; ++$i) { + $S0[] = (int)$this->S0[$i]; + $S1[] = (int)$this->S1[$i]; + $S2[] = (int)$this->S2[$i]; + $S3[] = (int)$this->S3[$i]; + } + } + '; + + $safeint = self::safe_intval_inline(); + + // Generating encrypt code: + $encrypt_block = ' + $in = unpack("V4", $in); + $R0 = ' . $K[0] . ' ^ $in[1]; + $R1 = ' . $K[1] . ' ^ $in[2]; + $R2 = ' . $K[2] . ' ^ $in[3]; + $R3 = ' . $K[3] . ' ^ $in[4]; + '; + for ($ki = 7, $i = 0; $i < 8; ++$i) { + $encrypt_block .= ' + $t0 = $S0[ $R0 & 0xff] ^ + $S1[($R0 >> 8) & 0xff] ^ + $S2[($R0 >> 16) & 0xff] ^ + $S3[($R0 >> 24) & 0xff]; + $t1 = $S0[($R1 >> 24) & 0xff] ^ + $S1[ $R1 & 0xff] ^ + $S2[($R1 >> 8) & 0xff] ^ + $S3[($R1 >> 16) & 0xff]; + $R2^= ' . sprintf($safeint, '$t0 + $t1 + ' . $K[++$ki]) . '; + $R2 = ($R2 >> 1 & 0x7fffffff) | ($R2 << 31); + $R3 = ((($R3 >> 31) & 1) | ($R3 << 1)) ^ ' . sprintf($safeint, '($t0 + ($t1 << 1) + ' . $K[++$ki] . ')') . '; + + $t0 = $S0[ $R2 & 0xff] ^ + $S1[($R2 >> 8) & 0xff] ^ + $S2[($R2 >> 16) & 0xff] ^ + $S3[($R2 >> 24) & 0xff]; + $t1 = $S0[($R3 >> 24) & 0xff] ^ + $S1[ $R3 & 0xff] ^ + $S2[($R3 >> 8) & 0xff] ^ + $S3[($R3 >> 16) & 0xff]; + $R0^= ' . sprintf($safeint, '($t0 + $t1 + ' . $K[++$ki] . ')') . '; + $R0 = ($R0 >> 1 & 0x7fffffff) | ($R0 << 31); + $R1 = ((($R1 >> 31) & 1) | ($R1 << 1)) ^ ' . sprintf($safeint, '($t0 + ($t1 << 1) + ' . $K[++$ki] . ')') . '; + '; + } + $encrypt_block .= ' + $in = pack("V4", ' . $K[4] . ' ^ $R2, + ' . $K[5] . ' ^ $R3, + ' . $K[6] . ' ^ $R0, + ' . $K[7] . ' ^ $R1); + '; + + // Generating decrypt code: + $decrypt_block = ' + $in = unpack("V4", $in); + $R0 = ' . $K[4] . ' ^ $in[1]; + $R1 = ' . $K[5] . ' ^ $in[2]; + $R2 = ' . $K[6] . ' ^ $in[3]; + $R3 = ' . $K[7] . ' ^ $in[4]; + '; + for ($ki = 40, $i = 0; $i < 8; ++$i) { + $decrypt_block .= ' + $t0 = $S0[$R0 & 0xff] ^ + $S1[$R0 >> 8 & 0xff] ^ + $S2[$R0 >> 16 & 0xff] ^ + $S3[$R0 >> 24 & 0xff]; + $t1 = $S0[$R1 >> 24 & 0xff] ^ + $S1[$R1 & 0xff] ^ + $S2[$R1 >> 8 & 0xff] ^ + $S3[$R1 >> 16 & 0xff]; + $R3^= ' . sprintf($safeint, '$t0 + ($t1 << 1) + ' . $K[--$ki]) . '; + $R3 = $R3 >> 1 & 0x7fffffff | $R3 << 31; + $R2 = ($R2 >> 31 & 0x1 | $R2 << 1) ^ ' . sprintf($safeint, '($t0 + $t1 + ' . $K[--$ki] . ')') . '; + + $t0 = $S0[$R2 & 0xff] ^ + $S1[$R2 >> 8 & 0xff] ^ + $S2[$R2 >> 16 & 0xff] ^ + $S3[$R2 >> 24 & 0xff]; + $t1 = $S0[$R3 >> 24 & 0xff] ^ + $S1[$R3 & 0xff] ^ + $S2[$R3 >> 8 & 0xff] ^ + $S3[$R3 >> 16 & 0xff]; + $R1^= ' . sprintf($safeint, '$t0 + ($t1 << 1) + ' . $K[--$ki]) . '; + $R1 = $R1 >> 1 & 0x7fffffff | $R1 << 31; + $R0 = ($R0 >> 31 & 0x1 | $R0 << 1) ^ ' . sprintf($safeint, '($t0 + $t1 + ' . $K[--$ki] . ')') . '; + '; + } + $decrypt_block .= ' + $in = pack("V4", ' . $K[0] . ' ^ $R2, + ' . $K[1] . ' ^ $R3, + ' . $K[2] . ' ^ $R0, + ' . $K[3] . ' ^ $R1); + '; + + $this->inline_crypt = $this->createInlineCryptFunction( + [ + 'init_crypt' => $init_crypt, + 'init_encrypt' => '', + 'init_decrypt' => '', + 'encrypt_block' => $encrypt_block, + 'decrypt_block' => $decrypt_block + ] + ); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/BadConfigurationException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/BadConfigurationException.php new file mode 100644 index 0000000..1aabcae --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/BadConfigurationException.php @@ -0,0 +1,23 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Exception; + +/** + * BadConfigurationException + * + * @author Jim Wigginton + */ +class BadConfigurationException extends \RuntimeException +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/BadDecryptionException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/BadDecryptionException.php new file mode 100644 index 0000000..88331dc --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/BadDecryptionException.php @@ -0,0 +1,23 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Exception; + +/** + * BadDecryptionException + * + * @author Jim Wigginton + */ +class BadDecryptionException extends \RuntimeException +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/BadModeException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/BadModeException.php new file mode 100644 index 0000000..87689b2 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/BadModeException.php @@ -0,0 +1,23 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Exception; + +/** + * BadModeException + * + * @author Jim Wigginton + */ +class BadModeException extends \RuntimeException +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/ConnectionClosedException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/ConnectionClosedException.php new file mode 100644 index 0000000..6aaccba --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/ConnectionClosedException.php @@ -0,0 +1,23 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Exception; + +/** + * ConnectionClosedException + * + * @author Jim Wigginton + */ +class ConnectionClosedException extends \RuntimeException +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/FileNotFoundException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/FileNotFoundException.php new file mode 100644 index 0000000..66e7270 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/FileNotFoundException.php @@ -0,0 +1,23 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Exception; + +/** + * FileNotFoundException + * + * @author Jim Wigginton + */ +class FileNotFoundException extends \RuntimeException +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/InconsistentSetupException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/InconsistentSetupException.php new file mode 100644 index 0000000..23c38fb --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/InconsistentSetupException.php @@ -0,0 +1,23 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Exception; + +/** + * InconsistentSetupException + * + * @author Jim Wigginton + */ +class InconsistentSetupException extends \RuntimeException +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/InsufficientSetupException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/InsufficientSetupException.php new file mode 100644 index 0000000..4f4114d --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/InsufficientSetupException.php @@ -0,0 +1,23 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Exception; + +/** + * InsufficientSetupException + * + * @author Jim Wigginton + */ +class InsufficientSetupException extends \RuntimeException +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/NoKeyLoadedException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/NoKeyLoadedException.php new file mode 100644 index 0000000..7ec2fe9 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/NoKeyLoadedException.php @@ -0,0 +1,23 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Exception; + +/** + * NoKeyLoadedException + * + * @author Jim Wigginton + */ +class NoKeyLoadedException extends \RuntimeException +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/NoSupportedAlgorithmsException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/NoSupportedAlgorithmsException.php new file mode 100644 index 0000000..b3ea8f3 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/NoSupportedAlgorithmsException.php @@ -0,0 +1,23 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Exception; + +/** + * NoSupportedAlgorithmsException + * + * @author Jim Wigginton + */ +class NoSupportedAlgorithmsException extends \RuntimeException +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnableToConnectException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnableToConnectException.php new file mode 100644 index 0000000..bfa005b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnableToConnectException.php @@ -0,0 +1,23 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Exception; + +/** + * UnableToConnectException + * + * @author Jim Wigginton + */ +class UnableToConnectException extends \RuntimeException +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedAlgorithmException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedAlgorithmException.php new file mode 100644 index 0000000..210a9a5 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedAlgorithmException.php @@ -0,0 +1,23 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Exception; + +/** + * UnsupportedAlgorithmException + * + * @author Jim Wigginton + */ +class UnsupportedAlgorithmException extends \RuntimeException +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedCurveException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedCurveException.php new file mode 100644 index 0000000..9915215 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedCurveException.php @@ -0,0 +1,23 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Exception; + +/** + * UnsupportedCurveException + * + * @author Jim Wigginton + */ +class UnsupportedCurveException extends \RuntimeException +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedFormatException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedFormatException.php new file mode 100644 index 0000000..e207d7e --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedFormatException.php @@ -0,0 +1,23 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Exception; + +/** + * UnsupportedFormatException + * + * @author Jim Wigginton + */ +class UnsupportedFormatException extends \RuntimeException +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedOperationException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedOperationException.php new file mode 100644 index 0000000..9a11544 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedOperationException.php @@ -0,0 +1,23 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Exception; + +/** + * UnsupportedOperationException + * + * @author Jim Wigginton + */ +class UnsupportedOperationException extends \RuntimeException +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ANSI.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ANSI.php new file mode 100644 index 0000000..5803a37 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ANSI.php @@ -0,0 +1,551 @@ + + * @copyright 2012 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File; + +/** + * Pure-PHP ANSI Decoder + * + * @author Jim Wigginton + */ +class ANSI +{ + /** + * Max Width + * + * @var int + */ + private $max_x; + + /** + * Max Height + * + * @var int + */ + private $max_y; + + /** + * Max History + * + * @var int + */ + private $max_history; + + /** + * History + * + * @var array + */ + private $history; + + /** + * History Attributes + * + * @var array + */ + private $history_attrs; + + /** + * Current Column + * + * @var int + */ + private $x; + + /** + * Current Row + * + * @var int + */ + private $y; + + /** + * Old Column + * + * @var int + */ + private $old_x; + + /** + * Old Row + * + * @var int + */ + private $old_y; + + /** + * An empty attribute cell + * + * @var object + */ + private $base_attr_cell; + + /** + * The current attribute cell + * + * @var object + */ + private $attr_cell; + + /** + * An empty attribute row + * + * @var array + */ + private $attr_row; + + /** + * The current screen text + * + * @var list + */ + private $screen; + + /** + * The current screen attributes + * + * @var array + */ + private $attrs; + + /** + * Current ANSI code + * + * @var string + */ + private $ansi; + + /** + * Tokenization + * + * @var array + */ + private $tokenization; + + /** + * Default Constructor. + * + * @return \phpseclib3\File\ANSI + */ + public function __construct() + { + $attr_cell = new \stdClass(); + $attr_cell->bold = false; + $attr_cell->underline = false; + $attr_cell->blink = false; + $attr_cell->background = 'black'; + $attr_cell->foreground = 'white'; + $attr_cell->reverse = false; + $this->base_attr_cell = clone $attr_cell; + $this->attr_cell = clone $attr_cell; + + $this->setHistory(200); + $this->setDimensions(80, 24); + } + + /** + * Set terminal width and height + * + * Resets the screen as well + * + * @param int $x + * @param int $y + */ + public function setDimensions($x, $y) + { + $this->max_x = $x - 1; + $this->max_y = $y - 1; + $this->x = $this->y = 0; + $this->history = $this->history_attrs = []; + $this->attr_row = array_fill(0, $this->max_x + 2, $this->base_attr_cell); + $this->screen = array_fill(0, $this->max_y + 1, ''); + $this->attrs = array_fill(0, $this->max_y + 1, $this->attr_row); + $this->ansi = ''; + } + + /** + * Set the number of lines that should be logged past the terminal height + * + * @param int $history + */ + public function setHistory($history) + { + $this->max_history = $history; + } + + /** + * Load a string + * + * @param string $source + */ + public function loadString($source) + { + $this->setDimensions($this->max_x + 1, $this->max_y + 1); + $this->appendString($source); + } + + /** + * Appdend a string + * + * @param string $source + */ + public function appendString($source) + { + $this->tokenization = ['']; + for ($i = 0; $i < strlen($source); $i++) { + if (strlen($this->ansi)) { + $this->ansi .= $source[$i]; + $chr = ord($source[$i]); + // http://en.wikipedia.org/wiki/ANSI_escape_code#Sequence_elements + // single character CSI's not currently supported + switch (true) { + case $this->ansi == "\x1B=": + $this->ansi = ''; + continue 2; + case strlen($this->ansi) == 2 && $chr >= 64 && $chr <= 95 && $chr != ord('['): + case strlen($this->ansi) > 2 && $chr >= 64 && $chr <= 126: + break; + default: + continue 2; + } + $this->tokenization[] = $this->ansi; + $this->tokenization[] = ''; + // http://ascii-table.com/ansi-escape-sequences-vt-100.php + switch ($this->ansi) { + case "\x1B[H": // Move cursor to upper left corner + $this->old_x = $this->x; + $this->old_y = $this->y; + $this->x = $this->y = 0; + break; + case "\x1B[J": // Clear screen from cursor down + $this->history = array_merge($this->history, array_slice(array_splice($this->screen, $this->y + 1), 0, $this->old_y)); + $this->screen = array_merge($this->screen, array_fill($this->y, $this->max_y, '')); + + $this->history_attrs = array_merge($this->history_attrs, array_slice(array_splice($this->attrs, $this->y + 1), 0, $this->old_y)); + $this->attrs = array_merge($this->attrs, array_fill($this->y, $this->max_y, $this->attr_row)); + + if (count($this->history) == $this->max_history) { + array_shift($this->history); + array_shift($this->history_attrs); + } + // fall-through + case "\x1B[K": // Clear screen from cursor right + $this->screen[$this->y] = substr($this->screen[$this->y], 0, $this->x); + + array_splice($this->attrs[$this->y], $this->x + 1, $this->max_x - $this->x, array_fill($this->x, $this->max_x - ($this->x - 1), $this->base_attr_cell)); + break; + case "\x1B[2K": // Clear entire line + $this->screen[$this->y] = str_repeat(' ', $this->x); + $this->attrs[$this->y] = $this->attr_row; + break; + case "\x1B[?1h": // set cursor key to application + case "\x1B[?25h": // show the cursor + case "\x1B(B": // set united states g0 character set + break; + case "\x1BE": // Move to next line + $this->newLine(); + $this->x = 0; + break; + default: + switch (true) { + case preg_match('#\x1B\[(\d+)B#', $this->ansi, $match): // Move cursor down n lines + $this->old_y = $this->y; + $this->y += (int) $match[1]; + break; + case preg_match('#\x1B\[(\d+);(\d+)H#', $this->ansi, $match): // Move cursor to screen location v,h + $this->old_x = $this->x; + $this->old_y = $this->y; + $this->x = $match[2] - 1; + $this->y = (int) $match[1] - 1; + break; + case preg_match('#\x1B\[(\d+)C#', $this->ansi, $match): // Move cursor right n lines + $this->old_x = $this->x; + $this->x += $match[1]; + break; + case preg_match('#\x1B\[(\d+)D#', $this->ansi, $match): // Move cursor left n lines + $this->old_x = $this->x; + $this->x -= $match[1]; + if ($this->x < 0) { + $this->x = 0; + } + break; + case preg_match('#\x1B\[(\d+);(\d+)r#', $this->ansi, $match): // Set top and bottom lines of a window + break; + case preg_match('#\x1B\[(\d*(?:;\d*)*)m#', $this->ansi, $match): // character attributes + $attr_cell = &$this->attr_cell; + $mods = explode(';', $match[1]); + foreach ($mods as $mod) { + switch ($mod) { + case '': + case '0': // Turn off character attributes + $attr_cell = clone $this->base_attr_cell; + break; + case '1': // Turn bold mode on + $attr_cell->bold = true; + break; + case '4': // Turn underline mode on + $attr_cell->underline = true; + break; + case '5': // Turn blinking mode on + $attr_cell->blink = true; + break; + case '7': // Turn reverse video on + $attr_cell->reverse = !$attr_cell->reverse; + $temp = $attr_cell->background; + $attr_cell->background = $attr_cell->foreground; + $attr_cell->foreground = $temp; + break; + default: // set colors + //$front = $attr_cell->reverse ? &$attr_cell->background : &$attr_cell->foreground; + $front = &$attr_cell->{ $attr_cell->reverse ? 'background' : 'foreground' }; + //$back = $attr_cell->reverse ? &$attr_cell->foreground : &$attr_cell->background; + $back = &$attr_cell->{ $attr_cell->reverse ? 'foreground' : 'background' }; + switch ($mod) { + // @codingStandardsIgnoreStart + case '30': $front = 'black'; break; + case '31': $front = 'red'; break; + case '32': $front = 'green'; break; + case '33': $front = 'yellow'; break; + case '34': $front = 'blue'; break; + case '35': $front = 'magenta'; break; + case '36': $front = 'cyan'; break; + case '37': $front = 'white'; break; + + case '40': $back = 'black'; break; + case '41': $back = 'red'; break; + case '42': $back = 'green'; break; + case '43': $back = 'yellow'; break; + case '44': $back = 'blue'; break; + case '45': $back = 'magenta'; break; + case '46': $back = 'cyan'; break; + case '47': $back = 'white'; break; + // @codingStandardsIgnoreEnd + + default: + //user_error('Unsupported attribute: ' . $mod); + $this->ansi = ''; + break 2; + } + } + } + break; + default: + //user_error("{$this->ansi} is unsupported\r\n"); + } + } + $this->ansi = ''; + continue; + } + + $this->tokenization[count($this->tokenization) - 1] .= $source[$i]; + switch ($source[$i]) { + case "\r": + $this->x = 0; + break; + case "\n": + $this->newLine(); + break; + case "\x08": // backspace + if ($this->x) { + $this->x--; + $this->attrs[$this->y][$this->x] = clone $this->base_attr_cell; + $this->screen[$this->y] = substr_replace( + $this->screen[$this->y], + $source[$i], + $this->x, + 1 + ); + } + break; + case "\x0F": // shift + break; + case "\x1B": // start ANSI escape code + $this->tokenization[count($this->tokenization) - 1] = substr($this->tokenization[count($this->tokenization) - 1], 0, -1); + //if (!strlen($this->tokenization[count($this->tokenization) - 1])) { + // array_pop($this->tokenization); + //} + $this->ansi .= "\x1B"; + break; + default: + $this->attrs[$this->y][$this->x] = clone $this->attr_cell; + if ($this->x > strlen($this->screen[$this->y])) { + $this->screen[$this->y] = str_repeat(' ', $this->x); + } + $this->screen[$this->y] = substr_replace( + $this->screen[$this->y], + $source[$i], + $this->x, + 1 + ); + + if ($this->x > $this->max_x) { + $this->x = 0; + $this->newLine(); + } else { + $this->x++; + } + } + } + } + + /** + * Add a new line + * + * Also update the $this->screen and $this->history buffers + * + */ + private function newLine() + { + //if ($this->y < $this->max_y) { + // $this->y++; + //} + + while ($this->y >= $this->max_y) { + $this->history = array_merge($this->history, [array_shift($this->screen)]); + $this->screen[] = ''; + + $this->history_attrs = array_merge($this->history_attrs, [array_shift($this->attrs)]); + $this->attrs[] = $this->attr_row; + + if (count($this->history) >= $this->max_history) { + array_shift($this->history); + array_shift($this->history_attrs); + } + + $this->y--; + } + $this->y++; + } + + /** + * Returns the current coordinate without preformating + * + * @param \stdClass $last_attr + * @param \stdClass $cur_attr + * @param string $char + * @return string + */ + private function processCoordinate(\stdClass $last_attr, \stdClass $cur_attr, $char) + { + $output = ''; + + if ($last_attr != $cur_attr) { + $close = $open = ''; + if ($last_attr->foreground != $cur_attr->foreground) { + if ($cur_attr->foreground != 'white') { + $open .= ''; + } + if ($last_attr->foreground != 'white') { + $close = '' . $close; + } + } + if ($last_attr->background != $cur_attr->background) { + if ($cur_attr->background != 'black') { + $open .= ''; + } + if ($last_attr->background != 'black') { + $close = '' . $close; + } + } + if ($last_attr->bold != $cur_attr->bold) { + if ($cur_attr->bold) { + $open .= ''; + } else { + $close = '' . $close; + } + } + if ($last_attr->underline != $cur_attr->underline) { + if ($cur_attr->underline) { + $open .= ''; + } else { + $close = '' . $close; + } + } + if ($last_attr->blink != $cur_attr->blink) { + if ($cur_attr->blink) { + $open .= ''; + } else { + $close = '' . $close; + } + } + $output .= $close . $open; + } + + $output .= htmlspecialchars($char); + + return $output; + } + + /** + * Returns the current screen without preformating + * + * @return string + */ + private function getScreenHelper() + { + $output = ''; + $last_attr = $this->base_attr_cell; + for ($i = 0; $i <= $this->max_y; $i++) { + for ($j = 0; $j <= $this->max_x; $j++) { + $cur_attr = $this->attrs[$i][$j]; + $output .= $this->processCoordinate($last_attr, $cur_attr, isset($this->screen[$i][$j]) ? $this->screen[$i][$j] : ''); + $last_attr = $this->attrs[$i][$j]; + } + $output .= "\r\n"; + } + $output = substr($output, 0, -2); + // close any remaining open tags + $output .= $this->processCoordinate($last_attr, $this->base_attr_cell, ''); + return rtrim($output); + } + + /** + * Returns the current screen + * + * @return string + */ + public function getScreen() + { + return '
' . $this->getScreenHelper() . '
'; + } + + /** + * Returns the current screen and the x previous lines + * + * @return string + */ + public function getHistory() + { + $scrollback = ''; + $last_attr = $this->base_attr_cell; + for ($i = 0; $i < count($this->history); $i++) { + for ($j = 0; $j <= $this->max_x + 1; $j++) { + $cur_attr = $this->history_attrs[$i][$j]; + $scrollback .= $this->processCoordinate($last_attr, $cur_attr, isset($this->history[$i][$j]) ? $this->history[$i][$j] : ''); + $last_attr = $this->history_attrs[$i][$j]; + } + $scrollback .= "\r\n"; + } + $base_attr_cell = $this->base_attr_cell; + $this->base_attr_cell = $last_attr; + $scrollback .= $this->getScreen(); + $this->base_attr_cell = $base_attr_cell; + + return '
' . $scrollback . '
'; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1.php new file mode 100644 index 0000000..3096ff1 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1.php @@ -0,0 +1,1508 @@ + + * @copyright 2012 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\File\ASN1\Element; +use phpseclib3\Math\BigInteger; + +/** + * Pure-PHP ASN.1 Parser + * + * @author Jim Wigginton + */ +abstract class ASN1 +{ + // Tag Classes + // http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#page=12 + const CLASS_UNIVERSAL = 0; + const CLASS_APPLICATION = 1; + const CLASS_CONTEXT_SPECIFIC = 2; + const CLASS_PRIVATE = 3; + + // Tag Classes + // http://www.obj-sys.com/asn1tutorial/node124.html + const TYPE_BOOLEAN = 1; + const TYPE_INTEGER = 2; + const TYPE_BIT_STRING = 3; + const TYPE_OCTET_STRING = 4; + const TYPE_NULL = 5; + const TYPE_OBJECT_IDENTIFIER = 6; + //const TYPE_OBJECT_DESCRIPTOR = 7; + //const TYPE_INSTANCE_OF = 8; // EXTERNAL + const TYPE_REAL = 9; + const TYPE_ENUMERATED = 10; + //const TYPE_EMBEDDED = 11; + const TYPE_UTF8_STRING = 12; + //const TYPE_RELATIVE_OID = 13; + const TYPE_SEQUENCE = 16; // SEQUENCE OF + const TYPE_SET = 17; // SET OF + + // More Tag Classes + // http://www.obj-sys.com/asn1tutorial/node10.html + const TYPE_NUMERIC_STRING = 18; + const TYPE_PRINTABLE_STRING = 19; + const TYPE_TELETEX_STRING = 20; // T61String + const TYPE_VIDEOTEX_STRING = 21; + const TYPE_IA5_STRING = 22; + const TYPE_UTC_TIME = 23; + const TYPE_GENERALIZED_TIME = 24; + const TYPE_GRAPHIC_STRING = 25; + const TYPE_VISIBLE_STRING = 26; // ISO646String + const TYPE_GENERAL_STRING = 27; + const TYPE_UNIVERSAL_STRING = 28; + //const TYPE_CHARACTER_STRING = 29; + const TYPE_BMP_STRING = 30; + + // Tag Aliases + // These tags are kinda place holders for other tags. + const TYPE_CHOICE = -1; + const TYPE_ANY = -2; + + /** + * ASN.1 object identifiers + * + * @var array + * @link http://en.wikipedia.org/wiki/Object_identifier + */ + private static $oids = []; + + /** + * ASN.1 object identifier reverse mapping + * + * @var array + */ + private static $reverseOIDs = []; + + /** + * Default date format + * + * @var string + * @link http://php.net/class.datetime + */ + private static $format = 'D, d M Y H:i:s O'; + + /** + * Filters + * + * If the mapping type is self::TYPE_ANY what do we actually encode it as? + * + * @var array + * @see self::encode_der() + */ + private static $filters; + + /** + * Current Location of most recent ASN.1 encode process + * + * Useful for debug purposes + * + * @var array + * @see self::encode_der() + */ + private static $location; + + /** + * DER Encoded String + * + * In case we need to create ASN1\Element object's.. + * + * @var string + * @see self::decodeDER() + */ + private static $encoded; + + /** + * Type mapping table for the ANY type. + * + * Structured or unknown types are mapped to a \phpseclib3\File\ASN1\Element. + * Unambiguous types get the direct mapping (int/real/bool). + * Others are mapped as a choice, with an extra indexing level. + * + * @var array + */ + const ANY_MAP = [ + self::TYPE_BOOLEAN => true, + self::TYPE_INTEGER => true, + self::TYPE_BIT_STRING => 'bitString', + self::TYPE_OCTET_STRING => 'octetString', + self::TYPE_NULL => 'null', + self::TYPE_OBJECT_IDENTIFIER => 'objectIdentifier', + self::TYPE_REAL => true, + self::TYPE_ENUMERATED => 'enumerated', + self::TYPE_UTF8_STRING => 'utf8String', + self::TYPE_NUMERIC_STRING => 'numericString', + self::TYPE_PRINTABLE_STRING => 'printableString', + self::TYPE_TELETEX_STRING => 'teletexString', + self::TYPE_VIDEOTEX_STRING => 'videotexString', + self::TYPE_IA5_STRING => 'ia5String', + self::TYPE_UTC_TIME => 'utcTime', + self::TYPE_GENERALIZED_TIME => 'generalTime', + self::TYPE_GRAPHIC_STRING => 'graphicString', + self::TYPE_VISIBLE_STRING => 'visibleString', + self::TYPE_GENERAL_STRING => 'generalString', + self::TYPE_UNIVERSAL_STRING => 'universalString', + //self::TYPE_CHARACTER_STRING => 'characterString', + self::TYPE_BMP_STRING => 'bmpString' + ]; + + /** + * String type to character size mapping table. + * + * Non-convertable types are absent from this table. + * size == 0 indicates variable length encoding. + * + * @var array + */ + const STRING_TYPE_SIZE = [ + self::TYPE_UTF8_STRING => 0, + self::TYPE_BMP_STRING => 2, + self::TYPE_UNIVERSAL_STRING => 4, + self::TYPE_PRINTABLE_STRING => 1, + self::TYPE_TELETEX_STRING => 1, + self::TYPE_IA5_STRING => 1, + self::TYPE_VISIBLE_STRING => 1, + ]; + + /** + * Parse BER-encoding + * + * Serves a similar purpose to openssl's asn1parse + * + * @param Element|string $encoded + * @return ?array + */ + public static function decodeBER($encoded) + { + if ($encoded instanceof Element) { + $encoded = $encoded->element; + } + + self::$encoded = $encoded; + + $decoded = self::decode_ber($encoded); + if ($decoded === false) { + return null; + } + + return [$decoded]; + } + + /** + * Parse BER-encoding (Helper function) + * + * Sometimes we want to get the BER encoding of a particular tag. $start lets us do that without having to reencode. + * $encoded is passed by reference for the recursive calls done for self::TYPE_BIT_STRING and + * self::TYPE_OCTET_STRING. In those cases, the indefinite length is used. + * + * @param string $encoded + * @param int $start + * @param int $encoded_pos + * @return array|bool + */ + private static function decode_ber($encoded, $start = 0, $encoded_pos = 0) + { + $current = ['start' => $start]; + + if (!isset($encoded[$encoded_pos])) { + return false; + } + $type = ord($encoded[$encoded_pos++]); + $startOffset = 1; + + $constructed = ($type >> 5) & 1; + + $tag = $type & 0x1F; + if ($tag == 0x1F) { + $tag = 0; + // process septets (since the eighth bit is ignored, it's not an octet) + do { + if (!isset($encoded[$encoded_pos])) { + return false; + } + $temp = ord($encoded[$encoded_pos++]); + $startOffset++; + $loop = $temp >> 7; + $tag <<= 7; + $temp &= 0x7F; + // "bits 7 to 1 of the first subsequent octet shall not all be zero" + if ($startOffset == 2 && $temp == 0) { + return false; + } + $tag |= $temp; + } while ($loop); + } + + $start += $startOffset; + + // Length, as discussed in paragraph 8.1.3 of X.690-0207.pdf#page=13 + if (!isset($encoded[$encoded_pos])) { + return false; + } + $length = ord($encoded[$encoded_pos++]); + $start++; + if ($length == 0x80) { // indefinite length + // "[A sender shall] use the indefinite form (see 8.1.3.6) if the encoding is constructed and is not all + // immediately available." -- paragraph 8.1.3.2.c + $length = strlen($encoded) - $encoded_pos; + } elseif ($length & 0x80) { // definite length, long form + // technically, the long form of the length can be represented by up to 126 octets (bytes), but we'll only + // support it up to four. + $length &= 0x7F; + $temp = substr($encoded, $encoded_pos, $length); + $encoded_pos += $length; + // tags of indefinte length don't really have a header length; this length includes the tag + $current += ['headerlength' => $length + 2]; + $start += $length; + extract(unpack('Nlength', substr(str_pad($temp, 4, chr(0), STR_PAD_LEFT), -4))); + /** @var integer $length */ + } else { + $current += ['headerlength' => 2]; + } + + if ($length > (strlen($encoded) - $encoded_pos)) { + return false; + } + + $content = substr($encoded, $encoded_pos, $length); + $content_pos = 0; + + // at this point $length can be overwritten. it's only accurate for definite length things as is + + /* Class is UNIVERSAL, APPLICATION, PRIVATE, or CONTEXT-SPECIFIC. The UNIVERSAL class is restricted to the ASN.1 + built-in types. It defines an application-independent data type that must be distinguishable from all other + data types. The other three classes are user defined. The APPLICATION class distinguishes data types that + have a wide, scattered use within a particular presentation context. PRIVATE distinguishes data types within + a particular organization or country. CONTEXT-SPECIFIC distinguishes members of a sequence or set, the + alternatives of a CHOICE, or universally tagged set members. Only the class number appears in braces for this + data type; the term CONTEXT-SPECIFIC does not appear. + + -- http://www.obj-sys.com/asn1tutorial/node12.html */ + $class = ($type >> 6) & 3; + switch ($class) { + case self::CLASS_APPLICATION: + case self::CLASS_PRIVATE: + case self::CLASS_CONTEXT_SPECIFIC: + if (!$constructed) { + return [ + 'type' => $class, + 'constant' => $tag, + 'content' => $content, + 'length' => $length + $start - $current['start'] + ] + $current; + } + + $newcontent = []; + $remainingLength = $length; + while ($remainingLength > 0) { + $temp = self::decode_ber($content, $start, $content_pos); + if ($temp === false) { + break; + } + $length = $temp['length']; + // end-of-content octets - see paragraph 8.1.5 + if (substr($content, $content_pos + $length, 2) == "\0\0") { + $length += 2; + $start += $length; + $newcontent[] = $temp; + break; + } + $start += $length; + $remainingLength -= $length; + $newcontent[] = $temp; + $content_pos += $length; + } + + return [ + 'type' => $class, + 'constant' => $tag, + // the array encapsulation is for BC with the old format + 'content' => $newcontent, + // the only time when $content['headerlength'] isn't defined is when the length is indefinite. + // the absence of $content['headerlength'] is how we know if something is indefinite or not. + // technically, it could be defined to be 2 and then another indicator could be used but whatever. + 'length' => $start - $current['start'] + ] + $current; + } + + $current += ['type' => $tag]; + + // decode UNIVERSAL tags + switch ($tag) { + case self::TYPE_BOOLEAN: + // "The contents octets shall consist of a single octet." -- paragraph 8.2.1 + if ($constructed || strlen($content) != 1) { + return false; + } + $current['content'] = (bool) ord($content[$content_pos]); + break; + case self::TYPE_INTEGER: + case self::TYPE_ENUMERATED: + if ($constructed) { + return false; + } + $current['content'] = new BigInteger(substr($content, $content_pos), -256); + break; + case self::TYPE_REAL: // not currently supported + return false; + case self::TYPE_BIT_STRING: + // The initial octet shall encode, as an unsigned binary integer with bit 1 as the least significant bit, + // the number of unused bits in the final subsequent octet. The number shall be in the range zero to + // seven. + if (!$constructed) { + $current['content'] = substr($content, $content_pos); + } else { + $temp = self::decode_ber($content, $start, $content_pos); + if ($temp === false) { + return false; + } + $length -= (strlen($content) - $content_pos); + $last = count($temp) - 1; + for ($i = 0; $i < $last; $i++) { + // all subtags should be bit strings + if ($temp[$i]['type'] != self::TYPE_BIT_STRING) { + return false; + } + $current['content'] .= substr($temp[$i]['content'], 1); + } + // all subtags should be bit strings + if ($temp[$last]['type'] != self::TYPE_BIT_STRING) { + return false; + } + $current['content'] = $temp[$last]['content'][0] . $current['content'] . substr($temp[$i]['content'], 1); + } + break; + case self::TYPE_OCTET_STRING: + if (!$constructed) { + $current['content'] = substr($content, $content_pos); + } else { + $current['content'] = ''; + $length = 0; + while (substr($content, $content_pos, 2) != "\0\0") { + $temp = self::decode_ber($content, $length + $start, $content_pos); + if ($temp === false) { + return false; + } + $content_pos += $temp['length']; + // all subtags should be octet strings + if ($temp['type'] != self::TYPE_OCTET_STRING) { + return false; + } + $current['content'] .= $temp['content']; + $length += $temp['length']; + } + if (substr($content, $content_pos, 2) == "\0\0") { + $length += 2; // +2 for the EOC + } + } + break; + case self::TYPE_NULL: + // "The contents octets shall not contain any octets." -- paragraph 8.8.2 + if ($constructed || strlen($content)) { + return false; + } + break; + case self::TYPE_SEQUENCE: + case self::TYPE_SET: + if (!$constructed) { + return false; + } + $offset = 0; + $current['content'] = []; + $content_len = strlen($content); + while ($content_pos < $content_len) { + // if indefinite length construction was used and we have an end-of-content string next + // see paragraphs 8.1.1.3, 8.1.3.2, 8.1.3.6, 8.1.5, and (for an example) 8.6.4.2 + if (!isset($current['headerlength']) && substr($content, $content_pos, 2) == "\0\0") { + $length = $offset + 2; // +2 for the EOC + break 2; + } + $temp = self::decode_ber($content, $start + $offset, $content_pos); + if ($temp === false) { + return false; + } + $content_pos += $temp['length']; + $current['content'][] = $temp; + $offset += $temp['length']; + } + break; + case self::TYPE_OBJECT_IDENTIFIER: + if ($constructed) { + return false; + } + $current['content'] = self::decodeOID(substr($content, $content_pos)); + if ($current['content'] === false) { + return false; + } + break; + /* Each character string type shall be encoded as if it had been declared: + [UNIVERSAL x] IMPLICIT OCTET STRING + + -- X.690-0207.pdf#page=23 (paragraph 8.21.3) + + Per that, we're not going to do any validation. If there are any illegal characters in the string, + we don't really care */ + case self::TYPE_NUMERIC_STRING: + // 0,1,2,3,4,5,6,7,8,9, and space + case self::TYPE_PRINTABLE_STRING: + // Upper and lower case letters, digits, space, apostrophe, left/right parenthesis, plus sign, comma, + // hyphen, full stop, solidus, colon, equal sign, question mark + case self::TYPE_TELETEX_STRING: + // The Teletex character set in CCITT's T61, space, and delete + // see http://en.wikipedia.org/wiki/Teletex#Character_sets + case self::TYPE_VIDEOTEX_STRING: + // The Videotex character set in CCITT's T.100 and T.101, space, and delete + case self::TYPE_VISIBLE_STRING: + // Printing character sets of international ASCII, and space + case self::TYPE_IA5_STRING: + // International Alphabet 5 (International ASCII) + case self::TYPE_GRAPHIC_STRING: + // All registered G sets, and space + case self::TYPE_GENERAL_STRING: + // All registered C and G sets, space and delete + case self::TYPE_UTF8_STRING: + // ???? + case self::TYPE_BMP_STRING: + if ($constructed) { + return false; + } + $current['content'] = substr($content, $content_pos); + break; + case self::TYPE_UTC_TIME: + case self::TYPE_GENERALIZED_TIME: + if ($constructed) { + return false; + } + $current['content'] = self::decodeTime(substr($content, $content_pos), $tag); + break; + default: + return false; + } + + $start += $length; + + // ie. length is the length of the full TLV encoding - it's not just the length of the value + return $current + ['length' => $start - $current['start']]; + } + + /** + * ASN.1 Map + * + * Provides an ASN.1 semantic mapping ($mapping) from a parsed BER-encoding to a human readable format. + * + * "Special" mappings may be applied on a per tag-name basis via $special. + * + * @param array $decoded + * @param array $mapping + * @param array $special + * @return array|bool|Element|string|null + */ + public static function asn1map(array $decoded, $mapping, $special = []) + { + if (isset($mapping['explicit']) && is_array($decoded['content'])) { + $decoded = $decoded['content'][0]; + } + + switch (true) { + case $mapping['type'] == self::TYPE_ANY: + $intype = $decoded['type']; + // !isset(self::ANY_MAP[$intype]) produces a fatal error on PHP 5.6 + if (isset($decoded['constant']) || !array_key_exists($intype, self::ANY_MAP) || (ord(self::$encoded[$decoded['start']]) & 0x20)) { + return new Element(substr(self::$encoded, $decoded['start'], $decoded['length'])); + } + $inmap = self::ANY_MAP[$intype]; + if (is_string($inmap)) { + return [$inmap => self::asn1map($decoded, ['type' => $intype] + $mapping, $special)]; + } + break; + case $mapping['type'] == self::TYPE_CHOICE: + foreach ($mapping['children'] as $key => $option) { + switch (true) { + case isset($option['constant']) && $option['constant'] == $decoded['constant']: + case !isset($option['constant']) && $option['type'] == $decoded['type']: + $value = self::asn1map($decoded, $option, $special); + break; + case !isset($option['constant']) && $option['type'] == self::TYPE_CHOICE: + $v = self::asn1map($decoded, $option, $special); + if (isset($v)) { + $value = $v; + } + } + if (isset($value)) { + if (isset($special[$key])) { + $value = $special[$key]($value); + } + return [$key => $value]; + } + } + return null; + case isset($mapping['implicit']): + case isset($mapping['explicit']): + case $decoded['type'] == $mapping['type']: + break; + default: + // if $decoded['type'] and $mapping['type'] are both strings, but different types of strings, + // let it through + switch (true) { + case $decoded['type'] < 18: // self::TYPE_NUMERIC_STRING == 18 + case $decoded['type'] > 30: // self::TYPE_BMP_STRING == 30 + case $mapping['type'] < 18: + case $mapping['type'] > 30: + return null; + } + } + + if (isset($mapping['implicit'])) { + $decoded['type'] = $mapping['type']; + } + + switch ($decoded['type']) { + case self::TYPE_SEQUENCE: + $map = []; + + // ignore the min and max + if (isset($mapping['min']) && isset($mapping['max'])) { + $child = $mapping['children']; + foreach ($decoded['content'] as $content) { + if (($map[] = self::asn1map($content, $child, $special)) === null) { + return null; + } + } + + return $map; + } + + $n = count($decoded['content']); + $i = 0; + + foreach ($mapping['children'] as $key => $child) { + $maymatch = $i < $n; // Match only existing input. + if ($maymatch) { + $temp = $decoded['content'][$i]; + + if ($child['type'] != self::TYPE_CHOICE) { + // Get the mapping and input class & constant. + $childClass = $tempClass = self::CLASS_UNIVERSAL; + $constant = null; + if (isset($temp['constant'])) { + $tempClass = $temp['type']; + } + if (isset($child['class'])) { + $childClass = $child['class']; + $constant = $child['cast']; + } elseif (isset($child['constant'])) { + $childClass = self::CLASS_CONTEXT_SPECIFIC; + $constant = $child['constant']; + } + + if (isset($constant) && isset($temp['constant'])) { + // Can only match if constants and class match. + $maymatch = $constant == $temp['constant'] && $childClass == $tempClass; + } else { + // Can only match if no constant expected and type matches or is generic. + $maymatch = !isset($child['constant']) && array_search($child['type'], [$temp['type'], self::TYPE_ANY, self::TYPE_CHOICE]) !== false; + } + } + } + + if ($maymatch) { + // Attempt submapping. + $candidate = self::asn1map($temp, $child, $special); + $maymatch = $candidate !== null; + } + + if ($maymatch) { + // Got the match: use it. + if (isset($special[$key])) { + $candidate = $special[$key]($candidate); + } + $map[$key] = $candidate; + $i++; + } elseif (isset($child['default'])) { + $map[$key] = $child['default']; + } elseif (!isset($child['optional'])) { + return null; // Syntax error. + } + } + + // Fail mapping if all input items have not been consumed. + return $i < $n ? null : $map; + + // the main diff between sets and sequences is the encapsulation of the foreach in another for loop + case self::TYPE_SET: + $map = []; + + // ignore the min and max + if (isset($mapping['min']) && isset($mapping['max'])) { + $child = $mapping['children']; + foreach ($decoded['content'] as $content) { + if (($map[] = self::asn1map($content, $child, $special)) === null) { + return null; + } + } + + return $map; + } + + for ($i = 0; $i < count($decoded['content']); $i++) { + $temp = $decoded['content'][$i]; + $tempClass = self::CLASS_UNIVERSAL; + if (isset($temp['constant'])) { + $tempClass = $temp['type']; + } + + foreach ($mapping['children'] as $key => $child) { + if (isset($map[$key])) { + continue; + } + $maymatch = true; + if ($child['type'] != self::TYPE_CHOICE) { + $childClass = self::CLASS_UNIVERSAL; + $constant = null; + if (isset($child['class'])) { + $childClass = $child['class']; + $constant = $child['cast']; + } elseif (isset($child['constant'])) { + $childClass = self::CLASS_CONTEXT_SPECIFIC; + $constant = $child['constant']; + } + + if (isset($constant) && isset($temp['constant'])) { + // Can only match if constants and class match. + $maymatch = $constant == $temp['constant'] && $childClass == $tempClass; + } else { + // Can only match if no constant expected and type matches or is generic. + $maymatch = !isset($child['constant']) && array_search($child['type'], [$temp['type'], self::TYPE_ANY, self::TYPE_CHOICE]) !== false; + } + } + + if ($maymatch) { + // Attempt submapping. + $candidate = self::asn1map($temp, $child, $special); + $maymatch = $candidate !== null; + } + + if (!$maymatch) { + break; + } + + // Got the match: use it. + if (isset($special[$key])) { + $candidate = $special[$key]($candidate); + } + $map[$key] = $candidate; + break; + } + } + + foreach ($mapping['children'] as $key => $child) { + if (!isset($map[$key])) { + if (isset($child['default'])) { + $map[$key] = $child['default']; + } elseif (!isset($child['optional'])) { + return null; + } + } + } + return $map; + case self::TYPE_OBJECT_IDENTIFIER: + return isset(self::$oids[$decoded['content']]) ? self::$oids[$decoded['content']] : $decoded['content']; + case self::TYPE_UTC_TIME: + case self::TYPE_GENERALIZED_TIME: + // for explicitly tagged optional stuff + if (is_array($decoded['content'])) { + $decoded['content'] = $decoded['content'][0]['content']; + } + // for implicitly tagged optional stuff + // in theory, doing isset($mapping['implicit']) would work but malformed certs do exist + // in the wild that OpenSSL decodes without issue so we'll support them as well + if (!is_object($decoded['content'])) { + $decoded['content'] = self::decodeTime($decoded['content'], $decoded['type']); + } + return $decoded['content'] ? $decoded['content']->format(self::$format) : false; + case self::TYPE_BIT_STRING: + if (isset($mapping['mapping'])) { + $offset = ord($decoded['content'][0]); + $size = (strlen($decoded['content']) - 1) * 8 - $offset; + /* + From X.680-0207.pdf#page=46 (21.7): + + "When a "NamedBitList" is used in defining a bitstring type ASN.1 encoding rules are free to add (or remove) + arbitrarily any trailing 0 bits to (or from) values that are being encoded or decoded. Application designers should + therefore ensure that different semantics are not associated with such values which differ only in the number of trailing + 0 bits." + */ + $bits = count($mapping['mapping']) == $size ? [] : array_fill(0, count($mapping['mapping']) - $size, false); + for ($i = strlen($decoded['content']) - 1; $i > 0; $i--) { + $current = ord($decoded['content'][$i]); + for ($j = $offset; $j < 8; $j++) { + $bits[] = (bool) ($current & (1 << $j)); + } + $offset = 0; + } + $values = []; + $map = array_reverse($mapping['mapping']); + foreach ($map as $i => $value) { + if ($bits[$i]) { + $values[] = $value; + } + } + return $values; + } + // fall-through + case self::TYPE_OCTET_STRING: + return $decoded['content']; + case self::TYPE_NULL: + return ''; + case self::TYPE_BOOLEAN: + case self::TYPE_NUMERIC_STRING: + case self::TYPE_PRINTABLE_STRING: + case self::TYPE_TELETEX_STRING: + case self::TYPE_VIDEOTEX_STRING: + case self::TYPE_IA5_STRING: + case self::TYPE_GRAPHIC_STRING: + case self::TYPE_VISIBLE_STRING: + case self::TYPE_GENERAL_STRING: + case self::TYPE_UNIVERSAL_STRING: + case self::TYPE_UTF8_STRING: + case self::TYPE_BMP_STRING: + return $decoded['content']; + case self::TYPE_INTEGER: + case self::TYPE_ENUMERATED: + $temp = $decoded['content']; + if (isset($mapping['implicit'])) { + $temp = new BigInteger($decoded['content'], -256); + } + if (isset($mapping['mapping'])) { + $temp = (int) $temp->toString(); + return isset($mapping['mapping'][$temp]) ? + $mapping['mapping'][$temp] : + false; + } + return $temp; + } + } + + /** + * DER-decode the length + * + * DER supports lengths up to (2**8)**127, however, we'll only support lengths up to (2**8)**4. See + * {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 paragraph 8.1.3} for more information. + * + * @param string $string + * @return int + */ + public static function decodeLength(&$string) + { + $length = ord(Strings::shift($string)); + if ($length & 0x80) { // definite length, long form + $length &= 0x7F; + $temp = Strings::shift($string, $length); + list(, $length) = unpack('N', substr(str_pad($temp, 4, chr(0), STR_PAD_LEFT), -4)); + } + return $length; + } + + /** + * ASN.1 Encode + * + * DER-encodes an ASN.1 semantic mapping ($mapping). Some libraries would probably call this function + * an ASN.1 compiler. + * + * "Special" mappings can be applied via $special. + * + * @param Element|string|array $source + * @param array $mapping + * @param array $special + * @return string + */ + public static function encodeDER($source, $mapping, $special = []) + { + self::$location = []; + return self::encode_der($source, $mapping, null, $special); + } + + /** + * ASN.1 Encode (Helper function) + * + * @param Element|string|array|null $source + * @param array $mapping + * @param int $idx + * @param array $special + * @return string + */ + private static function encode_der($source, array $mapping, $idx = null, array $special = []) + { + if ($source instanceof Element) { + return $source->element; + } + + // do not encode (implicitly optional) fields with value set to default + if (isset($mapping['default']) && $source === $mapping['default']) { + return ''; + } + + if (isset($idx)) { + if (isset($special[$idx])) { + $source = $special[$idx]($source); + } + self::$location[] = $idx; + } + + $tag = $mapping['type']; + + switch ($tag) { + case self::TYPE_SET: // Children order is not important, thus process in sequence. + case self::TYPE_SEQUENCE: + $tag |= 0x20; // set the constructed bit + + // ignore the min and max + if (isset($mapping['min']) && isset($mapping['max'])) { + $value = []; + $child = $mapping['children']; + + foreach ($source as $content) { + $temp = self::encode_der($content, $child, null, $special); + if ($temp === false) { + return false; + } + $value[] = $temp; + } + /* "The encodings of the component values of a set-of value shall appear in ascending order, the encodings being compared + as octet strings with the shorter components being padded at their trailing end with 0-octets. + NOTE - The padding octets are for comparison purposes only and do not appear in the encodings." + + -- sec 11.6 of http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf */ + if ($mapping['type'] == self::TYPE_SET) { + sort($value); + } + $value = implode('', $value); + break; + } + + $value = ''; + foreach ($mapping['children'] as $key => $child) { + if (!array_key_exists($key, $source)) { + if (!isset($child['optional'])) { + return false; + } + continue; + } + + $temp = self::encode_der($source[$key], $child, $key, $special); + if ($temp === false) { + return false; + } + + // An empty child encoding means it has been optimized out. + // Else we should have at least one tag byte. + if ($temp === '') { + continue; + } + + // if isset($child['constant']) is true then isset($child['optional']) should be true as well + if (isset($child['constant'])) { + /* + From X.680-0207.pdf#page=58 (30.6): + + "The tagging construction specifies explicit tagging if any of the following holds: + ... + c) the "Tag Type" alternative is used and the value of "TagDefault" for the module is IMPLICIT TAGS or + AUTOMATIC TAGS, but the type defined by "Type" is an untagged choice type, an untagged open type, or + an untagged "DummyReference" (see ITU-T Rec. X.683 | ISO/IEC 8824-4, 8.3)." + */ + if (isset($child['explicit']) || $child['type'] == self::TYPE_CHOICE) { + $subtag = chr((self::CLASS_CONTEXT_SPECIFIC << 6) | 0x20 | $child['constant']); + $temp = $subtag . self::encodeLength(strlen($temp)) . $temp; + } else { + $subtag = chr((self::CLASS_CONTEXT_SPECIFIC << 6) | (ord($temp[0]) & 0x20) | $child['constant']); + $temp = $subtag . substr($temp, 1); + } + } + $value .= $temp; + } + break; + case self::TYPE_CHOICE: + $temp = false; + + foreach ($mapping['children'] as $key => $child) { + if (!isset($source[$key])) { + continue; + } + + $temp = self::encode_der($source[$key], $child, $key, $special); + if ($temp === false) { + return false; + } + + // An empty child encoding means it has been optimized out. + // Else we should have at least one tag byte. + if ($temp === '') { + continue; + } + + $tag = ord($temp[0]); + + // if isset($child['constant']) is true then isset($child['optional']) should be true as well + if (isset($child['constant'])) { + if (isset($child['explicit']) || $child['type'] == self::TYPE_CHOICE) { + $subtag = chr((self::CLASS_CONTEXT_SPECIFIC << 6) | 0x20 | $child['constant']); + $temp = $subtag . self::encodeLength(strlen($temp)) . $temp; + } else { + $subtag = chr((self::CLASS_CONTEXT_SPECIFIC << 6) | (ord($temp[0]) & 0x20) | $child['constant']); + $temp = $subtag . substr($temp, 1); + } + } + } + + if (isset($idx)) { + array_pop(self::$location); + } + + if ($temp && isset($mapping['cast'])) { + $temp[0] = chr(($mapping['class'] << 6) | ($tag & 0x20) | $mapping['cast']); + } + + return $temp; + case self::TYPE_INTEGER: + case self::TYPE_ENUMERATED: + if (!isset($mapping['mapping'])) { + if (is_numeric($source)) { + $source = new BigInteger($source); + } + $value = $source->toBytes(true); + } else { + $value = array_search($source, $mapping['mapping']); + if ($value === false) { + return false; + } + $value = new BigInteger($value); + $value = $value->toBytes(true); + } + if (!strlen($value)) { + $value = chr(0); + } + break; + case self::TYPE_UTC_TIME: + case self::TYPE_GENERALIZED_TIME: + $format = $mapping['type'] == self::TYPE_UTC_TIME ? 'y' : 'Y'; + $format .= 'mdHis'; + // if $source does _not_ include timezone information within it then assume that the timezone is GMT + $date = new \DateTime($source, new \DateTimeZone('GMT')); + // if $source _does_ include timezone information within it then convert the time to GMT + $date->setTimezone(new \DateTimeZone('GMT')); + $value = $date->format($format) . 'Z'; + break; + case self::TYPE_BIT_STRING: + if (isset($mapping['mapping'])) { + $bits = array_fill(0, count($mapping['mapping']), 0); + $size = 0; + for ($i = 0; $i < count($mapping['mapping']); $i++) { + if (in_array($mapping['mapping'][$i], $source)) { + $bits[$i] = 1; + $size = $i; + } + } + + if (isset($mapping['min']) && $mapping['min'] >= 1 && $size < $mapping['min']) { + $size = $mapping['min'] - 1; + } + + $offset = 8 - (($size + 1) & 7); + $offset = $offset !== 8 ? $offset : 0; + + $value = chr($offset); + + for ($i = $size + 1; $i < count($mapping['mapping']); $i++) { + unset($bits[$i]); + } + + $bits = implode('', array_pad($bits, $size + $offset + 1, 0)); + $bytes = explode(' ', rtrim(chunk_split($bits, 8, ' '))); + foreach ($bytes as $byte) { + $value .= chr(bindec($byte)); + } + + break; + } + // fall-through + case self::TYPE_OCTET_STRING: + /* The initial octet shall encode, as an unsigned binary integer with bit 1 as the least significant bit, + the number of unused bits in the final subsequent octet. The number shall be in the range zero to seven. + + -- http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#page=16 */ + $value = $source; + break; + case self::TYPE_OBJECT_IDENTIFIER: + $value = self::encodeOID($source); + break; + case self::TYPE_ANY: + $loc = self::$location; + if (isset($idx)) { + array_pop(self::$location); + } + + switch (true) { + case !isset($source): + return self::encode_der(null, ['type' => self::TYPE_NULL] + $mapping, null, $special); + case is_int($source): + case $source instanceof BigInteger: + return self::encode_der($source, ['type' => self::TYPE_INTEGER] + $mapping, null, $special); + case is_float($source): + return self::encode_der($source, ['type' => self::TYPE_REAL] + $mapping, null, $special); + case is_bool($source): + return self::encode_der($source, ['type' => self::TYPE_BOOLEAN] + $mapping, null, $special); + case is_array($source) && count($source) == 1: + $typename = implode('', array_keys($source)); + $outtype = array_search($typename, self::ANY_MAP, true); + if ($outtype !== false) { + return self::encode_der($source[$typename], ['type' => $outtype] + $mapping, null, $special); + } + } + + $filters = self::$filters; + foreach ($loc as $part) { + if (!isset($filters[$part])) { + $filters = false; + break; + } + $filters = $filters[$part]; + } + if ($filters === false) { + throw new \RuntimeException('No filters defined for ' . implode('/', $loc)); + } + return self::encode_der($source, $filters + $mapping, null, $special); + case self::TYPE_NULL: + $value = ''; + break; + case self::TYPE_NUMERIC_STRING: + case self::TYPE_TELETEX_STRING: + case self::TYPE_PRINTABLE_STRING: + case self::TYPE_UNIVERSAL_STRING: + case self::TYPE_UTF8_STRING: + case self::TYPE_BMP_STRING: + case self::TYPE_IA5_STRING: + case self::TYPE_VISIBLE_STRING: + case self::TYPE_VIDEOTEX_STRING: + case self::TYPE_GRAPHIC_STRING: + case self::TYPE_GENERAL_STRING: + $value = $source; + break; + case self::TYPE_BOOLEAN: + $value = $source ? "\xFF" : "\x00"; + break; + default: + throw new \RuntimeException('Mapping provides no type definition for ' . implode('/', self::$location)); + } + + if (isset($idx)) { + array_pop(self::$location); + } + + if (isset($mapping['cast'])) { + if (isset($mapping['explicit']) || $mapping['type'] == self::TYPE_CHOICE) { + $value = chr($tag) . self::encodeLength(strlen($value)) . $value; + $tag = ($mapping['class'] << 6) | 0x20 | $mapping['cast']; + } else { + $tag = ($mapping['class'] << 6) | (ord($temp[0]) & 0x20) | $mapping['cast']; + } + } + + return chr($tag) . self::encodeLength(strlen($value)) . $value; + } + + /** + * BER-decode the OID + * + * Called by _decode_ber() + * + * @param string $content + * @return string + */ + public static function decodeOID($content) + { + static $eighty; + if (!$eighty) { + $eighty = new BigInteger(80); + } + + $oid = []; + $pos = 0; + $len = strlen($content); + + if (ord($content[$len - 1]) & 0x80) { + return false; + } + + $n = new BigInteger(); + while ($pos < $len) { + $temp = ord($content[$pos++]); + $n = $n->bitwise_leftShift(7); + $n = $n->bitwise_or(new BigInteger($temp & 0x7F)); + if (~$temp & 0x80) { + $oid[] = $n; + $n = new BigInteger(); + } + } + $part1 = array_shift($oid); + $first = floor(ord($content[0]) / 40); + /* + "This packing of the first two object identifier components recognizes that only three values are allocated from the root + node, and at most 39 subsequent values from nodes reached by X = 0 and X = 1." + + -- https://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#page=22 + */ + if ($first <= 2) { // ie. 0 <= ord($content[0]) < 120 (0x78) + array_unshift($oid, ord($content[0]) % 40); + array_unshift($oid, $first); + } else { + array_unshift($oid, $part1->subtract($eighty)); + array_unshift($oid, 2); + } + + return implode('.', $oid); + } + + /** + * DER-encode the OID + * + * Called by _encode_der() + * + * @param string $source + * @return string + */ + public static function encodeOID($source) + { + static $mask, $zero, $forty; + if (!$mask) { + $mask = new BigInteger(0x7F); + $zero = new BigInteger(); + $forty = new BigInteger(40); + } + + if (!preg_match('#(?:\d+\.)+#', $source)) { + $oid = isset(self::$reverseOIDs[$source]) ? self::$reverseOIDs[$source] : false; + } else { + $oid = $source; + } + if ($oid === false) { + throw new \RuntimeException('Invalid OID'); + } + + $parts = explode('.', $oid); + $part1 = array_shift($parts); + $part2 = array_shift($parts); + + $first = new BigInteger($part1); + $first = $first->multiply($forty); + $first = $first->add(new BigInteger($part2)); + + array_unshift($parts, $first->toString()); + + $value = ''; + foreach ($parts as $part) { + if (!$part) { + $temp = "\0"; + } else { + $temp = ''; + $part = new BigInteger($part); + while (!$part->equals($zero)) { + $submask = $part->bitwise_and($mask); + $submask->setPrecision(8); + $temp = (chr(0x80) | $submask->toBytes()) . $temp; + $part = $part->bitwise_rightShift(7); + } + $temp[strlen($temp) - 1] = $temp[strlen($temp) - 1] & chr(0x7F); + } + $value .= $temp; + } + + return $value; + } + + /** + * BER-decode the time + * + * Called by _decode_ber() and in the case of implicit tags asn1map(). + * + * @param string $content + * @param int $tag + * @return \DateTime|false + */ + private static function decodeTime($content, $tag) + { + /* UTCTime: + http://tools.ietf.org/html/rfc5280#section-4.1.2.5.1 + http://www.obj-sys.com/asn1tutorial/node15.html + + GeneralizedTime: + http://tools.ietf.org/html/rfc5280#section-4.1.2.5.2 + http://www.obj-sys.com/asn1tutorial/node14.html */ + + $format = 'YmdHis'; + + if ($tag == self::TYPE_UTC_TIME) { + // https://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#page=28 says "the seconds + // element shall always be present" but none-the-less I've seen X509 certs where it isn't and if the + // browsers parse it phpseclib ought to too + if (preg_match('#^(\d{10})(Z|[+-]\d{4})$#', $content, $matches)) { + $content = $matches[1] . '00' . $matches[2]; + } + $prefix = substr($content, 0, 2) >= 50 ? '19' : '20'; + $content = $prefix . $content; + } elseif (strpos($content, '.') !== false) { + $format .= '.u'; + } + + if ($content[strlen($content) - 1] == 'Z') { + $content = substr($content, 0, -1) . '+0000'; + } + + if (strpos($content, '-') !== false || strpos($content, '+') !== false) { + $format .= 'O'; + } + + // error supression isn't necessary as of PHP 7.0: + // http://php.net/manual/en/migration70.other-changes.php + return @\DateTime::createFromFormat($format, $content); + } + + /** + * Set the time format + * + * Sets the time / date format for asn1map(). + * + * @param string $format + */ + public static function setTimeFormat($format) + { + self::$format = $format; + } + + /** + * Load OIDs + * + * Load the relevant OIDs for a particular ASN.1 semantic mapping. + * Previously loaded OIDs are retained. + * + * @param array $oids + */ + public static function loadOIDs(array $oids) + { + self::$reverseOIDs += $oids; + self::$oids = array_flip(self::$reverseOIDs); + } + + /** + * Set filters + * + * See \phpseclib3\File\X509, etc, for an example. + * Previously loaded filters are not retained. + * + * @param array $filters + */ + public static function setFilters(array $filters) + { + self::$filters = $filters; + } + + /** + * String type conversion + * + * This is a lazy conversion, dealing only with character size. + * No real conversion table is used. + * + * @param string $in + * @param int $from + * @param int $to + * @return string + */ + public static function convert($in, $from = self::TYPE_UTF8_STRING, $to = self::TYPE_UTF8_STRING) + { + // isset(self::STRING_TYPE_SIZE[$from] returns a fatal error on PHP 5.6 + if (!array_key_exists($from, self::STRING_TYPE_SIZE) || !array_key_exists($to, self::STRING_TYPE_SIZE)) { + return false; + } + $insize = self::STRING_TYPE_SIZE[$from]; + $outsize = self::STRING_TYPE_SIZE[$to]; + $inlength = strlen($in); + $out = ''; + + for ($i = 0; $i < $inlength;) { + if ($inlength - $i < $insize) { + return false; + } + + // Get an input character as a 32-bit value. + $c = ord($in[$i++]); + switch (true) { + case $insize == 4: + $c = ($c << 8) | ord($in[$i++]); + $c = ($c << 8) | ord($in[$i++]); + // fall-through + case $insize == 2: + $c = ($c << 8) | ord($in[$i++]); + // fall-through + case $insize == 1: + break; + case ($c & 0x80) == 0x00: + break; + case ($c & 0x40) == 0x00: + return false; + default: + $bit = 6; + do { + if ($bit > 25 || $i >= $inlength || (ord($in[$i]) & 0xC0) != 0x80) { + return false; + } + $c = ($c << 6) | (ord($in[$i++]) & 0x3F); + $bit += 5; + $mask = 1 << $bit; + } while ($c & $bit); + $c &= $mask - 1; + break; + } + + // Convert and append the character to output string. + $v = ''; + switch (true) { + case $outsize == 4: + $v .= chr($c & 0xFF); + $c >>= 8; + $v .= chr($c & 0xFF); + $c >>= 8; + // fall-through + case $outsize == 2: + $v .= chr($c & 0xFF); + $c >>= 8; + // fall-through + case $outsize == 1: + $v .= chr($c & 0xFF); + $c >>= 8; + if ($c) { + return false; + } + break; + case ($c & (PHP_INT_SIZE == 8 ? 0x80000000 : (1 << 31))) != 0: + return false; + case $c >= 0x04000000: + $v .= chr(0x80 | ($c & 0x3F)); + $c = ($c >> 6) | 0x04000000; + // fall-through + case $c >= 0x00200000: + $v .= chr(0x80 | ($c & 0x3F)); + $c = ($c >> 6) | 0x00200000; + // fall-through + case $c >= 0x00010000: + $v .= chr(0x80 | ($c & 0x3F)); + $c = ($c >> 6) | 0x00010000; + // fall-through + case $c >= 0x00000800: + $v .= chr(0x80 | ($c & 0x3F)); + $c = ($c >> 6) | 0x00000800; + // fall-through + case $c >= 0x00000080: + $v .= chr(0x80 | ($c & 0x3F)); + $c = ($c >> 6) | 0x000000C0; + // fall-through + default: + $v .= chr($c); + break; + } + $out .= strrev($v); + } + return $out; + } + + /** + * Extract raw BER from Base64 encoding + * + * @param string $str + * @return string + */ + public static function extractBER($str) + { + /* X.509 certs are assumed to be base64 encoded but sometimes they'll have additional things in them + * above and beyond the ceritificate. + * ie. some may have the following preceding the -----BEGIN CERTIFICATE----- line: + * + * Bag Attributes + * localKeyID: 01 00 00 00 + * subject=/O=organization/OU=org unit/CN=common name + * issuer=/O=organization/CN=common name + */ + if (strlen($str) > ini_get('pcre.backtrack_limit')) { + $temp = $str; + } else { + $temp = preg_replace('#.*?^-+[^-]+-+[\r\n ]*$#ms', '', $str, 1); + $temp = preg_replace('#-+END.*[\r\n ]*.*#ms', '', $temp, 1); + } + // remove new lines + $temp = str_replace(["\r", "\n", ' '], '', $temp); + // remove the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- stuff + $temp = preg_replace('#^-+[^-]+-+|-+[^-]+-+$#', '', $temp); + $temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? Strings::base64_decode($temp) : false; + return $temp != false ? $temp : $str; + } + + /** + * DER-encode the length + * + * DER supports lengths up to (2**8)**127, however, we'll only support lengths up to (2**8)**4. See + * {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 paragraph 8.1.3} for more information. + * + * @param int $length + * @return string + */ + public static function encodeLength($length) + { + if ($length <= 0x7F) { + return chr($length); + } + + $temp = ltrim(pack('N', $length), chr(0)); + return pack('Ca*', 0x80 | strlen($temp), $temp); + } + + /** + * Returns the OID corresponding to a name + * + * What's returned in the associative array returned by loadX509() (or load*()) is either a name or an OID if + * no OID to name mapping is available. The problem with this is that what may be an unmapped OID in one version + * of phpseclib may not be unmapped in the next version, so apps that are looking at this OID may not be able + * to work from version to version. + * + * This method will return the OID if a name is passed to it and if no mapping is avialable it'll assume that + * what's being passed to it already is an OID and return that instead. A few examples. + * + * getOID('2.16.840.1.101.3.4.2.1') == '2.16.840.1.101.3.4.2.1' + * getOID('id-sha256') == '2.16.840.1.101.3.4.2.1' + * getOID('zzz') == 'zzz' + * + * @param string $name + * @return string + */ + public static function getOID($name) + { + return isset(self::$reverseOIDs[$name]) ? self::$reverseOIDs[$name] : $name; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Element.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Element.php new file mode 100644 index 0000000..6540b42 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Element.php @@ -0,0 +1,43 @@ + + * @copyright 2012 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1; + +/** + * ASN.1 Raw Element + * + * An ASN.1 ANY mapping will return an ASN1\Element object. Use of this object + * will also bypass the normal encoding rules in ASN1::encodeDER() + * + * @author Jim Wigginton + */ +class Element +{ + /** + * Raw element value + * + * @var string + */ + public $element; + + /** + * Constructor + * + * @param string $encoded + * @return \phpseclib3\File\ASN1\Element + */ + public function __construct($encoded) + { + $this->element = $encoded; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AccessDescription.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AccessDescription.php new file mode 100644 index 0000000..1cbc5a5 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AccessDescription.php @@ -0,0 +1,32 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * AccessDescription + * + * @author Jim Wigginton + */ +abstract class AccessDescription +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'accessMethod' => ['type' => ASN1::TYPE_OBJECT_IDENTIFIER], + 'accessLocation' => GeneralName::MAP + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AdministrationDomainName.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AdministrationDomainName.php new file mode 100644 index 0000000..04183a1 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AdministrationDomainName.php @@ -0,0 +1,36 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * AdministrationDomainName + * + * @author Jim Wigginton + */ +abstract class AdministrationDomainName +{ + const MAP = [ + 'type' => ASN1::TYPE_CHOICE, + // if class isn't present it's assumed to be \phpseclib3\File\ASN1::CLASS_UNIVERSAL or + // (if constant is present) \phpseclib3\File\ASN1::CLASS_CONTEXT_SPECIFIC + 'class' => ASN1::CLASS_APPLICATION, + 'cast' => 2, + 'children' => [ + 'numeric' => ['type' => ASN1::TYPE_NUMERIC_STRING], + 'printable' => ['type' => ASN1::TYPE_PRINTABLE_STRING] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AlgorithmIdentifier.php new file mode 100644 index 0000000..0da7eb1 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AlgorithmIdentifier.php @@ -0,0 +1,35 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * AlgorithmIdentifier + * + * @author Jim Wigginton + */ +abstract class AlgorithmIdentifier +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'algorithm' => ['type' => ASN1::TYPE_OBJECT_IDENTIFIER], + 'parameters' => [ + 'type' => ASN1::TYPE_ANY, + 'optional' => true + ] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AnotherName.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AnotherName.php new file mode 100644 index 0000000..d96c170 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AnotherName.php @@ -0,0 +1,37 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * AnotherName + * + * @author Jim Wigginton + */ +abstract class AnotherName +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'type-id' => ['type' => ASN1::TYPE_OBJECT_IDENTIFIER], + 'value' => [ + 'type' => ASN1::TYPE_ANY, + 'constant' => 0, + 'optional' => true, + 'explicit' => true + ] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Attribute.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Attribute.php new file mode 100644 index 0000000..38a6aee --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Attribute.php @@ -0,0 +1,37 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * Attribute + * + * @author Jim Wigginton + */ +abstract class Attribute +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'type' => AttributeType::MAP, + 'value' => [ + 'type' => ASN1::TYPE_SET, + 'min' => 1, + 'max' => -1, + 'children' => AttributeValue::MAP + ] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AttributeType.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AttributeType.php new file mode 100644 index 0000000..5cbc2bc --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AttributeType.php @@ -0,0 +1,26 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * AttributeType + * + * @author Jim Wigginton + */ +abstract class AttributeType +{ + const MAP = ['type' => ASN1::TYPE_OBJECT_IDENTIFIER]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AttributeTypeAndValue.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AttributeTypeAndValue.php new file mode 100644 index 0000000..fe414f1 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AttributeTypeAndValue.php @@ -0,0 +1,32 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * AttributeTypeAndValue + * + * @author Jim Wigginton + */ +abstract class AttributeTypeAndValue +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'type' => AttributeType::MAP, + 'value' => AttributeValue::MAP + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AttributeValue.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AttributeValue.php new file mode 100644 index 0000000..3b3b6d2 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AttributeValue.php @@ -0,0 +1,26 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * AttributeValue + * + * @author Jim Wigginton + */ +abstract class AttributeValue +{ + const MAP = ['type' => ASN1::TYPE_ANY]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Attributes.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Attributes.php new file mode 100644 index 0000000..cd53ecf --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Attributes.php @@ -0,0 +1,31 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * Attributes + * + * @author Jim Wigginton + */ +abstract class Attributes +{ + const MAP = [ + 'type' => ASN1::TYPE_SET, + 'min' => 1, + 'max' => -1, + 'children' => Attribute::MAP + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AuthorityInfoAccessSyntax.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AuthorityInfoAccessSyntax.php new file mode 100644 index 0000000..3e80a55 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AuthorityInfoAccessSyntax.php @@ -0,0 +1,31 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * AuthorityInfoAccessSyntax + * + * @author Jim Wigginton + */ +abstract class AuthorityInfoAccessSyntax +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => AccessDescription::MAP + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AuthorityKeyIdentifier.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AuthorityKeyIdentifier.php new file mode 100644 index 0000000..e7ec5b2 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AuthorityKeyIdentifier.php @@ -0,0 +1,45 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * AuthorityKeyIdentifier + * + * @author Jim Wigginton + */ +abstract class AuthorityKeyIdentifier +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'keyIdentifier' => [ + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ] + KeyIdentifier::MAP, + 'authorityCertIssuer' => [ + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ] + GeneralNames::MAP, + 'authorityCertSerialNumber' => [ + 'constant' => 2, + 'optional' => true, + 'implicit' => true + ] + CertificateSerialNumber::MAP + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BaseDistance.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BaseDistance.php new file mode 100644 index 0000000..e59668a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BaseDistance.php @@ -0,0 +1,26 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * BaseDistance + * + * @author Jim Wigginton + */ +abstract class BaseDistance +{ + const MAP = ['type' => ASN1::TYPE_INTEGER]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BasicConstraints.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BasicConstraints.php new file mode 100644 index 0000000..587ef1b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BasicConstraints.php @@ -0,0 +1,39 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * BasicConstraints + * + * @author Jim Wigginton + */ +abstract class BasicConstraints +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'cA' => [ + 'type' => ASN1::TYPE_BOOLEAN, + 'optional' => true, + 'default' => false + ], + 'pathLenConstraint' => [ + 'type' => ASN1::TYPE_INTEGER, + 'optional' => true + ] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BuiltInDomainDefinedAttribute.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BuiltInDomainDefinedAttribute.php new file mode 100644 index 0000000..e81bc78 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BuiltInDomainDefinedAttribute.php @@ -0,0 +1,32 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * BuiltInDomainDefinedAttribute + * + * @author Jim Wigginton + */ +abstract class BuiltInDomainDefinedAttribute +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'type' => ['type' => ASN1::TYPE_PRINTABLE_STRING], + 'value' => ['type' => ASN1::TYPE_PRINTABLE_STRING] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BuiltInDomainDefinedAttributes.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BuiltInDomainDefinedAttributes.php new file mode 100644 index 0000000..471e88f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BuiltInDomainDefinedAttributes.php @@ -0,0 +1,31 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * BuiltInDomainDefinedAttributes + * + * @author Jim Wigginton + */ +abstract class BuiltInDomainDefinedAttributes +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => 4, // ub-domain-defined-attributes + 'children' => BuiltInDomainDefinedAttribute::MAP + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BuiltInStandardAttributes.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BuiltInStandardAttributes.php new file mode 100644 index 0000000..752f400 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BuiltInStandardAttributes.php @@ -0,0 +1,67 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * BuiltInStandardAttributes + * + * @author Jim Wigginton + */ +abstract class BuiltInStandardAttributes +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'country-name' => ['optional' => true] + CountryName::MAP, + 'administration-domain-name' => ['optional' => true] + AdministrationDomainName::MAP, + 'network-address' => [ + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ] + NetworkAddress::MAP, + 'terminal-identifier' => [ + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ] + TerminalIdentifier::MAP, + 'private-domain-name' => [ + 'constant' => 2, + 'optional' => true, + 'explicit' => true + ] + PrivateDomainName::MAP, + 'organization-name' => [ + 'constant' => 3, + 'optional' => true, + 'implicit' => true + ] + OrganizationName::MAP, + 'numeric-user-identifier' => [ + 'constant' => 4, + 'optional' => true, + 'implicit' => true + ] + NumericUserIdentifier::MAP, + 'personal-name' => [ + 'constant' => 5, + 'optional' => true, + 'implicit' => true + ] + PersonalName::MAP, + 'organizational-unit-names' => [ + 'constant' => 6, + 'optional' => true, + 'implicit' => true + ] + OrganizationalUnitNames::MAP + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CPSuri.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CPSuri.php new file mode 100644 index 0000000..56e5888 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CPSuri.php @@ -0,0 +1,26 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * CPSuri + * + * @author Jim Wigginton + */ +abstract class CPSuri +{ + const MAP = ['type' => ASN1::TYPE_IA5_STRING]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CRLDistributionPoints.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CRLDistributionPoints.php new file mode 100644 index 0000000..79860b2 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CRLDistributionPoints.php @@ -0,0 +1,31 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * CRLDistributionPoints + * + * @author Jim Wigginton + */ +abstract class CRLDistributionPoints +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => DistributionPoint::MAP + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CRLNumber.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CRLNumber.php new file mode 100644 index 0000000..f6cb956 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CRLNumber.php @@ -0,0 +1,26 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * CRLNumber + * + * @author Jim Wigginton + */ +abstract class CRLNumber +{ + const MAP = ['type' => ASN1::TYPE_INTEGER]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CRLReason.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CRLReason.php new file mode 100644 index 0000000..d373652 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CRLReason.php @@ -0,0 +1,41 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * CRLReason + * + * @author Jim Wigginton + */ +abstract class CRLReason +{ + const MAP = [ + 'type' => ASN1::TYPE_ENUMERATED, + 'mapping' => [ + 'unspecified', + 'keyCompromise', + 'cACompromise', + 'affiliationChanged', + 'superseded', + 'cessationOfOperation', + 'certificateHold', + // Value 7 is not used. + 8 => 'removeFromCRL', + 'privilegeWithdrawn', + 'aACompromise' + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertPolicyId.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertPolicyId.php new file mode 100644 index 0000000..d7e7776 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertPolicyId.php @@ -0,0 +1,26 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * CertPolicyId + * + * @author Jim Wigginton + */ +abstract class CertPolicyId +{ + const MAP = ['type' => ASN1::TYPE_OBJECT_IDENTIFIER]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Certificate.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Certificate.php new file mode 100644 index 0000000..01943a0 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Certificate.php @@ -0,0 +1,33 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * Certificate + * + * @author Jim Wigginton + */ +abstract class Certificate +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'tbsCertificate' => TBSCertificate::MAP, + 'signatureAlgorithm' => AlgorithmIdentifier::MAP, + 'signature' => ['type' => ASN1::TYPE_BIT_STRING] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificateIssuer.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificateIssuer.php new file mode 100644 index 0000000..ccd68dd --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificateIssuer.php @@ -0,0 +1,24 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +/** + * CertificateIssuer + * + * @author Jim Wigginton + */ +abstract class CertificateIssuer +{ + const MAP = GeneralNames::MAP; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificateList.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificateList.php new file mode 100644 index 0000000..d54ed6d --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificateList.php @@ -0,0 +1,33 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * CertificateList + * + * @author Jim Wigginton + */ +abstract class CertificateList +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'tbsCertList' => TBSCertList::MAP, + 'signatureAlgorithm' => AlgorithmIdentifier::MAP, + 'signature' => ['type' => ASN1::TYPE_BIT_STRING] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificatePolicies.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificatePolicies.php new file mode 100644 index 0000000..ec0fa6b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificatePolicies.php @@ -0,0 +1,31 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * CertificatePolicies + * + * @author Jim Wigginton + */ +abstract class CertificatePolicies +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => PolicyInformation::MAP + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificateSerialNumber.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificateSerialNumber.php new file mode 100644 index 0000000..06ec944 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificateSerialNumber.php @@ -0,0 +1,26 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * CertificateSerialNumber + * + * @author Jim Wigginton + */ +abstract class CertificateSerialNumber +{ + const MAP = ['type' => ASN1::TYPE_INTEGER]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificationRequest.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificationRequest.php new file mode 100644 index 0000000..2da70ed --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificationRequest.php @@ -0,0 +1,33 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * CertificationRequest + * + * @author Jim Wigginton + */ +abstract class CertificationRequest +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'certificationRequestInfo' => CertificationRequestInfo::MAP, + 'signatureAlgorithm' => AlgorithmIdentifier::MAP, + 'signature' => ['type' => ASN1::TYPE_BIT_STRING] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificationRequestInfo.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificationRequestInfo.php new file mode 100644 index 0000000..ce6dc88 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificationRequestInfo.php @@ -0,0 +1,41 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * CertificationRequestInfo + * + * @author Jim Wigginton + */ +abstract class CertificationRequestInfo +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'version' => [ + 'type' => ASN1::TYPE_INTEGER, + 'mapping' => ['v1'] + ], + 'subject' => Name::MAP, + 'subjectPKInfo' => SubjectPublicKeyInfo::MAP, + 'attributes' => [ + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ] + Attributes::MAP, + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Characteristic_two.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Characteristic_two.php new file mode 100644 index 0000000..5bf59bb --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Characteristic_two.php @@ -0,0 +1,36 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * Characteristic_two + * + * @author Jim Wigginton + */ +abstract class Characteristic_two +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'm' => ['type' => ASN1::TYPE_INTEGER], // field size 2**m + 'basis' => ['type' => ASN1::TYPE_OBJECT_IDENTIFIER], + 'parameters' => [ + 'type' => ASN1::TYPE_ANY, + 'optional' => true + ] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CountryName.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CountryName.php new file mode 100644 index 0000000..737d844 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CountryName.php @@ -0,0 +1,36 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * CountryName + * + * @author Jim Wigginton + */ +abstract class CountryName +{ + const MAP = [ + 'type' => ASN1::TYPE_CHOICE, + // if class isn't present it's assumed to be \phpseclib3\File\ASN1::CLASS_UNIVERSAL or + // (if constant is present) \phpseclib3\File\ASN1::CLASS_CONTEXT_SPECIFIC + 'class' => ASN1::CLASS_APPLICATION, + 'cast' => 1, + 'children' => [ + 'x121-dcc-code' => ['type' => ASN1::TYPE_NUMERIC_STRING], + 'iso-3166-alpha2-code' => ['type' => ASN1::TYPE_PRINTABLE_STRING] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Curve.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Curve.php new file mode 100644 index 0000000..621f103 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Curve.php @@ -0,0 +1,36 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * Curve + * + * @author Jim Wigginton + */ +abstract class Curve +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'a' => FieldElement::MAP, + 'b' => FieldElement::MAP, + 'seed' => [ + 'type' => ASN1::TYPE_BIT_STRING, + 'optional' => true + ] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DHParameter.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DHParameter.php new file mode 100644 index 0000000..26863db --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DHParameter.php @@ -0,0 +1,38 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * DHParameter + * + * @author Jim Wigginton + */ +abstract class DHParameter +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'prime' => ['type' => ASN1::TYPE_INTEGER], + 'base' => ['type' => ASN1::TYPE_INTEGER], + 'privateValueLength' => [ + 'type' => ASN1::TYPE_INTEGER, + 'optional' => true + ] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DSAParams.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DSAParams.php new file mode 100644 index 0000000..7af397b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DSAParams.php @@ -0,0 +1,33 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * DSAParams + * + * @author Jim Wigginton + */ +abstract class DSAParams +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'p' => ['type' => ASN1::TYPE_INTEGER], + 'q' => ['type' => ASN1::TYPE_INTEGER], + 'g' => ['type' => ASN1::TYPE_INTEGER] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DSAPrivateKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DSAPrivateKey.php new file mode 100644 index 0000000..d97cd02 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DSAPrivateKey.php @@ -0,0 +1,36 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * DSAPrivateKey + * + * @author Jim Wigginton + */ +abstract class DSAPrivateKey +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'version' => ['type' => ASN1::TYPE_INTEGER], + 'p' => ['type' => ASN1::TYPE_INTEGER], + 'q' => ['type' => ASN1::TYPE_INTEGER], + 'g' => ['type' => ASN1::TYPE_INTEGER], + 'y' => ['type' => ASN1::TYPE_INTEGER], + 'x' => ['type' => ASN1::TYPE_INTEGER] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DSAPublicKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DSAPublicKey.php new file mode 100644 index 0000000..f795747 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DSAPublicKey.php @@ -0,0 +1,26 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * DSAPublicKey + * + * @author Jim Wigginton + */ +abstract class DSAPublicKey +{ + const MAP = ['type' => ASN1::TYPE_INTEGER]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DigestInfo.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DigestInfo.php new file mode 100644 index 0000000..b38ff3c --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DigestInfo.php @@ -0,0 +1,34 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * DigestInfo + * + * from https://tools.ietf.org/html/rfc2898#appendix-A.3 + * + * @author Jim Wigginton + */ +abstract class DigestInfo +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'digestAlgorithm' => AlgorithmIdentifier::MAP, + 'digest' => ['type' => ASN1::TYPE_OCTET_STRING] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DirectoryString.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DirectoryString.php new file mode 100644 index 0000000..45218e3 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DirectoryString.php @@ -0,0 +1,35 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * DirectoryString + * + * @author Jim Wigginton + */ +abstract class DirectoryString +{ + const MAP = [ + 'type' => ASN1::TYPE_CHOICE, + 'children' => [ + 'teletexString' => ['type' => ASN1::TYPE_TELETEX_STRING], + 'printableString' => ['type' => ASN1::TYPE_PRINTABLE_STRING], + 'universalString' => ['type' => ASN1::TYPE_UNIVERSAL_STRING], + 'utf8String' => ['type' => ASN1::TYPE_UTF8_STRING], + 'bmpString' => ['type' => ASN1::TYPE_BMP_STRING] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DisplayText.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DisplayText.php new file mode 100644 index 0000000..a13e6a6 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DisplayText.php @@ -0,0 +1,34 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * DisplayText + * + * @author Jim Wigginton + */ +abstract class DisplayText +{ + const MAP = [ + 'type' => ASN1::TYPE_CHOICE, + 'children' => [ + 'ia5String' => ['type' => ASN1::TYPE_IA5_STRING], + 'visibleString' => ['type' => ASN1::TYPE_VISIBLE_STRING], + 'bmpString' => ['type' => ASN1::TYPE_BMP_STRING], + 'utf8String' => ['type' => ASN1::TYPE_UTF8_STRING] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DistributionPoint.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DistributionPoint.php new file mode 100644 index 0000000..4d9af6b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DistributionPoint.php @@ -0,0 +1,45 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * DistributionPoint + * + * @author Jim Wigginton + */ +abstract class DistributionPoint +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'distributionPoint' => [ + 'constant' => 0, + 'optional' => true, + 'explicit' => true + ] + DistributionPointName::MAP, + 'reasons' => [ + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ] + ReasonFlags::MAP, + 'cRLIssuer' => [ + 'constant' => 2, + 'optional' => true, + 'implicit' => true + ] + GeneralNames::MAP + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DistributionPointName.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DistributionPointName.php new file mode 100644 index 0000000..bc0cec8 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DistributionPointName.php @@ -0,0 +1,40 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * DistributionPointName + * + * @author Jim Wigginton + */ +abstract class DistributionPointName +{ + const MAP = [ + 'type' => ASN1::TYPE_CHOICE, + 'children' => [ + 'fullName' => [ + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ] + GeneralNames::MAP, + 'nameRelativeToCRLIssuer' => [ + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ] + RelativeDistinguishedName::MAP + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DssSigValue.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DssSigValue.php new file mode 100644 index 0000000..2af7408 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DssSigValue.php @@ -0,0 +1,32 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * DssSigValue + * + * @author Jim Wigginton + */ +abstract class DssSigValue +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'r' => ['type' => ASN1::TYPE_INTEGER], + 's' => ['type' => ASN1::TYPE_INTEGER] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ECParameters.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ECParameters.php new file mode 100644 index 0000000..f25f6fa --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ECParameters.php @@ -0,0 +1,45 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * ECParameters + * + * ECParameters ::= CHOICE { + * namedCurve OBJECT IDENTIFIER + * -- implicitCurve NULL + * -- specifiedCurve SpecifiedECDomain + * } + * -- implicitCurve and specifiedCurve MUST NOT be used in PKIX. + * -- Details for SpecifiedECDomain can be found in [X9.62]. + * -- Any future additions to this CHOICE should be coordinated + * -- with ANSI X9. + * + * @author Jim Wigginton + */ +abstract class ECParameters +{ + const MAP = [ + 'type' => ASN1::TYPE_CHOICE, + 'children' => [ + 'namedCurve' => ['type' => ASN1::TYPE_OBJECT_IDENTIFIER], + 'implicitCurve' => ['type' => ASN1::TYPE_NULL], + 'specifiedCurve' => SpecifiedECDomain::MAP + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ECPoint.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ECPoint.php new file mode 100644 index 0000000..fb11db8 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ECPoint.php @@ -0,0 +1,26 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * ECPoint + * + * @author Jim Wigginton + */ +abstract class ECPoint +{ + const MAP = ['type' => ASN1::TYPE_OCTET_STRING]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ECPrivateKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ECPrivateKey.php new file mode 100644 index 0000000..7454f38 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ECPrivateKey.php @@ -0,0 +1,48 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * ECPrivateKey + * + * @author Jim Wigginton + */ +abstract class ECPrivateKey +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'version' => [ + 'type' => ASN1::TYPE_INTEGER, + 'mapping' => [1 => 'ecPrivkeyVer1'] + ], + 'privateKey' => ['type' => ASN1::TYPE_OCTET_STRING], + 'parameters' => [ + 'constant' => 0, + 'optional' => true, + 'explicit' => true + ] + ECParameters::MAP, + 'publicKey' => [ + 'type' => ASN1::TYPE_BIT_STRING, + 'constant' => 1, + 'optional' => true, + 'explicit' => true + ] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EDIPartyName.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EDIPartyName.php new file mode 100644 index 0000000..ea7dcf1 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EDIPartyName.php @@ -0,0 +1,42 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * EDIPartyName + * + * @author Jim Wigginton + */ +abstract class EDIPartyName +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'nameAssigner' => [ + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ] + DirectoryString::MAP, + // partyName is technically required but \phpseclib3\File\ASN1 doesn't currently support non-optional constants and + // setting it to optional gets the job done in any event. + 'partyName' => [ + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ] + DirectoryString::MAP + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EcdsaSigValue.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EcdsaSigValue.php new file mode 100644 index 0000000..8ab9ff1 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EcdsaSigValue.php @@ -0,0 +1,32 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * EcdsaSigValue + * + * @author Jim Wigginton + */ +abstract class EcdsaSigValue +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'r' => ['type' => ASN1::TYPE_INTEGER], + 's' => ['type' => ASN1::TYPE_INTEGER] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EncryptedData.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EncryptedData.php new file mode 100644 index 0000000..8d8739e --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EncryptedData.php @@ -0,0 +1,26 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * EncryptedData + * + * @author Jim Wigginton + */ +abstract class EncryptedData +{ + const MAP = ['type' => ASN1::TYPE_OCTET_STRING]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EncryptedPrivateKeyInfo.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EncryptedPrivateKeyInfo.php new file mode 100644 index 0000000..2c93567 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EncryptedPrivateKeyInfo.php @@ -0,0 +1,32 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * EncryptedPrivateKeyInfo + * + * @author Jim Wigginton + */ +abstract class EncryptedPrivateKeyInfo +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'encryptionAlgorithm' => AlgorithmIdentifier::MAP, + 'encryptedData' => EncryptedData::MAP + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ExtKeyUsageSyntax.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ExtKeyUsageSyntax.php new file mode 100644 index 0000000..f9bc5de --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ExtKeyUsageSyntax.php @@ -0,0 +1,31 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * ExtKeyUsageSyntax + * + * @author Jim Wigginton + */ +abstract class ExtKeyUsageSyntax +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => KeyPurposeId::MAP + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Extension.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Extension.php new file mode 100644 index 0000000..e32668f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Extension.php @@ -0,0 +1,43 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * Extension + * + * A certificate using system MUST reject the certificate if it encounters + * a critical extension it does not recognize; however, a non-critical + * extension may be ignored if it is not recognized. + * + * http://tools.ietf.org/html/rfc5280#section-4.2 + * + * @author Jim Wigginton + */ +abstract class Extension +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'extnId' => ['type' => ASN1::TYPE_OBJECT_IDENTIFIER], + 'critical' => [ + 'type' => ASN1::TYPE_BOOLEAN, + 'optional' => true, + 'default' => false + ], + 'extnValue' => ['type' => ASN1::TYPE_OCTET_STRING] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ExtensionAttribute.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ExtensionAttribute.php new file mode 100644 index 0000000..565b36d --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ExtensionAttribute.php @@ -0,0 +1,42 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * ExtensionAttribute + * + * @author Jim Wigginton + */ +abstract class ExtensionAttribute +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'extension-attribute-type' => [ + 'type' => ASN1::TYPE_PRINTABLE_STRING, + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ], + 'extension-attribute-value' => [ + 'type' => ASN1::TYPE_ANY, + 'constant' => 1, + 'optional' => true, + 'explicit' => true + ] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ExtensionAttributes.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ExtensionAttributes.php new file mode 100644 index 0000000..a2e9bfa --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ExtensionAttributes.php @@ -0,0 +1,31 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * ExtensionAttributes + * + * @author Jim Wigginton + */ +abstract class ExtensionAttributes +{ + const MAP = [ + 'type' => ASN1::TYPE_SET, + 'min' => 1, + 'max' => 256, // ub-extension-attributes + 'children' => ExtensionAttribute::MAP + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Extensions.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Extensions.php new file mode 100644 index 0000000..5015c97 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Extensions.php @@ -0,0 +1,33 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * Extensions + * + * @author Jim Wigginton + */ +abstract class Extensions +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + // technically, it's MAX, but we'll assume anything < 0 is MAX + 'max' => -1, + // if 'children' isn't an array then 'min' and 'max' must be defined + 'children' => Extension::MAP + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/FieldElement.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/FieldElement.php new file mode 100644 index 0000000..3173407 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/FieldElement.php @@ -0,0 +1,26 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * FieldElement + * + * @author Jim Wigginton + */ +abstract class FieldElement +{ + const MAP = ['type' => ASN1::TYPE_OCTET_STRING]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/FieldID.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/FieldID.php new file mode 100644 index 0000000..e32a9c0 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/FieldID.php @@ -0,0 +1,35 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * FieldID + * + * @author Jim Wigginton + */ +abstract class FieldID +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'fieldType' => ['type' => ASN1::TYPE_OBJECT_IDENTIFIER], + 'parameters' => [ + 'type' => ASN1::TYPE_ANY, + 'optional' => true + ] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralName.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralName.php new file mode 100644 index 0000000..57d86da --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralName.php @@ -0,0 +1,80 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * GeneralName + * + * @author Jim Wigginton + */ +abstract class GeneralName +{ + const MAP = [ + 'type' => ASN1::TYPE_CHOICE, + 'children' => [ + 'otherName' => [ + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ] + AnotherName::MAP, + 'rfc822Name' => [ + 'type' => ASN1::TYPE_IA5_STRING, + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ], + 'dNSName' => [ + 'type' => ASN1::TYPE_IA5_STRING, + 'constant' => 2, + 'optional' => true, + 'implicit' => true + ], + 'x400Address' => [ + 'constant' => 3, + 'optional' => true, + 'implicit' => true + ] + ORAddress::MAP, + 'directoryName' => [ + 'constant' => 4, + 'optional' => true, + 'explicit' => true + ] + Name::MAP, + 'ediPartyName' => [ + 'constant' => 5, + 'optional' => true, + 'implicit' => true + ] + EDIPartyName::MAP, + 'uniformResourceIdentifier' => [ + 'type' => ASN1::TYPE_IA5_STRING, + 'constant' => 6, + 'optional' => true, + 'implicit' => true + ], + 'iPAddress' => [ + 'type' => ASN1::TYPE_OCTET_STRING, + 'constant' => 7, + 'optional' => true, + 'implicit' => true + ], + 'registeredID' => [ + 'type' => ASN1::TYPE_OBJECT_IDENTIFIER, + 'constant' => 8, + 'optional' => true, + 'implicit' => true + ] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralNames.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralNames.php new file mode 100644 index 0000000..5d93153 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralNames.php @@ -0,0 +1,31 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * GeneralNames + * + * @author Jim Wigginton + */ +abstract class GeneralNames +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => GeneralName::MAP + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralSubtree.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralSubtree.php new file mode 100644 index 0000000..5388db5 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralSubtree.php @@ -0,0 +1,42 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * GeneralSubtree + * + * @author Jim Wigginton + */ +abstract class GeneralSubtree +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'base' => GeneralName::MAP, + 'minimum' => [ + 'constant' => 0, + 'optional' => true, + 'implicit' => true, + 'default' => '0' + ] + BaseDistance::MAP, + 'maximum' => [ + 'constant' => 1, + 'optional' => true, + 'implicit' => true, + ] + BaseDistance::MAP + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralSubtrees.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralSubtrees.php new file mode 100644 index 0000000..27548cf --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralSubtrees.php @@ -0,0 +1,31 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * GeneralSubtrees + * + * @author Jim Wigginton + */ +abstract class GeneralSubtrees +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => GeneralSubtree::MAP + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/HashAlgorithm.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/HashAlgorithm.php new file mode 100644 index 0000000..deb13ca --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/HashAlgorithm.php @@ -0,0 +1,24 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +/** + * HashAglorithm + * + * @author Jim Wigginton + */ +abstract class HashAlgorithm +{ + const MAP = AlgorithmIdentifier::MAP; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/HoldInstructionCode.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/HoldInstructionCode.php new file mode 100644 index 0000000..88d6ff3 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/HoldInstructionCode.php @@ -0,0 +1,26 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * HoldInstructionCode + * + * @author Jim Wigginton + */ +abstract class HoldInstructionCode +{ + const MAP = ['type' => ASN1::TYPE_OBJECT_IDENTIFIER]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/InvalidityDate.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/InvalidityDate.php new file mode 100644 index 0000000..f34b5f7 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/InvalidityDate.php @@ -0,0 +1,26 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * InvalidityDate + * + * @author Jim Wigginton + */ +abstract class InvalidityDate +{ + const MAP = ['type' => ASN1::TYPE_GENERALIZED_TIME]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/IssuerAltName.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/IssuerAltName.php new file mode 100644 index 0000000..e9d0324 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/IssuerAltName.php @@ -0,0 +1,24 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +/** + * IssuerAltName + * + * @author Jim Wigginton + */ +abstract class IssuerAltName +{ + const MAP = GeneralNames::MAP; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/IssuingDistributionPoint.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/IssuingDistributionPoint.php new file mode 100644 index 0000000..415996f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/IssuingDistributionPoint.php @@ -0,0 +1,68 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * IssuingDistributionPoint + * + * @author Jim Wigginton + */ +abstract class IssuingDistributionPoint +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'distributionPoint' => [ + 'constant' => 0, + 'optional' => true, + 'explicit' => true + ] + DistributionPointName::MAP, + 'onlyContainsUserCerts' => [ + 'type' => ASN1::TYPE_BOOLEAN, + 'constant' => 1, + 'optional' => true, + 'default' => false, + 'implicit' => true + ], + 'onlyContainsCACerts' => [ + 'type' => ASN1::TYPE_BOOLEAN, + 'constant' => 2, + 'optional' => true, + 'default' => false, + 'implicit' => true + ], + 'onlySomeReasons' => [ + 'constant' => 3, + 'optional' => true, + 'implicit' => true + ] + ReasonFlags::MAP, + 'indirectCRL' => [ + 'type' => ASN1::TYPE_BOOLEAN, + 'constant' => 4, + 'optional' => true, + 'default' => false, + 'implicit' => true + ], + 'onlyContainsAttributeCerts' => [ + 'type' => ASN1::TYPE_BOOLEAN, + 'constant' => 5, + 'optional' => true, + 'default' => false, + 'implicit' => true + ] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/KeyIdentifier.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/KeyIdentifier.php new file mode 100644 index 0000000..82a4151 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/KeyIdentifier.php @@ -0,0 +1,26 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * KeyIdentifier + * + * @author Jim Wigginton + */ +abstract class KeyIdentifier +{ + const MAP = ['type' => ASN1::TYPE_OCTET_STRING]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/KeyPurposeId.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/KeyPurposeId.php new file mode 100644 index 0000000..b8509f1 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/KeyPurposeId.php @@ -0,0 +1,26 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * KeyPurposeId + * + * @author Jim Wigginton + */ +abstract class KeyPurposeId +{ + const MAP = ['type' => ASN1::TYPE_OBJECT_IDENTIFIER]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/KeyUsage.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/KeyUsage.php new file mode 100644 index 0000000..827ce03 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/KeyUsage.php @@ -0,0 +1,39 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * KeyUsage + * + * @author Jim Wigginton + */ +abstract class KeyUsage +{ + const MAP = [ + 'type' => ASN1::TYPE_BIT_STRING, + 'mapping' => [ + 'digitalSignature', + 'nonRepudiation', + 'keyEncipherment', + 'dataEncipherment', + 'keyAgreement', + 'keyCertSign', + 'cRLSign', + 'encipherOnly', + 'decipherOnly' + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/MaskGenAlgorithm.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/MaskGenAlgorithm.php new file mode 100644 index 0000000..ea3f998 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/MaskGenAlgorithm.php @@ -0,0 +1,24 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +/** + * MaskGenAglorithm + * + * @author Jim Wigginton + */ +abstract class MaskGenAlgorithm +{ + const MAP = AlgorithmIdentifier::MAP; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Name.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Name.php new file mode 100644 index 0000000..a6a9009 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Name.php @@ -0,0 +1,31 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * Name + * + * @author Jim Wigginton + */ +abstract class Name +{ + const MAP = [ + 'type' => ASN1::TYPE_CHOICE, + 'children' => [ + 'rdnSequence' => RDNSequence::MAP + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NameConstraints.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NameConstraints.php new file mode 100644 index 0000000..80486f9 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NameConstraints.php @@ -0,0 +1,40 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * NameConstraints + * + * @author Jim Wigginton + */ +abstract class NameConstraints +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'permittedSubtrees' => [ + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ] + GeneralSubtrees::MAP, + 'excludedSubtrees' => [ + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ] + GeneralSubtrees::MAP + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NetworkAddress.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NetworkAddress.php new file mode 100644 index 0000000..6c68df0 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NetworkAddress.php @@ -0,0 +1,26 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * NetworkAddress + * + * @author Jim Wigginton + */ +abstract class NetworkAddress +{ + const MAP = ['type' => ASN1::TYPE_NUMERIC_STRING]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NoticeReference.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NoticeReference.php new file mode 100644 index 0000000..9eec123 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NoticeReference.php @@ -0,0 +1,37 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * NoticeReference + * + * @author Jim Wigginton + */ +abstract class NoticeReference +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'organization' => DisplayText::MAP, + 'noticeNumbers' => [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => 200, + 'children' => ['type' => ASN1::TYPE_INTEGER] + ] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NumericUserIdentifier.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NumericUserIdentifier.php new file mode 100644 index 0000000..635a89d --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NumericUserIdentifier.php @@ -0,0 +1,26 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * NumericUserIdentifier + * + * @author Jim Wigginton + */ +abstract class NumericUserIdentifier +{ + const MAP = ['type' => ASN1::TYPE_NUMERIC_STRING]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ORAddress.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ORAddress.php new file mode 100644 index 0000000..b853abe --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ORAddress.php @@ -0,0 +1,33 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * ORAddress + * + * @author Jim Wigginton + */ +abstract class ORAddress +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'built-in-standard-attributes' => BuiltInStandardAttributes::MAP, + 'built-in-domain-defined-attributes' => ['optional' => true] + BuiltInDomainDefinedAttributes::MAP, + 'extension-attributes' => ['optional' => true] + ExtensionAttributes::MAP + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OneAsymmetricKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OneAsymmetricKey.php new file mode 100644 index 0000000..5953024 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OneAsymmetricKey.php @@ -0,0 +1,48 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * OneAsymmetricKey + * + * @author Jim Wigginton + */ +abstract class OneAsymmetricKey +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'version' => [ + 'type' => ASN1::TYPE_INTEGER, + 'mapping' => ['v1', 'v2'] + ], + 'privateKeyAlgorithm' => AlgorithmIdentifier::MAP, + 'privateKey' => PrivateKey::MAP, + 'attributes' => [ + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ] + Attributes::MAP, + 'publicKey' => [ + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ] + PublicKey::MAP + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OrganizationName.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OrganizationName.php new file mode 100644 index 0000000..b5cc949 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OrganizationName.php @@ -0,0 +1,26 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * OrganizationName + * + * @author Jim Wigginton + */ +abstract class OrganizationName +{ + const MAP = ['type' => ASN1::TYPE_PRINTABLE_STRING]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OrganizationalUnitNames.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OrganizationalUnitNames.php new file mode 100644 index 0000000..b3e5780 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OrganizationalUnitNames.php @@ -0,0 +1,31 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * OrganizationalUnitNames + * + * @author Jim Wigginton + */ +abstract class OrganizationalUnitNames +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => 4, // ub-organizational-units + 'children' => ['type' => ASN1::TYPE_PRINTABLE_STRING] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OtherPrimeInfo.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OtherPrimeInfo.php new file mode 100644 index 0000000..5d56560 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OtherPrimeInfo.php @@ -0,0 +1,34 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * OtherPrimeInfo + * + * @author Jim Wigginton + */ +abstract class OtherPrimeInfo +{ + // version must be multi if otherPrimeInfos present + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'prime' => ['type' => ASN1::TYPE_INTEGER], // ri + 'exponent' => ['type' => ASN1::TYPE_INTEGER], // di + 'coefficient' => ['type' => ASN1::TYPE_INTEGER] // ti + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OtherPrimeInfos.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OtherPrimeInfos.php new file mode 100644 index 0000000..9802a80 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OtherPrimeInfos.php @@ -0,0 +1,32 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * OtherPrimeInfos + * + * @author Jim Wigginton + */ +abstract class OtherPrimeInfos +{ + // version must be multi if otherPrimeInfos present + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => OtherPrimeInfo::MAP + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBEParameter.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBEParameter.php new file mode 100644 index 0000000..8eb27cf --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBEParameter.php @@ -0,0 +1,34 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * PBEParameter + * + * from https://tools.ietf.org/html/rfc2898#appendix-A.3 + * + * @author Jim Wigginton + */ +abstract class PBEParameter +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'salt' => ['type' => ASN1::TYPE_OCTET_STRING], + 'iterationCount' => ['type' => ASN1::TYPE_INTEGER] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBES2params.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBES2params.php new file mode 100644 index 0000000..bd31699 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBES2params.php @@ -0,0 +1,34 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * PBES2params + * + * from https://tools.ietf.org/html/rfc2898#appendix-A.3 + * + * @author Jim Wigginton + */ +abstract class PBES2params +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'keyDerivationFunc' => AlgorithmIdentifier::MAP, + 'encryptionScheme' => AlgorithmIdentifier::MAP + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBKDF2params.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBKDF2params.php new file mode 100644 index 0000000..2dafed9 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBKDF2params.php @@ -0,0 +1,41 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * PBKDF2params + * + * from https://tools.ietf.org/html/rfc2898#appendix-A.3 + * + * @author Jim Wigginton + */ +abstract class PBKDF2params +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + // technically, this is a CHOICE in RFC2898 but the other "choice" is, currently, more of a placeholder + // in the RFC + 'salt' => ['type' => ASN1::TYPE_OCTET_STRING], + 'iterationCount' => ['type' => ASN1::TYPE_INTEGER], + 'keyLength' => [ + 'type' => ASN1::TYPE_INTEGER, + 'optional' => true + ], + 'prf' => AlgorithmIdentifier::MAP + ['optional' => true] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBMAC1params.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBMAC1params.php new file mode 100644 index 0000000..91319f5 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBMAC1params.php @@ -0,0 +1,34 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * PBMAC1params + * + * from https://tools.ietf.org/html/rfc2898#appendix-A.3 + * + * @author Jim Wigginton + */ +abstract class PBMAC1params +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'keyDerivationFunc' => AlgorithmIdentifier::MAP, + 'messageAuthScheme' => AlgorithmIdentifier::MAP + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PKCS9String.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PKCS9String.php new file mode 100644 index 0000000..87d0862 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PKCS9String.php @@ -0,0 +1,32 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * PKCS9String + * + * @author Jim Wigginton + */ +abstract class PKCS9String +{ + const MAP = [ + 'type' => ASN1::TYPE_CHOICE, + 'children' => [ + 'ia5String' => ['type' => ASN1::TYPE_IA5_STRING], + 'directoryString' => DirectoryString::MAP + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Pentanomial.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Pentanomial.php new file mode 100644 index 0000000..b8c8c02 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Pentanomial.php @@ -0,0 +1,33 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * Pentanomial + * + * @author Jim Wigginton + */ +abstract class Pentanomial +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'k1' => ['type' => ASN1::TYPE_INTEGER], // k1 > 0 + 'k2' => ['type' => ASN1::TYPE_INTEGER], // k2 > k1 + 'k3' => ['type' => ASN1::TYPE_INTEGER], // k3 > h2 + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PersonalName.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PersonalName.php new file mode 100644 index 0000000..14e2860 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PersonalName.php @@ -0,0 +1,54 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * PersonalName + * + * @author Jim Wigginton + */ +abstract class PersonalName +{ + const MAP = [ + 'type' => ASN1::TYPE_SET, + 'children' => [ + 'surname' => [ + 'type' => ASN1::TYPE_PRINTABLE_STRING, + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ], + 'given-name' => [ + 'type' => ASN1::TYPE_PRINTABLE_STRING, + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ], + 'initials' => [ + 'type' => ASN1::TYPE_PRINTABLE_STRING, + 'constant' => 2, + 'optional' => true, + 'implicit' => true + ], + 'generation-qualifier' => [ + 'type' => ASN1::TYPE_PRINTABLE_STRING, + 'constant' => 3, + 'optional' => true, + 'implicit' => true + ] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyInformation.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyInformation.php new file mode 100644 index 0000000..1625d19 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyInformation.php @@ -0,0 +1,38 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * PolicyInformation + * + * @author Jim Wigginton + */ +abstract class PolicyInformation +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'policyIdentifier' => CertPolicyId::MAP, + 'policyQualifiers' => [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 0, + 'max' => -1, + 'optional' => true, + 'children' => PolicyQualifierInfo::MAP + ] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyMappings.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyMappings.php new file mode 100644 index 0000000..d30b852 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyMappings.php @@ -0,0 +1,37 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * PolicyMappings + * + * @author Jim Wigginton + */ +abstract class PolicyMappings +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'issuerDomainPolicy' => CertPolicyId::MAP, + 'subjectDomainPolicy' => CertPolicyId::MAP + ] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyQualifierId.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyQualifierId.php new file mode 100644 index 0000000..7b7cd6a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyQualifierId.php @@ -0,0 +1,26 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * PolicyQualifierId + * + * @author Jim Wigginton + */ +abstract class PolicyQualifierId +{ + const MAP = ['type' => ASN1::TYPE_OBJECT_IDENTIFIER]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyQualifierInfo.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyQualifierInfo.php new file mode 100644 index 0000000..d227702 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyQualifierInfo.php @@ -0,0 +1,32 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * PolicyQualifierInfo + * + * @author Jim Wigginton + */ +abstract class PolicyQualifierInfo +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'policyQualifierId' => PolicyQualifierId::MAP, + 'qualifier' => ['type' => ASN1::TYPE_ANY] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PostalAddress.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PostalAddress.php new file mode 100644 index 0000000..142b309 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PostalAddress.php @@ -0,0 +1,32 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * PostalAddress + * + * @author Jim Wigginton + */ +abstract class PostalAddress +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'optional' => true, + 'min' => 1, + 'max' => -1, + 'children' => DirectoryString::MAP + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Prime_p.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Prime_p.php new file mode 100644 index 0000000..7743034 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Prime_p.php @@ -0,0 +1,26 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * Prime_p + * + * @author Jim Wigginton + */ +abstract class Prime_p +{ + const MAP = ['type' => ASN1::TYPE_INTEGER]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateDomainName.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateDomainName.php new file mode 100644 index 0000000..195dcaa --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateDomainName.php @@ -0,0 +1,32 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * PrivateDomainName + * + * @author Jim Wigginton + */ +abstract class PrivateDomainName +{ + const MAP = [ + 'type' => ASN1::TYPE_CHOICE, + 'children' => [ + 'numeric' => ['type' => ASN1::TYPE_NUMERIC_STRING], + 'printable' => ['type' => ASN1::TYPE_PRINTABLE_STRING] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateKey.php new file mode 100644 index 0000000..3c89594 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateKey.php @@ -0,0 +1,26 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * PrivateKey + * + * @author Jim Wigginton + */ +abstract class PrivateKey +{ + const MAP = ['type' => ASN1::TYPE_OCTET_STRING]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateKeyInfo.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateKeyInfo.php new file mode 100644 index 0000000..b440b78 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateKeyInfo.php @@ -0,0 +1,41 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * PrivateKeyInfo + * + * @author Jim Wigginton + */ +abstract class PrivateKeyInfo +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'version' => [ + 'type' => ASN1::TYPE_INTEGER, + 'mapping' => ['v1'] + ], + 'privateKeyAlgorithm' => AlgorithmIdentifier::MAP, + 'privateKey' => PrivateKey::MAP, + 'attributes' => [ + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ] + Attributes::MAP + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateKeyUsagePeriod.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateKeyUsagePeriod.php new file mode 100644 index 0000000..5b87036 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateKeyUsagePeriod.php @@ -0,0 +1,40 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * PrivateKeyUsagePeriod + * + * @author Jim Wigginton + */ +abstract class PrivateKeyUsagePeriod +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'notBefore' => [ + 'constant' => 0, + 'optional' => true, + 'implicit' => true, + 'type' => ASN1::TYPE_GENERALIZED_TIME], + 'notAfter' => [ + 'constant' => 1, + 'optional' => true, + 'implicit' => true, + 'type' => ASN1::TYPE_GENERALIZED_TIME] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PublicKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PublicKey.php new file mode 100644 index 0000000..4840920 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PublicKey.php @@ -0,0 +1,26 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * PublicKey + * + * @author Jim Wigginton + */ +abstract class PublicKey +{ + const MAP = ['type' => ASN1::TYPE_BIT_STRING]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PublicKeyAndChallenge.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PublicKeyAndChallenge.php new file mode 100644 index 0000000..432581e --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PublicKeyAndChallenge.php @@ -0,0 +1,32 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * PublicKeyAndChallenge + * + * @author Jim Wigginton + */ +abstract class PublicKeyAndChallenge +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'spki' => SubjectPublicKeyInfo::MAP, + 'challenge' => ['type' => ASN1::TYPE_IA5_STRING] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PublicKeyInfo.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PublicKeyInfo.php new file mode 100644 index 0000000..b39a341 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PublicKeyInfo.php @@ -0,0 +1,35 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * PublicKeyInfo + * + * this format is not formally defined anywhere but is none-the-less the form you + * get when you do "openssl rsa -in private.pem -outform PEM -pubout" + * + * @author Jim Wigginton + */ +abstract class PublicKeyInfo +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'publicKeyAlgorithm' => AlgorithmIdentifier::MAP, + 'publicKey' => ['type' => ASN1::TYPE_BIT_STRING] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RC2CBCParameter.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RC2CBCParameter.php new file mode 100644 index 0000000..48649ab --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RC2CBCParameter.php @@ -0,0 +1,37 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * RC2CBCParameter + * + * from https://tools.ietf.org/html/rfc2898#appendix-A.3 + * + * @author Jim Wigginton + */ +abstract class RC2CBCParameter +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'rc2ParametersVersion' => [ + 'type' => ASN1::TYPE_INTEGER, + 'optional' => true + ], + 'iv' => ['type' => ASN1::TYPE_OCTET_STRING] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RDNSequence.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RDNSequence.php new file mode 100644 index 0000000..04b071c --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RDNSequence.php @@ -0,0 +1,38 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * RDNSequence + * + * In practice, RDNs containing multiple name-value pairs (called "multivalued RDNs") are rare, + * but they can be useful at times when either there is no unique attribute in the entry or you + * want to ensure that the entry's DN contains some useful identifying information. + * + * - https://www.opends.org/wiki/page/DefinitionRelativeDistinguishedName + * + * @author Jim Wigginton + */ +abstract class RDNSequence +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + // RDNSequence does not define a min or a max, which means it doesn't have one + 'min' => 0, + 'max' => -1, + 'children' => RelativeDistinguishedName::MAP + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RSAPrivateKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RSAPrivateKey.php new file mode 100644 index 0000000..8c19c65 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RSAPrivateKey.php @@ -0,0 +1,44 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * RSAPrivateKey + * + * @author Jim Wigginton + */ +abstract class RSAPrivateKey +{ + // version must be multi if otherPrimeInfos present + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'version' => [ + 'type' => ASN1::TYPE_INTEGER, + 'mapping' => ['two-prime', 'multi'] + ], + 'modulus' => ['type' => ASN1::TYPE_INTEGER], // n + 'publicExponent' => ['type' => ASN1::TYPE_INTEGER], // e + 'privateExponent' => ['type' => ASN1::TYPE_INTEGER], // d + 'prime1' => ['type' => ASN1::TYPE_INTEGER], // p + 'prime2' => ['type' => ASN1::TYPE_INTEGER], // q + 'exponent1' => ['type' => ASN1::TYPE_INTEGER], // d mod (p-1) + 'exponent2' => ['type' => ASN1::TYPE_INTEGER], // d mod (q-1) + 'coefficient' => ['type' => ASN1::TYPE_INTEGER], // (inverse of q) mod p + 'otherPrimeInfos' => OtherPrimeInfos::MAP + ['optional' => true] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RSAPublicKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RSAPublicKey.php new file mode 100644 index 0000000..b14c32c --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RSAPublicKey.php @@ -0,0 +1,32 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * RSAPublicKey + * + * @author Jim Wigginton + */ +abstract class RSAPublicKey +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'modulus' => ['type' => ASN1::TYPE_INTEGER], + 'publicExponent' => ['type' => ASN1::TYPE_INTEGER] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RSASSA_PSS_params.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RSASSA_PSS_params.php new file mode 100644 index 0000000..1a784bf --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RSASSA_PSS_params.php @@ -0,0 +1,58 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * RSASSA_PSS_params + * + * @author Jim Wigginton + */ +abstract class RSASSA_PSS_params +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'hashAlgorithm' => [ + 'constant' => 0, + 'optional' => true, + 'explicit' => true, + //'default' => 'sha1Identifier' + ] + HashAlgorithm::MAP, + 'maskGenAlgorithm' => [ + 'constant' => 1, + 'optional' => true, + 'explicit' => true, + //'default' => 'mgf1SHA1Identifier' + ] + MaskGenAlgorithm::MAP, + 'saltLength' => [ + 'type' => ASN1::TYPE_INTEGER, + 'constant' => 2, + 'optional' => true, + 'explicit' => true, + 'default' => 20 + ], + 'trailerField' => [ + 'type' => ASN1::TYPE_INTEGER, + 'constant' => 3, + 'optional' => true, + 'explicit' => true, + 'default' => 1 + ] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ReasonFlags.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ReasonFlags.php new file mode 100644 index 0000000..2e62fcd --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ReasonFlags.php @@ -0,0 +1,39 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * ReasonFlags + * + * @author Jim Wigginton + */ +abstract class ReasonFlags +{ + const MAP = [ + 'type' => ASN1::TYPE_BIT_STRING, + 'mapping' => [ + 'unused', + 'keyCompromise', + 'cACompromise', + 'affiliationChanged', + 'superseded', + 'cessationOfOperation', + 'certificateHold', + 'privilegeWithdrawn', + 'aACompromise' + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RelativeDistinguishedName.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RelativeDistinguishedName.php new file mode 100644 index 0000000..a0421f7 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RelativeDistinguishedName.php @@ -0,0 +1,37 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * RelativeDistinguishedName + * + * In practice, RDNs containing multiple name-value pairs (called "multivalued RDNs") are rare, + * but they can be useful at times when either there is no unique attribute in the entry or you + * want to ensure that the entry's DN contains some useful identifying information. + * + * - https://www.opends.org/wiki/page/DefinitionRelativeDistinguishedName + * + * @author Jim Wigginton + */ +abstract class RelativeDistinguishedName +{ + const MAP = [ + 'type' => ASN1::TYPE_SET, + 'min' => 1, + 'max' => -1, + 'children' => AttributeTypeAndValue::MAP + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RevokedCertificate.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RevokedCertificate.php new file mode 100644 index 0000000..ff759eb --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RevokedCertificate.php @@ -0,0 +1,35 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * RevokedCertificate + * + * @author Jim Wigginton + */ +abstract class RevokedCertificate +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'userCertificate' => CertificateSerialNumber::MAP, + 'revocationDate' => Time::MAP, + 'crlEntryExtensions' => [ + 'optional' => true + ] + Extensions::MAP + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SignedPublicKeyAndChallenge.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SignedPublicKeyAndChallenge.php new file mode 100644 index 0000000..0f482a2 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SignedPublicKeyAndChallenge.php @@ -0,0 +1,33 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * SignedPublicKeyAndChallenge + * + * @author Jim Wigginton + */ +abstract class SignedPublicKeyAndChallenge +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'publicKeyAndChallenge' => PublicKeyAndChallenge::MAP, + 'signatureAlgorithm' => AlgorithmIdentifier::MAP, + 'signature' => ['type' => ASN1::TYPE_BIT_STRING] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SpecifiedECDomain.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SpecifiedECDomain.php new file mode 100644 index 0000000..7408a56 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SpecifiedECDomain.php @@ -0,0 +1,45 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * SpecifiedECDomain + * + * @author Jim Wigginton + */ +abstract class SpecifiedECDomain +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'version' => [ + 'type' => ASN1::TYPE_INTEGER, + 'mapping' => [1 => 'ecdpVer1', 'ecdpVer2', 'ecdpVer3'] + ], + 'fieldID' => FieldID::MAP, + 'curve' => Curve::MAP, + 'base' => ECPoint::MAP, + 'order' => ['type' => ASN1::TYPE_INTEGER], + 'cofactor' => [ + 'type' => ASN1::TYPE_INTEGER, + 'optional' => true + ], + 'hash' => ['optional' => true] + HashAlgorithm::MAP + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectAltName.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectAltName.php new file mode 100644 index 0000000..39138a9 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectAltName.php @@ -0,0 +1,24 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +/** + * SubjectAltName + * + * @author Jim Wigginton + */ +abstract class SubjectAltName +{ + const MAP = GeneralNames::MAP; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectDirectoryAttributes.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectDirectoryAttributes.php new file mode 100644 index 0000000..f2e206f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectDirectoryAttributes.php @@ -0,0 +1,31 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * SubjectDirectoryAttributes + * + * @author Jim Wigginton + */ +abstract class SubjectDirectoryAttributes +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => Attribute::MAP + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectInfoAccessSyntax.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectInfoAccessSyntax.php new file mode 100644 index 0000000..1ff241f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectInfoAccessSyntax.php @@ -0,0 +1,31 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * SubjectInfoAccessSyntax + * + * @author Jim Wigginton + */ +abstract class SubjectInfoAccessSyntax +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => AccessDescription::MAP + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectPublicKeyInfo.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectPublicKeyInfo.php new file mode 100644 index 0000000..0d53d54 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectPublicKeyInfo.php @@ -0,0 +1,32 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * SubjectPublicKeyInfo + * + * @author Jim Wigginton + */ +abstract class SubjectPublicKeyInfo +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'algorithm' => AlgorithmIdentifier::MAP, + 'subjectPublicKey' => ['type' => ASN1::TYPE_BIT_STRING] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TBSCertList.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TBSCertList.php new file mode 100644 index 0000000..49b3cfc --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TBSCertList.php @@ -0,0 +1,54 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * TBSCertList + * + * @author Jim Wigginton + */ +abstract class TBSCertList +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'version' => [ + 'type' => ASN1::TYPE_INTEGER, + 'mapping' => ['v1', 'v2', 'v3'], + 'optional' => true, + 'default' => 'v2' + ], + 'signature' => AlgorithmIdentifier::MAP, + 'issuer' => Name::MAP, + 'thisUpdate' => Time::MAP, + 'nextUpdate' => [ + 'optional' => true + ] + Time::MAP, + 'revokedCertificates' => [ + 'type' => ASN1::TYPE_SEQUENCE, + 'optional' => true, + 'min' => 0, + 'max' => -1, + 'children' => RevokedCertificate::MAP + ], + 'crlExtensions' => [ + 'constant' => 0, + 'optional' => true, + 'explicit' => true + ] + Extensions::MAP + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TBSCertificate.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TBSCertificate.php new file mode 100644 index 0000000..007360c --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TBSCertificate.php @@ -0,0 +1,65 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * TBSCertificate + * + * @author Jim Wigginton + */ +abstract class TBSCertificate +{ + // assert($TBSCertificate['children']['signature'] == $Certificate['children']['signatureAlgorithm']) + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + // technically, default implies optional, but we'll define it as being optional, none-the-less, just to + // reenforce that fact + 'version' => [ + 'type' => ASN1::TYPE_INTEGER, + 'constant' => 0, + 'optional' => true, + 'explicit' => true, + 'mapping' => ['v1', 'v2', 'v3'], + 'default' => 'v1' + ], + 'serialNumber' => CertificateSerialNumber::MAP, + 'signature' => AlgorithmIdentifier::MAP, + 'issuer' => Name::MAP, + 'validity' => Validity::MAP, + 'subject' => Name::MAP, + 'subjectPublicKeyInfo' => SubjectPublicKeyInfo::MAP, + // implicit means that the T in the TLV structure is to be rewritten, regardless of the type + 'issuerUniqueID' => [ + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ] + UniqueIdentifier::MAP, + 'subjectUniqueID' => [ + 'constant' => 2, + 'optional' => true, + 'implicit' => true + ] + UniqueIdentifier::MAP, + // doesn't use the EXPLICIT keyword but if + // it's not IMPLICIT, it's EXPLICIT + 'extensions' => [ + 'constant' => 3, + 'optional' => true, + 'explicit' => true + ] + Extensions::MAP + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TerminalIdentifier.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TerminalIdentifier.php new file mode 100644 index 0000000..7f6d9d2 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TerminalIdentifier.php @@ -0,0 +1,26 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * TerminalIdentifier + * + * @author Jim Wigginton + */ +abstract class TerminalIdentifier +{ + const MAP = ['type' => ASN1::TYPE_PRINTABLE_STRING]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Time.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Time.php new file mode 100644 index 0000000..744ee70 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Time.php @@ -0,0 +1,32 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * Time + * + * @author Jim Wigginton + */ +abstract class Time +{ + const MAP = [ + 'type' => ASN1::TYPE_CHOICE, + 'children' => [ + 'utcTime' => ['type' => ASN1::TYPE_UTC_TIME], + 'generalTime' => ['type' => ASN1::TYPE_GENERALIZED_TIME] + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Trinomial.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Trinomial.php new file mode 100644 index 0000000..33baa91 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Trinomial.php @@ -0,0 +1,26 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * Trinomial + * + * @author Jim Wigginton + */ +abstract class Trinomial +{ + const MAP = ['type' => ASN1::TYPE_INTEGER]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/UniqueIdentifier.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/UniqueIdentifier.php new file mode 100644 index 0000000..f4c954b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/UniqueIdentifier.php @@ -0,0 +1,26 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * UniqueIdentifier + * + * @author Jim Wigginton + */ +abstract class UniqueIdentifier +{ + const MAP = ['type' => ASN1::TYPE_BIT_STRING]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/UserNotice.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/UserNotice.php new file mode 100644 index 0000000..98d527b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/UserNotice.php @@ -0,0 +1,38 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * UserNotice + * + * @author Jim Wigginton + */ +abstract class UserNotice +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'noticeRef' => [ + 'optional' => true, + 'implicit' => true + ] + NoticeReference::MAP, + 'explicitText' => [ + 'optional' => true, + 'implicit' => true + ] + DisplayText::MAP + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Validity.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Validity.php new file mode 100644 index 0000000..8ef64cf --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Validity.php @@ -0,0 +1,32 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * Validity + * + * @author Jim Wigginton + */ +abstract class Validity +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'notBefore' => Time::MAP, + 'notAfter' => Time::MAP + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/netscape_ca_policy_url.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/netscape_ca_policy_url.php new file mode 100644 index 0000000..2ab1572 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/netscape_ca_policy_url.php @@ -0,0 +1,26 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * netscape_ca_policy_url + * + * @author Jim Wigginton + */ +abstract class netscape_ca_policy_url +{ + const MAP = ['type' => ASN1::TYPE_IA5_STRING]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/netscape_cert_type.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/netscape_cert_type.php new file mode 100644 index 0000000..49e8da4 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/netscape_cert_type.php @@ -0,0 +1,40 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * netscape_cert_type + * + * mapping is from + * + * @author Jim Wigginton + */ +abstract class netscape_cert_type +{ + const MAP = [ + 'type' => ASN1::TYPE_BIT_STRING, + 'mapping' => [ + 'SSLClient', + 'SSLServer', + 'Email', + 'ObjectSigning', + 'Reserved', + 'SSLCA', + 'EmailCA', + 'ObjectSigningCA' + ] + ]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/netscape_comment.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/netscape_comment.php new file mode 100644 index 0000000..d3ff4dd --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/netscape_comment.php @@ -0,0 +1,26 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File\ASN1\Maps; + +use phpseclib3\File\ASN1; + +/** + * netscape_comment + * + * @author Jim Wigginton + */ +abstract class netscape_comment +{ + const MAP = ['type' => ASN1::TYPE_IA5_STRING]; +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/X509.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/X509.php new file mode 100644 index 0000000..5e2f073 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/X509.php @@ -0,0 +1,4006 @@ + + * @copyright 2012 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\File; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\Common\PrivateKey; +use phpseclib3\Crypt\Common\PublicKey; +use phpseclib3\Crypt\DSA; +use phpseclib3\Crypt\EC; +use phpseclib3\Crypt\Hash; +use phpseclib3\Crypt\PublicKeyLoader; +use phpseclib3\Crypt\Random; +use phpseclib3\Crypt\RSA; +use phpseclib3\Crypt\RSA\Formats\Keys\PSS; +use phpseclib3\Exception\UnsupportedAlgorithmException; +use phpseclib3\File\ASN1\Element; +use phpseclib3\File\ASN1\Maps; +use phpseclib3\Math\BigInteger; + +/** + * Pure-PHP X.509 Parser + * + * @author Jim Wigginton + */ +class X509 +{ + /** + * Flag to only accept signatures signed by certificate authorities + * + * Not really used anymore but retained all the same to suppress E_NOTICEs from old installs + * + */ + const VALIDATE_SIGNATURE_BY_CA = 1; + + /** + * Return internal array representation + * + * @see \phpseclib3\File\X509::getDN() + */ + const DN_ARRAY = 0; + /** + * Return string + * + * @see \phpseclib3\File\X509::getDN() + */ + const DN_STRING = 1; + /** + * Return ASN.1 name string + * + * @see \phpseclib3\File\X509::getDN() + */ + const DN_ASN1 = 2; + /** + * Return OpenSSL compatible array + * + * @see \phpseclib3\File\X509::getDN() + */ + const DN_OPENSSL = 3; + /** + * Return canonical ASN.1 RDNs string + * + * @see \phpseclib3\File\X509::getDN() + */ + const DN_CANON = 4; + /** + * Return name hash for file indexing + * + * @see \phpseclib3\File\X509::getDN() + */ + const DN_HASH = 5; + + /** + * Save as PEM + * + * ie. a base64-encoded PEM with a header and a footer + * + * @see \phpseclib3\File\X509::saveX509() + * @see \phpseclib3\File\X509::saveCSR() + * @see \phpseclib3\File\X509::saveCRL() + */ + const FORMAT_PEM = 0; + /** + * Save as DER + * + * @see \phpseclib3\File\X509::saveX509() + * @see \phpseclib3\File\X509::saveCSR() + * @see \phpseclib3\File\X509::saveCRL() + */ + const FORMAT_DER = 1; + /** + * Save as a SPKAC + * + * @see \phpseclib3\File\X509::saveX509() + * @see \phpseclib3\File\X509::saveCSR() + * @see \phpseclib3\File\X509::saveCRL() + * + * Only works on CSRs. Not currently supported. + */ + const FORMAT_SPKAC = 2; + /** + * Auto-detect the format + * + * Used only by the load*() functions + * + * @see \phpseclib3\File\X509::saveX509() + * @see \phpseclib3\File\X509::saveCSR() + * @see \phpseclib3\File\X509::saveCRL() + */ + const FORMAT_AUTO_DETECT = 3; + + /** + * Attribute value disposition. + * If disposition is >= 0, this is the index of the target value. + */ + const ATTR_ALL = -1; // All attribute values (array). + const ATTR_APPEND = -2; // Add a value. + const ATTR_REPLACE = -3; // Clear first, then add a value. + + /** + * Distinguished Name + * + * @var array + */ + private $dn; + + /** + * Public key + * + * @var string|PublicKey + */ + private $publicKey; + + /** + * Private key + * + * @var string|PrivateKey + */ + private $privateKey; + + /** + * The certificate authorities + * + * @var array + */ + private $CAs = []; + + /** + * The currently loaded certificate + * + * @var array + */ + private $currentCert; + + /** + * The signature subject + * + * There's no guarantee \phpseclib3\File\X509 is going to re-encode an X.509 cert in the same way it was originally + * encoded so we take save the portion of the original cert that the signature would have made for. + * + * @var string + */ + private $signatureSubject; + + /** + * Certificate Start Date + * + * @var string + */ + private $startDate; + + /** + * Certificate End Date + * + * @var string|Element + */ + private $endDate; + + /** + * Serial Number + * + * @var string + */ + private $serialNumber; + + /** + * Key Identifier + * + * See {@link http://tools.ietf.org/html/rfc5280#section-4.2.1.1 RFC5280#section-4.2.1.1} and + * {@link http://tools.ietf.org/html/rfc5280#section-4.2.1.2 RFC5280#section-4.2.1.2}. + * + * @var string + */ + private $currentKeyIdentifier; + + /** + * CA Flag + * + * @var bool + */ + private $caFlag = false; + + /** + * SPKAC Challenge + * + * @var string + */ + private $challenge; + + /** + * @var array + */ + private $extensionValues = []; + + /** + * OIDs loaded + * + * @var bool + */ + private static $oidsLoaded = false; + + /** + * Recursion Limit + * + * @var int + */ + private static $recur_limit = 5; + + /** + * URL fetch flag + * + * @var bool + */ + private static $disable_url_fetch = false; + + /** + * @var array + */ + private static $extensions = []; + + /** + * @var ?array + */ + private $ipAddresses = null; + + /** + * @var ?array + */ + private $domains = null; + + /** + * Default Constructor. + * + * @return \phpseclib3\File\X509 + */ + public function __construct() + { + // Explicitly Tagged Module, 1988 Syntax + // http://tools.ietf.org/html/rfc5280#appendix-A.1 + + if (!self::$oidsLoaded) { + // OIDs from RFC5280 and those RFCs mentioned in RFC5280#section-4.1.1.2 + ASN1::loadOIDs([ + //'id-pkix' => '1.3.6.1.5.5.7', + //'id-pe' => '1.3.6.1.5.5.7.1', + //'id-qt' => '1.3.6.1.5.5.7.2', + //'id-kp' => '1.3.6.1.5.5.7.3', + //'id-ad' => '1.3.6.1.5.5.7.48', + 'id-qt-cps' => '1.3.6.1.5.5.7.2.1', + 'id-qt-unotice' => '1.3.6.1.5.5.7.2.2', + 'id-ad-ocsp' => '1.3.6.1.5.5.7.48.1', + 'id-ad-caIssuers' => '1.3.6.1.5.5.7.48.2', + 'id-ad-timeStamping' => '1.3.6.1.5.5.7.48.3', + 'id-ad-caRepository' => '1.3.6.1.5.5.7.48.5', + //'id-at' => '2.5.4', + 'id-at-name' => '2.5.4.41', + 'id-at-surname' => '2.5.4.4', + 'id-at-givenName' => '2.5.4.42', + 'id-at-initials' => '2.5.4.43', + 'id-at-generationQualifier' => '2.5.4.44', + 'id-at-commonName' => '2.5.4.3', + 'id-at-localityName' => '2.5.4.7', + 'id-at-stateOrProvinceName' => '2.5.4.8', + 'id-at-organizationName' => '2.5.4.10', + 'id-at-organizationalUnitName' => '2.5.4.11', + 'id-at-title' => '2.5.4.12', + 'id-at-description' => '2.5.4.13', + 'id-at-dnQualifier' => '2.5.4.46', + 'id-at-countryName' => '2.5.4.6', + 'id-at-serialNumber' => '2.5.4.5', + 'id-at-pseudonym' => '2.5.4.65', + 'id-at-postalCode' => '2.5.4.17', + 'id-at-streetAddress' => '2.5.4.9', + 'id-at-uniqueIdentifier' => '2.5.4.45', + 'id-at-role' => '2.5.4.72', + 'id-at-postalAddress' => '2.5.4.16', + 'jurisdictionOfIncorporationCountryName' => '1.3.6.1.4.1.311.60.2.1.3', + 'jurisdictionOfIncorporationStateOrProvinceName' => '1.3.6.1.4.1.311.60.2.1.2', + 'jurisdictionLocalityName' => '1.3.6.1.4.1.311.60.2.1.1', + 'id-at-businessCategory' => '2.5.4.15', + + //'id-domainComponent' => '0.9.2342.19200300.100.1.25', + //'pkcs-9' => '1.2.840.113549.1.9', + 'pkcs-9-at-emailAddress' => '1.2.840.113549.1.9.1', + //'id-ce' => '2.5.29', + 'id-ce-authorityKeyIdentifier' => '2.5.29.35', + 'id-ce-subjectKeyIdentifier' => '2.5.29.14', + 'id-ce-keyUsage' => '2.5.29.15', + 'id-ce-privateKeyUsagePeriod' => '2.5.29.16', + 'id-ce-certificatePolicies' => '2.5.29.32', + //'anyPolicy' => '2.5.29.32.0', + + 'id-ce-policyMappings' => '2.5.29.33', + + 'id-ce-subjectAltName' => '2.5.29.17', + 'id-ce-issuerAltName' => '2.5.29.18', + 'id-ce-subjectDirectoryAttributes' => '2.5.29.9', + 'id-ce-basicConstraints' => '2.5.29.19', + 'id-ce-nameConstraints' => '2.5.29.30', + 'id-ce-policyConstraints' => '2.5.29.36', + 'id-ce-cRLDistributionPoints' => '2.5.29.31', + 'id-ce-extKeyUsage' => '2.5.29.37', + //'anyExtendedKeyUsage' => '2.5.29.37.0', + 'id-kp-serverAuth' => '1.3.6.1.5.5.7.3.1', + 'id-kp-clientAuth' => '1.3.6.1.5.5.7.3.2', + 'id-kp-codeSigning' => '1.3.6.1.5.5.7.3.3', + 'id-kp-emailProtection' => '1.3.6.1.5.5.7.3.4', + 'id-kp-timeStamping' => '1.3.6.1.5.5.7.3.8', + 'id-kp-OCSPSigning' => '1.3.6.1.5.5.7.3.9', + 'id-ce-inhibitAnyPolicy' => '2.5.29.54', + 'id-ce-freshestCRL' => '2.5.29.46', + 'id-pe-authorityInfoAccess' => '1.3.6.1.5.5.7.1.1', + 'id-pe-subjectInfoAccess' => '1.3.6.1.5.5.7.1.11', + 'id-ce-cRLNumber' => '2.5.29.20', + 'id-ce-issuingDistributionPoint' => '2.5.29.28', + 'id-ce-deltaCRLIndicator' => '2.5.29.27', + 'id-ce-cRLReasons' => '2.5.29.21', + 'id-ce-certificateIssuer' => '2.5.29.29', + 'id-ce-holdInstructionCode' => '2.5.29.23', + //'holdInstruction' => '1.2.840.10040.2', + 'id-holdinstruction-none' => '1.2.840.10040.2.1', + 'id-holdinstruction-callissuer' => '1.2.840.10040.2.2', + 'id-holdinstruction-reject' => '1.2.840.10040.2.3', + 'id-ce-invalidityDate' => '2.5.29.24', + + 'rsaEncryption' => '1.2.840.113549.1.1.1', + 'md2WithRSAEncryption' => '1.2.840.113549.1.1.2', + 'md5WithRSAEncryption' => '1.2.840.113549.1.1.4', + 'sha1WithRSAEncryption' => '1.2.840.113549.1.1.5', + 'sha224WithRSAEncryption' => '1.2.840.113549.1.1.14', + 'sha256WithRSAEncryption' => '1.2.840.113549.1.1.11', + 'sha384WithRSAEncryption' => '1.2.840.113549.1.1.12', + 'sha512WithRSAEncryption' => '1.2.840.113549.1.1.13', + + 'id-ecPublicKey' => '1.2.840.10045.2.1', + 'ecdsa-with-SHA1' => '1.2.840.10045.4.1', + // from https://tools.ietf.org/html/rfc5758#section-3.2 + 'ecdsa-with-SHA224' => '1.2.840.10045.4.3.1', + 'ecdsa-with-SHA256' => '1.2.840.10045.4.3.2', + 'ecdsa-with-SHA384' => '1.2.840.10045.4.3.3', + 'ecdsa-with-SHA512' => '1.2.840.10045.4.3.4', + + 'id-dsa' => '1.2.840.10040.4.1', + 'id-dsa-with-sha1' => '1.2.840.10040.4.3', + // from https://tools.ietf.org/html/rfc5758#section-3.1 + 'id-dsa-with-sha224' => '2.16.840.1.101.3.4.3.1', + 'id-dsa-with-sha256' => '2.16.840.1.101.3.4.3.2', + + // from https://tools.ietf.org/html/rfc8410: + 'id-Ed25519' => '1.3.101.112', + 'id-Ed448' => '1.3.101.113', + + 'id-RSASSA-PSS' => '1.2.840.113549.1.1.10', + + //'id-sha224' => '2.16.840.1.101.3.4.2.4', + //'id-sha256' => '2.16.840.1.101.3.4.2.1', + //'id-sha384' => '2.16.840.1.101.3.4.2.2', + //'id-sha512' => '2.16.840.1.101.3.4.2.3', + //'id-GostR3411-94-with-GostR3410-94' => '1.2.643.2.2.4', + //'id-GostR3411-94-with-GostR3410-2001' => '1.2.643.2.2.3', + //'id-GostR3410-2001' => '1.2.643.2.2.20', + //'id-GostR3410-94' => '1.2.643.2.2.19', + // Netscape Object Identifiers from "Netscape Certificate Extensions" + 'netscape' => '2.16.840.1.113730', + 'netscape-cert-extension' => '2.16.840.1.113730.1', + 'netscape-cert-type' => '2.16.840.1.113730.1.1', + 'netscape-comment' => '2.16.840.1.113730.1.13', + 'netscape-ca-policy-url' => '2.16.840.1.113730.1.8', + // the following are X.509 extensions not supported by phpseclib + 'id-pe-logotype' => '1.3.6.1.5.5.7.1.12', + 'entrustVersInfo' => '1.2.840.113533.7.65.0', + 'verisignPrivate' => '2.16.840.1.113733.1.6.9', + // for Certificate Signing Requests + // see http://tools.ietf.org/html/rfc2985 + 'pkcs-9-at-unstructuredName' => '1.2.840.113549.1.9.2', // PKCS #9 unstructured name + 'pkcs-9-at-challengePassword' => '1.2.840.113549.1.9.7', // Challenge password for certificate revocations + 'pkcs-9-at-extensionRequest' => '1.2.840.113549.1.9.14' // Certificate extension request + ]); + } + } + + /** + * Load X.509 certificate + * + * Returns an associative array describing the X.509 cert or a false if the cert failed to load + * + * @param array|string $cert + * @param int $mode + * @return mixed + */ + public function loadX509($cert, $mode = self::FORMAT_AUTO_DETECT) + { + if (is_array($cert) && isset($cert['tbsCertificate'])) { + unset($this->currentCert); + unset($this->currentKeyIdentifier); + $this->dn = $cert['tbsCertificate']['subject']; + if (!isset($this->dn)) { + return false; + } + $this->currentCert = $cert; + + $currentKeyIdentifier = $this->getExtension('id-ce-subjectKeyIdentifier'); + $this->currentKeyIdentifier = is_string($currentKeyIdentifier) ? $currentKeyIdentifier : null; + + unset($this->signatureSubject); + + return $cert; + } + + if ($mode != self::FORMAT_DER) { + $newcert = ASN1::extractBER($cert); + if ($mode == self::FORMAT_PEM && $cert == $newcert) { + return false; + } + $cert = $newcert; + } + + if ($cert === false) { + $this->currentCert = false; + return false; + } + + $decoded = ASN1::decodeBER($cert); + + if ($decoded) { + $x509 = ASN1::asn1map($decoded[0], Maps\Certificate::MAP); + } + if (!isset($x509) || $x509 === false) { + $this->currentCert = false; + return false; + } + + $this->signatureSubject = substr($cert, $decoded[0]['content'][0]['start'], $decoded[0]['content'][0]['length']); + + if ($this->isSubArrayValid($x509, 'tbsCertificate/extensions')) { + $this->mapInExtensions($x509, 'tbsCertificate/extensions'); + } + $this->mapInDNs($x509, 'tbsCertificate/issuer/rdnSequence'); + $this->mapInDNs($x509, 'tbsCertificate/subject/rdnSequence'); + + $key = $x509['tbsCertificate']['subjectPublicKeyInfo']; + $key = ASN1::encodeDER($key, Maps\SubjectPublicKeyInfo::MAP); + $x509['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'] = + "-----BEGIN PUBLIC KEY-----\r\n" . + chunk_split(base64_encode($key), 64) . + "-----END PUBLIC KEY-----"; + + $this->currentCert = $x509; + $this->dn = $x509['tbsCertificate']['subject']; + + $currentKeyIdentifier = $this->getExtension('id-ce-subjectKeyIdentifier'); + $this->currentKeyIdentifier = is_string($currentKeyIdentifier) ? $currentKeyIdentifier : null; + + return $x509; + } + + /** + * Save X.509 certificate + * + * @param array $cert + * @param int $format optional + * @return string + */ + public function saveX509(array $cert, $format = self::FORMAT_PEM) + { + if (!is_array($cert) || !isset($cert['tbsCertificate'])) { + return false; + } + + switch (true) { + // "case !$a: case !$b: break; default: whatever();" is the same thing as "if ($a && $b) whatever()" + case !($algorithm = $this->subArray($cert, 'tbsCertificate/subjectPublicKeyInfo/algorithm/algorithm')): + case is_object($cert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey']): + break; + default: + $cert['tbsCertificate']['subjectPublicKeyInfo'] = new Element( + base64_decode(preg_replace('#-.+-|[\r\n]#', '', $cert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'])) + ); + } + + if ($algorithm == 'rsaEncryption') { + $cert['signatureAlgorithm']['parameters'] = null; + $cert['tbsCertificate']['signature']['parameters'] = null; + } + + $filters = []; + $type_utf8_string = ['type' => ASN1::TYPE_UTF8_STRING]; + $filters['tbsCertificate']['signature']['parameters'] = $type_utf8_string; + $filters['tbsCertificate']['signature']['issuer']['rdnSequence']['value'] = $type_utf8_string; + $filters['tbsCertificate']['issuer']['rdnSequence']['value'] = $type_utf8_string; + $filters['tbsCertificate']['subject']['rdnSequence']['value'] = $type_utf8_string; + $filters['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['parameters'] = $type_utf8_string; + $filters['signatureAlgorithm']['parameters'] = $type_utf8_string; + $filters['authorityCertIssuer']['directoryName']['rdnSequence']['value'] = $type_utf8_string; + //$filters['policyQualifiers']['qualifier'] = $type_utf8_string; + $filters['distributionPoint']['fullName']['directoryName']['rdnSequence']['value'] = $type_utf8_string; + $filters['directoryName']['rdnSequence']['value'] = $type_utf8_string; + + foreach (self::$extensions as $extension) { + $filters['tbsCertificate']['extensions'][] = $extension; + } + + /* in the case of policyQualifiers/qualifier, the type has to be \phpseclib3\File\ASN1::TYPE_IA5_STRING. + \phpseclib3\File\ASN1::TYPE_PRINTABLE_STRING will cause OpenSSL's X.509 parser to spit out random + characters. + */ + $filters['policyQualifiers']['qualifier'] + = ['type' => ASN1::TYPE_IA5_STRING]; + + ASN1::setFilters($filters); + + $this->mapOutExtensions($cert, 'tbsCertificate/extensions'); + $this->mapOutDNs($cert, 'tbsCertificate/issuer/rdnSequence'); + $this->mapOutDNs($cert, 'tbsCertificate/subject/rdnSequence'); + + $cert = ASN1::encodeDER($cert, Maps\Certificate::MAP); + + switch ($format) { + case self::FORMAT_DER: + return $cert; + // case self::FORMAT_PEM: + default: + return "-----BEGIN CERTIFICATE-----\r\n" . chunk_split(Strings::base64_encode($cert), 64) . '-----END CERTIFICATE-----'; + } + } + + /** + * Map extension values from octet string to extension-specific internal + * format. + * + * @param array $root (by reference) + * @param string $path + */ + private function mapInExtensions(array &$root, $path) + { + $extensions = &$this->subArrayUnchecked($root, $path); + + if ($extensions) { + for ($i = 0; $i < count($extensions); $i++) { + $id = $extensions[$i]['extnId']; + $value = &$extensions[$i]['extnValue']; + /* [extnValue] contains the DER encoding of an ASN.1 value + corresponding to the extension type identified by extnID */ + $map = $this->getMapping($id); + if (!is_bool($map)) { + $decoder = $id == 'id-ce-nameConstraints' ? + [static::class, 'decodeNameConstraintIP'] : + [static::class, 'decodeIP']; + $decoded = ASN1::decodeBER($value); + if (!$decoded) { + continue; + } + $mapped = ASN1::asn1map($decoded[0], $map, ['iPAddress' => $decoder]); + $value = $mapped === false ? $decoded[0] : $mapped; + + if ($id == 'id-ce-certificatePolicies') { + for ($j = 0; $j < count($value); $j++) { + if (!isset($value[$j]['policyQualifiers'])) { + continue; + } + for ($k = 0; $k < count($value[$j]['policyQualifiers']); $k++) { + $subid = $value[$j]['policyQualifiers'][$k]['policyQualifierId']; + $map = $this->getMapping($subid); + $subvalue = &$value[$j]['policyQualifiers'][$k]['qualifier']; + if ($map !== false) { + $decoded = ASN1::decodeBER($subvalue); + if (!$decoded) { + continue; + } + $mapped = ASN1::asn1map($decoded[0], $map); + $subvalue = $mapped === false ? $decoded[0] : $mapped; + } + } + } + } + } + } + } + } + + /** + * Map extension values from extension-specific internal format to + * octet string. + * + * @param array $root (by reference) + * @param string $path + */ + private function mapOutExtensions(array &$root, $path) + { + $extensions = &$this->subArray($root, $path, !empty($this->extensionValues)); + + foreach ($this->extensionValues as $id => $data) { + extract($data); + $newext = [ + 'extnId' => $id, + 'extnValue' => $value, + 'critical' => $critical + ]; + if ($replace) { + foreach ($extensions as $key => $value) { + if ($value['extnId'] == $id) { + $extensions[$key] = $newext; + continue 2; + } + } + } + $extensions[] = $newext; + } + + if (is_array($extensions)) { + $size = count($extensions); + for ($i = 0; $i < $size; $i++) { + if ($extensions[$i] instanceof Element) { + continue; + } + + $id = $extensions[$i]['extnId']; + $value = &$extensions[$i]['extnValue']; + + switch ($id) { + case 'id-ce-certificatePolicies': + for ($j = 0; $j < count($value); $j++) { + if (!isset($value[$j]['policyQualifiers'])) { + continue; + } + for ($k = 0; $k < count($value[$j]['policyQualifiers']); $k++) { + $subid = $value[$j]['policyQualifiers'][$k]['policyQualifierId']; + $map = $this->getMapping($subid); + $subvalue = &$value[$j]['policyQualifiers'][$k]['qualifier']; + if ($map !== false) { + // by default \phpseclib3\File\ASN1 will try to render qualifier as a \phpseclib3\File\ASN1::TYPE_IA5_STRING since it's + // actual type is \phpseclib3\File\ASN1::TYPE_ANY + $subvalue = new Element(ASN1::encodeDER($subvalue, $map)); + } + } + } + break; + case 'id-ce-authorityKeyIdentifier': // use 00 as the serial number instead of an empty string + if (isset($value['authorityCertSerialNumber'])) { + if ($value['authorityCertSerialNumber']->toBytes() == '') { + $temp = chr((ASN1::CLASS_CONTEXT_SPECIFIC << 6) | 2) . "\1\0"; + $value['authorityCertSerialNumber'] = new Element($temp); + } + } + } + + /* [extnValue] contains the DER encoding of an ASN.1 value + corresponding to the extension type identified by extnID */ + $map = $this->getMapping($id); + if (is_bool($map)) { + if (!$map) { + //user_error($id . ' is not a currently supported extension'); + unset($extensions[$i]); + } + } else { + $value = ASN1::encodeDER($value, $map, ['iPAddress' => [static::class, 'encodeIP']]); + } + } + } + } + + /** + * Map attribute values from ANY type to attribute-specific internal + * format. + * + * @param array $root (by reference) + * @param string $path + */ + private function mapInAttributes(&$root, $path) + { + $attributes = &$this->subArray($root, $path); + + if (is_array($attributes)) { + for ($i = 0; $i < count($attributes); $i++) { + $id = $attributes[$i]['type']; + /* $value contains the DER encoding of an ASN.1 value + corresponding to the attribute type identified by type */ + $map = $this->getMapping($id); + if (is_array($attributes[$i]['value'])) { + $values = &$attributes[$i]['value']; + for ($j = 0; $j < count($values); $j++) { + $value = ASN1::encodeDER($values[$j], Maps\AttributeValue::MAP); + $decoded = ASN1::decodeBER($value); + if (!is_bool($map)) { + if (!$decoded) { + continue; + } + $mapped = ASN1::asn1map($decoded[0], $map); + if ($mapped !== false) { + $values[$j] = $mapped; + } + if ($id == 'pkcs-9-at-extensionRequest' && $this->isSubArrayValid($values, $j)) { + $this->mapInExtensions($values, $j); + } + } elseif ($map) { + $values[$j] = $value; + } + } + } + } + } + } + + /** + * Map attribute values from attribute-specific internal format to + * ANY type. + * + * @param array $root (by reference) + * @param string $path + */ + private function mapOutAttributes(&$root, $path) + { + $attributes = &$this->subArray($root, $path); + + if (is_array($attributes)) { + $size = count($attributes); + for ($i = 0; $i < $size; $i++) { + /* [value] contains the DER encoding of an ASN.1 value + corresponding to the attribute type identified by type */ + $id = $attributes[$i]['type']; + $map = $this->getMapping($id); + if ($map === false) { + //user_error($id . ' is not a currently supported attribute', E_USER_NOTICE); + unset($attributes[$i]); + } elseif (is_array($attributes[$i]['value'])) { + $values = &$attributes[$i]['value']; + for ($j = 0; $j < count($values); $j++) { + switch ($id) { + case 'pkcs-9-at-extensionRequest': + $this->mapOutExtensions($values, $j); + break; + } + + if (!is_bool($map)) { + $temp = ASN1::encodeDER($values[$j], $map); + $decoded = ASN1::decodeBER($temp); + if (!$decoded) { + continue; + } + $values[$j] = ASN1::asn1map($decoded[0], Maps\AttributeValue::MAP); + } + } + } + } + } + } + + /** + * Map DN values from ANY type to DN-specific internal + * format. + * + * @param array $root (by reference) + * @param string $path + */ + private function mapInDNs(array &$root, $path) + { + $dns = &$this->subArray($root, $path); + + if (is_array($dns)) { + for ($i = 0; $i < count($dns); $i++) { + for ($j = 0; $j < count($dns[$i]); $j++) { + $type = $dns[$i][$j]['type']; + $value = &$dns[$i][$j]['value']; + if (is_object($value) && $value instanceof Element) { + $map = $this->getMapping($type); + if (!is_bool($map)) { + $decoded = ASN1::decodeBER($value); + if (!$decoded) { + continue; + } + $value = ASN1::asn1map($decoded[0], $map); + } + } + } + } + } + } + + /** + * Map DN values from DN-specific internal format to + * ANY type. + * + * @param array $root (by reference) + * @param string $path + */ + private function mapOutDNs(array &$root, $path) + { + $dns = &$this->subArray($root, $path); + + if (is_array($dns)) { + $size = count($dns); + for ($i = 0; $i < $size; $i++) { + for ($j = 0; $j < count($dns[$i]); $j++) { + $type = $dns[$i][$j]['type']; + $value = &$dns[$i][$j]['value']; + if (is_object($value) && $value instanceof Element) { + continue; + } + + $map = $this->getMapping($type); + if (!is_bool($map)) { + $value = new Element(ASN1::encodeDER($value, $map)); + } + } + } + } + } + + /** + * Associate an extension ID to an extension mapping + * + * @param string $extnId + * @return mixed + */ + private function getMapping($extnId) + { + if (!is_string($extnId)) { // eg. if it's a \phpseclib3\File\ASN1\Element object + return true; + } + + if (isset(self::$extensions[$extnId])) { + return self::$extensions[$extnId]; + } + + switch ($extnId) { + case 'id-ce-keyUsage': + return Maps\KeyUsage::MAP; + case 'id-ce-basicConstraints': + return Maps\BasicConstraints::MAP; + case 'id-ce-subjectKeyIdentifier': + return Maps\KeyIdentifier::MAP; + case 'id-ce-cRLDistributionPoints': + return Maps\CRLDistributionPoints::MAP; + case 'id-ce-authorityKeyIdentifier': + return Maps\AuthorityKeyIdentifier::MAP; + case 'id-ce-certificatePolicies': + return Maps\CertificatePolicies::MAP; + case 'id-ce-extKeyUsage': + return Maps\ExtKeyUsageSyntax::MAP; + case 'id-pe-authorityInfoAccess': + return Maps\AuthorityInfoAccessSyntax::MAP; + case 'id-ce-subjectAltName': + return Maps\SubjectAltName::MAP; + case 'id-ce-subjectDirectoryAttributes': + return Maps\SubjectDirectoryAttributes::MAP; + case 'id-ce-privateKeyUsagePeriod': + return Maps\PrivateKeyUsagePeriod::MAP; + case 'id-ce-issuerAltName': + return Maps\IssuerAltName::MAP; + case 'id-ce-policyMappings': + return Maps\PolicyMappings::MAP; + case 'id-ce-nameConstraints': + return Maps\NameConstraints::MAP; + + case 'netscape-cert-type': + return Maps\netscape_cert_type::MAP; + case 'netscape-comment': + return Maps\netscape_comment::MAP; + case 'netscape-ca-policy-url': + return Maps\netscape_ca_policy_url::MAP; + + // since id-qt-cps isn't a constructed type it will have already been decoded as a string by the time it gets + // back around to asn1map() and we don't want it decoded again. + //case 'id-qt-cps': + // return Maps\CPSuri::MAP; + case 'id-qt-unotice': + return Maps\UserNotice::MAP; + + // the following OIDs are unsupported but we don't want them to give notices when calling saveX509(). + case 'id-pe-logotype': // http://www.ietf.org/rfc/rfc3709.txt + case 'entrustVersInfo': + // http://support.microsoft.com/kb/287547 + case '1.3.6.1.4.1.311.20.2': // szOID_ENROLL_CERTTYPE_EXTENSION + case '1.3.6.1.4.1.311.21.1': // szOID_CERTSRV_CA_VERSION + // "SET Secure Electronic Transaction Specification" + // http://www.maithean.com/docs/set_bk3.pdf + case '2.23.42.7.0': // id-set-hashedRootKey + // "Certificate Transparency" + // https://tools.ietf.org/html/rfc6962 + case '1.3.6.1.4.1.11129.2.4.2': + // "Qualified Certificate statements" + // https://tools.ietf.org/html/rfc3739#section-3.2.6 + case '1.3.6.1.5.5.7.1.3': + return true; + + // CSR attributes + case 'pkcs-9-at-unstructuredName': + return Maps\PKCS9String::MAP; + case 'pkcs-9-at-challengePassword': + return Maps\DirectoryString::MAP; + case 'pkcs-9-at-extensionRequest': + return Maps\Extensions::MAP; + + // CRL extensions. + case 'id-ce-cRLNumber': + return Maps\CRLNumber::MAP; + case 'id-ce-deltaCRLIndicator': + return Maps\CRLNumber::MAP; + case 'id-ce-issuingDistributionPoint': + return Maps\IssuingDistributionPoint::MAP; + case 'id-ce-freshestCRL': + return Maps\CRLDistributionPoints::MAP; + case 'id-ce-cRLReasons': + return Maps\CRLReason::MAP; + case 'id-ce-invalidityDate': + return Maps\InvalidityDate::MAP; + case 'id-ce-certificateIssuer': + return Maps\CertificateIssuer::MAP; + case 'id-ce-holdInstructionCode': + return Maps\HoldInstructionCode::MAP; + case 'id-at-postalAddress': + return Maps\PostalAddress::MAP; + } + + return false; + } + + /** + * Load an X.509 certificate as a certificate authority + * + * @param string $cert + * @return bool + */ + public function loadCA($cert) + { + $olddn = $this->dn; + $oldcert = $this->currentCert; + $oldsigsubj = $this->signatureSubject; + $oldkeyid = $this->currentKeyIdentifier; + + $cert = $this->loadX509($cert); + if (!$cert) { + $this->dn = $olddn; + $this->currentCert = $oldcert; + $this->signatureSubject = $oldsigsubj; + $this->currentKeyIdentifier = $oldkeyid; + + return false; + } + + /* From RFC5280 "PKIX Certificate and CRL Profile": + + If the keyUsage extension is present, then the subject public key + MUST NOT be used to verify signatures on certificates or CRLs unless + the corresponding keyCertSign or cRLSign bit is set. */ + //$keyUsage = $this->getExtension('id-ce-keyUsage'); + //if ($keyUsage && !in_array('keyCertSign', $keyUsage)) { + // return false; + //} + + /* From RFC5280 "PKIX Certificate and CRL Profile": + + The cA boolean indicates whether the certified public key may be used + to verify certificate signatures. If the cA boolean is not asserted, + then the keyCertSign bit in the key usage extension MUST NOT be + asserted. If the basic constraints extension is not present in a + version 3 certificate, or the extension is present but the cA boolean + is not asserted, then the certified public key MUST NOT be used to + verify certificate signatures. */ + //$basicConstraints = $this->getExtension('id-ce-basicConstraints'); + //if (!$basicConstraints || !$basicConstraints['cA']) { + // return false; + //} + + $this->CAs[] = $cert; + + $this->dn = $olddn; + $this->currentCert = $oldcert; + $this->signatureSubject = $oldsigsubj; + + return true; + } + + /** + * Validate an X.509 certificate against a URL + * + * From RFC2818 "HTTP over TLS": + * + * Matching is performed using the matching rules specified by + * [RFC2459]. If more than one identity of a given type is present in + * the certificate (e.g., more than one dNSName name, a match in any one + * of the set is considered acceptable.) Names may contain the wildcard + * character * which is considered to match any single domain name + * component or component fragment. E.g., *.a.com matches foo.a.com but + * not bar.foo.a.com. f*.com matches foo.com but not bar.com. + * + * @param string $url + * @return bool + */ + public function validateURL($url) + { + if (!is_array($this->currentCert) || !isset($this->currentCert['tbsCertificate'])) { + return false; + } + + $components = parse_url($url); + if (!isset($components['host'])) { + return false; + } + + if ($names = $this->getExtension('id-ce-subjectAltName')) { + foreach ($names as $name) { + foreach ($name as $key => $value) { + $value = preg_quote($value); + $value = str_replace('\*', '[^.]*', $value); + switch ($key) { + case 'dNSName': + /* From RFC2818 "HTTP over TLS": + + If a subjectAltName extension of type dNSName is present, that MUST + be used as the identity. Otherwise, the (most specific) Common Name + field in the Subject field of the certificate MUST be used. Although + the use of the Common Name is existing practice, it is deprecated and + Certification Authorities are encouraged to use the dNSName instead. */ + if (preg_match('#^' . $value . '$#', $components['host'])) { + return true; + } + break; + case 'iPAddress': + /* From RFC2818 "HTTP over TLS": + + In some cases, the URI is specified as an IP address rather than a + hostname. In this case, the iPAddress subjectAltName must be present + in the certificate and must exactly match the IP in the URI. */ + if (preg_match('#(?:\d{1-3}\.){4}#', $components['host'] . '.') && preg_match('#^' . $value . '$#', $components['host'])) { + return true; + } + } + } + } + return false; + } + + if ($value = $this->getDNProp('id-at-commonName')) { + $value = str_replace(['.', '*'], ['\.', '[^.]*'], $value[0]); + return preg_match('#^' . $value . '$#', $components['host']) === 1; + } + + return false; + } + + /** + * Validate a date + * + * If $date isn't defined it is assumed to be the current date. + * + * @param \DateTimeInterface|string $date optional + * @return bool + */ + public function validateDate($date = null) + { + if (!is_array($this->currentCert) || !isset($this->currentCert['tbsCertificate'])) { + return false; + } + + if (!isset($date)) { + $date = new \DateTimeImmutable('now', new \DateTimeZone(@date_default_timezone_get())); + } + + $notBefore = $this->currentCert['tbsCertificate']['validity']['notBefore']; + $notBefore = isset($notBefore['generalTime']) ? $notBefore['generalTime'] : $notBefore['utcTime']; + + $notAfter = $this->currentCert['tbsCertificate']['validity']['notAfter']; + $notAfter = isset($notAfter['generalTime']) ? $notAfter['generalTime'] : $notAfter['utcTime']; + + if (is_string($date)) { + $date = new \DateTimeImmutable($date, new \DateTimeZone(@date_default_timezone_get())); + } + + $notBefore = new \DateTimeImmutable($notBefore, new \DateTimeZone(@date_default_timezone_get())); + $notAfter = new \DateTimeImmutable($notAfter, new \DateTimeZone(@date_default_timezone_get())); + + return $date >= $notBefore && $date <= $notAfter; + } + + /** + * Fetches a URL + * + * @param string $url + * @return bool|string + */ + private static function fetchURL($url) + { + if (self::$disable_url_fetch) { + return false; + } + + $parts = parse_url($url); + $data = ''; + switch ($parts['scheme']) { + case 'http': + $fsock = @fsockopen($parts['host'], isset($parts['port']) ? $parts['port'] : 80); + if (!$fsock) { + return false; + } + $path = $parts['path']; + if (isset($parts['query'])) { + $path .= '?' . $parts['query']; + } + fputs($fsock, "GET $path HTTP/1.0\r\n"); + fputs($fsock, "Host: $parts[host]\r\n\r\n"); + $line = fgets($fsock, 1024); + if (strlen($line) < 3) { + return false; + } + preg_match('#HTTP/1.\d (\d{3})#', $line, $temp); + if ($temp[1] != '200') { + return false; + } + + // skip the rest of the headers in the http response + while (!feof($fsock) && fgets($fsock, 1024) != "\r\n") { + } + + while (!feof($fsock)) { + $temp = fread($fsock, 1024); + if ($temp === false) { + return false; + } + $data .= $temp; + } + + break; + //case 'ftp': + //case 'ldap': + //default: + } + + return $data; + } + + /** + * Validates an intermediate cert as identified via authority info access extension + * + * See https://tools.ietf.org/html/rfc4325 for more info + * + * @param bool $caonly + * @param int $count + * @return bool + */ + private function testForIntermediate($caonly, $count) + { + $opts = $this->getExtension('id-pe-authorityInfoAccess'); + if (!is_array($opts)) { + return false; + } + foreach ($opts as $opt) { + if ($opt['accessMethod'] == 'id-ad-caIssuers') { + // accessLocation is a GeneralName. GeneralName fields support stuff like email addresses, IP addresses, LDAP, + // etc, but we're only supporting URI's. URI's and LDAP are the only thing https://tools.ietf.org/html/rfc4325 + // discusses + if (isset($opt['accessLocation']['uniformResourceIdentifier'])) { + $url = $opt['accessLocation']['uniformResourceIdentifier']; + break; + } + } + } + + if (!isset($url)) { + return false; + } + + $cert = static::fetchURL($url); + if (!is_string($cert)) { + return false; + } + + $parent = new static(); + $parent->CAs = $this->CAs; + /* + "Conforming applications that support HTTP or FTP for accessing + certificates MUST be able to accept .cer files and SHOULD be able + to accept .p7c files." -- https://tools.ietf.org/html/rfc4325 + + A .p7c file is 'a "certs-only" CMS message as specified in RFC 2797" + + These are currently unsupported + */ + if (!is_array($parent->loadX509($cert))) { + return false; + } + + if (!$parent->validateSignatureCountable($caonly, ++$count)) { + return false; + } + + $this->CAs[] = $parent->currentCert; + //$this->loadCA($cert); + + return true; + } + + /** + * Validate a signature + * + * Works on X.509 certs, CSR's and CRL's. + * Returns true if the signature is verified, false if it is not correct or null on error + * + * By default returns false for self-signed certs. Call validateSignature(false) to make this support + * self-signed. + * + * The behavior of this function is inspired by {@link http://php.net/openssl-verify openssl_verify}. + * + * @param bool $caonly optional + * @return mixed + */ + public function validateSignature($caonly = true) + { + return $this->validateSignatureCountable($caonly, 0); + } + + /** + * Validate a signature + * + * Performs said validation whilst keeping track of how many times validation method is called + * + * @param bool $caonly + * @param int $count + * @return mixed + */ + private function validateSignatureCountable($caonly, $count) + { + if (!is_array($this->currentCert) || !isset($this->signatureSubject)) { + return null; + } + + if ($count == self::$recur_limit) { + return false; + } + + /* TODO: + "emailAddress attribute values are not case-sensitive (e.g., "subscriber@example.com" is the same as "SUBSCRIBER@EXAMPLE.COM")." + -- http://tools.ietf.org/html/rfc5280#section-4.1.2.6 + + implement pathLenConstraint in the id-ce-basicConstraints extension */ + + switch (true) { + case isset($this->currentCert['tbsCertificate']): + // self-signed cert + switch (true) { + case !defined('FILE_X509_IGNORE_TYPE') && $this->currentCert['tbsCertificate']['issuer'] === $this->currentCert['tbsCertificate']['subject']: + case defined('FILE_X509_IGNORE_TYPE') && $this->getIssuerDN(self::DN_STRING) === $this->getDN(self::DN_STRING): + $authorityKey = $this->getExtension('id-ce-authorityKeyIdentifier'); + $subjectKeyID = $this->getExtension('id-ce-subjectKeyIdentifier'); + switch (true) { + case !is_array($authorityKey): + case !$subjectKeyID: + case isset($authorityKey['keyIdentifier']) && $authorityKey['keyIdentifier'] === $subjectKeyID: + $signingCert = $this->currentCert; // working cert + } + } + + if (!empty($this->CAs)) { + for ($i = 0; $i < count($this->CAs); $i++) { + // even if the cert is a self-signed one we still want to see if it's a CA; + // if not, we'll conditionally return an error + $ca = $this->CAs[$i]; + switch (true) { + case !defined('FILE_X509_IGNORE_TYPE') && $this->currentCert['tbsCertificate']['issuer'] === $ca['tbsCertificate']['subject']: + case defined('FILE_X509_IGNORE_TYPE') && $this->getDN(self::DN_STRING, $this->currentCert['tbsCertificate']['issuer']) === $this->getDN(self::DN_STRING, $ca['tbsCertificate']['subject']): + $authorityKey = $this->getExtension('id-ce-authorityKeyIdentifier'); + $subjectKeyID = $this->getExtension('id-ce-subjectKeyIdentifier', $ca); + switch (true) { + case !is_array($authorityKey): + case !$subjectKeyID: + case isset($authorityKey['keyIdentifier']) && $authorityKey['keyIdentifier'] === $subjectKeyID: + if (is_array($authorityKey) && isset($authorityKey['authorityCertSerialNumber']) && !$authorityKey['authorityCertSerialNumber']->equals($ca['tbsCertificate']['serialNumber'])) { + break 2; // serial mismatch - check other ca + } + $signingCert = $ca; // working cert + break 3; + } + } + } + if (count($this->CAs) == $i && $caonly) { + return $this->testForIntermediate($caonly, $count) && $this->validateSignature($caonly); + } + } elseif (!isset($signingCert) || $caonly) { + return $this->testForIntermediate($caonly, $count) && $this->validateSignature($caonly); + } + return $this->validateSignatureHelper( + $signingCert['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm'], + $signingCert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'], + $this->currentCert['signatureAlgorithm']['algorithm'], + substr($this->currentCert['signature'], 1), + $this->signatureSubject + ); + case isset($this->currentCert['certificationRequestInfo']): + return $this->validateSignatureHelper( + $this->currentCert['certificationRequestInfo']['subjectPKInfo']['algorithm']['algorithm'], + $this->currentCert['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey'], + $this->currentCert['signatureAlgorithm']['algorithm'], + substr($this->currentCert['signature'], 1), + $this->signatureSubject + ); + case isset($this->currentCert['publicKeyAndChallenge']): + return $this->validateSignatureHelper( + $this->currentCert['publicKeyAndChallenge']['spki']['algorithm']['algorithm'], + $this->currentCert['publicKeyAndChallenge']['spki']['subjectPublicKey'], + $this->currentCert['signatureAlgorithm']['algorithm'], + substr($this->currentCert['signature'], 1), + $this->signatureSubject + ); + case isset($this->currentCert['tbsCertList']): + if (!empty($this->CAs)) { + for ($i = 0; $i < count($this->CAs); $i++) { + $ca = $this->CAs[$i]; + switch (true) { + case !defined('FILE_X509_IGNORE_TYPE') && $this->currentCert['tbsCertList']['issuer'] === $ca['tbsCertificate']['subject']: + case defined('FILE_X509_IGNORE_TYPE') && $this->getDN(self::DN_STRING, $this->currentCert['tbsCertList']['issuer']) === $this->getDN(self::DN_STRING, $ca['tbsCertificate']['subject']): + $authorityKey = $this->getExtension('id-ce-authorityKeyIdentifier'); + $subjectKeyID = $this->getExtension('id-ce-subjectKeyIdentifier', $ca); + switch (true) { + case !is_array($authorityKey): + case !$subjectKeyID: + case isset($authorityKey['keyIdentifier']) && $authorityKey['keyIdentifier'] === $subjectKeyID: + if (is_array($authorityKey) && isset($authorityKey['authorityCertSerialNumber']) && !$authorityKey['authorityCertSerialNumber']->equals($ca['tbsCertificate']['serialNumber'])) { + break 2; // serial mismatch - check other ca + } + $signingCert = $ca; // working cert + break 3; + } + } + } + } + if (!isset($signingCert)) { + return false; + } + return $this->validateSignatureHelper( + $signingCert['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm'], + $signingCert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'], + $this->currentCert['signatureAlgorithm']['algorithm'], + substr($this->currentCert['signature'], 1), + $this->signatureSubject + ); + default: + return false; + } + } + + /** + * Validates a signature + * + * Returns true if the signature is verified and false if it is not correct. + * If the algorithms are unsupposed an exception is thrown. + * + * @param string $publicKeyAlgorithm + * @param string $publicKey + * @param string $signatureAlgorithm + * @param string $signature + * @param string $signatureSubject + * @throws \phpseclib3\Exception\UnsupportedAlgorithmException if the algorithm is unsupported + * @return bool + */ + private function validateSignatureHelper($publicKeyAlgorithm, $publicKey, $signatureAlgorithm, $signature, $signatureSubject) + { + switch ($publicKeyAlgorithm) { + case 'id-RSASSA-PSS': + $key = RSA::loadFormat('PSS', $publicKey); + break; + case 'rsaEncryption': + $key = RSA::loadFormat('PKCS8', $publicKey); + switch ($signatureAlgorithm) { + case 'id-RSASSA-PSS': + break; + case 'md2WithRSAEncryption': + case 'md5WithRSAEncryption': + case 'sha1WithRSAEncryption': + case 'sha224WithRSAEncryption': + case 'sha256WithRSAEncryption': + case 'sha384WithRSAEncryption': + case 'sha512WithRSAEncryption': + $key = $key + ->withHash(preg_replace('#WithRSAEncryption$#', '', $signatureAlgorithm)) + ->withPadding(RSA::SIGNATURE_PKCS1); + break; + default: + throw new UnsupportedAlgorithmException('Signature algorithm unsupported'); + } + break; + case 'id-Ed25519': + case 'id-Ed448': + $key = EC::loadFormat('PKCS8', $publicKey); + break; + case 'id-ecPublicKey': + $key = EC::loadFormat('PKCS8', $publicKey); + switch ($signatureAlgorithm) { + case 'ecdsa-with-SHA1': + case 'ecdsa-with-SHA224': + case 'ecdsa-with-SHA256': + case 'ecdsa-with-SHA384': + case 'ecdsa-with-SHA512': + $key = $key + ->withHash(preg_replace('#^ecdsa-with-#', '', strtolower($signatureAlgorithm))); + break; + default: + throw new UnsupportedAlgorithmException('Signature algorithm unsupported'); + } + break; + case 'id-dsa': + $key = DSA::loadFormat('PKCS8', $publicKey); + switch ($signatureAlgorithm) { + case 'id-dsa-with-sha1': + case 'id-dsa-with-sha224': + case 'id-dsa-with-sha256': + $key = $key + ->withHash(preg_replace('#^id-dsa-with-#', '', strtolower($signatureAlgorithm))); + break; + default: + throw new UnsupportedAlgorithmException('Signature algorithm unsupported'); + } + break; + default: + throw new UnsupportedAlgorithmException('Public key algorithm unsupported'); + } + + return $key->verify($signatureSubject, $signature); + } + + /** + * Sets the recursion limit + * + * When validating a signature it may be necessary to download intermediate certs from URI's. + * An intermediate cert that linked to itself would result in an infinite loop so to prevent + * that we set a recursion limit. A negative number means that there is no recursion limit. + * + * @param int $count + */ + public static function setRecurLimit($count) + { + self::$recur_limit = $count; + } + + /** + * Prevents URIs from being automatically retrieved + * + */ + public static function disableURLFetch() + { + self::$disable_url_fetch = true; + } + + /** + * Allows URIs to be automatically retrieved + * + */ + public static function enableURLFetch() + { + self::$disable_url_fetch = false; + } + + /** + * Decodes an IP address + * + * Takes in a base64 encoded "blob" and returns a human readable IP address + * + * @param string $ip + * @return string + */ + public static function decodeIP($ip) + { + return inet_ntop($ip); + } + + /** + * Decodes an IP address in a name constraints extension + * + * Takes in a base64 encoded "blob" and returns a human readable IP address / mask + * + * @param string $ip + * @return array + */ + public static function decodeNameConstraintIP($ip) + { + $size = strlen($ip) >> 1; + $mask = substr($ip, $size); + $ip = substr($ip, 0, $size); + return [inet_ntop($ip), inet_ntop($mask)]; + } + + /** + * Encodes an IP address + * + * Takes a human readable IP address into a base64-encoded "blob" + * + * @param string|array $ip + * @return string + */ + public static function encodeIP($ip) + { + return is_string($ip) ? + inet_pton($ip) : + inet_pton($ip[0]) . inet_pton($ip[1]); + } + + /** + * "Normalizes" a Distinguished Name property + * + * @param string $propName + * @return mixed + */ + private function translateDNProp($propName) + { + switch (strtolower($propName)) { + case 'jurisdictionofincorporationcountryname': + case 'jurisdictioncountryname': + case 'jurisdictionc': + return 'jurisdictionOfIncorporationCountryName'; + case 'jurisdictionofincorporationstateorprovincename': + case 'jurisdictionstateorprovincename': + case 'jurisdictionst': + return 'jurisdictionOfIncorporationStateOrProvinceName'; + case 'jurisdictionlocalityname': + case 'jurisdictionl': + return 'jurisdictionLocalityName'; + case 'id-at-businesscategory': + case 'businesscategory': + return 'id-at-businessCategory'; + case 'id-at-countryname': + case 'countryname': + case 'c': + return 'id-at-countryName'; + case 'id-at-organizationname': + case 'organizationname': + case 'o': + return 'id-at-organizationName'; + case 'id-at-dnqualifier': + case 'dnqualifier': + return 'id-at-dnQualifier'; + case 'id-at-commonname': + case 'commonname': + case 'cn': + return 'id-at-commonName'; + case 'id-at-stateorprovincename': + case 'stateorprovincename': + case 'state': + case 'province': + case 'provincename': + case 'st': + return 'id-at-stateOrProvinceName'; + case 'id-at-localityname': + case 'localityname': + case 'l': + return 'id-at-localityName'; + case 'id-emailaddress': + case 'emailaddress': + return 'pkcs-9-at-emailAddress'; + case 'id-at-serialnumber': + case 'serialnumber': + return 'id-at-serialNumber'; + case 'id-at-postalcode': + case 'postalcode': + return 'id-at-postalCode'; + case 'id-at-streetaddress': + case 'streetaddress': + return 'id-at-streetAddress'; + case 'id-at-name': + case 'name': + return 'id-at-name'; + case 'id-at-givenname': + case 'givenname': + return 'id-at-givenName'; + case 'id-at-surname': + case 'surname': + case 'sn': + return 'id-at-surname'; + case 'id-at-initials': + case 'initials': + return 'id-at-initials'; + case 'id-at-generationqualifier': + case 'generationqualifier': + return 'id-at-generationQualifier'; + case 'id-at-organizationalunitname': + case 'organizationalunitname': + case 'ou': + return 'id-at-organizationalUnitName'; + case 'id-at-pseudonym': + case 'pseudonym': + return 'id-at-pseudonym'; + case 'id-at-title': + case 'title': + return 'id-at-title'; + case 'id-at-description': + case 'description': + return 'id-at-description'; + case 'id-at-role': + case 'role': + return 'id-at-role'; + case 'id-at-uniqueidentifier': + case 'uniqueidentifier': + case 'x500uniqueidentifier': + return 'id-at-uniqueIdentifier'; + case 'postaladdress': + case 'id-at-postaladdress': + return 'id-at-postalAddress'; + default: + return false; + } + } + + /** + * Set a Distinguished Name property + * + * @param string $propName + * @param mixed $propValue + * @param string $type optional + * @return bool + */ + public function setDNProp($propName, $propValue, $type = 'utf8String') + { + if (empty($this->dn)) { + $this->dn = ['rdnSequence' => []]; + } + + if (($propName = $this->translateDNProp($propName)) === false) { + return false; + } + + foreach ((array) $propValue as $v) { + if (!is_array($v) && isset($type)) { + $v = [$type => $v]; + } + $this->dn['rdnSequence'][] = [ + [ + 'type' => $propName, + 'value' => $v + ] + ]; + } + + return true; + } + + /** + * Remove Distinguished Name properties + * + * @param string $propName + */ + public function removeDNProp($propName) + { + if (empty($this->dn)) { + return; + } + + if (($propName = $this->translateDNProp($propName)) === false) { + return; + } + + $dn = &$this->dn['rdnSequence']; + $size = count($dn); + for ($i = 0; $i < $size; $i++) { + if ($dn[$i][0]['type'] == $propName) { + unset($dn[$i]); + } + } + + $dn = array_values($dn); + // fix for https://bugs.php.net/75433 affecting PHP 7.2 + if (!isset($dn[0])) { + $dn = array_splice($dn, 0, 0); + } + } + + /** + * Get Distinguished Name properties + * + * @param string $propName + * @param array $dn optional + * @param bool $withType optional + * @return mixed + */ + public function getDNProp($propName, array $dn = null, $withType = false) + { + if (!isset($dn)) { + $dn = $this->dn; + } + + if (empty($dn)) { + return false; + } + + if (($propName = $this->translateDNProp($propName)) === false) { + return false; + } + + $filters = []; + $filters['value'] = ['type' => ASN1::TYPE_UTF8_STRING]; + ASN1::setFilters($filters); + $this->mapOutDNs($dn, 'rdnSequence'); + $dn = $dn['rdnSequence']; + $result = []; + for ($i = 0; $i < count($dn); $i++) { + if ($dn[$i][0]['type'] == $propName) { + $v = $dn[$i][0]['value']; + if (!$withType) { + if (is_array($v)) { + foreach ($v as $type => $s) { + $type = array_search($type, ASN1::ANY_MAP); + if ($type !== false && array_key_exists($type, ASN1::STRING_TYPE_SIZE)) { + $s = ASN1::convert($s, $type); + if ($s !== false) { + $v = $s; + break; + } + } + } + if (is_array($v)) { + $v = array_pop($v); // Always strip data type. + } + } elseif (is_object($v) && $v instanceof Element) { + $map = $this->getMapping($propName); + if (!is_bool($map)) { + $decoded = ASN1::decodeBER($v); + if (!$decoded) { + return false; + } + $v = ASN1::asn1map($decoded[0], $map); + } + } + } + $result[] = $v; + } + } + + return $result; + } + + /** + * Set a Distinguished Name + * + * @param mixed $dn + * @param bool $merge optional + * @param string $type optional + * @return bool + */ + public function setDN($dn, $merge = false, $type = 'utf8String') + { + if (!$merge) { + $this->dn = null; + } + + if (is_array($dn)) { + if (isset($dn['rdnSequence'])) { + $this->dn = $dn; // No merge here. + return true; + } + + // handles stuff generated by openssl_x509_parse() + foreach ($dn as $prop => $value) { + if (!$this->setDNProp($prop, $value, $type)) { + return false; + } + } + return true; + } + + // handles everything else + $results = preg_split('#((?:^|, *|/)(?:C=|O=|OU=|CN=|L=|ST=|SN=|postalCode=|streetAddress=|emailAddress=|serialNumber=|organizationalUnitName=|title=|description=|role=|x500UniqueIdentifier=|postalAddress=))#', $dn, -1, PREG_SPLIT_DELIM_CAPTURE); + for ($i = 1; $i < count($results); $i += 2) { + $prop = trim($results[$i], ', =/'); + $value = $results[$i + 1]; + if (!$this->setDNProp($prop, $value, $type)) { + return false; + } + } + + return true; + } + + /** + * Get the Distinguished Name for a certificates subject + * + * @param mixed $format optional + * @param array $dn optional + * @return array|bool|string + */ + public function getDN($format = self::DN_ARRAY, array $dn = null) + { + if (!isset($dn)) { + $dn = isset($this->currentCert['tbsCertList']) ? $this->currentCert['tbsCertList']['issuer'] : $this->dn; + } + + switch ((int) $format) { + case self::DN_ARRAY: + return $dn; + case self::DN_ASN1: + $filters = []; + $filters['rdnSequence']['value'] = ['type' => ASN1::TYPE_UTF8_STRING]; + ASN1::setFilters($filters); + $this->mapOutDNs($dn, 'rdnSequence'); + return ASN1::encodeDER($dn, Maps\Name::MAP); + case self::DN_CANON: + // No SEQUENCE around RDNs and all string values normalized as + // trimmed lowercase UTF-8 with all spacing as one blank. + // constructed RDNs will not be canonicalized + $filters = []; + $filters['value'] = ['type' => ASN1::TYPE_UTF8_STRING]; + ASN1::setFilters($filters); + $result = ''; + $this->mapOutDNs($dn, 'rdnSequence'); + foreach ($dn['rdnSequence'] as $rdn) { + foreach ($rdn as $i => $attr) { + $attr = &$rdn[$i]; + if (is_array($attr['value'])) { + foreach ($attr['value'] as $type => $v) { + $type = array_search($type, ASN1::ANY_MAP, true); + if ($type !== false && array_key_exists($type, ASN1::STRING_TYPE_SIZE)) { + $v = ASN1::convert($v, $type); + if ($v !== false) { + $v = preg_replace('/\s+/', ' ', $v); + $attr['value'] = strtolower(trim($v)); + break; + } + } + } + } + } + $result .= ASN1::encodeDER($rdn, Maps\RelativeDistinguishedName::MAP); + } + return $result; + case self::DN_HASH: + $dn = $this->getDN(self::DN_CANON, $dn); + $hash = new Hash('sha1'); + $hash = $hash->hash($dn); + extract(unpack('Vhash', $hash)); + return strtolower(Strings::bin2hex(pack('N', $hash))); + } + + // Default is to return a string. + $start = true; + $output = ''; + + $result = []; + $filters = []; + $filters['rdnSequence']['value'] = ['type' => ASN1::TYPE_UTF8_STRING]; + ASN1::setFilters($filters); + $this->mapOutDNs($dn, 'rdnSequence'); + + foreach ($dn['rdnSequence'] as $field) { + $prop = $field[0]['type']; + $value = $field[0]['value']; + + $delim = ', '; + switch ($prop) { + case 'id-at-countryName': + $desc = 'C'; + break; + case 'id-at-stateOrProvinceName': + $desc = 'ST'; + break; + case 'id-at-organizationName': + $desc = 'O'; + break; + case 'id-at-organizationalUnitName': + $desc = 'OU'; + break; + case 'id-at-commonName': + $desc = 'CN'; + break; + case 'id-at-localityName': + $desc = 'L'; + break; + case 'id-at-surname': + $desc = 'SN'; + break; + case 'id-at-uniqueIdentifier': + $delim = '/'; + $desc = 'x500UniqueIdentifier'; + break; + case 'id-at-postalAddress': + $delim = '/'; + $desc = 'postalAddress'; + break; + default: + $delim = '/'; + $desc = preg_replace('#.+-([^-]+)$#', '$1', $prop); + } + + if (!$start) { + $output .= $delim; + } + if (is_array($value)) { + foreach ($value as $type => $v) { + $type = array_search($type, ASN1::ANY_MAP, true); + if ($type !== false && array_key_exists($type, ASN1::STRING_TYPE_SIZE)) { + $v = ASN1::convert($v, $type); + if ($v !== false) { + $value = $v; + break; + } + } + } + if (is_array($value)) { + $value = array_pop($value); // Always strip data type. + } + } elseif (is_object($value) && $value instanceof Element) { + $callback = function ($x) { + return '\x' . bin2hex($x[0]); + }; + $value = strtoupper(preg_replace_callback('#[^\x20-\x7E]#', $callback, $value->element)); + } + $output .= $desc . '=' . $value; + $result[$desc] = isset($result[$desc]) ? + array_merge((array) $result[$desc], [$value]) : + $value; + $start = false; + } + + return $format == self::DN_OPENSSL ? $result : $output; + } + + /** + * Get the Distinguished Name for a certificate/crl issuer + * + * @param int $format optional + * @return mixed + */ + public function getIssuerDN($format = self::DN_ARRAY) + { + switch (true) { + case !isset($this->currentCert) || !is_array($this->currentCert): + break; + case isset($this->currentCert['tbsCertificate']): + return $this->getDN($format, $this->currentCert['tbsCertificate']['issuer']); + case isset($this->currentCert['tbsCertList']): + return $this->getDN($format, $this->currentCert['tbsCertList']['issuer']); + } + + return false; + } + + /** + * Get the Distinguished Name for a certificate/csr subject + * Alias of getDN() + * + * @param int $format optional + * @return mixed + */ + public function getSubjectDN($format = self::DN_ARRAY) + { + switch (true) { + case !empty($this->dn): + return $this->getDN($format); + case !isset($this->currentCert) || !is_array($this->currentCert): + break; + case isset($this->currentCert['tbsCertificate']): + return $this->getDN($format, $this->currentCert['tbsCertificate']['subject']); + case isset($this->currentCert['certificationRequestInfo']): + return $this->getDN($format, $this->currentCert['certificationRequestInfo']['subject']); + } + + return false; + } + + /** + * Get an individual Distinguished Name property for a certificate/crl issuer + * + * @param string $propName + * @param bool $withType optional + * @return mixed + */ + public function getIssuerDNProp($propName, $withType = false) + { + switch (true) { + case !isset($this->currentCert) || !is_array($this->currentCert): + break; + case isset($this->currentCert['tbsCertificate']): + return $this->getDNProp($propName, $this->currentCert['tbsCertificate']['issuer'], $withType); + case isset($this->currentCert['tbsCertList']): + return $this->getDNProp($propName, $this->currentCert['tbsCertList']['issuer'], $withType); + } + + return false; + } + + /** + * Get an individual Distinguished Name property for a certificate/csr subject + * + * @param string $propName + * @param bool $withType optional + * @return mixed + */ + public function getSubjectDNProp($propName, $withType = false) + { + switch (true) { + case !empty($this->dn): + return $this->getDNProp($propName, null, $withType); + case !isset($this->currentCert) || !is_array($this->currentCert): + break; + case isset($this->currentCert['tbsCertificate']): + return $this->getDNProp($propName, $this->currentCert['tbsCertificate']['subject'], $withType); + case isset($this->currentCert['certificationRequestInfo']): + return $this->getDNProp($propName, $this->currentCert['certificationRequestInfo']['subject'], $withType); + } + + return false; + } + + /** + * Get the certificate chain for the current cert + * + * @return mixed + */ + public function getChain() + { + $chain = [$this->currentCert]; + + if (!is_array($this->currentCert) || !isset($this->currentCert['tbsCertificate'])) { + return false; + } + while (true) { + $currentCert = $chain[count($chain) - 1]; + for ($i = 0; $i < count($this->CAs); $i++) { + $ca = $this->CAs[$i]; + if ($currentCert['tbsCertificate']['issuer'] === $ca['tbsCertificate']['subject']) { + $authorityKey = $this->getExtension('id-ce-authorityKeyIdentifier', $currentCert); + $subjectKeyID = $this->getExtension('id-ce-subjectKeyIdentifier', $ca); + switch (true) { + case !is_array($authorityKey): + case is_array($authorityKey) && isset($authorityKey['keyIdentifier']) && $authorityKey['keyIdentifier'] === $subjectKeyID: + if ($currentCert === $ca) { + break 3; + } + $chain[] = $ca; + break 2; + } + } + } + if ($i == count($this->CAs)) { + break; + } + } + foreach ($chain as $key => $value) { + $chain[$key] = new X509(); + $chain[$key]->loadX509($value); + } + return $chain; + } + + /** + * Returns the current cert + * + * @return array|bool + */ + public function &getCurrentCert() + { + return $this->currentCert; + } + + /** + * Set public key + * + * Key needs to be a \phpseclib3\Crypt\RSA object + * + * @param PublicKey $key + * @return void + */ + public function setPublicKey(PublicKey $key) + { + $this->publicKey = $key; + } + + /** + * Set private key + * + * Key needs to be a \phpseclib3\Crypt\RSA object + * + * @param PrivateKey $key + */ + public function setPrivateKey(PrivateKey $key) + { + $this->privateKey = $key; + } + + /** + * Set challenge + * + * Used for SPKAC CSR's + * + * @param string $challenge + */ + public function setChallenge($challenge) + { + $this->challenge = $challenge; + } + + /** + * Gets the public key + * + * Returns a \phpseclib3\Crypt\RSA object or a false. + * + * @return mixed + */ + public function getPublicKey() + { + if (isset($this->publicKey)) { + return $this->publicKey; + } + + if (isset($this->currentCert) && is_array($this->currentCert)) { + $paths = [ + 'tbsCertificate/subjectPublicKeyInfo', + 'certificationRequestInfo/subjectPKInfo', + 'publicKeyAndChallenge/spki' + ]; + foreach ($paths as $path) { + $keyinfo = $this->subArray($this->currentCert, $path); + if (!empty($keyinfo)) { + break; + } + } + } + if (empty($keyinfo)) { + return false; + } + + $key = $keyinfo['subjectPublicKey']; + + switch ($keyinfo['algorithm']['algorithm']) { + case 'id-RSASSA-PSS': + return RSA::loadFormat('PSS', $key); + case 'rsaEncryption': + return RSA::loadFormat('PKCS8', $key)->withPadding(RSA::SIGNATURE_PKCS1); + case 'id-ecPublicKey': + case 'id-Ed25519': + case 'id-Ed448': + return EC::loadFormat('PKCS8', $key); + case 'id-dsa': + return DSA::loadFormat('PKCS8', $key); + } + + return false; + } + + /** + * Load a Certificate Signing Request + * + * @param string $csr + * @param int $mode + * @return mixed + */ + public function loadCSR($csr, $mode = self::FORMAT_AUTO_DETECT) + { + if (is_array($csr) && isset($csr['certificationRequestInfo'])) { + unset($this->currentCert); + unset($this->currentKeyIdentifier); + unset($this->signatureSubject); + $this->dn = $csr['certificationRequestInfo']['subject']; + if (!isset($this->dn)) { + return false; + } + + $this->currentCert = $csr; + return $csr; + } + + // see http://tools.ietf.org/html/rfc2986 + + if ($mode != self::FORMAT_DER) { + $newcsr = ASN1::extractBER($csr); + if ($mode == self::FORMAT_PEM && $csr == $newcsr) { + return false; + } + $csr = $newcsr; + } + $orig = $csr; + + if ($csr === false) { + $this->currentCert = false; + return false; + } + + $decoded = ASN1::decodeBER($csr); + + if (!$decoded) { + $this->currentCert = false; + return false; + } + + $csr = ASN1::asn1map($decoded[0], Maps\CertificationRequest::MAP); + if (!isset($csr) || $csr === false) { + $this->currentCert = false; + return false; + } + + $this->mapInAttributes($csr, 'certificationRequestInfo/attributes'); + $this->mapInDNs($csr, 'certificationRequestInfo/subject/rdnSequence'); + + $this->dn = $csr['certificationRequestInfo']['subject']; + + $this->signatureSubject = substr($orig, $decoded[0]['content'][0]['start'], $decoded[0]['content'][0]['length']); + + $key = $csr['certificationRequestInfo']['subjectPKInfo']; + $key = ASN1::encodeDER($key, Maps\SubjectPublicKeyInfo::MAP); + $csr['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey'] = + "-----BEGIN PUBLIC KEY-----\r\n" . + chunk_split(base64_encode($key), 64) . + "-----END PUBLIC KEY-----"; + + $this->currentKeyIdentifier = null; + $this->currentCert = $csr; + + $this->publicKey = null; + $this->publicKey = $this->getPublicKey(); + + return $csr; + } + + /** + * Save CSR request + * + * @param array $csr + * @param int $format optional + * @return string + */ + public function saveCSR(array $csr, $format = self::FORMAT_PEM) + { + if (!is_array($csr) || !isset($csr['certificationRequestInfo'])) { + return false; + } + + switch (true) { + case !($algorithm = $this->subArray($csr, 'certificationRequestInfo/subjectPKInfo/algorithm/algorithm')): + case is_object($csr['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey']): + break; + default: + $csr['certificationRequestInfo']['subjectPKInfo'] = new Element( + base64_decode(preg_replace('#-.+-|[\r\n]#', '', $csr['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey'])) + ); + } + + $filters = []; + $filters['certificationRequestInfo']['subject']['rdnSequence']['value'] + = ['type' => ASN1::TYPE_UTF8_STRING]; + + ASN1::setFilters($filters); + + $this->mapOutDNs($csr, 'certificationRequestInfo/subject/rdnSequence'); + $this->mapOutAttributes($csr, 'certificationRequestInfo/attributes'); + $csr = ASN1::encodeDER($csr, Maps\CertificationRequest::MAP); + + switch ($format) { + case self::FORMAT_DER: + return $csr; + // case self::FORMAT_PEM: + default: + return "-----BEGIN CERTIFICATE REQUEST-----\r\n" . chunk_split(Strings::base64_encode($csr), 64) . '-----END CERTIFICATE REQUEST-----'; + } + } + + /** + * Load a SPKAC CSR + * + * SPKAC's are produced by the HTML5 keygen element: + * + * https://developer.mozilla.org/en-US/docs/HTML/Element/keygen + * + * @param string $spkac + * @return mixed + */ + public function loadSPKAC($spkac) + { + if (is_array($spkac) && isset($spkac['publicKeyAndChallenge'])) { + unset($this->currentCert); + unset($this->currentKeyIdentifier); + unset($this->signatureSubject); + $this->currentCert = $spkac; + return $spkac; + } + + // see http://www.w3.org/html/wg/drafts/html/master/forms.html#signedpublickeyandchallenge + + // OpenSSL produces SPKAC's that are preceded by the string SPKAC= + $temp = preg_replace('#(?:SPKAC=)|[ \r\n\\\]#', '', $spkac); + $temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? Strings::base64_decode($temp) : false; + if ($temp != false) { + $spkac = $temp; + } + $orig = $spkac; + + if ($spkac === false) { + $this->currentCert = false; + return false; + } + + $decoded = ASN1::decodeBER($spkac); + + if (!$decoded) { + $this->currentCert = false; + return false; + } + + $spkac = ASN1::asn1map($decoded[0], Maps\SignedPublicKeyAndChallenge::MAP); + + if (!isset($spkac) || !is_array($spkac)) { + $this->currentCert = false; + return false; + } + + $this->signatureSubject = substr($orig, $decoded[0]['content'][0]['start'], $decoded[0]['content'][0]['length']); + + $key = $spkac['publicKeyAndChallenge']['spki']; + $key = ASN1::encodeDER($key, Maps\SubjectPublicKeyInfo::MAP); + $spkac['publicKeyAndChallenge']['spki']['subjectPublicKey'] = + "-----BEGIN PUBLIC KEY-----\r\n" . + chunk_split(base64_encode($key), 64) . + "-----END PUBLIC KEY-----"; + + $this->currentKeyIdentifier = null; + $this->currentCert = $spkac; + + $this->publicKey = null; + $this->publicKey = $this->getPublicKey(); + + return $spkac; + } + + /** + * Save a SPKAC CSR request + * + * @param array $spkac + * @param int $format optional + * @return string + */ + public function saveSPKAC(array $spkac, $format = self::FORMAT_PEM) + { + if (!is_array($spkac) || !isset($spkac['publicKeyAndChallenge'])) { + return false; + } + + $algorithm = $this->subArray($spkac, 'publicKeyAndChallenge/spki/algorithm/algorithm'); + switch (true) { + case !$algorithm: + case is_object($spkac['publicKeyAndChallenge']['spki']['subjectPublicKey']): + break; + default: + $spkac['publicKeyAndChallenge']['spki'] = new Element( + base64_decode(preg_replace('#-.+-|[\r\n]#', '', $spkac['publicKeyAndChallenge']['spki']['subjectPublicKey'])) + ); + } + + $spkac = ASN1::encodeDER($spkac, Maps\SignedPublicKeyAndChallenge::MAP); + + switch ($format) { + case self::FORMAT_DER: + return $spkac; + // case self::FORMAT_PEM: + default: + // OpenSSL's implementation of SPKAC requires the SPKAC be preceded by SPKAC= and since there are pretty much + // no other SPKAC decoders phpseclib will use that same format + return 'SPKAC=' . Strings::base64_encode($spkac); + } + } + + /** + * Load a Certificate Revocation List + * + * @param string $crl + * @param int $mode + * @return mixed + */ + public function loadCRL($crl, $mode = self::FORMAT_AUTO_DETECT) + { + if (is_array($crl) && isset($crl['tbsCertList'])) { + $this->currentCert = $crl; + unset($this->signatureSubject); + return $crl; + } + + if ($mode != self::FORMAT_DER) { + $newcrl = ASN1::extractBER($crl); + if ($mode == self::FORMAT_PEM && $crl == $newcrl) { + return false; + } + $crl = $newcrl; + } + $orig = $crl; + + if ($crl === false) { + $this->currentCert = false; + return false; + } + + $decoded = ASN1::decodeBER($crl); + + if (!$decoded) { + $this->currentCert = false; + return false; + } + + $crl = ASN1::asn1map($decoded[0], Maps\CertificateList::MAP); + if (!isset($crl) || $crl === false) { + $this->currentCert = false; + return false; + } + + $this->signatureSubject = substr($orig, $decoded[0]['content'][0]['start'], $decoded[0]['content'][0]['length']); + + $this->mapInDNs($crl, 'tbsCertList/issuer/rdnSequence'); + if ($this->isSubArrayValid($crl, 'tbsCertList/crlExtensions')) { + $this->mapInExtensions($crl, 'tbsCertList/crlExtensions'); + } + if ($this->isSubArrayValid($crl, 'tbsCertList/revokedCertificates')) { + $rclist_ref = &$this->subArrayUnchecked($crl, 'tbsCertList/revokedCertificates'); + if ($rclist_ref) { + $rclist = $crl['tbsCertList']['revokedCertificates']; + foreach ($rclist as $i => $extension) { + if ($this->isSubArrayValid($rclist, "$i/crlEntryExtensions")) { + $this->mapInExtensions($rclist_ref, "$i/crlEntryExtensions"); + } + } + } + } + + $this->currentKeyIdentifier = null; + $this->currentCert = $crl; + + return $crl; + } + + /** + * Save Certificate Revocation List. + * + * @param array $crl + * @param int $format optional + * @return string + */ + public function saveCRL(array $crl, $format = self::FORMAT_PEM) + { + if (!is_array($crl) || !isset($crl['tbsCertList'])) { + return false; + } + + $filters = []; + $filters['tbsCertList']['issuer']['rdnSequence']['value'] + = ['type' => ASN1::TYPE_UTF8_STRING]; + $filters['tbsCertList']['signature']['parameters'] + = ['type' => ASN1::TYPE_UTF8_STRING]; + $filters['signatureAlgorithm']['parameters'] + = ['type' => ASN1::TYPE_UTF8_STRING]; + + if (empty($crl['tbsCertList']['signature']['parameters'])) { + $filters['tbsCertList']['signature']['parameters'] + = ['type' => ASN1::TYPE_NULL]; + } + + if (empty($crl['signatureAlgorithm']['parameters'])) { + $filters['signatureAlgorithm']['parameters'] + = ['type' => ASN1::TYPE_NULL]; + } + + ASN1::setFilters($filters); + + $this->mapOutDNs($crl, 'tbsCertList/issuer/rdnSequence'); + $this->mapOutExtensions($crl, 'tbsCertList/crlExtensions'); + $rclist = &$this->subArray($crl, 'tbsCertList/revokedCertificates'); + if (is_array($rclist)) { + foreach ($rclist as $i => $extension) { + $this->mapOutExtensions($rclist, "$i/crlEntryExtensions"); + } + } + + $crl = ASN1::encodeDER($crl, Maps\CertificateList::MAP); + + switch ($format) { + case self::FORMAT_DER: + return $crl; + // case self::FORMAT_PEM: + default: + return "-----BEGIN X509 CRL-----\r\n" . chunk_split(Strings::base64_encode($crl), 64) . '-----END X509 CRL-----'; + } + } + + /** + * Helper function to build a time field according to RFC 3280 section + * - 4.1.2.5 Validity + * - 5.1.2.4 This Update + * - 5.1.2.5 Next Update + * - 5.1.2.6 Revoked Certificates + * by choosing utcTime iff year of date given is before 2050 and generalTime else. + * + * @param string $date in format date('D, d M Y H:i:s O') + * @return array|Element + */ + private function timeField($date) + { + if ($date instanceof Element) { + return $date; + } + $dateObj = new \DateTimeImmutable($date, new \DateTimeZone('GMT')); + $year = $dateObj->format('Y'); // the same way ASN1.php parses this + if ($year < 2050) { + return ['utcTime' => $date]; + } else { + return ['generalTime' => $date]; + } + } + + /** + * Sign an X.509 certificate + * + * $issuer's private key needs to be loaded. + * $subject can be either an existing X.509 cert (if you want to resign it), + * a CSR or something with the DN and public key explicitly set. + * + * @return mixed + */ + public function sign(X509 $issuer, X509 $subject) + { + if (!is_object($issuer->privateKey) || empty($issuer->dn)) { + return false; + } + + if (isset($subject->publicKey) && !($subjectPublicKey = $subject->formatSubjectPublicKey())) { + return false; + } + + $currentCert = isset($this->currentCert) ? $this->currentCert : null; + $signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject : null; + $signatureAlgorithm = self::identifySignatureAlgorithm($issuer->privateKey); + + if (isset($subject->currentCert) && is_array($subject->currentCert) && isset($subject->currentCert['tbsCertificate'])) { + $this->currentCert = $subject->currentCert; + $this->currentCert['tbsCertificate']['signature'] = $signatureAlgorithm; + $this->currentCert['signatureAlgorithm'] = $signatureAlgorithm; + + if (!empty($this->startDate)) { + $this->currentCert['tbsCertificate']['validity']['notBefore'] = $this->timeField($this->startDate); + } + if (!empty($this->endDate)) { + $this->currentCert['tbsCertificate']['validity']['notAfter'] = $this->timeField($this->endDate); + } + if (!empty($this->serialNumber)) { + $this->currentCert['tbsCertificate']['serialNumber'] = $this->serialNumber; + } + if (!empty($subject->dn)) { + $this->currentCert['tbsCertificate']['subject'] = $subject->dn; + } + if (!empty($subject->publicKey)) { + $this->currentCert['tbsCertificate']['subjectPublicKeyInfo'] = $subjectPublicKey; + } + $this->removeExtension('id-ce-authorityKeyIdentifier'); + if (isset($subject->domains)) { + $this->removeExtension('id-ce-subjectAltName'); + } + } elseif (isset($subject->currentCert) && is_array($subject->currentCert) && isset($subject->currentCert['tbsCertList'])) { + return false; + } else { + if (!isset($subject->publicKey)) { + return false; + } + + $startDate = new \DateTimeImmutable('now', new \DateTimeZone(@date_default_timezone_get())); + $startDate = !empty($this->startDate) ? $this->startDate : $startDate->format('D, d M Y H:i:s O'); + + $endDate = new \DateTimeImmutable('+1 year', new \DateTimeZone(@date_default_timezone_get())); + $endDate = !empty($this->endDate) ? $this->endDate : $endDate->format('D, d M Y H:i:s O'); + + /* "The serial number MUST be a positive integer" + "Conforming CAs MUST NOT use serialNumber values longer than 20 octets." + -- https://tools.ietf.org/html/rfc5280#section-4.1.2.2 + + for the integer to be positive the leading bit needs to be 0 hence the + application of a bitmap + */ + $serialNumber = !empty($this->serialNumber) ? + $this->serialNumber : + new BigInteger(Random::string(20) & ("\x7F" . str_repeat("\xFF", 19)), 256); + + $this->currentCert = [ + 'tbsCertificate' => + [ + 'version' => 'v3', + 'serialNumber' => $serialNumber, // $this->setSerialNumber() + 'signature' => $signatureAlgorithm, + 'issuer' => false, // this is going to be overwritten later + 'validity' => [ + 'notBefore' => $this->timeField($startDate), // $this->setStartDate() + 'notAfter' => $this->timeField($endDate) // $this->setEndDate() + ], + 'subject' => $subject->dn, + 'subjectPublicKeyInfo' => $subjectPublicKey + ], + 'signatureAlgorithm' => $signatureAlgorithm, + 'signature' => false // this is going to be overwritten later + ]; + + // Copy extensions from CSR. + $csrexts = $subject->getAttribute('pkcs-9-at-extensionRequest', 0); + + if (!empty($csrexts)) { + $this->currentCert['tbsCertificate']['extensions'] = $csrexts; + } + } + + $this->currentCert['tbsCertificate']['issuer'] = $issuer->dn; + + if (isset($issuer->currentKeyIdentifier)) { + $this->setExtension('id-ce-authorityKeyIdentifier', [ + //'authorityCertIssuer' => array( + // array( + // 'directoryName' => $issuer->dn + // ) + //), + 'keyIdentifier' => $issuer->currentKeyIdentifier + ]); + //$extensions = &$this->currentCert['tbsCertificate']['extensions']; + //if (isset($issuer->serialNumber)) { + // $extensions[count($extensions) - 1]['authorityCertSerialNumber'] = $issuer->serialNumber; + //} + //unset($extensions); + } + + if (isset($subject->currentKeyIdentifier)) { + $this->setExtension('id-ce-subjectKeyIdentifier', $subject->currentKeyIdentifier); + } + + $altName = []; + + if (isset($subject->domains) && count($subject->domains)) { + $altName = array_map(['\phpseclib3\File\X509', 'dnsName'], $subject->domains); + } + + if (isset($subject->ipAddresses) && count($subject->ipAddresses)) { + // should an IP address appear as the CN if no domain name is specified? idk + //$ips = count($subject->domains) ? $subject->ipAddresses : array_slice($subject->ipAddresses, 1); + $ipAddresses = []; + foreach ($subject->ipAddresses as $ipAddress) { + $encoded = $subject->ipAddress($ipAddress); + if ($encoded !== false) { + $ipAddresses[] = $encoded; + } + } + if (count($ipAddresses)) { + $altName = array_merge($altName, $ipAddresses); + } + } + + if (!empty($altName)) { + $this->setExtension('id-ce-subjectAltName', $altName); + } + + if ($this->caFlag) { + $keyUsage = $this->getExtension('id-ce-keyUsage'); + if (!$keyUsage) { + $keyUsage = []; + } + + $this->setExtension( + 'id-ce-keyUsage', + array_values(array_unique(array_merge($keyUsage, ['cRLSign', 'keyCertSign']))) + ); + + $basicConstraints = $this->getExtension('id-ce-basicConstraints'); + if (!$basicConstraints) { + $basicConstraints = []; + } + + $this->setExtension( + 'id-ce-basicConstraints', + array_merge(['cA' => true], $basicConstraints), + true + ); + + if (!isset($subject->currentKeyIdentifier)) { + $this->setExtension('id-ce-subjectKeyIdentifier', $this->computeKeyIdentifier($this->currentCert), false, false); + } + } + + // resync $this->signatureSubject + // save $tbsCertificate in case there are any \phpseclib3\File\ASN1\Element objects in it + $tbsCertificate = $this->currentCert['tbsCertificate']; + $this->loadX509($this->saveX509($this->currentCert)); + + $result = $this->currentCert; + $this->currentCert['signature'] = $result['signature'] = "\0" . $issuer->privateKey->sign($this->signatureSubject); + $result['tbsCertificate'] = $tbsCertificate; + + $this->currentCert = $currentCert; + $this->signatureSubject = $signatureSubject; + + return $result; + } + + /** + * Sign a CSR + * + * @return mixed + */ + public function signCSR() + { + if (!is_object($this->privateKey) || empty($this->dn)) { + return false; + } + + $origPublicKey = $this->publicKey; + $this->publicKey = $this->privateKey->getPublicKey(); + $publicKey = $this->formatSubjectPublicKey(); + $this->publicKey = $origPublicKey; + + $currentCert = isset($this->currentCert) ? $this->currentCert : null; + $signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject : null; + $signatureAlgorithm = self::identifySignatureAlgorithm($this->privateKey); + + if (isset($this->currentCert) && is_array($this->currentCert) && isset($this->currentCert['certificationRequestInfo'])) { + $this->currentCert['signatureAlgorithm'] = $signatureAlgorithm; + if (!empty($this->dn)) { + $this->currentCert['certificationRequestInfo']['subject'] = $this->dn; + } + $this->currentCert['certificationRequestInfo']['subjectPKInfo'] = $publicKey; + } else { + $this->currentCert = [ + 'certificationRequestInfo' => + [ + 'version' => 'v1', + 'subject' => $this->dn, + 'subjectPKInfo' => $publicKey + ], + 'signatureAlgorithm' => $signatureAlgorithm, + 'signature' => false // this is going to be overwritten later + ]; + } + + // resync $this->signatureSubject + // save $certificationRequestInfo in case there are any \phpseclib3\File\ASN1\Element objects in it + $certificationRequestInfo = $this->currentCert['certificationRequestInfo']; + $this->loadCSR($this->saveCSR($this->currentCert)); + + $result = $this->currentCert; + $this->currentCert['signature'] = $result['signature'] = "\0" . $this->privateKey->sign($this->signatureSubject); + $result['certificationRequestInfo'] = $certificationRequestInfo; + + $this->currentCert = $currentCert; + $this->signatureSubject = $signatureSubject; + + return $result; + } + + /** + * Sign a SPKAC + * + * @return mixed + */ + public function signSPKAC() + { + if (!is_object($this->privateKey)) { + return false; + } + + $origPublicKey = $this->publicKey; + $this->publicKey = $this->privateKey->getPublicKey(); + $publicKey = $this->formatSubjectPublicKey(); + $this->publicKey = $origPublicKey; + + $currentCert = isset($this->currentCert) ? $this->currentCert : null; + $signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject : null; + $signatureAlgorithm = self::identifySignatureAlgorithm($this->privateKey); + + // re-signing a SPKAC seems silly but since everything else supports re-signing why not? + if (isset($this->currentCert) && is_array($this->currentCert) && isset($this->currentCert['publicKeyAndChallenge'])) { + $this->currentCert['signatureAlgorithm'] = $signatureAlgorithm; + $this->currentCert['publicKeyAndChallenge']['spki'] = $publicKey; + if (!empty($this->challenge)) { + // the bitwise AND ensures that the output is a valid IA5String + $this->currentCert['publicKeyAndChallenge']['challenge'] = $this->challenge & str_repeat("\x7F", strlen($this->challenge)); + } + } else { + $this->currentCert = [ + 'publicKeyAndChallenge' => + [ + 'spki' => $publicKey, + // quoting , + // "A challenge string that is submitted along with the public key. Defaults to an empty string if not specified." + // both Firefox and OpenSSL ("openssl spkac -key private.key") behave this way + // we could alternatively do this instead if we ignored the specs: + // Random::string(8) & str_repeat("\x7F", 8) + 'challenge' => !empty($this->challenge) ? $this->challenge : '' + ], + 'signatureAlgorithm' => $signatureAlgorithm, + 'signature' => false // this is going to be overwritten later + ]; + } + + // resync $this->signatureSubject + // save $publicKeyAndChallenge in case there are any \phpseclib3\File\ASN1\Element objects in it + $publicKeyAndChallenge = $this->currentCert['publicKeyAndChallenge']; + $this->loadSPKAC($this->saveSPKAC($this->currentCert)); + + $result = $this->currentCert; + $this->currentCert['signature'] = $result['signature'] = "\0" . $this->privateKey->sign($this->signatureSubject); + $result['publicKeyAndChallenge'] = $publicKeyAndChallenge; + + $this->currentCert = $currentCert; + $this->signatureSubject = $signatureSubject; + + return $result; + } + + /** + * Sign a CRL + * + * $issuer's private key needs to be loaded. + * + * @return mixed + */ + public function signCRL(X509 $issuer, X509 $crl) + { + if (!is_object($issuer->privateKey) || empty($issuer->dn)) { + return false; + } + + $currentCert = isset($this->currentCert) ? $this->currentCert : null; + $signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject : null; + $signatureAlgorithm = self::identifySignatureAlgorithm($issuer->privateKey); + + $thisUpdate = new \DateTimeImmutable('now', new \DateTimeZone(@date_default_timezone_get())); + $thisUpdate = !empty($this->startDate) ? $this->startDate : $thisUpdate->format('D, d M Y H:i:s O'); + + if (isset($crl->currentCert) && is_array($crl->currentCert) && isset($crl->currentCert['tbsCertList'])) { + $this->currentCert = $crl->currentCert; + $this->currentCert['tbsCertList']['signature'] = $signatureAlgorithm; + $this->currentCert['signatureAlgorithm'] = $signatureAlgorithm; + } else { + $this->currentCert = [ + 'tbsCertList' => + [ + 'version' => 'v2', + 'signature' => $signatureAlgorithm, + 'issuer' => false, // this is going to be overwritten later + 'thisUpdate' => $this->timeField($thisUpdate) // $this->setStartDate() + ], + 'signatureAlgorithm' => $signatureAlgorithm, + 'signature' => false // this is going to be overwritten later + ]; + } + + $tbsCertList = &$this->currentCert['tbsCertList']; + $tbsCertList['issuer'] = $issuer->dn; + $tbsCertList['thisUpdate'] = $this->timeField($thisUpdate); + + if (!empty($this->endDate)) { + $tbsCertList['nextUpdate'] = $this->timeField($this->endDate); // $this->setEndDate() + } else { + unset($tbsCertList['nextUpdate']); + } + + if (!empty($this->serialNumber)) { + $crlNumber = $this->serialNumber; + } else { + $crlNumber = $this->getExtension('id-ce-cRLNumber'); + // "The CRL number is a non-critical CRL extension that conveys a + // monotonically increasing sequence number for a given CRL scope and + // CRL issuer. This extension allows users to easily determine when a + // particular CRL supersedes another CRL." + // -- https://tools.ietf.org/html/rfc5280#section-5.2.3 + $crlNumber = $crlNumber !== false ? $crlNumber->add(new BigInteger(1)) : null; + } + + $this->removeExtension('id-ce-authorityKeyIdentifier'); + $this->removeExtension('id-ce-issuerAltName'); + + // Be sure version >= v2 if some extension found. + $version = isset($tbsCertList['version']) ? $tbsCertList['version'] : 0; + if (!$version) { + if (!empty($tbsCertList['crlExtensions'])) { + $version = 1; // v2. + } elseif (!empty($tbsCertList['revokedCertificates'])) { + foreach ($tbsCertList['revokedCertificates'] as $cert) { + if (!empty($cert['crlEntryExtensions'])) { + $version = 1; // v2. + } + } + } + + if ($version) { + $tbsCertList['version'] = $version; + } + } + + // Store additional extensions. + if (!empty($tbsCertList['version'])) { // At least v2. + if (!empty($crlNumber)) { + $this->setExtension('id-ce-cRLNumber', $crlNumber); + } + + if (isset($issuer->currentKeyIdentifier)) { + $this->setExtension('id-ce-authorityKeyIdentifier', [ + //'authorityCertIssuer' => array( + // ] + // 'directoryName' => $issuer->dn + // ] + //), + 'keyIdentifier' => $issuer->currentKeyIdentifier + ]); + //$extensions = &$tbsCertList['crlExtensions']; + //if (isset($issuer->serialNumber)) { + // $extensions[count($extensions) - 1]['authorityCertSerialNumber'] = $issuer->serialNumber; + //} + //unset($extensions); + } + + $issuerAltName = $this->getExtension('id-ce-subjectAltName', $issuer->currentCert); + + if ($issuerAltName !== false) { + $this->setExtension('id-ce-issuerAltName', $issuerAltName); + } + } + + if (empty($tbsCertList['revokedCertificates'])) { + unset($tbsCertList['revokedCertificates']); + } + + unset($tbsCertList); + + // resync $this->signatureSubject + // save $tbsCertList in case there are any \phpseclib3\File\ASN1\Element objects in it + $tbsCertList = $this->currentCert['tbsCertList']; + $this->loadCRL($this->saveCRL($this->currentCert)); + + $result = $this->currentCert; + $this->currentCert['signature'] = $result['signature'] = "\0" . $issuer->privateKey->sign($this->signatureSubject); + $result['tbsCertList'] = $tbsCertList; + + $this->currentCert = $currentCert; + $this->signatureSubject = $signatureSubject; + + return $result; + } + + /** + * Identify signature algorithm from key settings + * + * @param PrivateKey $key + * @throws \phpseclib3\Exception\UnsupportedAlgorithmException if the algorithm is unsupported + * @return array + */ + private static function identifySignatureAlgorithm(PrivateKey $key) + { + if ($key instanceof RSA) { + if ($key->getPadding() & RSA::SIGNATURE_PSS) { + $r = PSS::load($key->withPassword()->toString('PSS')); + return [ + 'algorithm' => 'id-RSASSA-PSS', + 'parameters' => PSS::savePSSParams($r) + ]; + } + switch ($key->getHash()) { + case 'md2': + case 'md5': + case 'sha1': + case 'sha224': + case 'sha256': + case 'sha384': + case 'sha512': + return ['algorithm' => $key->getHash() . 'WithRSAEncryption']; + } + throw new UnsupportedAlgorithmException('The only supported hash algorithms for RSA are: md2, md5, sha1, sha224, sha256, sha384, sha512'); + } + + if ($key instanceof DSA) { + switch ($key->getHash()) { + case 'sha1': + case 'sha224': + case 'sha256': + return ['algorithm' => 'id-dsa-with-' . $key->getHash()]; + } + throw new UnsupportedAlgorithmException('The only supported hash algorithms for DSA are: sha1, sha224, sha256'); + } + + if ($key instanceof EC) { + switch ($key->getCurve()) { + case 'Ed25519': + case 'Ed448': + return ['algorithm' => 'id-' . $key->getCurve()]; + } + switch ($key->getHash()) { + case 'sha1': + case 'sha224': + case 'sha256': + case 'sha384': + case 'sha512': + return ['algorithm' => 'ecdsa-with-' . strtoupper($key->getHash())]; + } + throw new UnsupportedAlgorithmException('The only supported hash algorithms for EC are: sha1, sha224, sha256, sha384, sha512'); + } + + throw new UnsupportedAlgorithmException('The only supported public key classes are: RSA, DSA, EC'); + } + + /** + * Set certificate start date + * + * @param \DateTimeInterface|string $date + */ + public function setStartDate($date) + { + if (!is_object($date) || !($date instanceof \DateTimeInterface)) { + $date = new \DateTimeImmutable($date, new \DateTimeZone(@date_default_timezone_get())); + } + + $this->startDate = $date->format('D, d M Y H:i:s O'); + } + + /** + * Set certificate end date + * + * @param \DateTimeInterface|string $date + */ + public function setEndDate($date) + { + /* + To indicate that a certificate has no well-defined expiration date, + the notAfter SHOULD be assigned the GeneralizedTime value of + 99991231235959Z. + + -- http://tools.ietf.org/html/rfc5280#section-4.1.2.5 + */ + if (is_string($date) && strtolower($date) === 'lifetime') { + $temp = '99991231235959Z'; + $temp = chr(ASN1::TYPE_GENERALIZED_TIME) . ASN1::encodeLength(strlen($temp)) . $temp; + $this->endDate = new Element($temp); + } else { + if (!is_object($date) || !($date instanceof \DateTimeInterface)) { + $date = new \DateTimeImmutable($date, new \DateTimeZone(@date_default_timezone_get())); + } + + $this->endDate = $date->format('D, d M Y H:i:s O'); + } + } + + /** + * Set Serial Number + * + * @param string $serial + * @param int $base optional + */ + public function setSerialNumber($serial, $base = -256) + { + $this->serialNumber = new BigInteger($serial, $base); + } + + /** + * Turns the certificate into a certificate authority + * + */ + public function makeCA() + { + $this->caFlag = true; + } + + /** + * Check for validity of subarray + * + * This is intended for use in conjunction with _subArrayUnchecked(), + * implementing the checks included in _subArray() but without copying + * a potentially large array by passing its reference by-value to is_array(). + * + * @param array $root + * @param string $path + * @return boolean + */ + private function isSubArrayValid(array $root, $path) + { + if (!is_array($root)) { + return false; + } + + foreach (explode('/', $path) as $i) { + if (!is_array($root)) { + return false; + } + + if (!isset($root[$i])) { + return true; + } + + $root = $root[$i]; + } + + return true; + } + + /** + * Get a reference to a subarray + * + * This variant of _subArray() does no is_array() checking, + * so $root should be checked with _isSubArrayValid() first. + * + * This is here for performance reasons: + * Passing a reference (i.e. $root) by-value (i.e. to is_array()) + * creates a copy. If $root is an especially large array, this is expensive. + * + * @param array $root + * @param string $path absolute path with / as component separator + * @param bool $create optional + * @return array|false + */ + private function &subArrayUnchecked(array &$root, $path, $create = false) + { + $false = false; + + foreach (explode('/', $path) as $i) { + if (!isset($root[$i])) { + if (!$create) { + return $false; + } + + $root[$i] = []; + } + + $root = &$root[$i]; + } + + return $root; + } + + /** + * Get a reference to a subarray + * + * @param array $root + * @param string $path absolute path with / as component separator + * @param bool $create optional + * @return array|false + */ + private function &subArray(array &$root = null, $path, $create = false) + { + $false = false; + + if (!is_array($root)) { + return $false; + } + + foreach (explode('/', $path) as $i) { + if (!is_array($root)) { + return $false; + } + + if (!isset($root[$i])) { + if (!$create) { + return $false; + } + + $root[$i] = []; + } + + $root = &$root[$i]; + } + + return $root; + } + + /** + * Get a reference to an extension subarray + * + * @param array $root + * @param string $path optional absolute path with / as component separator + * @param bool $create optional + * @return array|false + */ + private function &extensions(array &$root = null, $path = null, $create = false) + { + if (!isset($root)) { + $root = $this->currentCert; + } + + switch (true) { + case !empty($path): + case !is_array($root): + break; + case isset($root['tbsCertificate']): + $path = 'tbsCertificate/extensions'; + break; + case isset($root['tbsCertList']): + $path = 'tbsCertList/crlExtensions'; + break; + case isset($root['certificationRequestInfo']): + $pth = 'certificationRequestInfo/attributes'; + $attributes = &$this->subArray($root, $pth, $create); + + if (is_array($attributes)) { + foreach ($attributes as $key => $value) { + if ($value['type'] == 'pkcs-9-at-extensionRequest') { + $path = "$pth/$key/value/0"; + break 2; + } + } + if ($create) { + $key = count($attributes); + $attributes[] = ['type' => 'pkcs-9-at-extensionRequest', 'value' => []]; + $path = "$pth/$key/value/0"; + } + } + break; + } + + $extensions = &$this->subArray($root, $path, $create); + + if (!is_array($extensions)) { + $false = false; + return $false; + } + + return $extensions; + } + + /** + * Remove an Extension + * + * @param string $id + * @param string $path optional + * @return bool + */ + private function removeExtensionHelper($id, $path = null) + { + $extensions = &$this->extensions($this->currentCert, $path); + + if (!is_array($extensions)) { + return false; + } + + $result = false; + foreach ($extensions as $key => $value) { + if ($value['extnId'] == $id) { + unset($extensions[$key]); + $result = true; + } + } + + $extensions = array_values($extensions); + // fix for https://bugs.php.net/75433 affecting PHP 7.2 + if (!isset($extensions[0])) { + $extensions = array_splice($extensions, 0, 0); + } + return $result; + } + + /** + * Get an Extension + * + * Returns the extension if it exists and false if not + * + * @param string $id + * @param array $cert optional + * @param string $path optional + * @return mixed + */ + private function getExtensionHelper($id, array $cert = null, $path = null) + { + $extensions = $this->extensions($cert, $path); + + if (!is_array($extensions)) { + return false; + } + + foreach ($extensions as $key => $value) { + if ($value['extnId'] == $id) { + return $value['extnValue']; + } + } + + return false; + } + + /** + * Returns a list of all extensions in use + * + * @param array $cert optional + * @param string $path optional + * @return array + */ + private function getExtensionsHelper(array $cert = null, $path = null) + { + $exts = $this->extensions($cert, $path); + $extensions = []; + + if (is_array($exts)) { + foreach ($exts as $extension) { + $extensions[] = $extension['extnId']; + } + } + + return $extensions; + } + + /** + * Set an Extension + * + * @param string $id + * @param mixed $value + * @param bool $critical optional + * @param bool $replace optional + * @param string $path optional + * @return bool + */ + private function setExtensionHelper($id, $value, $critical = false, $replace = true, $path = null) + { + $extensions = &$this->extensions($this->currentCert, $path, true); + + if (!is_array($extensions)) { + return false; + } + + $newext = ['extnId' => $id, 'critical' => $critical, 'extnValue' => $value]; + + foreach ($extensions as $key => $value) { + if ($value['extnId'] == $id) { + if (!$replace) { + return false; + } + + $extensions[$key] = $newext; + return true; + } + } + + $extensions[] = $newext; + return true; + } + + /** + * Remove a certificate, CSR or CRL Extension + * + * @param string $id + * @return bool + */ + public function removeExtension($id) + { + return $this->removeExtensionHelper($id); + } + + /** + * Get a certificate, CSR or CRL Extension + * + * Returns the extension if it exists and false if not + * + * @param string $id + * @param array $cert optional + * @param string $path + * @return mixed + */ + public function getExtension($id, array $cert = null, $path = null) + { + return $this->getExtensionHelper($id, $cert, $path); + } + + /** + * Returns a list of all extensions in use in certificate, CSR or CRL + * + * @param array $cert optional + * @param string $path optional + * @return array + */ + public function getExtensions(array $cert = null, $path = null) + { + return $this->getExtensionsHelper($cert, $path); + } + + /** + * Set a certificate, CSR or CRL Extension + * + * @param string $id + * @param mixed $value + * @param bool $critical optional + * @param bool $replace optional + * @return bool + */ + public function setExtension($id, $value, $critical = false, $replace = true) + { + return $this->setExtensionHelper($id, $value, $critical, $replace); + } + + /** + * Remove a CSR attribute. + * + * @param string $id + * @param int $disposition optional + * @return bool + */ + public function removeAttribute($id, $disposition = self::ATTR_ALL) + { + $attributes = &$this->subArray($this->currentCert, 'certificationRequestInfo/attributes'); + + if (!is_array($attributes)) { + return false; + } + + $result = false; + foreach ($attributes as $key => $attribute) { + if ($attribute['type'] == $id) { + $n = count($attribute['value']); + switch (true) { + case $disposition == self::ATTR_APPEND: + case $disposition == self::ATTR_REPLACE: + return false; + case $disposition >= $n: + $disposition -= $n; + break; + case $disposition == self::ATTR_ALL: + case $n == 1: + unset($attributes[$key]); + $result = true; + break; + default: + unset($attributes[$key]['value'][$disposition]); + $attributes[$key]['value'] = array_values($attributes[$key]['value']); + $result = true; + break; + } + if ($result && $disposition != self::ATTR_ALL) { + break; + } + } + } + + $attributes = array_values($attributes); + return $result; + } + + /** + * Get a CSR attribute + * + * Returns the attribute if it exists and false if not + * + * @param string $id + * @param int $disposition optional + * @param array $csr optional + * @return mixed + */ + public function getAttribute($id, $disposition = self::ATTR_ALL, array $csr = null) + { + if (empty($csr)) { + $csr = $this->currentCert; + } + + $attributes = $this->subArray($csr, 'certificationRequestInfo/attributes'); + + if (!is_array($attributes)) { + return false; + } + + foreach ($attributes as $key => $attribute) { + if ($attribute['type'] == $id) { + $n = count($attribute['value']); + switch (true) { + case $disposition == self::ATTR_APPEND: + case $disposition == self::ATTR_REPLACE: + return false; + case $disposition == self::ATTR_ALL: + return $attribute['value']; + case $disposition >= $n: + $disposition -= $n; + break; + default: + return $attribute['value'][$disposition]; + } + } + } + + return false; + } + + /** + * Returns a list of all CSR attributes in use + * + * @param array $csr optional + * @return array + */ + public function getAttributes(array $csr = null) + { + if (empty($csr)) { + $csr = $this->currentCert; + } + + $attributes = $this->subArray($csr, 'certificationRequestInfo/attributes'); + $attrs = []; + + if (is_array($attributes)) { + foreach ($attributes as $attribute) { + $attrs[] = $attribute['type']; + } + } + + return $attrs; + } + + /** + * Set a CSR attribute + * + * @param string $id + * @param mixed $value + * @param int $disposition optional + * @return bool + */ + public function setAttribute($id, $value, $disposition = self::ATTR_ALL) + { + $attributes = &$this->subArray($this->currentCert, 'certificationRequestInfo/attributes', true); + + if (!is_array($attributes)) { + return false; + } + + switch ($disposition) { + case self::ATTR_REPLACE: + $disposition = self::ATTR_APPEND; + // fall-through + case self::ATTR_ALL: + $this->removeAttribute($id); + break; + } + + foreach ($attributes as $key => $attribute) { + if ($attribute['type'] == $id) { + $n = count($attribute['value']); + switch (true) { + case $disposition == self::ATTR_APPEND: + $last = $key; + break; + case $disposition >= $n: + $disposition -= $n; + break; + default: + $attributes[$key]['value'][$disposition] = $value; + return true; + } + } + } + + switch (true) { + case $disposition >= 0: + return false; + case isset($last): + $attributes[$last]['value'][] = $value; + break; + default: + $attributes[] = ['type' => $id, 'value' => $disposition == self::ATTR_ALL ? $value : [$value]]; + break; + } + + return true; + } + + /** + * Sets the subject key identifier + * + * This is used by the id-ce-authorityKeyIdentifier and the id-ce-subjectKeyIdentifier extensions. + * + * @param string $value + */ + public function setKeyIdentifier($value) + { + if (empty($value)) { + unset($this->currentKeyIdentifier); + } else { + $this->currentKeyIdentifier = $value; + } + } + + /** + * Compute a public key identifier. + * + * Although key identifiers may be set to any unique value, this function + * computes key identifiers from public key according to the two + * recommended methods (4.2.1.2 RFC 3280). + * Highly polymorphic: try to accept all possible forms of key: + * - Key object + * - \phpseclib3\File\X509 object with public or private key defined + * - Certificate or CSR array + * - \phpseclib3\File\ASN1\Element object + * - PEM or DER string + * + * @param mixed $key optional + * @param int $method optional + * @return string binary key identifier + */ + public function computeKeyIdentifier($key = null, $method = 1) + { + if (is_null($key)) { + $key = $this; + } + + switch (true) { + case is_string($key): + break; + case is_array($key) && isset($key['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey']): + return $this->computeKeyIdentifier($key['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'], $method); + case is_array($key) && isset($key['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey']): + return $this->computeKeyIdentifier($key['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey'], $method); + case !is_object($key): + return false; + case $key instanceof Element: + // Assume the element is a bitstring-packed key. + $decoded = ASN1::decodeBER($key->element); + if (!$decoded) { + return false; + } + $raw = ASN1::asn1map($decoded[0], ['type' => ASN1::TYPE_BIT_STRING]); + if (empty($raw)) { + return false; + } + // If the key is private, compute identifier from its corresponding public key. + $key = PublicKeyLoader::load($raw); + if ($key instanceof PrivateKey) { // If private. + return $this->computeKeyIdentifier($key, $method); + } + $key = $raw; // Is a public key. + break; + case $key instanceof X509: + if (isset($key->publicKey)) { + return $this->computeKeyIdentifier($key->publicKey, $method); + } + if (isset($key->privateKey)) { + return $this->computeKeyIdentifier($key->privateKey, $method); + } + if (isset($key->currentCert['tbsCertificate']) || isset($key->currentCert['certificationRequestInfo'])) { + return $this->computeKeyIdentifier($key->currentCert, $method); + } + return false; + default: // Should be a key object (i.e.: \phpseclib3\Crypt\RSA). + $key = $key->getPublicKey(); + break; + } + + // If in PEM format, convert to binary. + $key = ASN1::extractBER($key); + + // Now we have the key string: compute its sha-1 sum. + $hash = new Hash('sha1'); + $hash = $hash->hash($key); + + if ($method == 2) { + $hash = substr($hash, -8); + $hash[0] = chr((ord($hash[0]) & 0x0F) | 0x40); + } + + return $hash; + } + + /** + * Format a public key as appropriate + * + * @return array|false + */ + private function formatSubjectPublicKey() + { + $format = $this->publicKey instanceof RSA && ($this->publicKey->getPadding() & RSA::SIGNATURE_PSS) ? + 'PSS' : + 'PKCS8'; + + $publicKey = base64_decode(preg_replace('#-.+-|[\r\n]#', '', $this->publicKey->toString($format))); + + $decoded = ASN1::decodeBER($publicKey); + if (!$decoded) { + return false; + } + $mapped = ASN1::asn1map($decoded[0], Maps\SubjectPublicKeyInfo::MAP); + if (!is_array($mapped)) { + return false; + } + + $mapped['subjectPublicKey'] = $this->publicKey->toString($format); + + return $mapped; + } + + /** + * Set the domain name's which the cert is to be valid for + * + * @param mixed ...$domains + * @return void + */ + public function setDomain(...$domains) + { + $this->domains = $domains; + $this->removeDNProp('id-at-commonName'); + $this->setDNProp('id-at-commonName', $this->domains[0]); + } + + /** + * Set the IP Addresses's which the cert is to be valid for + * + * @param mixed[] ...$ipAddresses + */ + public function setIPAddress(...$ipAddresses) + { + $this->ipAddresses = $ipAddresses; + /* + if (!isset($this->domains)) { + $this->removeDNProp('id-at-commonName'); + $this->setDNProp('id-at-commonName', $this->ipAddresses[0]); + } + */ + } + + /** + * Helper function to build domain array + * + * @param string $domain + * @return array + */ + private static function dnsName($domain) + { + return ['dNSName' => $domain]; + } + + /** + * Helper function to build IP Address array + * + * (IPv6 is not currently supported) + * + * @param string $address + * @return array + */ + private function iPAddress($address) + { + return ['iPAddress' => $address]; + } + + /** + * Get the index of a revoked certificate. + * + * @param array $rclist + * @param string $serial + * @param bool $create optional + * @return int|false + */ + private function revokedCertificate(array &$rclist, $serial, $create = false) + { + $serial = new BigInteger($serial); + + foreach ($rclist as $i => $rc) { + if (!($serial->compare($rc['userCertificate']))) { + return $i; + } + } + + if (!$create) { + return false; + } + + $i = count($rclist); + $revocationDate = new \DateTimeImmutable('now', new \DateTimeZone(@date_default_timezone_get())); + $rclist[] = ['userCertificate' => $serial, + 'revocationDate' => $this->timeField($revocationDate->format('D, d M Y H:i:s O'))]; + return $i; + } + + /** + * Revoke a certificate. + * + * @param string $serial + * @param string $date optional + * @return bool + */ + public function revoke($serial, $date = null) + { + if (isset($this->currentCert['tbsCertList'])) { + if (is_array($rclist = &$this->subArray($this->currentCert, 'tbsCertList/revokedCertificates', true))) { + if ($this->revokedCertificate($rclist, $serial) === false) { // If not yet revoked + if (($i = $this->revokedCertificate($rclist, $serial, true)) !== false) { + if (!empty($date)) { + $rclist[$i]['revocationDate'] = $this->timeField($date); + } + + return true; + } + } + } + } + + return false; + } + + /** + * Unrevoke a certificate. + * + * @param string $serial + * @return bool + */ + public function unrevoke($serial) + { + if (is_array($rclist = &$this->subArray($this->currentCert, 'tbsCertList/revokedCertificates'))) { + if (($i = $this->revokedCertificate($rclist, $serial)) !== false) { + unset($rclist[$i]); + $rclist = array_values($rclist); + return true; + } + } + + return false; + } + + /** + * Get a revoked certificate. + * + * @param string $serial + * @return mixed + */ + public function getRevoked($serial) + { + if (is_array($rclist = $this->subArray($this->currentCert, 'tbsCertList/revokedCertificates'))) { + if (($i = $this->revokedCertificate($rclist, $serial)) !== false) { + return $rclist[$i]; + } + } + + return false; + } + + /** + * List revoked certificates + * + * @param array $crl optional + * @return array|bool + */ + public function listRevoked(array $crl = null) + { + if (!isset($crl)) { + $crl = $this->currentCert; + } + + if (!isset($crl['tbsCertList'])) { + return false; + } + + $result = []; + + if (is_array($rclist = $this->subArray($crl, 'tbsCertList/revokedCertificates'))) { + foreach ($rclist as $rc) { + $result[] = $rc['userCertificate']->toString(); + } + } + + return $result; + } + + /** + * Remove a Revoked Certificate Extension + * + * @param string $serial + * @param string $id + * @return bool + */ + public function removeRevokedCertificateExtension($serial, $id) + { + if (is_array($rclist = &$this->subArray($this->currentCert, 'tbsCertList/revokedCertificates'))) { + if (($i = $this->revokedCertificate($rclist, $serial)) !== false) { + return $this->removeExtensionHelper($id, "tbsCertList/revokedCertificates/$i/crlEntryExtensions"); + } + } + + return false; + } + + /** + * Get a Revoked Certificate Extension + * + * Returns the extension if it exists and false if not + * + * @param string $serial + * @param string $id + * @param array $crl optional + * @return mixed + */ + public function getRevokedCertificateExtension($serial, $id, array $crl = null) + { + if (!isset($crl)) { + $crl = $this->currentCert; + } + + if (is_array($rclist = $this->subArray($crl, 'tbsCertList/revokedCertificates'))) { + if (($i = $this->revokedCertificate($rclist, $serial)) !== false) { + return $this->getExtension($id, $crl, "tbsCertList/revokedCertificates/$i/crlEntryExtensions"); + } + } + + return false; + } + + /** + * Returns a list of all extensions in use for a given revoked certificate + * + * @param string $serial + * @param array $crl optional + * @return array|bool + */ + public function getRevokedCertificateExtensions($serial, array $crl = null) + { + if (!isset($crl)) { + $crl = $this->currentCert; + } + + if (is_array($rclist = $this->subArray($crl, 'tbsCertList/revokedCertificates'))) { + if (($i = $this->revokedCertificate($rclist, $serial)) !== false) { + return $this->getExtensions($crl, "tbsCertList/revokedCertificates/$i/crlEntryExtensions"); + } + } + + return false; + } + + /** + * Set a Revoked Certificate Extension + * + * @param string $serial + * @param string $id + * @param mixed $value + * @param bool $critical optional + * @param bool $replace optional + * @return bool + */ + public function setRevokedCertificateExtension($serial, $id, $value, $critical = false, $replace = true) + { + if (isset($this->currentCert['tbsCertList'])) { + if (is_array($rclist = &$this->subArray($this->currentCert, 'tbsCertList/revokedCertificates', true))) { + if (($i = $this->revokedCertificate($rclist, $serial, true)) !== false) { + return $this->setExtensionHelper($id, $value, $critical, $replace, "tbsCertList/revokedCertificates/$i/crlEntryExtensions"); + } + } + } + + return false; + } + + /** + * Register the mapping for a custom/unsupported extension. + * + * @param string $id + * @param array $mapping + */ + public static function registerExtension($id, array $mapping) + { + if (isset(self::$extensions[$id]) && self::$extensions[$id] !== $mapping) { + throw new \RuntimeException( + 'Extension ' . $id . ' has already been defined with a different mapping.' + ); + } + + self::$extensions[$id] = $mapping; + } + + /** + * Register the mapping for a custom/unsupported extension. + * + * @param string $id + * + * @return array|null + */ + public static function getRegisteredExtension($id) + { + return isset(self::$extensions[$id]) ? self::$extensions[$id] : null; + } + + /** + * Register the mapping for a custom/unsupported extension. + * + * @param string $id + * @param mixed $value + * @param bool $critical + * @param bool $replace + */ + public function setExtensionValue($id, $value, $critical = false, $replace = false) + { + $this->extensionValues[$id] = compact('critical', 'replace', 'value'); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger.php new file mode 100644 index 0000000..67d4788 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger.php @@ -0,0 +1,892 @@ + + * add($b); + * + * echo $c->toString(); // outputs 5 + * ?> + * + * + * @author Jim Wigginton + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + */ + +namespace phpseclib3\Math; + +use phpseclib3\Exception\BadConfigurationException; +use phpseclib3\Math\BigInteger\Engines\Engine; + +/** + * Pure-PHP arbitrary precision integer arithmetic library. Supports base-2, base-10, base-16, and base-256 + * numbers. + * + * @author Jim Wigginton + */ +class BigInteger implements \JsonSerializable +{ + /** + * Main Engine + * + * @var class-string + */ + private static $mainEngine; + + /** + * Selected Engines + * + * @var list + */ + private static $engines; + + /** + * The actual BigInteger object + * + * @var object + */ + private $value; + + /** + * Mode independent value used for serialization. + * + * @see self::__sleep() + * @see self::__wakeup() + * @var string + */ + private $hex; + + /** + * Precision (used only for serialization) + * + * @see self::__sleep() + * @see self::__wakeup() + * @var int + */ + private $precision; + + /** + * Sets engine type. + * + * Throws an exception if the type is invalid + * + * @param string $main + * @param list $modexps optional + * @return void + */ + public static function setEngine($main, array $modexps = ['DefaultEngine']) + { + self::$engines = []; + + $fqmain = 'phpseclib3\\Math\\BigInteger\\Engines\\' . $main; + if (!class_exists($fqmain) || !method_exists($fqmain, 'isValidEngine')) { + throw new \InvalidArgumentException("$main is not a valid engine"); + } + if (!$fqmain::isValidEngine()) { + throw new BadConfigurationException("$main is not setup correctly on this system"); + } + /** @var class-string $fqmain */ + self::$mainEngine = $fqmain; + + $found = false; + foreach ($modexps as $modexp) { + try { + $fqmain::setModExpEngine($modexp); + $found = true; + break; + } catch (\Exception $e) { + } + } + + if (!$found) { + throw new BadConfigurationException("No valid modular exponentiation engine found for $main"); + } + + self::$engines = [$main, $modexp]; + } + + /** + * Returns the engine type + * + * @return string[] + */ + public static function getEngine() + { + self::initialize_static_variables(); + + return self::$engines; + } + + /** + * Initialize static variables + */ + private static function initialize_static_variables() + { + if (!isset(self::$mainEngine)) { + $engines = [ + ['GMP', ['DefaultEngine']], + ['PHP64', ['OpenSSL']], + ['BCMath', ['OpenSSL']], + ['PHP32', ['OpenSSL']], + ['PHP64', ['DefaultEngine']], + ['PHP32', ['DefaultEngine']] + ]; + + foreach ($engines as $engine) { + try { + self::setEngine($engine[0], $engine[1]); + return; + } catch (\Exception $e) { + } + } + + throw new \UnexpectedValueException('No valid BigInteger found. This is only possible when JIT is enabled on Windows and neither the GMP or BCMath extensions are available so either disable JIT or install GMP / BCMath'); + } + } + + /** + * Converts base-2, base-10, base-16, and binary strings (base-256) to BigIntegers. + * + * If the second parameter - $base - is negative, then it will be assumed that the number's are encoded using + * two's compliment. The sole exception to this is -10, which is treated the same as 10 is. + * + * @param string|int|BigInteger\Engines\Engine $x Base-10 number or base-$base number if $base set. + * @param int $base + */ + public function __construct($x = 0, $base = 10) + { + self::initialize_static_variables(); + + if ($x instanceof self::$mainEngine) { + $this->value = clone $x; + } elseif ($x instanceof BigInteger\Engines\Engine) { + $this->value = new static("$x"); + $this->value->setPrecision($x->getPrecision()); + } else { + $this->value = new self::$mainEngine($x, $base); + } + } + + /** + * Converts a BigInteger to a base-10 number. + * + * @return string + */ + public function toString() + { + return $this->value->toString(); + } + + /** + * __toString() magic method + */ + public function __toString() + { + return (string)$this->value; + } + + /** + * __debugInfo() magic method + * + * Will be called, automatically, when print_r() or var_dump() are called + */ + public function __debugInfo() + { + return $this->value->__debugInfo(); + } + + /** + * Converts a BigInteger to a byte string (eg. base-256). + * + * @param bool $twos_compliment + * @return string + */ + public function toBytes($twos_compliment = false) + { + return $this->value->toBytes($twos_compliment); + } + + /** + * Converts a BigInteger to a hex string (eg. base-16). + * + * @param bool $twos_compliment + * @return string + */ + public function toHex($twos_compliment = false) + { + return $this->value->toHex($twos_compliment); + } + + /** + * Converts a BigInteger to a bit string (eg. base-2). + * + * Negative numbers are saved as positive numbers, unless $twos_compliment is set to true, at which point, they're + * saved as two's compliment. + * + * @param bool $twos_compliment + * @return string + */ + public function toBits($twos_compliment = false) + { + return $this->value->toBits($twos_compliment); + } + + /** + * Adds two BigIntegers. + * + * @param BigInteger $y + * @return BigInteger + */ + public function add(BigInteger $y) + { + return new static($this->value->add($y->value)); + } + + /** + * Subtracts two BigIntegers. + * + * @param BigInteger $y + * @return BigInteger + */ + public function subtract(BigInteger $y) + { + return new static($this->value->subtract($y->value)); + } + + /** + * Multiplies two BigIntegers + * + * @param BigInteger $x + * @return BigInteger + */ + public function multiply(BigInteger $x) + { + return new static($this->value->multiply($x->value)); + } + + /** + * Divides two BigIntegers. + * + * Returns an array whose first element contains the quotient and whose second element contains the + * "common residue". If the remainder would be positive, the "common residue" and the remainder are the + * same. If the remainder would be negative, the "common residue" is equal to the sum of the remainder + * and the divisor (basically, the "common residue" is the first positive modulo). + * + * Here's an example: + * + * divide($b); + * + * echo $quotient->toString(); // outputs 0 + * echo "\r\n"; + * echo $remainder->toString(); // outputs 10 + * ?> + * + * + * @param BigInteger $y + * @return BigInteger[] + */ + public function divide(BigInteger $y) + { + list($q, $r) = $this->value->divide($y->value); + return [ + new static($q), + new static($r) + ]; + } + + /** + * Calculates modular inverses. + * + * Say you have (30 mod 17 * x mod 17) mod 17 == 1. x can be found using modular inverses. + * + * @param BigInteger $n + * @return BigInteger + */ + public function modInverse(BigInteger $n) + { + return new static($this->value->modInverse($n->value)); + } + + /** + * Calculates modular inverses. + * + * Say you have (30 mod 17 * x mod 17) mod 17 == 1. x can be found using modular inverses. + * + * @param BigInteger $n + * @return BigInteger[] + */ + public function extendedGCD(BigInteger $n) + { + extract($this->value->extendedGCD($n->value)); + /** + * @var BigInteger $gcd + * @var BigInteger $x + * @var BigInteger $y + */ + return [ + 'gcd' => new static($gcd), + 'x' => new static($x), + 'y' => new static($y) + ]; + } + + /** + * Calculates the greatest common divisor + * + * Say you have 693 and 609. The GCD is 21. + * + * @param BigInteger $n + * @return BigInteger + */ + public function gcd(BigInteger $n) + { + return new static($this->value->gcd($n->value)); + } + + /** + * Absolute value. + * + * @return BigInteger + */ + public function abs() + { + return new static($this->value->abs()); + } + + /** + * Set Precision + * + * Some bitwise operations give different results depending on the precision being used. Examples include left + * shift, not, and rotates. + * + * @param int $bits + */ + public function setPrecision($bits) + { + $this->value->setPrecision($bits); + } + + /** + * Get Precision + * + * Returns the precision if it exists, false if it doesn't + * + * @return int|bool + */ + public function getPrecision() + { + return $this->value->getPrecision(); + } + + /** + * Serialize + * + * Will be called, automatically, when serialize() is called on a BigInteger object. + * + * __sleep() / __wakeup() have been around since PHP 4.0 + * + * \Serializable was introduced in PHP 5.1 and deprecated in PHP 8.1: + * https://wiki.php.net/rfc/phase_out_serializable + * + * __serialize() / __unserialize() were introduced in PHP 7.4: + * https://wiki.php.net/rfc/custom_object_serialization + * + * @return array + */ + public function __sleep() + { + $this->hex = $this->toHex(true); + $vars = ['hex']; + if ($this->getPrecision() > 0) { + $vars[] = 'precision'; + } + return $vars; + } + + /** + * Serialize + * + * Will be called, automatically, when unserialize() is called on a BigInteger object. + */ + public function __wakeup() + { + $temp = new static($this->hex, -16); + $this->value = $temp->value; + if ($this->precision > 0) { + // recalculate $this->bitmask + $this->setPrecision($this->precision); + } + } + + /** + * JSON Serialize + * + * Will be called, automatically, when json_encode() is called on a BigInteger object. + * + * @return array{hex: string, precision?: int] + */ + #[\ReturnTypeWillChange] + public function jsonSerialize() + { + $result = ['hex' => $this->toHex(true)]; + if ($this->precision > 0) { + $result['precision'] = $this->getPrecision(); + } + return $result; + } + + /** + * Performs modular exponentiation. + * + * @param BigInteger $e + * @param BigInteger $n + * @return BigInteger + */ + public function powMod(BigInteger $e, BigInteger $n) + { + return new static($this->value->powMod($e->value, $n->value)); + } + + /** + * Performs modular exponentiation. + * + * @param BigInteger $e + * @param BigInteger $n + * @return BigInteger + */ + public function modPow(BigInteger $e, BigInteger $n) + { + return new static($this->value->modPow($e->value, $n->value)); + } + + /** + * Compares two numbers. + * + * Although one might think !$x->compare($y) means $x != $y, it, in fact, means the opposite. The reason for this + * is demonstrated thusly: + * + * $x > $y: $x->compare($y) > 0 + * $x < $y: $x->compare($y) < 0 + * $x == $y: $x->compare($y) == 0 + * + * Note how the same comparison operator is used. If you want to test for equality, use $x->equals($y). + * + * {@internal Could return $this->subtract($x), but that's not as fast as what we do do.} + * + * @param BigInteger $y + * @return int in case < 0 if $this is less than $y; > 0 if $this is greater than $y, and 0 if they are equal. + * @see self::equals() + */ + public function compare(BigInteger $y) + { + return $this->value->compare($y->value); + } + + /** + * Tests the equality of two numbers. + * + * If you need to see if one number is greater than or less than another number, use BigInteger::compare() + * + * @param BigInteger $x + * @return bool + */ + public function equals(BigInteger $x) + { + return $this->value->equals($x->value); + } + + /** + * Logical Not + * + * @return BigInteger + */ + public function bitwise_not() + { + return new static($this->value->bitwise_not()); + } + + /** + * Logical And + * + * @param BigInteger $x + * @return BigInteger + */ + public function bitwise_and(BigInteger $x) + { + return new static($this->value->bitwise_and($x->value)); + } + + /** + * Logical Or + * + * @param BigInteger $x + * @return BigInteger + */ + public function bitwise_or(BigInteger $x) + { + return new static($this->value->bitwise_or($x->value)); + } + + /** + * Logical Exclusive Or + * + * @param BigInteger $x + * @return BigInteger + */ + public function bitwise_xor(BigInteger $x) + { + return new static($this->value->bitwise_xor($x->value)); + } + + /** + * Logical Right Shift + * + * Shifts BigInteger's by $shift bits, effectively dividing by 2**$shift. + * + * @param int $shift + * @return BigInteger + */ + public function bitwise_rightShift($shift) + { + return new static($this->value->bitwise_rightShift($shift)); + } + + /** + * Logical Left Shift + * + * Shifts BigInteger's by $shift bits, effectively multiplying by 2**$shift. + * + * @param int $shift + * @return BigInteger + */ + public function bitwise_leftShift($shift) + { + return new static($this->value->bitwise_leftShift($shift)); + } + + /** + * Logical Left Rotate + * + * Instead of the top x bits being dropped they're appended to the shifted bit string. + * + * @param int $shift + * @return BigInteger + */ + public function bitwise_leftRotate($shift) + { + return new static($this->value->bitwise_leftRotate($shift)); + } + + /** + * Logical Right Rotate + * + * Instead of the bottom x bits being dropped they're prepended to the shifted bit string. + * + * @param int $shift + * @return BigInteger + */ + public function bitwise_rightRotate($shift) + { + return new static($this->value->bitwise_rightRotate($shift)); + } + + /** + * Returns the smallest and largest n-bit number + * + * @param int $bits + * @return BigInteger[] + */ + public static function minMaxBits($bits) + { + self::initialize_static_variables(); + + $class = self::$mainEngine; + extract($class::minMaxBits($bits)); + /** @var BigInteger $min + * @var BigInteger $max + */ + return [ + 'min' => new static($min), + 'max' => new static($max) + ]; + } + + /** + * Return the size of a BigInteger in bits + * + * @return int + */ + public function getLength() + { + return $this->value->getLength(); + } + + /** + * Return the size of a BigInteger in bytes + * + * @return int + */ + public function getLengthInBytes() + { + return $this->value->getLengthInBytes(); + } + + /** + * Generates a random number of a certain size + * + * Bit length is equal to $size + * + * @param int $size + * @return BigInteger + */ + public static function random($size) + { + self::initialize_static_variables(); + + $class = self::$mainEngine; + return new static($class::random($size)); + } + + /** + * Generates a random prime number of a certain size + * + * Bit length is equal to $size + * + * @param int $size + * @return BigInteger + */ + public static function randomPrime($size) + { + self::initialize_static_variables(); + + $class = self::$mainEngine; + return new static($class::randomPrime($size)); + } + + /** + * Generate a random prime number between a range + * + * If there's not a prime within the given range, false will be returned. + * + * @param BigInteger $min + * @param BigInteger $max + * @return false|BigInteger + */ + public static function randomRangePrime(BigInteger $min, BigInteger $max) + { + $class = self::$mainEngine; + return new static($class::randomRangePrime($min->value, $max->value)); + } + + /** + * Generate a random number between a range + * + * Returns a random number between $min and $max where $min and $max + * can be defined using one of the two methods: + * + * BigInteger::randomRange($min, $max) + * BigInteger::randomRange($max, $min) + * + * @param BigInteger $min + * @param BigInteger $max + * @return BigInteger + */ + public static function randomRange(BigInteger $min, BigInteger $max) + { + $class = self::$mainEngine; + return new static($class::randomRange($min->value, $max->value)); + } + + /** + * Checks a numer to see if it's prime + * + * Assuming the $t parameter is not set, this function has an error rate of 2**-80. The main motivation for the + * $t parameter is distributability. BigInteger::randomPrime() can be distributed across multiple pageloads + * on a website instead of just one. + * + * @param int|bool $t + * @return bool + */ + public function isPrime($t = false) + { + return $this->value->isPrime($t); + } + + /** + * Calculates the nth root of a biginteger. + * + * Returns the nth root of a positive biginteger, where n defaults to 2 + * + * @param int $n optional + * @return BigInteger + */ + public function root($n = 2) + { + return new static($this->value->root($n)); + } + + /** + * Performs exponentiation. + * + * @param BigInteger $n + * @return BigInteger + */ + public function pow(BigInteger $n) + { + return new static($this->value->pow($n->value)); + } + + /** + * Return the minimum BigInteger between an arbitrary number of BigIntegers. + * + * @param BigInteger ...$nums + * @return BigInteger + */ + public static function min(BigInteger ...$nums) + { + $class = self::$mainEngine; + $nums = array_map(function ($num) { + return $num->value; + }, $nums); + return new static($class::min(...$nums)); + } + + /** + * Return the maximum BigInteger between an arbitrary number of BigIntegers. + * + * @param BigInteger ...$nums + * @return BigInteger + */ + public static function max(BigInteger ...$nums) + { + $class = self::$mainEngine; + $nums = array_map(function ($num) { + return $num->value; + }, $nums); + return new static($class::max(...$nums)); + } + + /** + * Tests BigInteger to see if it is between two integers, inclusive + * + * @param BigInteger $min + * @param BigInteger $max + * @return bool + */ + public function between(BigInteger $min, BigInteger $max) + { + return $this->value->between($min->value, $max->value); + } + + /** + * Clone + */ + public function __clone() + { + $this->value = clone $this->value; + } + + /** + * Is Odd? + * + * @return bool + */ + public function isOdd() + { + return $this->value->isOdd(); + } + + /** + * Tests if a bit is set + * + * @param int $x + * @return bool + */ + public function testBit($x) + { + return $this->value->testBit($x); + } + + /** + * Is Negative? + * + * @return bool + */ + public function isNegative() + { + return $this->value->isNegative(); + } + + /** + * Negate + * + * Given $k, returns -$k + * + * @return BigInteger + */ + public function negate() + { + return new static($this->value->negate()); + } + + /** + * Scan for 1 and right shift by that amount + * + * ie. $s = gmp_scan1($n, 0) and $r = gmp_div_q($n, gmp_pow(gmp_init('2'), $s)); + * + * @param BigInteger $r + * @return int + */ + public static function scan1divide(BigInteger $r) + { + $class = self::$mainEngine; + return $class::scan1divide($r->value); + } + + /** + * Create Recurring Modulo Function + * + * Sometimes it may be desirable to do repeated modulos with the same number outside of + * modular exponentiation + * + * @return callable + */ + public function createRecurringModuloFunction() + { + $func = $this->value->createRecurringModuloFunction(); + return function (BigInteger $x) use ($func) { + return new static($func($x->value)); + }; + } + + /** + * Bitwise Split + * + * Splits BigInteger's into chunks of $split bits + * + * @param int $split + * @return BigInteger[] + */ + public function bitwise_split($split) + { + return array_map(function ($val) { + return new static($val); + }, $this->value->bitwise_split($split)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath.php new file mode 100644 index 0000000..7c5ca9f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath.php @@ -0,0 +1,697 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Math\BigInteger\Engines; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Exception\BadConfigurationException; + +/** + * BCMath Engine. + * + * @author Jim Wigginton + */ +class BCMath extends Engine +{ + /** + * Can Bitwise operations be done fast? + * + * @see parent::bitwise_leftRotate() + * @see parent::bitwise_rightRotate() + */ + const FAST_BITWISE = false; + + /** + * Engine Directory + * + * @see parent::setModExpEngine + */ + const ENGINE_DIR = 'BCMath'; + + /** + * Test for engine validity + * + * @return bool + * @see parent::__construct() + */ + public static function isValidEngine() + { + return extension_loaded('bcmath'); + } + + /** + * Default constructor + * + * @param mixed $x integer Base-10 number or base-$base number if $base set. + * @param int $base + * @see parent::__construct() + */ + public function __construct($x = 0, $base = 10) + { + if (!isset(static::$isValidEngine[static::class])) { + static::$isValidEngine[static::class] = self::isValidEngine(); + } + if (!static::$isValidEngine[static::class]) { + throw new BadConfigurationException('BCMath is not setup correctly on this system'); + } + + $this->value = '0'; + + parent::__construct($x, $base); + } + + /** + * Initialize a BCMath BigInteger Engine instance + * + * @param int $base + * @see parent::__construct() + */ + protected function initialize($base) + { + switch (abs($base)) { + case 256: + // round $len to the nearest 4 + $len = (strlen($this->value) + 3) & ~3; + + $x = str_pad($this->value, $len, chr(0), STR_PAD_LEFT); + + $this->value = '0'; + for ($i = 0; $i < $len; $i += 4) { + $this->value = bcmul($this->value, '4294967296', 0); // 4294967296 == 2**32 + $this->value = bcadd( + $this->value, + 0x1000000 * ord($x[$i]) + ((ord($x[$i + 1]) << 16) | (ord( + $x[$i + 2] + ) << 8) | ord($x[$i + 3])), + 0 + ); + } + + if ($this->is_negative) { + $this->value = '-' . $this->value; + } + break; + case 16: + $x = (strlen($this->value) & 1) ? '0' . $this->value : $this->value; + $temp = new self(Strings::hex2bin($x), 256); + $this->value = $this->is_negative ? '-' . $temp->value : $temp->value; + $this->is_negative = false; + break; + case 10: + // explicitly casting $x to a string is necessary, here, since doing $x[0] on -1 yields different + // results then doing it on '-1' does (modInverse does $x[0]) + $this->value = $this->value === '-' ? '0' : (string)$this->value; + } + } + + /** + * Converts a BigInteger to a base-10 number. + * + * @return string + */ + public function toString() + { + if ($this->value === '0') { + return '0'; + } + + return ltrim($this->value, '0'); + } + + /** + * Converts a BigInteger to a byte string (eg. base-256). + * + * @param bool $twos_compliment + * @return string + */ + public function toBytes($twos_compliment = false) + { + if ($twos_compliment) { + return $this->toBytesHelper(); + } + + $value = ''; + $current = $this->value; + + if ($current[0] == '-') { + $current = substr($current, 1); + } + + while (bccomp($current, '0', 0) > 0) { + $temp = bcmod($current, '16777216'); + $value = chr($temp >> 16) . chr($temp >> 8) . chr($temp) . $value; + $current = bcdiv($current, '16777216', 0); + } + + return $this->precision > 0 ? + substr(str_pad($value, $this->precision >> 3, chr(0), STR_PAD_LEFT), -($this->precision >> 3)) : + ltrim($value, chr(0)); + } + + /** + * Adds two BigIntegers. + * + * @param BCMath $y + * @return BCMath + */ + public function add(BCMath $y) + { + $temp = new self(); + $temp->value = bcadd($this->value, $y->value); + + return $this->normalize($temp); + } + + /** + * Subtracts two BigIntegers. + * + * @param BCMath $y + * @return BCMath + */ + public function subtract(BCMath $y) + { + $temp = new self(); + $temp->value = bcsub($this->value, $y->value); + + return $this->normalize($temp); + } + + /** + * Multiplies two BigIntegers. + * + * @param BCMath $x + * @return BCMath + */ + public function multiply(BCMath $x) + { + $temp = new self(); + $temp->value = bcmul($this->value, $x->value); + + return $this->normalize($temp); + } + + /** + * Divides two BigIntegers. + * + * Returns an array whose first element contains the quotient and whose second element contains the + * "common residue". If the remainder would be positive, the "common residue" and the remainder are the + * same. If the remainder would be negative, the "common residue" is equal to the sum of the remainder + * and the divisor (basically, the "common residue" is the first positive modulo). + * + * @param BCMath $y + * @return array{static, static} + */ + public function divide(BCMath $y) + { + $quotient = new self(); + $remainder = new self(); + + $quotient->value = bcdiv($this->value, $y->value, 0); + $remainder->value = bcmod($this->value, $y->value); + + if ($remainder->value[0] == '-') { + $remainder->value = bcadd($remainder->value, $y->value[0] == '-' ? substr($y->value, 1) : $y->value, 0); + } + + return [$this->normalize($quotient), $this->normalize($remainder)]; + } + + /** + * Calculates modular inverses. + * + * Say you have (30 mod 17 * x mod 17) mod 17 == 1. x can be found using modular inverses. + * + * @param BCMath $n + * @return false|BCMath + */ + public function modInverse(BCMath $n) + { + return $this->modInverseHelper($n); + } + + /** + * Calculates the greatest common divisor and Bezout's identity. + * + * Say you have 693 and 609. The GCD is 21. Bezout's identity states that there exist integers x and y such that + * 693*x + 609*y == 21. In point of fact, there are actually an infinite number of x and y combinations and which + * combination is returned is dependent upon which mode is in use. See + * {@link http://en.wikipedia.org/wiki/B%C3%A9zout%27s_identity Bezout's identity - Wikipedia} for more information. + * + * @param BCMath $n + * @return array{gcd: static, x: static, y: static} + */ + public function extendedGCD(BCMath $n) + { + // it might be faster to use the binary xGCD algorithim here, as well, but (1) that algorithim works + // best when the base is a power of 2 and (2) i don't think it'd make much difference, anyway. as is, + // the basic extended euclidean algorithim is what we're using. + + $u = $this->value; + $v = $n->value; + + $a = '1'; + $b = '0'; + $c = '0'; + $d = '1'; + + while (bccomp($v, '0', 0) != 0) { + $q = bcdiv($u, $v, 0); + + $temp = $u; + $u = $v; + $v = bcsub($temp, bcmul($v, $q, 0), 0); + + $temp = $a; + $a = $c; + $c = bcsub($temp, bcmul($a, $q, 0), 0); + + $temp = $b; + $b = $d; + $d = bcsub($temp, bcmul($b, $q, 0), 0); + } + + return [ + 'gcd' => $this->normalize(new static($u)), + 'x' => $this->normalize(new static($a)), + 'y' => $this->normalize(new static($b)) + ]; + } + + /** + * Calculates the greatest common divisor + * + * Say you have 693 and 609. The GCD is 21. + * + * @param BCMath $n + * @return BCMath + */ + public function gcd(BCMath $n) + { + extract($this->extendedGCD($n)); + /** @var BCMath $gcd */ + return $gcd; + } + + /** + * Absolute value. + * + * @return BCMath + */ + public function abs() + { + $temp = new static(); + $temp->value = strlen($this->value) && $this->value[0] == '-' ? + substr($this->value, 1) : + $this->value; + + return $temp; + } + + /** + * Logical And + * + * @param BCMath $x + * @return BCMath + */ + public function bitwise_and(BCMath $x) + { + return $this->bitwiseAndHelper($x); + } + + /** + * Logical Or + * + * @param BCMath $x + * @return BCMath + */ + public function bitwise_or(BCMath $x) + { + return $this->bitwiseXorHelper($x); + } + + /** + * Logical Exclusive Or + * + * @param BCMath $x + * @return BCMath + */ + public function bitwise_xor(BCMath $x) + { + return $this->bitwiseXorHelper($x); + } + + /** + * Logical Right Shift + * + * Shifts BigInteger's by $shift bits, effectively dividing by 2**$shift. + * + * @param int $shift + * @return BCMath + */ + public function bitwise_rightShift($shift) + { + $temp = new static(); + $temp->value = bcdiv($this->value, bcpow('2', $shift, 0), 0); + + return $this->normalize($temp); + } + + /** + * Logical Left Shift + * + * Shifts BigInteger's by $shift bits, effectively multiplying by 2**$shift. + * + * @param int $shift + * @return BCMath + */ + public function bitwise_leftShift($shift) + { + $temp = new static(); + $temp->value = bcmul($this->value, bcpow('2', $shift, 0), 0); + + return $this->normalize($temp); + } + + /** + * Compares two numbers. + * + * Although one might think !$x->compare($y) means $x != $y, it, in fact, means the opposite. The reason for this + * is demonstrated thusly: + * + * $x > $y: $x->compare($y) > 0 + * $x < $y: $x->compare($y) < 0 + * $x == $y: $x->compare($y) == 0 + * + * Note how the same comparison operator is used. If you want to test for equality, use $x->equals($y). + * + * {@internal Could return $this->subtract($x), but that's not as fast as what we do do.} + * + * @param BCMath $y + * @return int in case < 0 if $this is less than $y; > 0 if $this is greater than $y, and 0 if they are equal. + * @see self::equals() + */ + public function compare(BCMath $y) + { + return bccomp($this->value, $y->value, 0); + } + + /** + * Tests the equality of two numbers. + * + * If you need to see if one number is greater than or less than another number, use BigInteger::compare() + * + * @param BCMath $x + * @return bool + */ + public function equals(BCMath $x) + { + return $this->value == $x->value; + } + + /** + * Performs modular exponentiation. + * + * @param BCMath $e + * @param BCMath $n + * @return BCMath + */ + public function modPow(BCMath $e, BCMath $n) + { + return $this->powModOuter($e, $n); + } + + /** + * Performs modular exponentiation. + * + * Alias for modPow(). + * + * @param BCMath $e + * @param BCMath $n + * @return BCMath + */ + public function powMod(BCMath $e, BCMath $n) + { + return $this->powModOuter($e, $n); + } + + /** + * Performs modular exponentiation. + * + * @param BCMath $e + * @param BCMath $n + * @return BCMath + */ + protected function powModInner(BCMath $e, BCMath $n) + { + try { + $class = static::$modexpEngine[static::class]; + return $class::powModHelper($this, $e, $n, static::class); + } catch (\Exception $err) { + return BCMath\DefaultEngine::powModHelper($this, $e, $n, static::class); + } + } + + /** + * Normalize + * + * Removes leading zeros and truncates (if necessary) to maintain the appropriate precision + * + * @param BCMath $result + * @return BCMath + */ + protected function normalize(BCMath $result) + { + $result->precision = $this->precision; + $result->bitmask = $this->bitmask; + + if ($result->bitmask !== false) { + $result->value = bcmod($result->value, $result->bitmask->value); + } + + return $result; + } + + /** + * Generate a random prime number between a range + * + * If there's not a prime within the given range, false will be returned. + * + * @param BCMath $min + * @param BCMath $max + * @return false|BCMath + */ + public static function randomRangePrime(BCMath $min, BCMath $max) + { + return self::randomRangePrimeOuter($min, $max); + } + + /** + * Generate a random number between a range + * + * Returns a random number between $min and $max where $min and $max + * can be defined using one of the two methods: + * + * BigInteger::randomRange($min, $max) + * BigInteger::randomRange($max, $min) + * + * @param BCMath $min + * @param BCMath $max + * @return BCMath + */ + public static function randomRange(BCMath $min, BCMath $max) + { + return self::randomRangeHelper($min, $max); + } + + /** + * Make the current number odd + * + * If the current number is odd it'll be unchanged. If it's even, one will be added to it. + * + * @see self::randomPrime() + */ + protected function make_odd() + { + if (!$this->isOdd()) { + $this->value = bcadd($this->value, '1'); + } + } + + /** + * Test the number against small primes. + * + * @see self::isPrime() + */ + protected function testSmallPrimes() + { + if ($this->value === '1') { + return false; + } + if ($this->value === '2') { + return true; + } + if ($this->value[strlen($this->value) - 1] % 2 == 0) { + return false; + } + + $value = $this->value; + + foreach (self::PRIMES as $prime) { + $r = bcmod($this->value, $prime); + if ($r == '0') { + return $this->value == $prime; + } + } + + return true; + } + + /** + * Scan for 1 and right shift by that amount + * + * ie. $s = gmp_scan1($n, 0) and $r = gmp_div_q($n, gmp_pow(gmp_init('2'), $s)); + * + * @param BCMath $r + * @return int + * @see self::isPrime() + */ + public static function scan1divide(BCMath $r) + { + $r_value = &$r->value; + $s = 0; + // if $n was 1, $r would be 0 and this would be an infinite loop, hence our $this->equals(static::$one[static::class]) check earlier + while ($r_value[strlen($r_value) - 1] % 2 == 0) { + $r_value = bcdiv($r_value, '2', 0); + ++$s; + } + + return $s; + } + + /** + * Performs exponentiation. + * + * @param BCMath $n + * @return BCMath + */ + public function pow(BCMath $n) + { + $temp = new self(); + $temp->value = bcpow($this->value, $n->value); + + return $this->normalize($temp); + } + + /** + * Return the minimum BigInteger between an arbitrary number of BigIntegers. + * + * @param BCMath ...$nums + * @return BCMath + */ + public static function min(BCMath ...$nums) + { + return self::minHelper($nums); + } + + /** + * Return the maximum BigInteger between an arbitrary number of BigIntegers. + * + * @param BCMath ...$nums + * @return BCMath + */ + public static function max(BCMath ...$nums) + { + return self::maxHelper($nums); + } + + /** + * Tests BigInteger to see if it is between two integers, inclusive + * + * @param BCMath $min + * @param BCMath $max + * @return bool + */ + public function between(BCMath $min, BCMath $max) + { + return $this->compare($min) >= 0 && $this->compare($max) <= 0; + } + + /** + * Set Bitmask + * + * @param int $bits + * @return Engine + * @see self::setPrecision() + */ + protected static function setBitmask($bits) + { + $temp = parent::setBitmask($bits); + return $temp->add(static::$one[static::class]); + } + + /** + * Is Odd? + * + * @return bool + */ + public function isOdd() + { + return $this->value[strlen($this->value) - 1] % 2 == 1; + } + + /** + * Tests if a bit is set + * + * @return bool + */ + public function testBit($x) + { + return bccomp( + bcmod($this->value, bcpow('2', $x + 1, 0)), + bcpow('2', $x, 0), + 0 + ) >= 0; + } + + /** + * Is Negative? + * + * @return bool + */ + public function isNegative() + { + return strlen($this->value) && $this->value[0] == '-'; + } + + /** + * Negate + * + * Given $k, returns -$k + * + * @return BCMath + */ + public function negate() + { + $temp = clone $this; + + if (!strlen($temp->value)) { + return $temp; + } + + $temp->value = $temp->value[0] == '-' ? + substr($this->value, 1) : + '-' . $this->value; + + return $temp; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Base.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Base.php new file mode 100644 index 0000000..fe21e04 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Base.php @@ -0,0 +1,110 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Math\BigInteger\Engines\BCMath; + +use phpseclib3\Math\BigInteger\Engines\BCMath; + +/** + * Sliding Window Exponentiation Engine + * + * @author Jim Wigginton + */ +abstract class Base extends BCMath +{ + /** + * Cache constants + * + * $cache[self::VARIABLE] tells us whether or not the cached data is still valid. + * + */ + const VARIABLE = 0; + /** + * $cache[self::DATA] contains the cached data. + * + */ + const DATA = 1; + + /** + * Test for engine validity + * + * @return bool + */ + public static function isValidEngine() + { + return static::class != __CLASS__; + } + + /** + * Performs modular exponentiation. + * + * @param BCMath $x + * @param BCMath $e + * @param BCMath $n + * @param string $class + * @return BCMath + */ + protected static function powModHelper(BCMath $x, BCMath $e, BCMath $n, $class) + { + if (empty($e->value)) { + $temp = new $class(); + $temp->value = '1'; + return $x->normalize($temp); + } + + return $x->normalize(static::slidingWindow($x, $e, $n, $class)); + } + + /** + * Modular reduction preparation + * + * @param string $x + * @param string $n + * @param string $class + * @see self::slidingWindow() + * @return string + */ + protected static function prepareReduce($x, $n, $class) + { + return static::reduce($x, $n); + } + + /** + * Modular multiply + * + * @param string $x + * @param string $y + * @param string $n + * @param string $class + * @see self::slidingWindow() + * @return string + */ + protected static function multiplyReduce($x, $y, $n, $class) + { + return static::reduce(bcmul($x, $y), $n); + } + + /** + * Modular square + * + * @param string $x + * @param string $n + * @param string $class + * @see self::slidingWindow() + * @return string + */ + protected static function squareReduce($x, $n, $class) + { + return static::reduce(bcmul($x, $x), $n); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/BuiltIn.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/BuiltIn.php new file mode 100644 index 0000000..b7ca8a2 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/BuiltIn.php @@ -0,0 +1,40 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Math\BigInteger\Engines\BCMath; + +use phpseclib3\Math\BigInteger\Engines\BCMath; + +/** + * Built-In BCMath Modular Exponentiation Engine + * + * @author Jim Wigginton + */ +abstract class BuiltIn extends BCMath +{ + /** + * Performs modular exponentiation. + * + * @param BCMath $x + * @param BCMath $e + * @param BCMath $n + * @return BCMath + */ + protected static function powModHelper(BCMath $x, BCMath $e, BCMath $n) + { + $temp = new BCMath(); + $temp->value = bcpowmod($x->value, $e->value, $n->value); + + return $x->normalize($temp); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/DefaultEngine.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/DefaultEngine.php new file mode 100644 index 0000000..b2d9fa9 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/DefaultEngine.php @@ -0,0 +1,25 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Math\BigInteger\Engines\BCMath; + +use phpseclib3\Math\BigInteger\Engines\BCMath\Reductions\Barrett; + +/** + * PHP Default Modular Exponentiation Engine + * + * @author Jim Wigginton + */ +abstract class DefaultEngine extends Barrett +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/OpenSSL.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/OpenSSL.php new file mode 100644 index 0000000..aed9494 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/OpenSSL.php @@ -0,0 +1,25 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Math\BigInteger\Engines\BCMath; + +use phpseclib3\Math\BigInteger\Engines\OpenSSL as Progenitor; + +/** + * OpenSSL Modular Exponentiation Engine + * + * @author Jim Wigginton + */ +abstract class OpenSSL extends Progenitor +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/Barrett.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/Barrett.php new file mode 100644 index 0000000..0fb7eae --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/Barrett.php @@ -0,0 +1,187 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Math\BigInteger\Engines\BCMath\Reductions; + +use phpseclib3\Math\BigInteger\Engines\BCMath\Base; + +/** + * PHP Barrett Modular Exponentiation Engine + * + * @author Jim Wigginton + */ +abstract class Barrett extends Base +{ + /** + * Cache constants + * + * $cache[self::VARIABLE] tells us whether or not the cached data is still valid. + * + */ + const VARIABLE = 0; + /** + * $cache[self::DATA] contains the cached data. + * + */ + const DATA = 1; + + /** + * Barrett Modular Reduction + * + * See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=14 HAC 14.3.3} / + * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=165 MPM 6.2.5} for more information. Modified slightly, + * so as not to require negative numbers (initially, this script didn't support negative numbers). + * + * Employs "folding", as described at + * {@link http://www.cosic.esat.kuleuven.be/publications/thesis-149.pdf#page=66 thesis-149.pdf#page=66}. To quote from + * it, "the idea [behind folding] is to find a value x' such that x (mod m) = x' (mod m), with x' being smaller than x." + * + * Unfortunately, the "Barrett Reduction with Folding" algorithm described in thesis-149.pdf is not, as written, all that + * usable on account of (1) its not using reasonable radix points as discussed in + * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=162 MPM 6.2.2} and (2) the fact that, even with reasonable + * radix points, it only works when there are an even number of digits in the denominator. The reason for (2) is that + * (x >> 1) + (x >> 1) != x / 2 + x / 2. If x is even, they're the same, but if x is odd, they're not. See the in-line + * comments for details. + * + * @param string $n + * @param string $m + * @return string + */ + protected static function reduce($n, $m) + { + static $cache = [ + self::VARIABLE => [], + self::DATA => [] + ]; + + $m_length = strlen($m); + + if (strlen($n) > 2 * $m_length) { + return bcmod($n, $m); + } + + // if (m.length >> 1) + 2 <= m.length then m is too small and n can't be reduced + if ($m_length < 5) { + return self::regularBarrett($n, $m); + } + // n = 2 * m.length + + if (($key = array_search($m, $cache[self::VARIABLE])) === false) { + $key = count($cache[self::VARIABLE]); + $cache[self::VARIABLE][] = $m; + + $lhs = '1' . str_repeat('0', $m_length + ($m_length >> 1)); + $u = bcdiv($lhs, $m, 0); + $m1 = bcsub($lhs, bcmul($u, $m)); + + $cache[self::DATA][] = [ + 'u' => $u, // m.length >> 1 (technically (m.length >> 1) + 1) + 'm1' => $m1 // m.length + ]; + } else { + extract($cache[self::DATA][$key]); + } + + $cutoff = $m_length + ($m_length >> 1); + + $lsd = substr($n, -$cutoff); + $msd = substr($n, 0, -$cutoff); + + $temp = bcmul($msd, $m1); // m.length + (m.length >> 1) + $n = bcadd($lsd, $temp); // m.length + (m.length >> 1) + 1 (so basically we're adding two same length numbers) + //if ($m_length & 1) { + // return self::regularBarrett($n, $m); + //} + + // (m.length + (m.length >> 1) + 1) - (m.length - 1) == (m.length >> 1) + 2 + $temp = substr($n, 0, -$m_length + 1); + // if even: ((m.length >> 1) + 2) + (m.length >> 1) == m.length + 2 + // if odd: ((m.length >> 1) + 2) + (m.length >> 1) == (m.length - 1) + 2 == m.length + 1 + $temp = bcmul($temp, $u); + // if even: (m.length + 2) - ((m.length >> 1) + 1) = m.length - (m.length >> 1) + 1 + // if odd: (m.length + 1) - ((m.length >> 1) + 1) = m.length - (m.length >> 1) + $temp = substr($temp, 0, -($m_length >> 1) - 1); + // if even: (m.length - (m.length >> 1) + 1) + m.length = 2 * m.length - (m.length >> 1) + 1 + // if odd: (m.length - (m.length >> 1)) + m.length = 2 * m.length - (m.length >> 1) + $temp = bcmul($temp, $m); + + // at this point, if m had an odd number of digits, we'd be subtracting a 2 * m.length - (m.length >> 1) digit + // number from a m.length + (m.length >> 1) + 1 digit number. ie. there'd be an extra digit and the while loop + // following this comment would loop a lot (hence our calling _regularBarrett() in that situation). + + $result = bcsub($n, $temp); + + //if (bccomp($result, '0') < 0) { + if ($result[0] == '-') { + $temp = '1' . str_repeat('0', $m_length + 1); + $result = bcadd($result, $temp); + } + + while (bccomp($result, $m) >= 0) { + $result = bcsub($result, $m); + } + + return $result; + } + + /** + * (Regular) Barrett Modular Reduction + * + * For numbers with more than four digits BigInteger::_barrett() is faster. The difference between that and this + * is that this function does not fold the denominator into a smaller form. + * + * @param string $x + * @param string $n + * @return string + */ + private static function regularBarrett($x, $n) + { + static $cache = [ + self::VARIABLE => [], + self::DATA => [] + ]; + + $n_length = strlen($n); + + if (strlen($x) > 2 * $n_length) { + return bcmod($x, $n); + } + + if (($key = array_search($n, $cache[self::VARIABLE])) === false) { + $key = count($cache[self::VARIABLE]); + $cache[self::VARIABLE][] = $n; + $lhs = '1' . str_repeat('0', 2 * $n_length); + $cache[self::DATA][] = bcdiv($lhs, $n, 0); + } + + $temp = substr($x, 0, -$n_length + 1); + $temp = bcmul($temp, $cache[self::DATA][$key]); + $temp = substr($temp, 0, -$n_length - 1); + + $r1 = substr($x, -$n_length - 1); + $r2 = substr(bcmul($temp, $n), -$n_length - 1); + $result = bcsub($r1, $r2); + + //if (bccomp($result, '0') < 0) { + if ($result[0] == '-') { + $q = '1' . str_repeat('0', $n_length + 1); + $result = bcadd($result, $q); + } + + while (bccomp($result, $n) >= 0) { + $result = bcsub($result, $n); + } + + return $result; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/EvalBarrett.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/EvalBarrett.php new file mode 100644 index 0000000..e033ba5 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/EvalBarrett.php @@ -0,0 +1,108 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Math\BigInteger\Engines\BCMath\Reductions; + +use phpseclib3\Math\BigInteger\Engines\BCMath; +use phpseclib3\Math\BigInteger\Engines\BCMath\Base; + +/** + * PHP Barrett Modular Exponentiation Engine + * + * @author Jim Wigginton + */ +abstract class EvalBarrett extends Base +{ + /** + * Custom Reduction Function + * + * @see self::generateCustomReduction + */ + private static $custom_reduction; + + /** + * Barrett Modular Reduction + * + * This calls a dynamically generated loop unrolled function that's specific to a given modulo. + * Array lookups are avoided as are if statements testing for how many bits the host OS supports, etc. + * + * @param string $n + * @param string $m + * @return string + */ + protected static function reduce($n, $m) + { + $inline = self::$custom_reduction; + return $inline($n); + } + + /** + * Generate Custom Reduction + * + * @param BCMath $m + * @param string $class + * @return callable|void + */ + protected static function generateCustomReduction(BCMath $m, $class) + { + $m_length = strlen($m); + + if ($m_length < 5) { + $code = 'return bcmod($x, $n);'; + eval('$func = function ($n) { ' . $code . '};'); + self::$custom_reduction = $func; + return; + } + + $lhs = '1' . str_repeat('0', $m_length + ($m_length >> 1)); + $u = bcdiv($lhs, $m, 0); + $m1 = bcsub($lhs, bcmul($u, $m)); + + $cutoff = $m_length + ($m_length >> 1); + + $m = "'$m'"; + $u = "'$u'"; + $m1 = "'$m1'"; + + $code = ' + $lsd = substr($n, -' . $cutoff . '); + $msd = substr($n, 0, -' . $cutoff . '); + + $temp = bcmul($msd, ' . $m1 . '); + $n = bcadd($lsd, $temp); + + $temp = substr($n, 0, ' . (-$m_length + 1) . '); + $temp = bcmul($temp, ' . $u . '); + $temp = substr($temp, 0, ' . (-($m_length >> 1) - 1) . '); + $temp = bcmul($temp, ' . $m . '); + + $result = bcsub($n, $temp); + + if ($result[0] == \'-\') { + $temp = \'1' . str_repeat('0', $m_length + 1) . '\'; + $result = bcadd($result, $temp); + } + + while (bccomp($result, ' . $m . ') >= 0) { + $result = bcsub($result, ' . $m . '); + } + + return $result;'; + + eval('$func = function ($n) { ' . $code . '};'); + + self::$custom_reduction = $func; + + return $func; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/Engine.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/Engine.php new file mode 100644 index 0000000..abdf3b4 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/Engine.php @@ -0,0 +1,1285 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Math\BigInteger\Engines; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\Random; +use phpseclib3\Exception\BadConfigurationException; +use phpseclib3\Math\BigInteger; + +/** + * Base Engine. + * + * @author Jim Wigginton + */ +abstract class Engine implements \JsonSerializable +{ + /* final protected */ const PRIMES = [ + 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, + 61, 67, 71, 73, 79, 83, 89, 97, 101, 103, 107, 109, 113, 127, 131, 137, + 139, 149, 151, 157, 163, 167, 173, 179, 181, 191, 193, 197, 199, 211, 223, 227, + 229, 233, 239, 241, 251, 257, 263, 269, 271, 277, 281, 283, 293, 307, 311, 313, + 317, 331, 337, 347, 349, 353, 359, 367, 373, 379, 383, 389, 397, 401, 409, 419, + 421, 431, 433, 439, 443, 449, 457, 461, 463, 467, 479, 487, 491, 499, 503, 509, + 521, 523, 541, 547, 557, 563, 569, 571, 577, 587, 593, 599, 601, 607, 613, 617, + 619, 631, 641, 643, 647, 653, 659, 661, 673, 677, 683, 691, 701, 709, 719, 727, + 733, 739, 743, 751, 757, 761, 769, 773, 787, 797, 809, 811, 821, 823, 827, 829, + 839, 853, 857, 859, 863, 877, 881, 883, 887, 907, 911, 919, 929, 937, 941, 947, + 953, 967, 971, 977, 983, 991, 997, + ]; + + /** + * BigInteger(0) + * + * @var array, static> + */ + protected static $zero = []; + + /** + * BigInteger(1) + * + * @var array, static> + */ + protected static $one = []; + + /** + * BigInteger(2) + * + * @var array, static> + */ + protected static $two = []; + + /** + * Modular Exponentiation Engine + * + * @var array, class-string> + */ + protected static $modexpEngine; + + /** + * Engine Validity Flag + * + * @var array, bool> + */ + protected static $isValidEngine; + + /** + * Holds the BigInteger's value + * + * @var \GMP|string|array|int + */ + protected $value; + + /** + * Holds the BigInteger's sign + * + * @var bool + */ + protected $is_negative; + + /** + * Precision + * + * @see static::setPrecision() + * @var int + */ + protected $precision = -1; + + /** + * Precision Bitmask + * + * @see static::setPrecision() + * @var static|false + */ + protected $bitmask = false; + + /** + * Recurring Modulo Function + * + * @var callable + */ + protected $reduce; + + /** + * Mode independent value used for serialization. + * + * @see self::__sleep() + * @see self::__wakeup() + * @var string + */ + protected $hex; + + /** + * Default constructor + * + * @param int|numeric-string $x integer Base-10 number or base-$base number if $base set. + * @param int $base + */ + public function __construct($x = 0, $base = 10) + { + if (!array_key_exists(static::class, static::$zero)) { + static::$zero[static::class] = null; // Placeholder to prevent infinite loop. + static::$zero[static::class] = new static(0); + static::$one[static::class] = new static(1); + static::$two[static::class] = new static(2); + } + + // '0' counts as empty() but when the base is 256 '0' is equal to ord('0') or 48 + // '0' is the only value like this per http://php.net/empty + if (empty($x) && (abs($base) != 256 || $x !== '0')) { + return; + } + + switch ($base) { + case -256: + case 256: + if ($base == -256 && (ord($x[0]) & 0x80)) { + $this->value = ~$x; + $this->is_negative = true; + } else { + $this->value = $x; + $this->is_negative = false; + } + + $this->initialize($base); + + if ($this->is_negative) { + $temp = $this->add(new static('-1')); + $this->value = $temp->value; + } + break; + case -16: + case 16: + if ($base > 0 && $x[0] == '-') { + $this->is_negative = true; + $x = substr($x, 1); + } + + $x = preg_replace('#^(?:0x)?([A-Fa-f0-9]*).*#s', '$1', $x); + + $is_negative = false; + if ($base < 0 && hexdec($x[0]) >= 8) { + $this->is_negative = $is_negative = true; + $x = Strings::bin2hex(~Strings::hex2bin($x)); + } + + $this->value = $x; + $this->initialize($base); + + if ($is_negative) { + $temp = $this->add(new static('-1')); + $this->value = $temp->value; + } + break; + case -10: + case 10: + // (?value = preg_replace('#(?value) || $this->value == '-') { + $this->value = '0'; + } + $this->initialize($base); + break; + case -2: + case 2: + if ($base > 0 && $x[0] == '-') { + $this->is_negative = true; + $x = substr($x, 1); + } + + $x = preg_replace('#^([01]*).*#s', '$1', $x); + + $temp = new static(Strings::bits2bin($x), 128 * $base); // ie. either -16 or +16 + $this->value = $temp->value; + if ($temp->is_negative) { + $this->is_negative = true; + } + + break; + default: + // base not supported, so we'll let $this == 0 + } + } + + /** + * Sets engine type. + * + * Throws an exception if the type is invalid + * + * @param class-string $engine + */ + public static function setModExpEngine($engine) + { + $fqengine = '\\phpseclib3\\Math\\BigInteger\\Engines\\' . static::ENGINE_DIR . '\\' . $engine; + if (!class_exists($fqengine) || !method_exists($fqengine, 'isValidEngine')) { + throw new \InvalidArgumentException("$engine is not a valid engine"); + } + if (!$fqengine::isValidEngine()) { + throw new BadConfigurationException("$engine is not setup correctly on this system"); + } + static::$modexpEngine[static::class] = $fqengine; + } + + /** + * Converts a BigInteger to a byte string (eg. base-256). + * + * Negative numbers are saved as positive numbers, unless $twos_compliment is set to true, at which point, they're + * saved as two's compliment. + * @return string + */ + protected function toBytesHelper() + { + $comparison = $this->compare(new static()); + if ($comparison == 0) { + return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : ''; + } + + $temp = $comparison < 0 ? $this->add(new static(1)) : $this; + $bytes = $temp->toBytes(); + + if (!strlen($bytes)) { // eg. if the number we're trying to convert is -1 + $bytes = chr(0); + } + + if (ord($bytes[0]) & 0x80) { + $bytes = chr(0) . $bytes; + } + + return $comparison < 0 ? ~$bytes : $bytes; + } + + /** + * Converts a BigInteger to a hex string (eg. base-16). + * + * @param bool $twos_compliment + * @return string + */ + public function toHex($twos_compliment = false) + { + return Strings::bin2hex($this->toBytes($twos_compliment)); + } + + /** + * Converts a BigInteger to a bit string (eg. base-2). + * + * Negative numbers are saved as positive numbers, unless $twos_compliment is set to true, at which point, they're + * saved as two's compliment. + * + * @param bool $twos_compliment + * @return string + */ + public function toBits($twos_compliment = false) + { + $hex = $this->toBytes($twos_compliment); + $bits = Strings::bin2bits($hex); + + $result = $this->precision > 0 ? substr($bits, -$this->precision) : ltrim($bits, '0'); + + if ($twos_compliment && $this->compare(new static()) > 0 && $this->precision <= 0) { + return '0' . $result; + } + + return $result; + } + + /** + * Calculates modular inverses. + * + * Say you have (30 mod 17 * x mod 17) mod 17 == 1. x can be found using modular inverses. + * + * {@internal See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=21 HAC 14.64} for more information.} + * + * @param Engine $n + * @return static|false + */ + protected function modInverseHelper(Engine $n) + { + // $x mod -$n == $x mod $n. + $n = $n->abs(); + + if ($this->compare(static::$zero[static::class]) < 0) { + $temp = $this->abs(); + $temp = $temp->modInverse($n); + return $this->normalize($n->subtract($temp)); + } + + extract($this->extendedGCD($n)); + /** + * @var Engine $gcd + * @var Engine $x + */ + + if (!$gcd->equals(static::$one[static::class])) { + return false; + } + + $x = $x->compare(static::$zero[static::class]) < 0 ? $x->add($n) : $x; + + return $this->compare(static::$zero[static::class]) < 0 ? $this->normalize($n->subtract($x)) : $this->normalize($x); + } + + /** + * Serialize + * + * Will be called, automatically, when serialize() is called on a BigInteger object. + * + * @return array + */ + public function __sleep() + { + $this->hex = $this->toHex(true); + $vars = ['hex']; + if ($this->precision > 0) { + $vars[] = 'precision'; + } + return $vars; + } + + /** + * Serialize + * + * Will be called, automatically, when unserialize() is called on a BigInteger object. + * + * @return void + */ + public function __wakeup() + { + $temp = new static($this->hex, -16); + $this->value = $temp->value; + $this->is_negative = $temp->is_negative; + if ($this->precision > 0) { + // recalculate $this->bitmask + $this->setPrecision($this->precision); + } + } + + /** + * JSON Serialize + * + * Will be called, automatically, when json_encode() is called on a BigInteger object. + * + * @return array{hex: string, precision?: int] + */ + #[\ReturnTypeWillChange] + public function jsonSerialize() + { + $result = ['hex' => $this->toHex(true)]; + if ($this->precision > 0) { + $result['precision'] = $this->precision; + } + return $result; + } + + /** + * Converts a BigInteger to a base-10 number. + * + * @return string + */ + public function __toString() + { + return $this->toString(); + } + + /** + * __debugInfo() magic method + * + * Will be called, automatically, when print_r() or var_dump() are called + * + * @return array + */ + public function __debugInfo() + { + $result = [ + 'value' => '0x' . $this->toHex(true), + 'engine' => basename(static::class) + ]; + return $this->precision > 0 ? $result + ['precision' => $this->precision] : $result; + } + + /** + * Set Precision + * + * Some bitwise operations give different results depending on the precision being used. Examples include left + * shift, not, and rotates. + * + * @param int $bits + */ + public function setPrecision($bits) + { + if ($bits < 1) { + $this->precision = -1; + $this->bitmask = false; + + return; + } + $this->precision = $bits; + $this->bitmask = static::setBitmask($bits); + + $temp = $this->normalize($this); + $this->value = $temp->value; + } + + /** + * Get Precision + * + * Returns the precision if it exists, -1 if it doesn't + * + * @return int + */ + public function getPrecision() + { + return $this->precision; + } + + /** + * Set Bitmask + * @return static + * @param int $bits + * @see self::setPrecision() + */ + protected static function setBitmask($bits) + { + return new static(chr((1 << ($bits & 0x7)) - 1) . str_repeat(chr(0xFF), $bits >> 3), 256); + } + + /** + * Logical Not + * + * @return Engine|string + */ + public function bitwise_not() + { + // calculuate "not" without regard to $this->precision + // (will always result in a smaller number. ie. ~1 isn't 1111 1110 - it's 0) + $temp = $this->toBytes(); + if ($temp == '') { + return $this->normalize(static::$zero[static::class]); + } + $pre_msb = decbin(ord($temp[0])); + $temp = ~$temp; + $msb = decbin(ord($temp[0])); + if (strlen($msb) == 8) { + $msb = substr($msb, strpos($msb, '0')); + } + $temp[0] = chr(bindec($msb)); + + // see if we need to add extra leading 1's + $current_bits = strlen($pre_msb) + 8 * strlen($temp) - 8; + $new_bits = $this->precision - $current_bits; + if ($new_bits <= 0) { + return $this->normalize(new static($temp, 256)); + } + + // generate as many leading 1's as we need to. + $leading_ones = chr((1 << ($new_bits & 0x7)) - 1) . str_repeat(chr(0xFF), $new_bits >> 3); + + self::base256_lshift($leading_ones, $current_bits); + + $temp = str_pad($temp, strlen($leading_ones), chr(0), STR_PAD_LEFT); + + return $this->normalize(new static($leading_ones | $temp, 256)); + } + + /** + * Logical Left Shift + * + * Shifts binary strings $shift bits, essentially multiplying by 2**$shift. + * + * @param string $x + * @param int $shift + * @return void + */ + protected static function base256_lshift(&$x, $shift) + { + if ($shift == 0) { + return; + } + + $num_bytes = $shift >> 3; // eg. floor($shift/8) + $shift &= 7; // eg. $shift % 8 + + $carry = 0; + for ($i = strlen($x) - 1; $i >= 0; --$i) { + $temp = ord($x[$i]) << $shift | $carry; + $x[$i] = chr($temp); + $carry = $temp >> 8; + } + $carry = ($carry != 0) ? chr($carry) : ''; + $x = $carry . $x . str_repeat(chr(0), $num_bytes); + } + + /** + * Logical Left Rotate + * + * Instead of the top x bits being dropped they're appended to the shifted bit string. + * + * @param int $shift + * @return Engine + */ + public function bitwise_leftRotate($shift) + { + $bits = $this->toBytes(); + + if ($this->precision > 0) { + $precision = $this->precision; + if (static::FAST_BITWISE) { + $mask = $this->bitmask->toBytes(); + } else { + $mask = $this->bitmask->subtract(new static(1)); + $mask = $mask->toBytes(); + } + } else { + $temp = ord($bits[0]); + for ($i = 0; $temp >> $i; ++$i) { + } + $precision = 8 * strlen($bits) - 8 + $i; + $mask = chr((1 << ($precision & 0x7)) - 1) . str_repeat(chr(0xFF), $precision >> 3); + } + + if ($shift < 0) { + $shift += $precision; + } + $shift %= $precision; + + if (!$shift) { + return clone $this; + } + + $left = $this->bitwise_leftShift($shift); + $left = $left->bitwise_and(new static($mask, 256)); + $right = $this->bitwise_rightShift($precision - $shift); + $result = static::FAST_BITWISE ? $left->bitwise_or($right) : $left->add($right); + return $this->normalize($result); + } + + /** + * Logical Right Rotate + * + * Instead of the bottom x bits being dropped they're prepended to the shifted bit string. + * + * @param int $shift + * @return Engine + */ + public function bitwise_rightRotate($shift) + { + return $this->bitwise_leftRotate(-$shift); + } + + /** + * Returns the smallest and largest n-bit number + * + * @param int $bits + * @return array{min: static, max: static} + */ + public static function minMaxBits($bits) + { + $bytes = $bits >> 3; + $min = str_repeat(chr(0), $bytes); + $max = str_repeat(chr(0xFF), $bytes); + $msb = $bits & 7; + if ($msb) { + $min = chr(1 << ($msb - 1)) . $min; + $max = chr((1 << $msb) - 1) . $max; + } else { + $min[0] = chr(0x80); + } + return [ + 'min' => new static($min, 256), + 'max' => new static($max, 256) + ]; + } + + /** + * Return the size of a BigInteger in bits + * + * @return int + */ + public function getLength() + { + return strlen($this->toBits()); + } + + /** + * Return the size of a BigInteger in bytes + * + * @return int + */ + public function getLengthInBytes() + { + return strlen($this->toBytes()); + } + + /** + * Performs some pre-processing for powMod + * + * @param Engine $e + * @param Engine $n + * @return static|false + */ + protected function powModOuter(Engine $e, Engine $n) + { + $n = $this->bitmask !== false && $this->bitmask->compare($n) < 0 ? $this->bitmask : $n->abs(); + + if ($e->compare(new static()) < 0) { + $e = $e->abs(); + + $temp = $this->modInverse($n); + if ($temp === false) { + return false; + } + + return $this->normalize($temp->powModInner($e, $n)); + } + + if ($this->compare($n) > 0) { + list(, $temp) = $this->divide($n); + return $temp->powModInner($e, $n); + } + + return $this->powModInner($e, $n); + } + + /** + * Sliding Window k-ary Modular Exponentiation + * + * Based on {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=27 HAC 14.85} / + * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=210 MPM 7.7}. In a departure from those algorithims, + * however, this function performs a modular reduction after every multiplication and squaring operation. + * As such, this function has the same preconditions that the reductions being used do. + * + * @template T of Engine + * @param Engine $x + * @param Engine $e + * @param Engine $n + * @param class-string $class + * @return T + */ + protected static function slidingWindow(Engine $x, Engine $e, Engine $n, $class) + { + static $window_ranges = [7, 25, 81, 241, 673, 1793]; // from BigInteger.java's oddModPow function + //static $window_ranges = [0, 7, 36, 140, 450, 1303, 3529]; // from MPM 7.3.1 + + $e_bits = $e->toBits(); + $e_length = strlen($e_bits); + + // calculate the appropriate window size. + // $window_size == 3 if $window_ranges is between 25 and 81, for example. + for ($i = 0, $window_size = 1; $i < count($window_ranges) && $e_length > $window_ranges[$i]; ++$window_size, ++$i) { + } + + $n_value = $n->value; + + if (method_exists(static::class, 'generateCustomReduction')) { + static::generateCustomReduction($n, $class); + } + + // precompute $this^0 through $this^$window_size + $powers = []; + $powers[1] = static::prepareReduce($x->value, $n_value, $class); + $powers[2] = static::squareReduce($powers[1], $n_value, $class); + + // we do every other number since substr($e_bits, $i, $j+1) (see below) is supposed to end + // in a 1. ie. it's supposed to be odd. + $temp = 1 << ($window_size - 1); + for ($i = 1; $i < $temp; ++$i) { + $i2 = $i << 1; + $powers[$i2 + 1] = static::multiplyReduce($powers[$i2 - 1], $powers[2], $n_value, $class); + } + + $result = new $class(1); + $result = static::prepareReduce($result->value, $n_value, $class); + + for ($i = 0; $i < $e_length;) { + if (!$e_bits[$i]) { + $result = static::squareReduce($result, $n_value, $class); + ++$i; + } else { + for ($j = $window_size - 1; $j > 0; --$j) { + if (!empty($e_bits[$i + $j])) { + break; + } + } + + // eg. the length of substr($e_bits, $i, $j + 1) + for ($k = 0; $k <= $j; ++$k) { + $result = static::squareReduce($result, $n_value, $class); + } + + $result = static::multiplyReduce($result, $powers[bindec(substr($e_bits, $i, $j + 1))], $n_value, $class); + + $i += $j + 1; + } + } + + $temp = new $class(); + $temp->value = static::reduce($result, $n_value, $class); + + return $temp; + } + + /** + * Generates a random number of a certain size + * + * Bit length is equal to $size + * + * @param int $size + * @return Engine + */ + public static function random($size) + { + extract(static::minMaxBits($size)); + /** + * @var BigInteger $min + * @var BigInteger $max + */ + return static::randomRange($min, $max); + } + + /** + * Generates a random prime number of a certain size + * + * Bit length is equal to $size + * + * @param int $size + * @return Engine + */ + public static function randomPrime($size) + { + extract(static::minMaxBits($size)); + /** + * @var static $min + * @var static $max + */ + return static::randomRangePrime($min, $max); + } + + /** + * Performs some pre-processing for randomRangePrime + * + * @param Engine $min + * @param Engine $max + * @return static|false + */ + protected static function randomRangePrimeOuter(Engine $min, Engine $max) + { + $compare = $max->compare($min); + + if (!$compare) { + return $min->isPrime() ? $min : false; + } elseif ($compare < 0) { + // if $min is bigger then $max, swap $min and $max + $temp = $max; + $max = $min; + $min = $temp; + } + + $x = static::randomRange($min, $max); + + return static::randomRangePrimeInner($x, $min, $max); + } + + /** + * Generate a random number between a range + * + * Returns a random number between $min and $max where $min and $max + * can be defined using one of the two methods: + * + * BigInteger::randomRange($min, $max) + * BigInteger::randomRange($max, $min) + * + * @param Engine $min + * @param Engine $max + * @return Engine + */ + protected static function randomRangeHelper(Engine $min, Engine $max) + { + $compare = $max->compare($min); + + if (!$compare) { + return $min; + } elseif ($compare < 0) { + // if $min is bigger then $max, swap $min and $max + $temp = $max; + $max = $min; + $min = $temp; + } + + if (!isset(static::$one[static::class])) { + static::$one[static::class] = new static(1); + } + + $max = $max->subtract($min->subtract(static::$one[static::class])); + + $size = strlen(ltrim($max->toBytes(), chr(0))); + + /* + doing $random % $max doesn't work because some numbers will be more likely to occur than others. + eg. if $max is 140 and $random's max is 255 then that'd mean both $random = 5 and $random = 145 + would produce 5 whereas the only value of random that could produce 139 would be 139. ie. + not all numbers would be equally likely. some would be more likely than others. + + creating a whole new random number until you find one that is within the range doesn't work + because, for sufficiently small ranges, the likelihood that you'd get a number within that range + would be pretty small. eg. with $random's max being 255 and if your $max being 1 the probability + would be pretty high that $random would be greater than $max. + + phpseclib works around this using the technique described here: + + http://crypto.stackexchange.com/questions/5708/creating-a-small-number-from-a-cryptographically-secure-random-string + */ + $random_max = new static(chr(1) . str_repeat("\0", $size), 256); + $random = new static(Random::string($size), 256); + + list($max_multiple) = $random_max->divide($max); + $max_multiple = $max_multiple->multiply($max); + + while ($random->compare($max_multiple) >= 0) { + $random = $random->subtract($max_multiple); + $random_max = $random_max->subtract($max_multiple); + $random = $random->bitwise_leftShift(8); + $random = $random->add(new static(Random::string(1), 256)); + $random_max = $random_max->bitwise_leftShift(8); + list($max_multiple) = $random_max->divide($max); + $max_multiple = $max_multiple->multiply($max); + } + list(, $random) = $random->divide($max); + + return $random->add($min); + } + + /** + * Performs some post-processing for randomRangePrime + * + * @param Engine $x + * @param Engine $min + * @param Engine $max + * @return static|false + */ + protected static function randomRangePrimeInner(Engine $x, Engine $min, Engine $max) + { + if (!isset(static::$two[static::class])) { + static::$two[static::class] = new static('2'); + } + + $x->make_odd(); + if ($x->compare($max) > 0) { + // if $x > $max then $max is even and if $min == $max then no prime number exists between the specified range + if ($min->equals($max)) { + return false; + } + $x = clone $min; + $x->make_odd(); + } + + $initial_x = clone $x; + + while (true) { + if ($x->isPrime()) { + return $x; + } + + $x = $x->add(static::$two[static::class]); + + if ($x->compare($max) > 0) { + $x = clone $min; + if ($x->equals(static::$two[static::class])) { + return $x; + } + $x->make_odd(); + } + + if ($x->equals($initial_x)) { + return false; + } + } + } + + /** + * Sets the $t parameter for primality testing + * + * @return int + */ + protected function setupIsPrime() + { + $length = $this->getLengthInBytes(); + + // see HAC 4.49 "Note (controlling the error probability)" + // @codingStandardsIgnoreStart + if ($length >= 163) { $t = 2; } // floor(1300 / 8) + else if ($length >= 106) { $t = 3; } // floor( 850 / 8) + else if ($length >= 81 ) { $t = 4; } // floor( 650 / 8) + else if ($length >= 68 ) { $t = 5; } // floor( 550 / 8) + else if ($length >= 56 ) { $t = 6; } // floor( 450 / 8) + else if ($length >= 50 ) { $t = 7; } // floor( 400 / 8) + else if ($length >= 43 ) { $t = 8; } // floor( 350 / 8) + else if ($length >= 37 ) { $t = 9; } // floor( 300 / 8) + else if ($length >= 31 ) { $t = 12; } // floor( 250 / 8) + else if ($length >= 25 ) { $t = 15; } // floor( 200 / 8) + else if ($length >= 18 ) { $t = 18; } // floor( 150 / 8) + else { $t = 27; } + // @codingStandardsIgnoreEnd + + return $t; + } + + /** + * Tests Primality + * + * Uses the {@link http://en.wikipedia.org/wiki/Miller%E2%80%93Rabin_primality_test Miller-Rabin primality test}. + * See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap4.pdf#page=8 HAC 4.24} for more info. + * + * @param int $t + * @return bool + */ + protected function testPrimality($t) + { + if (!$this->testSmallPrimes()) { + return false; + } + + $n = clone $this; + $n_1 = $n->subtract(static::$one[static::class]); + $n_2 = $n->subtract(static::$two[static::class]); + + $r = clone $n_1; + $s = static::scan1divide($r); + + for ($i = 0; $i < $t; ++$i) { + $a = static::randomRange(static::$two[static::class], $n_2); + $y = $a->modPow($r, $n); + + if (!$y->equals(static::$one[static::class]) && !$y->equals($n_1)) { + for ($j = 1; $j < $s && !$y->equals($n_1); ++$j) { + $y = $y->modPow(static::$two[static::class], $n); + if ($y->equals(static::$one[static::class])) { + return false; + } + } + + if (!$y->equals($n_1)) { + return false; + } + } + } + + return true; + } + + /** + * Checks a numer to see if it's prime + * + * Assuming the $t parameter is not set, this function has an error rate of 2**-80. The main motivation for the + * $t parameter is distributability. BigInteger::randomPrime() can be distributed across multiple pageloads + * on a website instead of just one. + * + * @param int|bool $t + * @return bool + */ + public function isPrime($t = false) + { + if (!$t) { + $t = $this->setupIsPrime(); + } + return $this->testPrimality($t); + } + + /** + * Performs a few preliminary checks on root + * + * @param int $n + * @return Engine + */ + protected function rootHelper($n) + { + if ($n < 1) { + return clone static::$zero[static::class]; + } // we want positive exponents + if ($this->compare(static::$one[static::class]) < 0) { + return clone static::$zero[static::class]; + } // we want positive numbers + if ($this->compare(static::$two[static::class]) < 0) { + return clone static::$one[static::class]; + } // n-th root of 1 or 2 is 1 + + return $this->rootInner($n); + } + + /** + * Calculates the nth root of a biginteger. + * + * Returns the nth root of a positive biginteger, where n defaults to 2 + * + * {@internal This function is based off of {@link http://mathforum.org/library/drmath/view/52605.html this page} and {@link http://stackoverflow.com/questions/11242920/calculating-nth-root-with-bcmath-in-php this stackoverflow question}.} + * + * @param int $n + * @return Engine + */ + protected function rootInner($n) + { + $n = new static($n); + + // g is our guess number + $g = static::$two[static::class]; + // while (g^n < num) g=g*2 + while ($g->pow($n)->compare($this) < 0) { + $g = $g->multiply(static::$two[static::class]); + } + // if (g^n==num) num is a power of 2, we're lucky, end of job + // == 0 bccomp(bcpow($g, $n), $n->value)==0 + if ($g->pow($n)->equals($this) > 0) { + $root = $g; + return $this->normalize($root); + } + + // if we're here num wasn't a power of 2 :( + $og = $g; // og means original guess and here is our upper bound + $g = $g->divide(static::$two[static::class])[0]; // g is set to be our lower bound + $step = $og->subtract($g)->divide(static::$two[static::class])[0]; // step is the half of upper bound - lower bound + $g = $g->add($step); // we start at lower bound + step , basically in the middle of our interval + + // while step>1 + + while ($step->compare(static::$one[static::class]) == 1) { + $guess = $g->pow($n); + $step = $step->divide(static::$two[static::class])[0]; + $comp = $guess->compare($this); // compare our guess with real number + switch ($comp) { + case -1: // if guess is lower we add the new step + $g = $g->add($step); + break; + case 1: // if guess is higher we sub the new step + $g = $g->subtract($step); + break; + case 0: // if guess is exactly the num we're done, we return the value + $root = $g; + break 2; + } + } + + if ($comp == 1) { + $g = $g->subtract($step); + } + + // whatever happened, g is the closest guess we can make so return it + $root = $g; + + return $this->normalize($root); + } + + /** + * Calculates the nth root of a biginteger. + * + * @param int $n + * @return Engine + */ + public function root($n = 2) + { + return $this->rootHelper($n); + } + + /** + * Return the minimum BigInteger between an arbitrary number of BigIntegers. + * + * @param array $nums + * @return Engine + */ + protected static function minHelper(array $nums) + { + if (count($nums) == 1) { + return $nums[0]; + } + $min = $nums[0]; + for ($i = 1; $i < count($nums); $i++) { + $min = $min->compare($nums[$i]) > 0 ? $nums[$i] : $min; + } + return $min; + } + + /** + * Return the minimum BigInteger between an arbitrary number of BigIntegers. + * + * @param array $nums + * @return Engine + */ + protected static function maxHelper(array $nums) + { + if (count($nums) == 1) { + return $nums[0]; + } + $max = $nums[0]; + for ($i = 1; $i < count($nums); $i++) { + $max = $max->compare($nums[$i]) < 0 ? $nums[$i] : $max; + } + return $max; + } + + /** + * Create Recurring Modulo Function + * + * Sometimes it may be desirable to do repeated modulos with the same number outside of + * modular exponentiation + * + * @return callable + */ + public function createRecurringModuloFunction() + { + $class = static::class; + + $fqengine = !method_exists(static::$modexpEngine[static::class], 'reduce') ? + '\\phpseclib3\\Math\\BigInteger\\Engines\\' . static::ENGINE_DIR . '\\DefaultEngine' : + static::$modexpEngine[static::class]; + if (method_exists($fqengine, 'generateCustomReduction')) { + $func = $fqengine::generateCustomReduction($this, static::class); + return eval('return function(' . static::class . ' $x) use ($func, $class) { + $r = new $class(); + $r->value = $func($x->value); + return $r; + };'); + } + $n = $this->value; + return eval('return function(' . static::class . ' $x) use ($n, $fqengine, $class) { + $r = new $class(); + $r->value = $fqengine::reduce($x->value, $n, $class); + return $r; + };'); + } + + /** + * Calculates the greatest common divisor and Bezout's identity. + * + * @param Engine $n + * @return array{gcd: Engine, x: Engine, y: Engine} + */ + protected function extendedGCDHelper(Engine $n) + { + $u = clone $this; + $v = clone $n; + + $one = new static(1); + $zero = new static(); + + $a = clone $one; + $b = clone $zero; + $c = clone $zero; + $d = clone $one; + + while (!$v->equals($zero)) { + list($q) = $u->divide($v); + + $temp = $u; + $u = $v; + $v = $temp->subtract($v->multiply($q)); + + $temp = $a; + $a = $c; + $c = $temp->subtract($a->multiply($q)); + + $temp = $b; + $b = $d; + $d = $temp->subtract($b->multiply($q)); + } + + return [ + 'gcd' => $u, + 'x' => $a, + 'y' => $b + ]; + } + + /** + * Bitwise Split + * + * Splits BigInteger's into chunks of $split bits + * + * @param int $split + * @return Engine[] + */ + public function bitwise_split($split) + { + if ($split < 1) { + throw new \RuntimeException('Offset must be greater than 1'); + } + + $mask = static::$one[static::class]->bitwise_leftShift($split)->subtract(static::$one[static::class]); + + $num = clone $this; + + $vals = []; + while (!$num->equals(static::$zero[static::class])) { + $vals[] = $num->bitwise_and($mask); + $num = $num->bitwise_rightShift($split); + } + + return array_reverse($vals); + } + + /** + * Logical And + * + * @param Engine $x + * @return Engine + */ + protected function bitwiseAndHelper(Engine $x) + { + $left = $this->toBytes(true); + $right = $x->toBytes(true); + + $length = max(strlen($left), strlen($right)); + + $left = str_pad($left, $length, chr(0), STR_PAD_LEFT); + $right = str_pad($right, $length, chr(0), STR_PAD_LEFT); + + return $this->normalize(new static($left & $right, -256)); + } + + /** + * Logical Or + * + * @param Engine $x + * @return Engine + */ + protected function bitwiseOrHelper(Engine $x) + { + $left = $this->toBytes(true); + $right = $x->toBytes(true); + + $length = max(strlen($left), strlen($right)); + + $left = str_pad($left, $length, chr(0), STR_PAD_LEFT); + $right = str_pad($right, $length, chr(0), STR_PAD_LEFT); + + return $this->normalize(new static($left | $right, -256)); + } + + /** + * Logical Exclusive Or + * + * @param Engine $x + * @return Engine + */ + protected function bitwiseXorHelper(Engine $x) + { + $left = $this->toBytes(true); + $right = $x->toBytes(true); + + $length = max(strlen($left), strlen($right)); + + + $left = str_pad($left, $length, chr(0), STR_PAD_LEFT); + $right = str_pad($right, $length, chr(0), STR_PAD_LEFT); + return $this->normalize(new static($left ^ $right, -256)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/GMP.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/GMP.php new file mode 100644 index 0000000..f616362 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/GMP.php @@ -0,0 +1,694 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Math\BigInteger\Engines; + +use phpseclib3\Exception\BadConfigurationException; + +/** + * GMP Engine. + * + * @author Jim Wigginton + */ +class GMP extends Engine +{ + /** + * Can Bitwise operations be done fast? + * + * @see parent::bitwise_leftRotate() + * @see parent::bitwise_rightRotate() + */ + const FAST_BITWISE = true; + + /** + * Engine Directory + * + * @see parent::setModExpEngine + */ + const ENGINE_DIR = 'GMP'; + + /** + * Test for engine validity + * + * @return bool + * @see parent::__construct() + */ + public static function isValidEngine() + { + return extension_loaded('gmp'); + } + + /** + * Default constructor + * + * @param mixed $x integer Base-10 number or base-$base number if $base set. + * @param int $base + * @see parent::__construct() + */ + public function __construct($x = 0, $base = 10) + { + if (!isset(static::$isValidEngine[static::class])) { + static::$isValidEngine[static::class] = self::isValidEngine(); + } + if (!static::$isValidEngine[static::class]) { + throw new BadConfigurationException('GMP is not setup correctly on this system'); + } + + if ($x instanceof \GMP) { + $this->value = $x; + return; + } + + $this->value = gmp_init(0); + + parent::__construct($x, $base); + } + + /** + * Initialize a GMP BigInteger Engine instance + * + * @param int $base + * @see parent::__construct() + */ + protected function initialize($base) + { + switch (abs($base)) { + case 256: + $this->value = gmp_import($this->value); + if ($this->is_negative) { + $this->value = -$this->value; + } + break; + case 16: + $temp = $this->is_negative ? '-0x' . $this->value : '0x' . $this->value; + $this->value = gmp_init($temp); + break; + case 10: + $this->value = gmp_init(isset($this->value) ? $this->value : '0'); + } + } + + /** + * Converts a BigInteger to a base-10 number. + * + * @return string + */ + public function toString() + { + return (string)$this->value; + } + + /** + * Converts a BigInteger to a bit string (eg. base-2). + * + * Negative numbers are saved as positive numbers, unless $twos_compliment is set to true, at which point, they're + * saved as two's compliment. + * + * @param bool $twos_compliment + * @return string + */ + public function toBits($twos_compliment = false) + { + $hex = $this->toHex($twos_compliment); + + $bits = gmp_strval(gmp_init($hex, 16), 2); + + if ($this->precision > 0) { + $bits = substr($bits, -$this->precision); + } + + if ($twos_compliment && $this->compare(new static()) > 0 && $this->precision <= 0) { + return '0' . $bits; + } + + return $bits; + } + + /** + * Converts a BigInteger to a byte string (eg. base-256). + * + * @param bool $twos_compliment + * @return string + */ + public function toBytes($twos_compliment = false) + { + if ($twos_compliment) { + return $this->toBytesHelper(); + } + + if (gmp_cmp($this->value, gmp_init(0)) == 0) { + return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : ''; + } + + $temp = gmp_export($this->value); + + return $this->precision > 0 ? + substr(str_pad($temp, $this->precision >> 3, chr(0), STR_PAD_LEFT), -($this->precision >> 3)) : + ltrim($temp, chr(0)); + } + + /** + * Adds two BigIntegers. + * + * @param GMP $y + * @return GMP + */ + public function add(GMP $y) + { + $temp = new self(); + $temp->value = $this->value + $y->value; + + return $this->normalize($temp); + } + + /** + * Subtracts two BigIntegers. + * + * @param GMP $y + * @return GMP + */ + public function subtract(GMP $y) + { + $temp = new self(); + $temp->value = $this->value - $y->value; + + return $this->normalize($temp); + } + + /** + * Multiplies two BigIntegers. + * + * @param GMP $x + * @return GMP + */ + public function multiply(GMP $x) + { + $temp = new self(); + $temp->value = $this->value * $x->value; + + return $this->normalize($temp); + } + + /** + * Divides two BigIntegers. + * + * Returns an array whose first element contains the quotient and whose second element contains the + * "common residue". If the remainder would be positive, the "common residue" and the remainder are the + * same. If the remainder would be negative, the "common residue" is equal to the sum of the remainder + * and the divisor (basically, the "common residue" is the first positive modulo). + * + * @param GMP $y + * @return array{GMP, GMP} + */ + public function divide(GMP $y) + { + $quotient = new self(); + $remainder = new self(); + + list($quotient->value, $remainder->value) = gmp_div_qr($this->value, $y->value); + + if (gmp_sign($remainder->value) < 0) { + $remainder->value = $remainder->value + gmp_abs($y->value); + } + + return [$this->normalize($quotient), $this->normalize($remainder)]; + } + + /** + * Compares two numbers. + * + * Although one might think !$x->compare($y) means $x != $y, it, in fact, means the opposite. The reason for this + * is demonstrated thusly: + * + * $x > $y: $x->compare($y) > 0 + * $x < $y: $x->compare($y) < 0 + * $x == $y: $x->compare($y) == 0 + * + * Note how the same comparison operator is used. If you want to test for equality, use $x->equals($y). + * + * {@internal Could return $this->subtract($x), but that's not as fast as what we do do.} + * + * @param GMP $y + * @return int in case < 0 if $this is less than $y; > 0 if $this is greater than $y, and 0 if they are equal. + * @see self::equals() + */ + public function compare(GMP $y) + { + $r = gmp_cmp($this->value, $y->value); + if ($r < -1) { + $r = -1; + } + if ($r > 1) { + $r = 1; + } + return $r; + } + + /** + * Tests the equality of two numbers. + * + * If you need to see if one number is greater than or less than another number, use BigInteger::compare() + * + * @param GMP $x + * @return bool + */ + public function equals(GMP $x) + { + return $this->value == $x->value; + } + + /** + * Calculates modular inverses. + * + * Say you have (30 mod 17 * x mod 17) mod 17 == 1. x can be found using modular inverses. + * + * @param GMP $n + * @return false|GMP + */ + public function modInverse(GMP $n) + { + $temp = new self(); + $temp->value = gmp_invert($this->value, $n->value); + + return $temp->value === false ? false : $this->normalize($temp); + } + + /** + * Calculates the greatest common divisor and Bezout's identity. + * + * Say you have 693 and 609. The GCD is 21. Bezout's identity states that there exist integers x and y such that + * 693*x + 609*y == 21. In point of fact, there are actually an infinite number of x and y combinations and which + * combination is returned is dependent upon which mode is in use. See + * {@link http://en.wikipedia.org/wiki/B%C3%A9zout%27s_identity Bezout's identity - Wikipedia} for more information. + * + * @param GMP $n + * @return GMP[] + */ + public function extendedGCD(GMP $n) + { + extract(gmp_gcdext($this->value, $n->value)); + + return [ + 'gcd' => $this->normalize(new self($g)), + 'x' => $this->normalize(new self($s)), + 'y' => $this->normalize(new self($t)) + ]; + } + + /** + * Calculates the greatest common divisor + * + * Say you have 693 and 609. The GCD is 21. + * + * @param GMP $n + * @return GMP + */ + public function gcd(GMP $n) + { + $r = gmp_gcd($this->value, $n->value); + return $this->normalize(new self($r)); + } + + /** + * Absolute value. + * + * @return GMP + */ + public function abs() + { + $temp = new self(); + $temp->value = gmp_abs($this->value); + + return $temp; + } + + /** + * Logical And + * + * @param GMP $x + * @return GMP + */ + public function bitwise_and(GMP $x) + { + $temp = new self(); + $temp->value = $this->value & $x->value; + + return $this->normalize($temp); + } + + /** + * Logical Or + * + * @param GMP $x + * @return GMP + */ + public function bitwise_or(GMP $x) + { + $temp = new self(); + $temp->value = $this->value | $x->value; + + return $this->normalize($temp); + } + + /** + * Logical Exclusive Or + * + * @param GMP $x + * @return GMP + */ + public function bitwise_xor(GMP $x) + { + $temp = new self(); + $temp->value = $this->value ^ $x->value; + + return $this->normalize($temp); + } + + /** + * Logical Right Shift + * + * Shifts BigInteger's by $shift bits, effectively dividing by 2**$shift. + * + * @param int $shift + * @return GMP + */ + public function bitwise_rightShift($shift) + { + // 0xFFFFFFFF >> 2 == -1 (on 32-bit systems) + // gmp_init('0xFFFFFFFF') >> 2 == gmp_init('0x3FFFFFFF') + + $temp = new self(); + $temp->value = $this->value >> $shift; + + return $this->normalize($temp); + } + + /** + * Logical Left Shift + * + * Shifts BigInteger's by $shift bits, effectively multiplying by 2**$shift. + * + * @param int $shift + * @return GMP + */ + public function bitwise_leftShift($shift) + { + $temp = new self(); + $temp->value = $this->value << $shift; + + return $this->normalize($temp); + } + + /** + * Performs modular exponentiation. + * + * @param GMP $e + * @param GMP $n + * @return GMP + */ + public function modPow(GMP $e, GMP $n) + { + return $this->powModOuter($e, $n); + } + + /** + * Performs modular exponentiation. + * + * Alias for modPow(). + * + * @param GMP $e + * @param GMP $n + * @return GMP + */ + public function powMod(GMP $e, GMP $n) + { + return $this->powModOuter($e, $n); + } + + /** + * Performs modular exponentiation. + * + * @param GMP $e + * @param GMP $n + * @return GMP + */ + protected function powModInner(GMP $e, GMP $n) + { + $class = static::$modexpEngine[static::class]; + return $class::powModHelper($this, $e, $n); + } + + /** + * Normalize + * + * Removes leading zeros and truncates (if necessary) to maintain the appropriate precision + * + * @param GMP $result + * @return GMP + */ + protected function normalize(GMP $result) + { + $result->precision = $this->precision; + $result->bitmask = $this->bitmask; + + if ($result->bitmask !== false) { + $flip = $result->value < 0; + if ($flip) { + $result->value = -$result->value; + } + $result->value = $result->value & $result->bitmask->value; + if ($flip) { + $result->value = -$result->value; + } + } + + return $result; + } + + /** + * Performs some post-processing for randomRangePrime + * + * @param Engine $x + * @param Engine $min + * @param Engine $max + * @return GMP + */ + protected static function randomRangePrimeInner(Engine $x, Engine $min, Engine $max) + { + $p = gmp_nextprime($x->value); + + if ($p <= $max->value) { + return new self($p); + } + + if ($min->value != $x->value) { + $x = new self($x->value - 1); + } + + return self::randomRangePrime($min, $x); + } + + /** + * Generate a random prime number between a range + * + * If there's not a prime within the given range, false will be returned. + * + * @param GMP $min + * @param GMP $max + * @return false|GMP + */ + public static function randomRangePrime(GMP $min, GMP $max) + { + return self::randomRangePrimeOuter($min, $max); + } + + /** + * Generate a random number between a range + * + * Returns a random number between $min and $max where $min and $max + * can be defined using one of the two methods: + * + * BigInteger::randomRange($min, $max) + * BigInteger::randomRange($max, $min) + * + * @param GMP $min + * @param GMP $max + * @return GMP + */ + public static function randomRange(GMP $min, GMP $max) + { + return self::randomRangeHelper($min, $max); + } + + /** + * Make the current number odd + * + * If the current number is odd it'll be unchanged. If it's even, one will be added to it. + * + * @see self::randomPrime() + */ + protected function make_odd() + { + gmp_setbit($this->value, 0); + } + + /** + * Tests Primality + * + * @param int $t + * @return bool + */ + protected function testPrimality($t) + { + return gmp_prob_prime($this->value, $t) != 0; + } + + /** + * Calculates the nth root of a biginteger. + * + * Returns the nth root of a positive biginteger, where n defaults to 2 + * + * @param int $n + * @return GMP + */ + protected function rootInner($n) + { + $root = new self(); + $root->value = gmp_root($this->value, $n); + return $this->normalize($root); + } + + /** + * Performs exponentiation. + * + * @param GMP $n + * @return GMP + */ + public function pow(GMP $n) + { + $temp = new self(); + $temp->value = $this->value ** $n->value; + + return $this->normalize($temp); + } + + /** + * Return the minimum BigInteger between an arbitrary number of BigIntegers. + * + * @param GMP ...$nums + * @return GMP + */ + public static function min(GMP ...$nums) + { + return self::minHelper($nums); + } + + /** + * Return the maximum BigInteger between an arbitrary number of BigIntegers. + * + * @param GMP ...$nums + * @return GMP + */ + public static function max(GMP ...$nums) + { + return self::maxHelper($nums); + } + + /** + * Tests BigInteger to see if it is between two integers, inclusive + * + * @param GMP $min + * @param GMP $max + * @return bool + */ + public function between(GMP $min, GMP $max) + { + return $this->compare($min) >= 0 && $this->compare($max) <= 0; + } + + /** + * Create Recurring Modulo Function + * + * Sometimes it may be desirable to do repeated modulos with the same number outside of + * modular exponentiation + * + * @return callable + */ + public function createRecurringModuloFunction() + { + $temp = $this->value; + return function (GMP $x) use ($temp) { + return new GMP($x->value % $temp); + }; + } + + /** + * Scan for 1 and right shift by that amount + * + * ie. $s = gmp_scan1($n, 0) and $r = gmp_div_q($n, gmp_pow(gmp_init('2'), $s)); + * + * @param GMP $r + * @return int + */ + public static function scan1divide(GMP $r) + { + $s = gmp_scan1($r->value, 0); + $r->value >>= $s; + return $s; + } + + /** + * Is Odd? + * + * @return bool + */ + public function isOdd() + { + return gmp_testbit($this->value, 0); + } + + /** + * Tests if a bit is set + * + * @return bool + */ + public function testBit($x) + { + return gmp_testbit($this->value, $x); + } + + /** + * Is Negative? + * + * @return bool + */ + public function isNegative() + { + return gmp_sign($this->value) == -1; + } + + /** + * Negate + * + * Given $k, returns -$k + * + * @return GMP + */ + public function negate() + { + $temp = clone $this; + $temp->value = -$this->value; + + return $temp; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/GMP/DefaultEngine.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/GMP/DefaultEngine.php new file mode 100644 index 0000000..bc219fb --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/GMP/DefaultEngine.php @@ -0,0 +1,40 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Math\BigInteger\Engines\GMP; + +use phpseclib3\Math\BigInteger\Engines\GMP; + +/** + * GMP Modular Exponentiation Engine + * + * @author Jim Wigginton + */ +abstract class DefaultEngine extends GMP +{ + /** + * Performs modular exponentiation. + * + * @param GMP $x + * @param GMP $e + * @param GMP $n + * @return GMP + */ + protected static function powModHelper(GMP $x, GMP $e, GMP $n) + { + $temp = new GMP(); + $temp->value = gmp_powm($x->value, $e->value, $n->value); + + return $x->normalize($temp); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/OpenSSL.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/OpenSSL.php new file mode 100644 index 0000000..e33a9f1 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/OpenSSL.php @@ -0,0 +1,68 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Math\BigInteger\Engines; + +use phpseclib3\Crypt\RSA\Formats\Keys\PKCS8; +use phpseclib3\Math\BigInteger; + +/** + * OpenSSL Modular Exponentiation Engine + * + * @author Jim Wigginton + */ +abstract class OpenSSL +{ + /** + * Test for engine validity + * + * @return bool + */ + public static function isValidEngine() + { + return extension_loaded('openssl') && static::class != __CLASS__; + } + + /** + * Performs modular exponentiation. + * + * @param Engine $x + * @param Engine $e + * @param Engine $n + * @return Engine + */ + public static function powModHelper(Engine $x, Engine $e, Engine $n) + { + if ($n->getLengthInBytes() < 31 || $n->getLengthInBytes() > 16384) { + throw new \OutOfRangeException('Only modulo between 31 and 16384 bits are accepted'); + } + + $key = PKCS8::savePublicKey( + new BigInteger($n), + new BigInteger($e) + ); + + $plaintext = str_pad($x->toBytes(), $n->getLengthInBytes(), "\0", STR_PAD_LEFT); + + // this is easily prone to failure. if the modulo is a multiple of 2 or 3 or whatever it + // won't work and you'll get a "failure: error:0906D06C:PEM routines:PEM_read_bio:no start line" + // error. i suppose, for even numbers, we could do what PHP\Montgomery.php does, but then what + // about odd numbers divisible by 3, by 5, etc? + if (!openssl_public_encrypt($plaintext, $result, $key, OPENSSL_NO_PADDING)) { + throw new \UnexpectedValueException(openssl_error_string()); + } + + $class = get_class($x); + return new $class($result, 256); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP.php new file mode 100644 index 0000000..7e85783 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP.php @@ -0,0 +1,1344 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Math\BigInteger\Engines; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Exception\BadConfigurationException; + +/** + * Pure-PHP Engine. + * + * @author Jim Wigginton + */ +abstract class PHP extends Engine +{ + /**#@+ + * Array constants + * + * Rather than create a thousands and thousands of new BigInteger objects in repeated function calls to add() and + * multiply() or whatever, we'll just work directly on arrays, taking them in as parameters and returning them. + * + */ + /** + * $result[self::VALUE] contains the value. + */ + const VALUE = 0; + /** + * $result[self::SIGN] contains the sign. + */ + const SIGN = 1; + /**#@-*/ + + /** + * Karatsuba Cutoff + * + * At what point do we switch between Karatsuba multiplication and schoolbook long multiplication? + * + */ + const KARATSUBA_CUTOFF = 25; + + /** + * Can Bitwise operations be done fast? + * + * @see parent::bitwise_leftRotate() + * @see parent::bitwise_rightRotate() + */ + const FAST_BITWISE = true; + + /** + * Engine Directory + * + * @see parent::setModExpEngine + */ + const ENGINE_DIR = 'PHP'; + + /** + * Default constructor + * + * @param mixed $x integer Base-10 number or base-$base number if $base set. + * @param int $base + * @return PHP + * @see parent::__construct() + */ + public function __construct($x = 0, $base = 10) + { + if (!isset(static::$isValidEngine[static::class])) { + static::$isValidEngine[static::class] = static::isValidEngine(); + } + if (!static::$isValidEngine[static::class]) { + throw new BadConfigurationException(static::class . ' is not setup correctly on this system'); + } + + $this->value = []; + parent::__construct($x, $base); + } + + /** + * Initialize a PHP BigInteger Engine instance + * + * @param int $base + * @see parent::__construct() + */ + protected function initialize($base) + { + switch (abs($base)) { + case 16: + $x = (strlen($this->value) & 1) ? '0' . $this->value : $this->value; + $temp = new static(Strings::hex2bin($x), 256); + $this->value = $temp->value; + break; + case 10: + $temp = new static(); + + $multiplier = new static(); + $multiplier->value = [static::MAX10]; + + $x = $this->value; + + if ($x[0] == '-') { + $this->is_negative = true; + $x = substr($x, 1); + } + + $x = str_pad( + $x, + strlen($x) + ((static::MAX10LEN - 1) * strlen($x)) % static::MAX10LEN, + 0, + STR_PAD_LEFT + ); + while (strlen($x)) { + $temp = $temp->multiply($multiplier); + $temp = $temp->add(new static($this->int2bytes(substr($x, 0, static::MAX10LEN)), 256)); + $x = substr($x, static::MAX10LEN); + } + + $this->value = $temp->value; + } + } + + /** + * Pads strings so that unpack may be used on them + * + * @param string $str + * @return string + */ + protected function pad($str) + { + $length = strlen($str); + + $pad = 4 - (strlen($str) % 4); + + return str_pad($str, $length + $pad, "\0", STR_PAD_LEFT); + } + + /** + * Converts a BigInteger to a base-10 number. + * + * @return string + */ + public function toString() + { + if (!count($this->value)) { + return '0'; + } + + $temp = clone $this; + $temp->bitmask = false; + $temp->is_negative = false; + + $divisor = new static(); + $divisor->value = [static::MAX10]; + $result = ''; + while (count($temp->value)) { + list($temp, $mod) = $temp->divide($divisor); + $result = str_pad( + isset($mod->value[0]) ? $mod->value[0] : '', + static::MAX10LEN, + '0', + STR_PAD_LEFT + ) . $result; + } + $result = ltrim($result, '0'); + if (empty($result)) { + $result = '0'; + } + + if ($this->is_negative) { + $result = '-' . $result; + } + + return $result; + } + + /** + * Converts a BigInteger to a byte string (eg. base-256). + * + * @param bool $twos_compliment + * @return string + */ + public function toBytes($twos_compliment = false) + { + if ($twos_compliment) { + return $this->toBytesHelper(); + } + + if (!count($this->value)) { + return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : ''; + } + + $result = $this->bitwise_small_split(8); + $result = implode('', array_map('chr', $result)); + + return $this->precision > 0 ? + str_pad( + substr($result, -(($this->precision + 7) >> 3)), + ($this->precision + 7) >> 3, + chr(0), + STR_PAD_LEFT + ) : + $result; + } + + /** + * Performs addition. + * + * @param array $x_value + * @param bool $x_negative + * @param array $y_value + * @param bool $y_negative + * @return array + */ + protected static function addHelper(array $x_value, $x_negative, array $y_value, $y_negative) + { + $x_size = count($x_value); + $y_size = count($y_value); + + if ($x_size == 0) { + return [ + self::VALUE => $y_value, + self::SIGN => $y_negative + ]; + } elseif ($y_size == 0) { + return [ + self::VALUE => $x_value, + self::SIGN => $x_negative + ]; + } + + // subtract, if appropriate + if ($x_negative != $y_negative) { + if ($x_value == $y_value) { + return [ + self::VALUE => [], + self::SIGN => false + ]; + } + + $temp = self::subtractHelper($x_value, false, $y_value, false); + $temp[self::SIGN] = self::compareHelper($x_value, false, $y_value, false) > 0 ? + $x_negative : $y_negative; + + return $temp; + } + + if ($x_size < $y_size) { + $size = $x_size; + $value = $y_value; + } else { + $size = $y_size; + $value = $x_value; + } + + $value[count($value)] = 0; // just in case the carry adds an extra digit + + $carry = 0; + for ($i = 0, $j = 1; $j < $size; $i += 2, $j += 2) { + //$sum = $x_value[$j] * static::BASE_FULL + $x_value[$i] + $y_value[$j] * static::BASE_FULL + $y_value[$i] + $carry; + $sum = ($x_value[$j] + $y_value[$j]) * static::BASE_FULL + $x_value[$i] + $y_value[$i] + $carry; + $carry = $sum >= static::MAX_DIGIT2; // eg. floor($sum / 2**52); only possible values (in any base) are 0 and 1 + $sum = $carry ? $sum - static::MAX_DIGIT2 : $sum; + + $temp = static::BASE === 26 ? intval($sum / 0x4000000) : ($sum >> 31); + + $value[$i] = (int)($sum - static::BASE_FULL * $temp); // eg. a faster alternative to fmod($sum, 0x4000000) + $value[$j] = $temp; + } + + if ($j == $size) { // ie. if $y_size is odd + $sum = $x_value[$i] + $y_value[$i] + $carry; + $carry = $sum >= static::BASE_FULL; + $value[$i] = $carry ? $sum - static::BASE_FULL : $sum; + ++$i; // ie. let $i = $j since we've just done $value[$i] + } + + if ($carry) { + for (; $value[$i] == static::MAX_DIGIT; ++$i) { + $value[$i] = 0; + } + ++$value[$i]; + } + + return [ + self::VALUE => self::trim($value), + self::SIGN => $x_negative + ]; + } + + /** + * Performs subtraction. + * + * @param array $x_value + * @param bool $x_negative + * @param array $y_value + * @param bool $y_negative + * @return array + */ + public static function subtractHelper(array $x_value, $x_negative, array $y_value, $y_negative) + { + $x_size = count($x_value); + $y_size = count($y_value); + + if ($x_size == 0) { + return [ + self::VALUE => $y_value, + self::SIGN => !$y_negative + ]; + } elseif ($y_size == 0) { + return [ + self::VALUE => $x_value, + self::SIGN => $x_negative + ]; + } + + // add, if appropriate (ie. -$x - +$y or +$x - -$y) + if ($x_negative != $y_negative) { + $temp = self::addHelper($x_value, false, $y_value, false); + $temp[self::SIGN] = $x_negative; + + return $temp; + } + + $diff = self::compareHelper($x_value, $x_negative, $y_value, $y_negative); + + if (!$diff) { + return [ + self::VALUE => [], + self::SIGN => false + ]; + } + + // switch $x and $y around, if appropriate. + if ((!$x_negative && $diff < 0) || ($x_negative && $diff > 0)) { + $temp = $x_value; + $x_value = $y_value; + $y_value = $temp; + + $x_negative = !$x_negative; + + $x_size = count($x_value); + $y_size = count($y_value); + } + + // at this point, $x_value should be at least as big as - if not bigger than - $y_value + + $carry = 0; + for ($i = 0, $j = 1; $j < $y_size; $i += 2, $j += 2) { + $sum = ($x_value[$j] - $y_value[$j]) * static::BASE_FULL + $x_value[$i] - $y_value[$i] - $carry; + + $carry = $sum < 0; // eg. floor($sum / 2**52); only possible values (in any base) are 0 and 1 + $sum = $carry ? $sum + static::MAX_DIGIT2 : $sum; + + $temp = static::BASE === 26 ? intval($sum / 0x4000000) : ($sum >> 31); + + $x_value[$i] = (int)($sum - static::BASE_FULL * $temp); + $x_value[$j] = $temp; + } + + if ($j == $y_size) { // ie. if $y_size is odd + $sum = $x_value[$i] - $y_value[$i] - $carry; + $carry = $sum < 0; + $x_value[$i] = $carry ? $sum + static::BASE_FULL : $sum; + ++$i; + } + + if ($carry) { + for (; !$x_value[$i]; ++$i) { + $x_value[$i] = static::MAX_DIGIT; + } + --$x_value[$i]; + } + + return [ + self::VALUE => self::trim($x_value), + self::SIGN => $x_negative + ]; + } + + /** + * Performs multiplication. + * + * @param array $x_value + * @param bool $x_negative + * @param array $y_value + * @param bool $y_negative + * @return array + */ + protected static function multiplyHelper(array $x_value, $x_negative, array $y_value, $y_negative) + { + //if ( $x_value == $y_value ) { + // return [ + // self::VALUE => self::square($x_value), + // self::SIGN => $x_sign != $y_value + // ]; + //} + + $x_length = count($x_value); + $y_length = count($y_value); + + if (!$x_length || !$y_length) { // a 0 is being multiplied + return [ + self::VALUE => [], + self::SIGN => false + ]; + } + + return [ + self::VALUE => min($x_length, $y_length) < 2 * self::KARATSUBA_CUTOFF ? + self::trim(self::regularMultiply($x_value, $y_value)) : + self::trim(self::karatsuba($x_value, $y_value)), + self::SIGN => $x_negative != $y_negative + ]; + } + + /** + * Performs Karatsuba multiplication on two BigIntegers + * + * See {@link http://en.wikipedia.org/wiki/Karatsuba_algorithm Karatsuba algorithm} and + * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=120 MPM 5.2.3}. + * + * @param array $x_value + * @param array $y_value + * @return array + */ + private static function karatsuba(array $x_value, array $y_value) + { + $m = min(count($x_value) >> 1, count($y_value) >> 1); + + if ($m < self::KARATSUBA_CUTOFF) { + return self::regularMultiply($x_value, $y_value); + } + + $x1 = array_slice($x_value, $m); + $x0 = array_slice($x_value, 0, $m); + $y1 = array_slice($y_value, $m); + $y0 = array_slice($y_value, 0, $m); + + $z2 = self::karatsuba($x1, $y1); + $z0 = self::karatsuba($x0, $y0); + + $z1 = self::addHelper($x1, false, $x0, false); + $temp = self::addHelper($y1, false, $y0, false); + $z1 = self::karatsuba($z1[self::VALUE], $temp[self::VALUE]); + $temp = self::addHelper($z2, false, $z0, false); + $z1 = self::subtractHelper($z1, false, $temp[self::VALUE], false); + + $z2 = array_merge(array_fill(0, 2 * $m, 0), $z2); + $z1[self::VALUE] = array_merge(array_fill(0, $m, 0), $z1[self::VALUE]); + + $xy = self::addHelper($z2, false, $z1[self::VALUE], $z1[self::SIGN]); + $xy = self::addHelper($xy[self::VALUE], $xy[self::SIGN], $z0, false); + + return $xy[self::VALUE]; + } + + /** + * Performs long multiplication on two BigIntegers + * + * Modeled after 'multiply' in MutableBigInteger.java. + * + * @param array $x_value + * @param array $y_value + * @return array + */ + protected static function regularMultiply(array $x_value, array $y_value) + { + $x_length = count($x_value); + $y_length = count($y_value); + + if (!$x_length || !$y_length) { // a 0 is being multiplied + return []; + } + + $product_value = self::array_repeat(0, $x_length + $y_length); + + // the following for loop could be removed if the for loop following it + // (the one with nested for loops) initially set $i to 0, but + // doing so would also make the result in one set of unnecessary adds, + // since on the outermost loops first pass, $product->value[$k] is going + // to always be 0 + + $carry = 0; + for ($j = 0; $j < $x_length; ++$j) { // ie. $i = 0 + $temp = $x_value[$j] * $y_value[0] + $carry; // $product_value[$k] == 0 + $carry = static::BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31); + $product_value[$j] = (int)($temp - static::BASE_FULL * $carry); + } + + $product_value[$j] = $carry; + + // the above for loop is what the previous comment was talking about. the + // following for loop is the "one with nested for loops" + for ($i = 1; $i < $y_length; ++$i) { + $carry = 0; + + for ($j = 0, $k = $i; $j < $x_length; ++$j, ++$k) { + $temp = $product_value[$k] + $x_value[$j] * $y_value[$i] + $carry; + $carry = static::BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31); + $product_value[$k] = (int)($temp - static::BASE_FULL * $carry); + } + + $product_value[$k] = $carry; + } + + return $product_value; + } + + /** + * Divides two BigIntegers. + * + * Returns an array whose first element contains the quotient and whose second element contains the + * "common residue". If the remainder would be positive, the "common residue" and the remainder are the + * same. If the remainder would be negative, the "common residue" is equal to the sum of the remainder + * and the divisor (basically, the "common residue" is the first positive modulo). + * + * @return array{static, static} + * @internal This function is based off of + * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=9 HAC 14.20}. + */ + protected function divideHelper(PHP $y) + { + if (count($y->value) == 1) { + list($q, $r) = $this->divide_digit($this->value, $y->value[0]); + $quotient = new static(); + $remainder = new static(); + $quotient->value = $q; + $remainder->value = [$r]; + $quotient->is_negative = $this->is_negative != $y->is_negative; + return [$this->normalize($quotient), $this->normalize($remainder)]; + } + + $x = clone $this; + $y = clone $y; + + $x_sign = $x->is_negative; + $y_sign = $y->is_negative; + + $x->is_negative = $y->is_negative = false; + + $diff = $x->compare($y); + + if (!$diff) { + $temp = new static(); + $temp->value = [1]; + $temp->is_negative = $x_sign != $y_sign; + return [$this->normalize($temp), $this->normalize(static::$zero[static::class])]; + } + + if ($diff < 0) { + // if $x is negative, "add" $y. + if ($x_sign) { + $x = $y->subtract($x); + } + return [$this->normalize(static::$zero[static::class]), $this->normalize($x)]; + } + + // normalize $x and $y as described in HAC 14.23 / 14.24 + $msb = $y->value[count($y->value) - 1]; + for ($shift = 0; !($msb & static::MSB); ++$shift) { + $msb <<= 1; + } + $x->lshift($shift); + $y->lshift($shift); + $y_value = &$y->value; + + $x_max = count($x->value) - 1; + $y_max = count($y->value) - 1; + + $quotient = new static(); + $quotient_value = &$quotient->value; + $quotient_value = self::array_repeat(0, $x_max - $y_max + 1); + + static $temp, $lhs, $rhs; + if (!isset($temp)) { + $temp = new static(); + $lhs = new static(); + $rhs = new static(); + } + if (static::class != get_class($temp)) { + $temp = new static(); + $lhs = new static(); + $rhs = new static(); + } + $temp_value = &$temp->value; + $rhs_value = &$rhs->value; + + // $temp = $y << ($x_max - $y_max-1) in base 2**26 + $temp_value = array_merge(self::array_repeat(0, $x_max - $y_max), $y_value); + + while ($x->compare($temp) >= 0) { + // calculate the "common residue" + ++$quotient_value[$x_max - $y_max]; + $x = $x->subtract($temp); + $x_max = count($x->value) - 1; + } + + for ($i = $x_max; $i >= $y_max + 1; --$i) { + $x_value = &$x->value; + $x_window = [ + isset($x_value[$i]) ? $x_value[$i] : 0, + isset($x_value[$i - 1]) ? $x_value[$i - 1] : 0, + isset($x_value[$i - 2]) ? $x_value[$i - 2] : 0 + ]; + $y_window = [ + $y_value[$y_max], + ($y_max > 0) ? $y_value[$y_max - 1] : 0 + ]; + + $q_index = $i - $y_max - 1; + if ($x_window[0] == $y_window[0]) { + $quotient_value[$q_index] = static::MAX_DIGIT; + } else { + $quotient_value[$q_index] = self::safe_divide( + $x_window[0] * static::BASE_FULL + $x_window[1], + $y_window[0] + ); + } + + $temp_value = [$y_window[1], $y_window[0]]; + + $lhs->value = [$quotient_value[$q_index]]; + $lhs = $lhs->multiply($temp); + + $rhs_value = [$x_window[2], $x_window[1], $x_window[0]]; + + while ($lhs->compare($rhs) > 0) { + --$quotient_value[$q_index]; + + $lhs->value = [$quotient_value[$q_index]]; + $lhs = $lhs->multiply($temp); + } + + $adjust = self::array_repeat(0, $q_index); + $temp_value = [$quotient_value[$q_index]]; + $temp = $temp->multiply($y); + $temp_value = &$temp->value; + if (count($temp_value)) { + $temp_value = array_merge($adjust, $temp_value); + } + + $x = $x->subtract($temp); + + if ($x->compare(static::$zero[static::class]) < 0) { + $temp_value = array_merge($adjust, $y_value); + $x = $x->add($temp); + + --$quotient_value[$q_index]; + } + + $x_max = count($x_value) - 1; + } + + // unnormalize the remainder + $x->rshift($shift); + + $quotient->is_negative = $x_sign != $y_sign; + + // calculate the "common residue", if appropriate + if ($x_sign) { + $y->rshift($shift); + $x = $y->subtract($x); + } + + return [$this->normalize($quotient), $this->normalize($x)]; + } + + /** + * Divides a BigInteger by a regular integer + * + * abc / x = a00 / x + b0 / x + c / x + * + * @param array $dividend + * @param int $divisor + * @return array + */ + private static function divide_digit(array $dividend, $divisor) + { + $carry = 0; + $result = []; + + for ($i = count($dividend) - 1; $i >= 0; --$i) { + $temp = static::BASE_FULL * $carry + $dividend[$i]; + $result[$i] = self::safe_divide($temp, $divisor); + $carry = (int)($temp - $divisor * $result[$i]); + } + + return [$result, $carry]; + } + + /** + * Single digit division + * + * Even if int64 is being used the division operator will return a float64 value + * if the dividend is not evenly divisible by the divisor. Since a float64 doesn't + * have the precision of int64 this is a problem so, when int64 is being used, + * we'll guarantee that the dividend is divisible by first subtracting the remainder. + * + * @param int $x + * @param int $y + * @return int + */ + private static function safe_divide($x, $y) + { + if (static::BASE === 26) { + return (int)($x / $y); + } + + // static::BASE === 31 + /** @var int */ + return ($x - ($x % $y)) / $y; + } + + /** + * Convert an array / boolean to a PHP BigInteger object + * + * @param array $arr + * @return static + */ + protected function convertToObj(array $arr) + { + $result = new static(); + $result->value = $arr[self::VALUE]; + $result->is_negative = $arr[self::SIGN]; + + return $this->normalize($result); + } + + /** + * Normalize + * + * Removes leading zeros and truncates (if necessary) to maintain the appropriate precision + * + * @param PHP $result + * @return static + */ + protected function normalize(PHP $result) + { + $result->precision = $this->precision; + $result->bitmask = $this->bitmask; + + $value = &$result->value; + + if (!count($value)) { + $result->is_negative = false; + return $result; + } + + $value = static::trim($value); + + if (!empty($result->bitmask->value)) { + $length = min(count($value), count($result->bitmask->value)); + $value = array_slice($value, 0, $length); + + for ($i = 0; $i < $length; ++$i) { + $value[$i] = $value[$i] & $result->bitmask->value[$i]; + } + + $value = static::trim($value); + } + + return $result; + } + + /** + * Compares two numbers. + * + * @param array $x_value + * @param bool $x_negative + * @param array $y_value + * @param bool $y_negative + * @return int + * @see static::compare() + */ + protected static function compareHelper(array $x_value, $x_negative, array $y_value, $y_negative) + { + if ($x_negative != $y_negative) { + return (!$x_negative && $y_negative) ? 1 : -1; + } + + $result = $x_negative ? -1 : 1; + + if (count($x_value) != count($y_value)) { + return (count($x_value) > count($y_value)) ? $result : -$result; + } + $size = max(count($x_value), count($y_value)); + + $x_value = array_pad($x_value, $size, 0); + $y_value = array_pad($y_value, $size, 0); + + for ($i = count($x_value) - 1; $i >= 0; --$i) { + if ($x_value[$i] != $y_value[$i]) { + return ($x_value[$i] > $y_value[$i]) ? $result : -$result; + } + } + + return 0; + } + + /** + * Absolute value. + * + * @return PHP + */ + public function abs() + { + $temp = new static(); + $temp->value = $this->value; + + return $temp; + } + + /** + * Trim + * + * Removes leading zeros + * + * @param list $value + * @return list + */ + protected static function trim(array $value) + { + for ($i = count($value) - 1; $i >= 0; --$i) { + if ($value[$i]) { + break; + } + unset($value[$i]); + } + + return $value; + } + + /** + * Logical Right Shift + * + * Shifts BigInteger's by $shift bits, effectively dividing by 2**$shift. + * + * @param int $shift + * @return PHP + */ + public function bitwise_rightShift($shift) + { + $temp = new static(); + + // could just replace lshift with this, but then all lshift() calls would need to be rewritten + // and I don't want to do that... + $temp->value = $this->value; + $temp->rshift($shift); + + return $this->normalize($temp); + } + + /** + * Logical Left Shift + * + * Shifts BigInteger's by $shift bits, effectively multiplying by 2**$shift. + * + * @param int $shift + * @return PHP + */ + public function bitwise_leftShift($shift) + { + $temp = new static(); + // could just replace _rshift with this, but then all _lshift() calls would need to be rewritten + // and I don't want to do that... + $temp->value = $this->value; + $temp->lshift($shift); + + return $this->normalize($temp); + } + + /** + * Converts 32-bit integers to bytes. + * + * @param int $x + * @return string + */ + private static function int2bytes($x) + { + return ltrim(pack('N', $x), chr(0)); + } + + /** + * Array Repeat + * + * @param int $input + * @param int $multiplier + * @return array + */ + protected static function array_repeat($input, $multiplier) + { + return $multiplier ? array_fill(0, $multiplier, $input) : []; + } + + /** + * Logical Left Shift + * + * Shifts BigInteger's by $shift bits. + * + * @param int $shift + */ + protected function lshift($shift) + { + if ($shift == 0) { + return; + } + + $num_digits = (int)($shift / static::BASE); + $shift %= static::BASE; + $shift = 1 << $shift; + + $carry = 0; + + for ($i = 0; $i < count($this->value); ++$i) { + $temp = $this->value[$i] * $shift + $carry; + $carry = static::BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31); + $this->value[$i] = (int)($temp - $carry * static::BASE_FULL); + } + + if ($carry) { + $this->value[count($this->value)] = $carry; + } + + while ($num_digits--) { + array_unshift($this->value, 0); + } + } + + /** + * Logical Right Shift + * + * Shifts BigInteger's by $shift bits. + * + * @param int $shift + */ + protected function rshift($shift) + { + if ($shift == 0) { + return; + } + + $num_digits = (int)($shift / static::BASE); + $shift %= static::BASE; + $carry_shift = static::BASE - $shift; + $carry_mask = (1 << $shift) - 1; + + if ($num_digits) { + $this->value = array_slice($this->value, $num_digits); + } + + $carry = 0; + + for ($i = count($this->value) - 1; $i >= 0; --$i) { + $temp = $this->value[$i] >> $shift | $carry; + $carry = ($this->value[$i] & $carry_mask) << $carry_shift; + $this->value[$i] = $temp; + } + + $this->value = static::trim($this->value); + } + + /** + * Performs modular exponentiation. + * + * @param PHP $e + * @param PHP $n + * @return PHP + */ + protected function powModInner(PHP $e, PHP $n) + { + try { + $class = static::$modexpEngine[static::class]; + return $class::powModHelper($this, $e, $n, static::class); + } catch (\Exception $err) { + return PHP\DefaultEngine::powModHelper($this, $e, $n, static::class); + } + } + + /** + * Performs squaring + * + * @param list $x + * @return list + */ + protected static function square(array $x) + { + return count($x) < 2 * self::KARATSUBA_CUTOFF ? + self::trim(self::baseSquare($x)) : + self::trim(self::karatsubaSquare($x)); + } + + /** + * Performs traditional squaring on two BigIntegers + * + * Squaring can be done faster than multiplying a number by itself can be. See + * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=7 HAC 14.2.4} / + * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=141 MPM 5.3} for more information. + * + * @param array $value + * @return array + */ + protected static function baseSquare(array $value) + { + if (empty($value)) { + return []; + } + $square_value = self::array_repeat(0, 2 * count($value)); + + for ($i = 0, $max_index = count($value) - 1; $i <= $max_index; ++$i) { + $i2 = $i << 1; + + $temp = $square_value[$i2] + $value[$i] * $value[$i]; + $carry = static::BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31); + $square_value[$i2] = (int)($temp - static::BASE_FULL * $carry); + + // note how we start from $i+1 instead of 0 as we do in multiplication. + for ($j = $i + 1, $k = $i2 + 1; $j <= $max_index; ++$j, ++$k) { + $temp = $square_value[$k] + 2 * $value[$j] * $value[$i] + $carry; + $carry = static::BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31); + $square_value[$k] = (int)($temp - static::BASE_FULL * $carry); + } + + // the following line can yield values larger 2**15. at this point, PHP should switch + // over to floats. + $square_value[$i + $max_index + 1] = $carry; + } + + return $square_value; + } + + /** + * Performs Karatsuba "squaring" on two BigIntegers + * + * See {@link http://en.wikipedia.org/wiki/Karatsuba_algorithm Karatsuba algorithm} and + * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=151 MPM 5.3.4}. + * + * @param array $value + * @return array + */ + protected static function karatsubaSquare(array $value) + { + $m = count($value) >> 1; + + if ($m < self::KARATSUBA_CUTOFF) { + return self::baseSquare($value); + } + + $x1 = array_slice($value, $m); + $x0 = array_slice($value, 0, $m); + + $z2 = self::karatsubaSquare($x1); + $z0 = self::karatsubaSquare($x0); + + $z1 = self::addHelper($x1, false, $x0, false); + $z1 = self::karatsubaSquare($z1[self::VALUE]); + $temp = self::addHelper($z2, false, $z0, false); + $z1 = self::subtractHelper($z1, false, $temp[self::VALUE], false); + + $z2 = array_merge(array_fill(0, 2 * $m, 0), $z2); + $z1[self::VALUE] = array_merge(array_fill(0, $m, 0), $z1[self::VALUE]); + + $xx = self::addHelper($z2, false, $z1[self::VALUE], $z1[self::SIGN]); + $xx = self::addHelper($xx[self::VALUE], $xx[self::SIGN], $z0, false); + + return $xx[self::VALUE]; + } + + /** + * Make the current number odd + * + * If the current number is odd it'll be unchanged. If it's even, one will be added to it. + * + * @see self::randomPrime() + */ + protected function make_odd() + { + $this->value[0] |= 1; + } + + /** + * Test the number against small primes. + * + * @see self::isPrime() + */ + protected function testSmallPrimes() + { + if ($this->value == [1]) { + return false; + } + if ($this->value == [2]) { + return true; + } + if (~$this->value[0] & 1) { + return false; + } + + $value = $this->value; + foreach (static::PRIMES as $prime) { + list(, $r) = self::divide_digit($value, $prime); + if (!$r) { + return count($value) == 1 && $value[0] == $prime; + } + } + + return true; + } + + /** + * Scan for 1 and right shift by that amount + * + * ie. $s = gmp_scan1($n, 0) and $r = gmp_div_q($n, gmp_pow(gmp_init('2'), $s)); + * + * @param PHP $r + * @return int + * @see self::isPrime() + */ + public static function scan1divide(PHP $r) + { + $r_value = &$r->value; + for ($i = 0, $r_length = count($r_value); $i < $r_length; ++$i) { + $temp = ~$r_value[$i] & static::MAX_DIGIT; + for ($j = 1; ($temp >> $j) & 1; ++$j) { + } + if ($j <= static::BASE) { + break; + } + } + $s = static::BASE * $i + $j; + $r->rshift($s); + return $s; + } + + /** + * Performs exponentiation. + * + * @param PHP $n + * @return PHP + */ + protected function powHelper(PHP $n) + { + if ($n->compare(static::$zero[static::class]) == 0) { + return new static(1); + } // n^0 = 1 + + $temp = clone $this; + while (!$n->equals(static::$one[static::class])) { + $temp = $temp->multiply($this); + $n = $n->subtract(static::$one[static::class]); + } + + return $temp; + } + + /** + * Is Odd? + * + * @return bool + */ + public function isOdd() + { + return (bool)($this->value[0] & 1); + } + + /** + * Tests if a bit is set + * + * @return bool + */ + public function testBit($x) + { + $digit = (int) floor($x / static::BASE); + $bit = $x % static::BASE; + + if (!isset($this->value[$digit])) { + return false; + } + + return (bool)($this->value[$digit] & (1 << $bit)); + } + + /** + * Is Negative? + * + * @return bool + */ + public function isNegative() + { + return $this->is_negative; + } + + /** + * Negate + * + * Given $k, returns -$k + * + * @return static + */ + public function negate() + { + $temp = clone $this; + $temp->is_negative = !$temp->is_negative; + + return $temp; + } + + /** + * Bitwise Split + * + * Splits BigInteger's into chunks of $split bits + * + * @param int $split + * @return list + */ + public function bitwise_split($split) + { + if ($split < 1) { + throw new \RuntimeException('Offset must be greater than 1'); + } + + $width = (int)($split / static::BASE); + if (!$width) { + $arr = $this->bitwise_small_split($split); + return array_map(function ($digit) { + $temp = new static(); + $temp->value = $digit != 0 ? [$digit] : []; + return $temp; + }, $arr); + } + + $vals = []; + $val = $this->value; + + $i = $overflow = 0; + $len = count($val); + while ($i < $len) { + $digit = []; + if (!$overflow) { + $digit = array_slice($val, $i, $width); + $i += $width; + $overflow = $split % static::BASE; + if ($overflow) { + $mask = (1 << $overflow) - 1; + $temp = isset($val[$i]) ? $val[$i] : 0; + $digit[] = $temp & $mask; + } + } else { + $remaining = static::BASE - $overflow; + $tempsplit = $split - $remaining; + $tempwidth = (int)($tempsplit / static::BASE + 1); + $digit = array_slice($val, $i, $tempwidth); + $i += $tempwidth; + $tempoverflow = $tempsplit % static::BASE; + if ($tempoverflow) { + $tempmask = (1 << $tempoverflow) - 1; + $temp = isset($val[$i]) ? $val[$i] : 0; + $digit[] = $temp & $tempmask; + } + $newbits = 0; + for ($j = count($digit) - 1; $j >= 0; $j--) { + $temp = $digit[$j] & $mask; + $digit[$j] = ($digit[$j] >> $overflow) | ($newbits << $remaining); + $newbits = $temp; + } + $overflow = $tempoverflow; + $mask = $tempmask; + } + $temp = new static(); + $temp->value = static::trim($digit); + $vals[] = $temp; + } + + return array_reverse($vals); + } + + /** + * Bitwise Split where $split < static::BASE + * + * @param int $split + * @return list + */ + private function bitwise_small_split($split) + { + $vals = []; + $val = $this->value; + + $mask = (1 << $split) - 1; + + $i = $overflow = 0; + $len = count($val); + $val[] = 0; + $remaining = static::BASE; + while ($i != $len) { + $digit = $val[$i] & $mask; + $val[$i] >>= $split; + if (!$overflow) { + $remaining -= $split; + $overflow = $split <= $remaining ? 0 : $split - $remaining; + + if (!$remaining) { + $i++; + $remaining = static::BASE; + $overflow = 0; + } + } elseif (++$i != $len) { + $tempmask = (1 << $overflow) - 1; + $digit |= ($val[$i] & $tempmask) << $remaining; + $val[$i] >>= $overflow; + $remaining = static::BASE - $overflow; + $overflow = $split <= $remaining ? 0 : $split - $remaining; + } + + $vals[] = $digit; + } + + while ($vals[count($vals) - 1] == 0) { + unset($vals[count($vals) - 1]); + } + + return array_reverse($vals); + } + + /** + * @return bool + */ + protected static function testJITOnWindows() + { + // see https://github.com/php/php-src/issues/11917 + if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN' && function_exists('opcache_get_status') && PHP_VERSION_ID < 80213 && !defined('PHPSECLIB_ALLOW_JIT')) { + $status = opcache_get_status(); + if ($status && isset($status['jit']) && $status['jit']['enabled'] && $status['jit']['on']) { + return true; + } + } + return false; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Base.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Base.php new file mode 100644 index 0000000..40f64bd --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Base.php @@ -0,0 +1,143 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Math\BigInteger\Engines\PHP; + +use phpseclib3\Math\BigInteger\Engines\PHP; + +/** + * PHP Modular Exponentiation Engine + * + * @author Jim Wigginton + */ +abstract class Base extends PHP +{ + /** + * Cache constants + * + * $cache[self::VARIABLE] tells us whether or not the cached data is still valid. + * + */ + const VARIABLE = 0; + /** + * $cache[self::DATA] contains the cached data. + * + */ + const DATA = 1; + + /** + * Test for engine validity + * + * @return bool + */ + public static function isValidEngine() + { + return static::class != __CLASS__; + } + + /** + * Performs modular exponentiation. + * + * The most naive approach to modular exponentiation has very unreasonable requirements, and + * and although the approach involving repeated squaring does vastly better, it, too, is impractical + * for our purposes. The reason being that division - by far the most complicated and time-consuming + * of the basic operations (eg. +,-,*,/) - occurs multiple times within it. + * + * Modular reductions resolve this issue. Although an individual modular reduction takes more time + * then an individual division, when performed in succession (with the same modulo), they're a lot faster. + * + * The two most commonly used modular reductions are Barrett and Montgomery reduction. Montgomery reduction, + * although faster, only works when the gcd of the modulo and of the base being used is 1. In RSA, when the + * base is a power of two, the modulo - a product of two primes - is always going to have a gcd of 1 (because + * the product of two odd numbers is odd), but what about when RSA isn't used? + * + * In contrast, Barrett reduction has no such constraint. As such, some bigint implementations perform a + * Barrett reduction after every operation in the modpow function. Others perform Barrett reductions when the + * modulo is even and Montgomery reductions when the modulo is odd. BigInteger.java's modPow method, however, + * uses a trick involving the Chinese Remainder Theorem to factor the even modulo into two numbers - one odd and + * the other, a power of two - and recombine them, later. This is the method that this modPow function uses. + * {@link http://islab.oregonstate.edu/papers/j34monex.pdf Montgomery Reduction with Even Modulus} elaborates. + * + * @param PHP $x + * @param PHP $e + * @param PHP $n + * @param string $class + * @return PHP + */ + protected static function powModHelper(PHP $x, PHP $e, PHP $n, $class) + { + if (empty($e->value)) { + $temp = new $class(); + $temp->value = [1]; + return $x->normalize($temp); + } + + if ($e->value == [1]) { + list(, $temp) = $x->divide($n); + return $x->normalize($temp); + } + + if ($e->value == [2]) { + $temp = new $class(); + $temp->value = $class::square($x->value); + list(, $temp) = $temp->divide($n); + return $x->normalize($temp); + } + + return $x->normalize(static::slidingWindow($x, $e, $n, $class)); + } + + /** + * Modular reduction preparation + * + * @param array $x + * @param array $n + * @param string $class + * @see self::slidingWindow() + * @return array + */ + protected static function prepareReduce(array $x, array $n, $class) + { + return static::reduce($x, $n, $class); + } + + /** + * Modular multiply + * + * @param array $x + * @param array $y + * @param array $n + * @param string $class + * @see self::slidingWindow() + * @return array + */ + protected static function multiplyReduce(array $x, array $y, array $n, $class) + { + $temp = $class::multiplyHelper($x, false, $y, false); + return static::reduce($temp[self::VALUE], $n, $class); + } + + /** + * Modular square + * + * @param array $x + * @param array $n + * @param string $class + * @see self::slidingWindow() + * @return array + */ + protected static function squareReduce(array $x, array $n, $class) + { + return static::reduce($class::square($x), $n, $class); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/DefaultEngine.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/DefaultEngine.php new file mode 100644 index 0000000..6d33532 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/DefaultEngine.php @@ -0,0 +1,25 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Math\BigInteger\Engines\PHP; + +use phpseclib3\Math\BigInteger\Engines\PHP\Reductions\EvalBarrett; + +/** + * PHP Default Modular Exponentiation Engine + * + * @author Jim Wigginton + */ +abstract class DefaultEngine extends EvalBarrett +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Montgomery.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Montgomery.php new file mode 100644 index 0000000..09f825f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Montgomery.php @@ -0,0 +1,89 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Math\BigInteger\Engines\PHP; + +use phpseclib3\Math\BigInteger\Engines\Engine; +use phpseclib3\Math\BigInteger\Engines\PHP; +use phpseclib3\Math\BigInteger\Engines\PHP\Reductions\PowerOfTwo; + +/** + * PHP Montgomery Modular Exponentiation Engine + * + * @author Jim Wigginton + */ +abstract class Montgomery extends Base +{ + /** + * Test for engine validity + * + * @return bool + */ + public static function isValidEngine() + { + return static::class != __CLASS__; + } + + /** + * Performs modular exponentiation. + * + * @template T of Engine + * @param Engine $x + * @param Engine $e + * @param Engine $n + * @param class-string $class + * @return T + */ + protected static function slidingWindow(Engine $x, Engine $e, Engine $n, $class) + { + // is the modulo odd? + if ($n->value[0] & 1) { + return parent::slidingWindow($x, $e, $n, $class); + } + // if it's not, it's even + + // find the lowest set bit (eg. the max pow of 2 that divides $n) + for ($i = 0; $i < count($n->value); ++$i) { + if ($n->value[$i]) { + $temp = decbin($n->value[$i]); + $j = strlen($temp) - strrpos($temp, '1') - 1; + $j += $class::BASE * $i; + break; + } + } + // at this point, 2^$j * $n/(2^$j) == $n + + $mod1 = clone $n; + $mod1->rshift($j); + $mod2 = new $class(); + $mod2->value = [1]; + $mod2->lshift($j); + + $part1 = $mod1->value != [1] ? parent::slidingWindow($x, $e, $mod1, $class) : new $class(); + $part2 = PowerOfTwo::slidingWindow($x, $e, $mod2, $class); + + $y1 = $mod2->modInverse($mod1); + $y2 = $mod1->modInverse($mod2); + + $result = $part1->multiply($mod2); + $result = $result->multiply($y1); + + $temp = $part2->multiply($mod1); + $temp = $temp->multiply($y2); + + $result = $result->add($temp); + list(, $result) = $result->divide($n); + + return $result; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/OpenSSL.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/OpenSSL.php new file mode 100644 index 0000000..eddd25e --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/OpenSSL.php @@ -0,0 +1,25 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Math\BigInteger\Engines\PHP; + +use phpseclib3\Math\BigInteger\Engines\OpenSSL as Progenitor; + +/** + * OpenSSL Modular Exponentiation Engine + * + * @author Jim Wigginton + */ +abstract class OpenSSL extends Progenitor +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Barrett.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Barrett.php new file mode 100644 index 0000000..3518d76 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Barrett.php @@ -0,0 +1,281 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Math\BigInteger\Engines\PHP\Reductions; + +use phpseclib3\Math\BigInteger\Engines\PHP; +use phpseclib3\Math\BigInteger\Engines\PHP\Base; + +/** + * PHP Barrett Modular Exponentiation Engine + * + * @author Jim Wigginton + */ +abstract class Barrett extends Base +{ + /** + * Barrett Modular Reduction + * + * See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=14 HAC 14.3.3} / + * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=165 MPM 6.2.5} for more information. Modified slightly, + * so as not to require negative numbers (initially, this script didn't support negative numbers). + * + * Employs "folding", as described at + * {@link http://www.cosic.esat.kuleuven.be/publications/thesis-149.pdf#page=66 thesis-149.pdf#page=66}. To quote from + * it, "the idea [behind folding] is to find a value x' such that x (mod m) = x' (mod m), with x' being smaller than x." + * + * Unfortunately, the "Barrett Reduction with Folding" algorithm described in thesis-149.pdf is not, as written, all that + * usable on account of (1) its not using reasonable radix points as discussed in + * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=162 MPM 6.2.2} and (2) the fact that, even with reasonable + * radix points, it only works when there are an even number of digits in the denominator. The reason for (2) is that + * (x >> 1) + (x >> 1) != x / 2 + x / 2. If x is even, they're the same, but if x is odd, they're not. See the in-line + * comments for details. + * + * @param array $n + * @param array $m + * @param class-string $class + * @return array + */ + protected static function reduce(array $n, array $m, $class) + { + static $cache = [ + self::VARIABLE => [], + self::DATA => [] + ]; + + $m_length = count($m); + + // if (self::compareHelper($n, $static::square($m)) >= 0) { + if (count($n) > 2 * $m_length) { + $lhs = new $class(); + $rhs = new $class(); + $lhs->value = $n; + $rhs->value = $m; + list(, $temp) = $lhs->divide($rhs); + return $temp->value; + } + + // if (m.length >> 1) + 2 <= m.length then m is too small and n can't be reduced + if ($m_length < 5) { + return self::regularBarrett($n, $m, $class); + } + // n = 2 * m.length + + if (($key = array_search($m, $cache[self::VARIABLE])) === false) { + $key = count($cache[self::VARIABLE]); + $cache[self::VARIABLE][] = $m; + + $lhs = new $class(); + $lhs_value = &$lhs->value; + $lhs_value = self::array_repeat(0, $m_length + ($m_length >> 1)); + $lhs_value[] = 1; + $rhs = new $class(); + $rhs->value = $m; + + list($u, $m1) = $lhs->divide($rhs); + $u = $u->value; + $m1 = $m1->value; + + $cache[self::DATA][] = [ + 'u' => $u, // m.length >> 1 (technically (m.length >> 1) + 1) + 'm1' => $m1 // m.length + ]; + } else { + extract($cache[self::DATA][$key]); + } + + $cutoff = $m_length + ($m_length >> 1); + $lsd = array_slice($n, 0, $cutoff); // m.length + (m.length >> 1) + $msd = array_slice($n, $cutoff); // m.length >> 1 + + $lsd = self::trim($lsd); + $temp = $class::multiplyHelper($msd, false, $m1, false); // m.length + (m.length >> 1) + $n = $class::addHelper($lsd, false, $temp[self::VALUE], false); // m.length + (m.length >> 1) + 1 (so basically we're adding two same length numbers) + //if ($m_length & 1) { + // return self::regularBarrett($n[self::VALUE], $m, $class); + //} + + // (m.length + (m.length >> 1) + 1) - (m.length - 1) == (m.length >> 1) + 2 + $temp = array_slice($n[self::VALUE], $m_length - 1); + // if even: ((m.length >> 1) + 2) + (m.length >> 1) == m.length + 2 + // if odd: ((m.length >> 1) + 2) + (m.length >> 1) == (m.length - 1) + 2 == m.length + 1 + $temp = $class::multiplyHelper($temp, false, $u, false); + // if even: (m.length + 2) - ((m.length >> 1) + 1) = m.length - (m.length >> 1) + 1 + // if odd: (m.length + 1) - ((m.length >> 1) + 1) = m.length - (m.length >> 1) + $temp = array_slice($temp[self::VALUE], ($m_length >> 1) + 1); + // if even: (m.length - (m.length >> 1) + 1) + m.length = 2 * m.length - (m.length >> 1) + 1 + // if odd: (m.length - (m.length >> 1)) + m.length = 2 * m.length - (m.length >> 1) + $temp = $class::multiplyHelper($temp, false, $m, false); + + // at this point, if m had an odd number of digits, we'd be subtracting a 2 * m.length - (m.length >> 1) digit + // number from a m.length + (m.length >> 1) + 1 digit number. ie. there'd be an extra digit and the while loop + // following this comment would loop a lot (hence our calling _regularBarrett() in that situation). + + $result = $class::subtractHelper($n[self::VALUE], false, $temp[self::VALUE], false); + + while (self::compareHelper($result[self::VALUE], $result[self::SIGN], $m, false) >= 0) { + $result = $class::subtractHelper($result[self::VALUE], $result[self::SIGN], $m, false); + } + + return $result[self::VALUE]; + } + + /** + * (Regular) Barrett Modular Reduction + * + * For numbers with more than four digits BigInteger::_barrett() is faster. The difference between that and this + * is that this function does not fold the denominator into a smaller form. + * + * @param array $x + * @param array $n + * @param string $class + * @return array + */ + private static function regularBarrett(array $x, array $n, $class) + { + static $cache = [ + self::VARIABLE => [], + self::DATA => [] + ]; + + $n_length = count($n); + + if (count($x) > 2 * $n_length) { + $lhs = new $class(); + $rhs = new $class(); + $lhs->value = $x; + $rhs->value = $n; + list(, $temp) = $lhs->divide($rhs); + return $temp->value; + } + + if (($key = array_search($n, $cache[self::VARIABLE])) === false) { + $key = count($cache[self::VARIABLE]); + $cache[self::VARIABLE][] = $n; + $lhs = new $class(); + $lhs_value = &$lhs->value; + $lhs_value = self::array_repeat(0, 2 * $n_length); + $lhs_value[] = 1; + $rhs = new $class(); + $rhs->value = $n; + list($temp, ) = $lhs->divide($rhs); // m.length + $cache[self::DATA][] = $temp->value; + } + + // 2 * m.length - (m.length - 1) = m.length + 1 + $temp = array_slice($x, $n_length - 1); + // (m.length + 1) + m.length = 2 * m.length + 1 + $temp = $class::multiplyHelper($temp, false, $cache[self::DATA][$key], false); + // (2 * m.length + 1) - (m.length - 1) = m.length + 2 + $temp = array_slice($temp[self::VALUE], $n_length + 1); + + // m.length + 1 + $result = array_slice($x, 0, $n_length + 1); + // m.length + 1 + $temp = self::multiplyLower($temp, false, $n, false, $n_length + 1, $class); + // $temp == array_slice($class::regularMultiply($temp, false, $n, false)->value, 0, $n_length + 1) + + if (self::compareHelper($result, false, $temp[self::VALUE], $temp[self::SIGN]) < 0) { + $corrector_value = self::array_repeat(0, $n_length + 1); + $corrector_value[count($corrector_value)] = 1; + $result = $class::addHelper($result, false, $corrector_value, false); + $result = $result[self::VALUE]; + } + + // at this point, we're subtracting a number with m.length + 1 digits from another number with m.length + 1 digits + $result = $class::subtractHelper($result, false, $temp[self::VALUE], $temp[self::SIGN]); + while (self::compareHelper($result[self::VALUE], $result[self::SIGN], $n, false) > 0) { + $result = $class::subtractHelper($result[self::VALUE], $result[self::SIGN], $n, false); + } + + return $result[self::VALUE]; + } + + /** + * Performs long multiplication up to $stop digits + * + * If you're going to be doing array_slice($product->value, 0, $stop), some cycles can be saved. + * + * @see self::regularBarrett() + * @param array $x_value + * @param bool $x_negative + * @param array $y_value + * @param bool $y_negative + * @param int $stop + * @param string $class + * @return array + */ + private static function multiplyLower(array $x_value, $x_negative, array $y_value, $y_negative, $stop, $class) + { + $x_length = count($x_value); + $y_length = count($y_value); + + if (!$x_length || !$y_length) { // a 0 is being multiplied + return [ + self::VALUE => [], + self::SIGN => false + ]; + } + + if ($x_length < $y_length) { + $temp = $x_value; + $x_value = $y_value; + $y_value = $temp; + + $x_length = count($x_value); + $y_length = count($y_value); + } + + $product_value = self::array_repeat(0, $x_length + $y_length); + + // the following for loop could be removed if the for loop following it + // (the one with nested for loops) initially set $i to 0, but + // doing so would also make the result in one set of unnecessary adds, + // since on the outermost loops first pass, $product->value[$k] is going + // to always be 0 + + $carry = 0; + + for ($j = 0; $j < $x_length; ++$j) { // ie. $i = 0, $k = $i + $temp = $x_value[$j] * $y_value[0] + $carry; // $product_value[$k] == 0 + $carry = $class::BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31); + $product_value[$j] = (int) ($temp - $class::BASE_FULL * $carry); + } + + if ($j < $stop) { + $product_value[$j] = $carry; + } + + // the above for loop is what the previous comment was talking about. the + // following for loop is the "one with nested for loops" + + for ($i = 1; $i < $y_length; ++$i) { + $carry = 0; + + for ($j = 0, $k = $i; $j < $x_length && $k < $stop; ++$j, ++$k) { + $temp = $product_value[$k] + $x_value[$j] * $y_value[$i] + $carry; + $carry = $class::BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31); + $product_value[$k] = (int) ($temp - $class::BASE_FULL * $carry); + } + + if ($k < $stop) { + $product_value[$k] = $carry; + } + } + + return [ + self::VALUE => self::trim($product_value), + self::SIGN => $x_negative != $y_negative + ]; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Classic.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Classic.php new file mode 100644 index 0000000..54f3b86 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Classic.php @@ -0,0 +1,42 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Math\BigInteger\Engines\PHP\Reductions; + +use phpseclib3\Math\BigInteger\Engines\PHP\Base; + +/** + * PHP Classic Modular Exponentiation Engine + * + * @author Jim Wigginton + */ +abstract class Classic extends Base +{ + /** + * Regular Division + * + * @param array $x + * @param array $n + * @param string $class + * @return array + */ + protected static function reduce(array $x, array $n, $class) + { + $lhs = new $class(); + $lhs->value = $x; + $rhs = new $class(); + $rhs->value = $n; + list(, $temp) = $lhs->divide($rhs); + return $temp->value; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/EvalBarrett.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/EvalBarrett.php new file mode 100644 index 0000000..2f94331 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/EvalBarrett.php @@ -0,0 +1,484 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Math\BigInteger\Engines\PHP\Reductions; + +use phpseclib3\Math\BigInteger\Engines\PHP; +use phpseclib3\Math\BigInteger\Engines\PHP\Base; + +/** + * PHP Dynamic Barrett Modular Exponentiation Engine + * + * @author Jim Wigginton + */ +abstract class EvalBarrett extends Base +{ + /** + * Custom Reduction Function + * + * @see self::generateCustomReduction + */ + private static $custom_reduction; + + /** + * Barrett Modular Reduction + * + * This calls a dynamically generated loop unrolled function that's specific to a given modulo. + * Array lookups are avoided as are if statements testing for how many bits the host OS supports, etc. + * + * @param array $n + * @param array $m + * @param string $class + * @return array + */ + protected static function reduce(array $n, array $m, $class) + { + $inline = self::$custom_reduction; + return $inline($n); + } + + /** + * Generate Custom Reduction + * + * @param PHP $m + * @param string $class + * @return callable + */ + protected static function generateCustomReduction(PHP $m, $class) + { + $m_length = count($m->value); + + if ($m_length < 5) { + $code = ' + $lhs = new ' . $class . '(); + $lhs->value = $x; + $rhs = new ' . $class . '(); + $rhs->value = [' . + implode(',', array_map(self::class . '::float2string', $m->value)) . ']; + list(, $temp) = $lhs->divide($rhs); + return $temp->value; + '; + eval('$func = function ($x) { ' . $code . '};'); + self::$custom_reduction = $func; + //self::$custom_reduction = \Closure::bind($func, $m, $class); + return $func; + } + + $lhs = new $class(); + $lhs_value = &$lhs->value; + + $lhs_value = self::array_repeat(0, $m_length + ($m_length >> 1)); + $lhs_value[] = 1; + $rhs = new $class(); + + list($u, $m1) = $lhs->divide($m); + + if ($class::BASE != 26) { + $u = $u->value; + } else { + $lhs_value = self::array_repeat(0, 2 * $m_length); + $lhs_value[] = 1; + $rhs = new $class(); + + list($u) = $lhs->divide($m); + $u = $u->value; + } + + $m = $m->value; + $m1 = $m1->value; + + $cutoff = count($m) + (count($m) >> 1); + + $code = ' + if (count($n) > ' . (2 * count($m)) . ') { + $lhs = new ' . $class . '(); + $rhs = new ' . $class . '(); + $lhs->value = $n; + $rhs->value = [' . + implode(',', array_map(self::class . '::float2string', $m)) . ']; + list(, $temp) = $lhs->divide($rhs); + return $temp->value; + } + + $lsd = array_slice($n, 0, ' . $cutoff . '); + $msd = array_slice($n, ' . $cutoff . ');'; + + $code .= self::generateInlineTrim('msd'); + $code .= self::generateInlineMultiply('msd', $m1, 'temp', $class); + $code .= self::generateInlineAdd('lsd', 'temp', 'n', $class); + + $code .= '$temp = array_slice($n, ' . (count($m) - 1) . ');'; + $code .= self::generateInlineMultiply('temp', $u, 'temp2', $class); + $code .= self::generateInlineTrim('temp2'); + + $code .= $class::BASE == 26 ? + '$temp = array_slice($temp2, ' . (count($m) + 1) . ');' : + '$temp = array_slice($temp2, ' . ((count($m) >> 1) + 1) . ');'; + $code .= self::generateInlineMultiply('temp', $m, 'temp2', $class); + $code .= self::generateInlineTrim('temp2'); + + /* + if ($class::BASE == 26) { + $code.= '$n = array_slice($n, 0, ' . (count($m) + 1) . '); + $temp2 = array_slice($temp2, 0, ' . (count($m) + 1) . ');'; + } + */ + + $code .= self::generateInlineSubtract2('n', 'temp2', 'temp', $class); + + $subcode = self::generateInlineSubtract1('temp', $m, 'temp2', $class); + $subcode .= '$temp = $temp2;'; + + $code .= self::generateInlineCompare($m, 'temp', $subcode); + + $code .= 'return $temp;'; + + eval('$func = function ($n) { ' . $code . '};'); + + self::$custom_reduction = $func; + + return $func; + + //self::$custom_reduction = \Closure::bind($func, $m, $class); + } + + /** + * Inline Trim + * + * Removes leading zeros + * + * @param string $name + * @return string + */ + private static function generateInlineTrim($name) + { + return ' + for ($i = count($' . $name . ') - 1; $i >= 0; --$i) { + if ($' . $name . '[$i]) { + break; + } + unset($' . $name . '[$i]); + }'; + } + + /** + * Inline Multiply (unknown, known) + * + * @param string $input + * @param array $arr + * @param string $output + * @param string $class + * @return string + */ + private static function generateInlineMultiply($input, array $arr, $output, $class) + { + if (!count($arr)) { + return 'return [];'; + } + + $regular = ' + $length = count($' . $input . '); + if (!$length) { + $' . $output . ' = []; + }else{ + $' . $output . ' = array_fill(0, $length + ' . count($arr) . ', 0); + $carry = 0;'; + + for ($i = 0; $i < count($arr); $i++) { + $regular .= ' + $subtemp = $' . $input . '[0] * ' . $arr[$i]; + $regular .= $i ? ' + $carry;' : ';'; + + $regular .= '$carry = '; + $regular .= $class::BASE === 26 ? + 'intval($subtemp / 0x4000000);' : + '$subtemp >> 31;'; + $regular .= + '$' . $output . '[' . $i . '] = '; + if ($class::BASE === 26) { + $regular .= '(int) ('; + } + $regular .= '$subtemp - ' . $class::BASE_FULL . ' * $carry'; + $regular .= $class::BASE === 26 ? ');' : ';'; + } + + $regular .= '$' . $output . '[' . count($arr) . '] = $carry;'; + + $regular .= ' + for ($i = 1; $i < $length; ++$i) {'; + + for ($j = 0; $j < count($arr); $j++) { + $regular .= $j ? '$k++;' : '$k = $i;'; + $regular .= ' + $subtemp = $' . $output . '[$k] + $' . $input . '[$i] * ' . $arr[$j]; + $regular .= $j ? ' + $carry;' : ';'; + + $regular .= '$carry = '; + $regular .= $class::BASE === 26 ? + 'intval($subtemp / 0x4000000);' : + '$subtemp >> 31;'; + $regular .= + '$' . $output . '[$k] = '; + if ($class::BASE === 26) { + $regular .= '(int) ('; + } + $regular .= '$subtemp - ' . $class::BASE_FULL . ' * $carry'; + $regular .= $class::BASE === 26 ? ');' : ';'; + } + + $regular .= '$' . $output . '[++$k] = $carry; $carry = 0;'; + + $regular .= '}}'; + + //if (count($arr) < 2 * self::KARATSUBA_CUTOFF) { + //} + + return $regular; + } + + /** + * Inline Addition + * + * @param string $x + * @param string $y + * @param string $result + * @param string $class + * @return string + */ + private static function generateInlineAdd($x, $y, $result, $class) + { + $code = ' + $length = max(count($' . $x . '), count($' . $y . ')); + $' . $result . ' = array_pad($' . $x . ', $length + 1, 0); + $_' . $y . ' = array_pad($' . $y . ', $length, 0); + $carry = 0; + for ($i = 0, $j = 1; $j < $length; $i+=2, $j+=2) { + $sum = ($' . $result . '[$j] + $_' . $y . '[$j]) * ' . $class::BASE_FULL . ' + + $' . $result . '[$i] + $_' . $y . '[$i] + + $carry; + $carry = $sum >= ' . self::float2string($class::MAX_DIGIT2) . '; + $sum = $carry ? $sum - ' . self::float2string($class::MAX_DIGIT2) . ' : $sum;'; + + $code .= $class::BASE === 26 ? + '$upper = intval($sum / 0x4000000); $' . $result . '[$i] = (int) ($sum - ' . $class::BASE_FULL . ' * $upper);' : + '$upper = $sum >> 31; $' . $result . '[$i] = $sum - ' . $class::BASE_FULL . ' * $upper;'; + $code .= ' + $' . $result . '[$j] = $upper; + } + if ($j == $length) { + $sum = $' . $result . '[$i] + $_' . $y . '[$i] + $carry; + $carry = $sum >= ' . self::float2string($class::BASE_FULL) . '; + $' . $result . '[$i] = $carry ? $sum - ' . self::float2string($class::BASE_FULL) . ' : $sum; + ++$i; + } + if ($carry) { + for (; $' . $result . '[$i] == ' . $class::MAX_DIGIT . '; ++$i) { + $' . $result . '[$i] = 0; + } + ++$' . $result . '[$i]; + }'; + $code .= self::generateInlineTrim($result); + + return $code; + } + + /** + * Inline Subtraction 2 + * + * For when $known is more digits than $unknown. This is the harder use case to optimize for. + * + * @param string $known + * @param string $unknown + * @param string $result + * @param string $class + * @return string + */ + private static function generateInlineSubtract2($known, $unknown, $result, $class) + { + $code = ' + $' . $result . ' = $' . $known . '; + $carry = 0; + $size = count($' . $unknown . '); + for ($i = 0, $j = 1; $j < $size; $i+= 2, $j+= 2) { + $sum = ($' . $known . '[$j] - $' . $unknown . '[$j]) * ' . $class::BASE_FULL . ' + $' . $known . '[$i] + - $' . $unknown . '[$i] + - $carry; + $carry = $sum < 0; + if ($carry) { + $sum+= ' . self::float2string($class::MAX_DIGIT2) . '; + } + $subtemp = '; + $code .= $class::BASE === 26 ? + 'intval($sum / 0x4000000);' : + '$sum >> 31;'; + $code .= '$' . $result . '[$i] = '; + if ($class::BASE === 26) { + $code .= '(int) ('; + } + $code .= '$sum - ' . $class::BASE_FULL . ' * $subtemp'; + if ($class::BASE === 26) { + $code .= ')'; + } + $code .= '; + $' . $result . '[$j] = $subtemp; + } + if ($j == $size) { + $sum = $' . $known . '[$i] - $' . $unknown . '[$i] - $carry; + $carry = $sum < 0; + $' . $result . '[$i] = $carry ? $sum + ' . $class::BASE_FULL . ' : $sum; + ++$i; + } + + if ($carry) { + for (; !$' . $result . '[$i]; ++$i) { + $' . $result . '[$i] = ' . $class::MAX_DIGIT . '; + } + --$' . $result . '[$i]; + }'; + + $code .= self::generateInlineTrim($result); + + return $code; + } + + /** + * Inline Subtraction 1 + * + * For when $unknown is more digits than $known. This is the easier use case to optimize for. + * + * @param string $unknown + * @param array $known + * @param string $result + * @param string $class + * @return string + */ + private static function generateInlineSubtract1($unknown, array $known, $result, $class) + { + $code = '$' . $result . ' = $' . $unknown . ';'; + for ($i = 0, $j = 1; $j < count($known); $i += 2, $j += 2) { + $code .= '$sum = $' . $unknown . '[' . $j . '] * ' . $class::BASE_FULL . ' + $' . $unknown . '[' . $i . '] - '; + $code .= self::float2string($known[$j] * $class::BASE_FULL + $known[$i]); + if ($i != 0) { + $code .= ' - $carry'; + } + + $code .= '; + if ($carry = $sum < 0) { + $sum+= ' . self::float2string($class::MAX_DIGIT2) . '; + } + $subtemp = '; + $code .= $class::BASE === 26 ? + 'intval($sum / 0x4000000);' : + '$sum >> 31;'; + $code .= ' + $' . $result . '[' . $i . '] = '; + if ($class::BASE === 26) { + $code .= ' (int) ('; + } + $code .= '$sum - ' . $class::BASE_FULL . ' * $subtemp'; + if ($class::BASE === 26) { + $code .= ')'; + } + $code .= '; + $' . $result . '[' . $j . '] = $subtemp;'; + } + + $code .= '$i = ' . $i . ';'; + + if ($j == count($known)) { + $code .= ' + $sum = $' . $unknown . '[' . $i . '] - ' . $known[$i] . ' - $carry; + $carry = $sum < 0; + $' . $result . '[' . $i . '] = $carry ? $sum + ' . $class::BASE_FULL . ' : $sum; + ++$i;'; + } + + $code .= ' + if ($carry) { + for (; !$' . $result . '[$i]; ++$i) { + $' . $result . '[$i] = ' . $class::MAX_DIGIT . '; + } + --$' . $result . '[$i]; + }'; + $code .= self::generateInlineTrim($result); + + return $code; + } + + /** + * Inline Comparison + * + * If $unknown >= $known then loop + * + * @param array $known + * @param string $unknown + * @param string $subcode + * @return string + */ + private static function generateInlineCompare(array $known, $unknown, $subcode) + { + $uniqid = uniqid(); + $code = 'loop_' . $uniqid . ': + $clength = count($' . $unknown . '); + switch (true) { + case $clength < ' . count($known) . ': + goto end_' . $uniqid . '; + case $clength > ' . count($known) . ':'; + for ($i = count($known) - 1; $i >= 0; $i--) { + $code .= ' + case $' . $unknown . '[' . $i . '] > ' . $known[$i] . ': + goto subcode_' . $uniqid . '; + case $' . $unknown . '[' . $i . '] < ' . $known[$i] . ': + goto end_' . $uniqid . ';'; + } + $code .= ' + default: + // do subcode + } + + subcode_' . $uniqid . ':' . $subcode . ' + goto loop_' . $uniqid . '; + + end_' . $uniqid . ':'; + + return $code; + } + + /** + * Convert a float to a string + * + * If you do echo floatval(pow(2, 52)) you'll get 4.6116860184274E+18. It /can/ be displayed without a loss of + * precision but displayed in this way there will be precision loss, hence the need for this method. + * + * @param int|float $num + * @return string + */ + private static function float2string($num) + { + if (!is_float($num)) { + return (string) $num; + } + + if ($num < 0) { + return '-' . self::float2string(abs($num)); + } + + $temp = ''; + while ($num) { + $temp = fmod($num, 10) . $temp; + $num = floor($num / 10); + } + + return $temp; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Montgomery.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Montgomery.php new file mode 100644 index 0000000..a34035e --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Montgomery.php @@ -0,0 +1,126 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Math\BigInteger\Engines\PHP\Reductions; + +use phpseclib3\Math\BigInteger\Engines\PHP\Montgomery as Progenitor; + +/** + * PHP Montgomery Modular Exponentiation Engine + * + * @author Jim Wigginton + */ +abstract class Montgomery extends Progenitor +{ + /** + * Prepare a number for use in Montgomery Modular Reductions + * + * @param array $x + * @param array $n + * @param string $class + * @return array + */ + protected static function prepareReduce(array $x, array $n, $class) + { + $lhs = new $class(); + $lhs->value = array_merge(self::array_repeat(0, count($n)), $x); + $rhs = new $class(); + $rhs->value = $n; + + list(, $temp) = $lhs->divide($rhs); + return $temp->value; + } + + /** + * Montgomery Multiply + * + * Interleaves the montgomery reduction and long multiplication algorithms together as described in + * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=13 HAC 14.36} + * + * @param array $x + * @param array $n + * @param string $class + * @return array + */ + protected static function reduce(array $x, array $n, $class) + { + static $cache = [ + self::VARIABLE => [], + self::DATA => [] + ]; + + if (($key = array_search($n, $cache[self::VARIABLE])) === false) { + $key = count($cache[self::VARIABLE]); + $cache[self::VARIABLE][] = $x; + $cache[self::DATA][] = self::modInverse67108864($n, $class); + } + + $k = count($n); + + $result = [self::VALUE => $x]; + + for ($i = 0; $i < $k; ++$i) { + $temp = $result[self::VALUE][$i] * $cache[self::DATA][$key]; + $temp = $temp - $class::BASE_FULL * ($class::BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31)); + $temp = $class::regularMultiply([$temp], $n); + $temp = array_merge(self::array_repeat(0, $i), $temp); + $result = $class::addHelper($result[self::VALUE], false, $temp, false); + } + + $result[self::VALUE] = array_slice($result[self::VALUE], $k); + + if (self::compareHelper($result, false, $n, false) >= 0) { + $result = $class::subtractHelper($result[self::VALUE], false, $n, false); + } + + return $result[self::VALUE]; + } + + /** + * Modular Inverse of a number mod 2**26 (eg. 67108864) + * + * Based off of the bnpInvDigit function implemented and justified in the following URL: + * + * {@link http://www-cs-students.stanford.edu/~tjw/jsbn/jsbn.js} + * + * The following URL provides more info: + * + * {@link http://groups.google.com/group/sci.crypt/msg/7a137205c1be7d85} + * + * As for why we do all the bitmasking... strange things can happen when converting from floats to ints. For + * instance, on some computers, var_dump((int) -4294967297) yields int(-1) and on others, it yields + * int(-2147483648). To avoid problems stemming from this, we use bitmasks to guarantee that ints aren't + * auto-converted to floats. The outermost bitmask is present because without it, there's no guarantee that + * the "residue" returned would be the so-called "common residue". We use fmod, in the last step, because the + * maximum possible $x is 26 bits and the maximum $result is 16 bits. Thus, we have to be able to handle up to + * 40 bits, which only 64-bit floating points will support. + * + * Thanks to Pedro Gimeno Fortea for input! + * + * @param array $x + * @param string $class + * @return int + */ + protected static function modInverse67108864(array $x, $class) // 2**26 == 67,108,864 + { + $x = -$x[0]; + $result = $x & 0x3; // x**-1 mod 2**2 + $result = ($result * (2 - $x * $result)) & 0xF; // x**-1 mod 2**4 + $result = ($result * (2 - ($x & 0xFF) * $result)) & 0xFF; // x**-1 mod 2**8 + $result = ($result * ((2 - ($x & 0xFFFF) * $result) & 0xFFFF)) & 0xFFFF; // x**-1 mod 2**16 + $result = $class::BASE == 26 ? + fmod($result * (2 - fmod($x * $result, $class::BASE_FULL)), $class::BASE_FULL) : // x**-1 mod 2**26 + ($result * (2 - ($x * $result) % $class::BASE_FULL)) % $class::BASE_FULL; + return $result & $class::MAX_DIGIT; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/MontgomeryMult.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/MontgomeryMult.php new file mode 100644 index 0000000..4fed3c3 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/MontgomeryMult.php @@ -0,0 +1,76 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Math\BigInteger\Engines\PHP\Reductions; + +use phpseclib3\Math\BigInteger\Engines\PHP; + +/** + * PHP Montgomery Modular Exponentiation Engine with interleaved multiplication + * + * @author Jim Wigginton + */ +abstract class MontgomeryMult extends Montgomery +{ + /** + * Montgomery Multiply + * + * Interleaves the montgomery reduction and long multiplication algorithms together as described in + * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=13 HAC 14.36} + * + * @see self::_prepMontgomery() + * @see self::_montgomery() + * @param array $x + * @param array $y + * @param array $m + * @param class-string $class + * @return array + */ + public static function multiplyReduce(array $x, array $y, array $m, $class) + { + // the following code, although not callable, can be run independently of the above code + // although the above code performed better in my benchmarks the following could might + // perform better under different circumstances. in lieu of deleting it it's just been + // made uncallable + + static $cache = [ + self::VARIABLE => [], + self::DATA => [] + ]; + + if (($key = array_search($m, $cache[self::VARIABLE])) === false) { + $key = count($cache[self::VARIABLE]); + $cache[self::VARIABLE][] = $m; + $cache[self::DATA][] = self::modInverse67108864($m, $class); + } + + $n = max(count($x), count($y), count($m)); + $x = array_pad($x, $n, 0); + $y = array_pad($y, $n, 0); + $m = array_pad($m, $n, 0); + $a = [self::VALUE => self::array_repeat(0, $n + 1)]; + for ($i = 0; $i < $n; ++$i) { + $temp = $a[self::VALUE][0] + $x[$i] * $y[0]; + $temp = $temp - $class::BASE_FULL * ($class::BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31)); + $temp = $temp * $cache[self::DATA][$key]; + $temp = $temp - $class::BASE_FULL * ($class::BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31)); + $temp = $class::addHelper($class::regularMultiply([$x[$i]], $y), false, $class::regularMultiply([$temp], $m), false); + $a = $class::addHelper($a[self::VALUE], false, $temp[self::VALUE], false); + $a[self::VALUE] = array_slice($a[self::VALUE], 1); + } + if (self::compareHelper($a[self::VALUE], false, $m, false) >= 0) { + $a = $class::subtractHelper($a[self::VALUE], false, $m, false); + } + return $a[self::VALUE]; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/PowerOfTwo.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/PowerOfTwo.php new file mode 100644 index 0000000..9da133a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/PowerOfTwo.php @@ -0,0 +1,59 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Math\BigInteger\Engines\PHP\Reductions; + +use phpseclib3\Math\BigInteger\Engines\PHP\Base; + +/** + * PHP Power Of Two Modular Exponentiation Engine + * + * @author Jim Wigginton + */ +abstract class PowerOfTwo extends Base +{ + /** + * Prepare a number for use in Montgomery Modular Reductions + * + * @param array $x + * @param array $n + * @param string $class + * @return array + */ + protected static function prepareReduce(array $x, array $n, $class) + { + return self::reduce($x, $n, $class); + } + + /** + * Power Of Two Reduction + * + * @param array $x + * @param array $n + * @param string $class + * @return array + */ + protected static function reduce(array $x, array $n, $class) + { + $lhs = new $class(); + $lhs->value = $x; + $rhs = new $class(); + $rhs->value = $n; + + $temp = new $class(); + $temp->value = [1]; + + $result = $lhs->bitwise_and($rhs->subtract($temp)); + return $result->value; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP32.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP32.php new file mode 100644 index 0000000..3a775e7 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP32.php @@ -0,0 +1,371 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Math\BigInteger\Engines; + +/** + * Pure-PHP 32-bit Engine. + * + * Uses 64-bit floats if int size is 4 bits + * + * @author Jim Wigginton + */ +class PHP32 extends PHP +{ + // Constants used by PHP.php + const BASE = 26; + const BASE_FULL = 0x4000000; + const MAX_DIGIT = 0x3FFFFFF; + const MSB = 0x2000000; + + /** + * MAX10 in greatest MAX10LEN satisfying + * MAX10 = 10**MAX10LEN <= 2**BASE. + */ + const MAX10 = 10000000; + + /** + * MAX10LEN in greatest MAX10LEN satisfying + * MAX10 = 10**MAX10LEN <= 2**BASE. + */ + const MAX10LEN = 7; + const MAX_DIGIT2 = 4503599627370496; + + /** + * Initialize a PHP32 BigInteger Engine instance + * + * @param int $base + * @see parent::initialize() + */ + protected function initialize($base) + { + if ($base != 256 && $base != -256) { + return parent::initialize($base); + } + + $val = $this->value; + $this->value = []; + $vals = &$this->value; + $i = strlen($val); + if (!$i) { + return; + } + + while (true) { + $i -= 4; + if ($i < 0) { + if ($i == -4) { + break; + } + $val = substr($val, 0, 4 + $i); + $val = str_pad($val, 4, "\0", STR_PAD_LEFT); + if ($val == "\0\0\0\0") { + break; + } + $i = 0; + } + list(, $digit) = unpack('N', substr($val, $i, 4)); + if ($digit < 0) { + $digit += 0xFFFFFFFF + 1; + } + $step = count($vals) & 3; + if ($step) { + $digit = (int) floor($digit / pow(2, 2 * $step)); + } + if ($step != 3) { + $digit = (int) fmod($digit, static::BASE_FULL); + $i++; + } + $vals[] = $digit; + } + while (end($vals) === 0) { + array_pop($vals); + } + reset($vals); + } + + /** + * Test for engine validity + * + * @see parent::__construct() + * @return bool + */ + public static function isValidEngine() + { + return PHP_INT_SIZE >= 4 && !self::testJITOnWindows(); + } + + /** + * Adds two BigIntegers. + * + * @param PHP32 $y + * @return PHP32 + */ + public function add(PHP32 $y) + { + $temp = self::addHelper($this->value, $this->is_negative, $y->value, $y->is_negative); + + return $this->convertToObj($temp); + } + + /** + * Subtracts two BigIntegers. + * + * @param PHP32 $y + * @return PHP32 + */ + public function subtract(PHP32 $y) + { + $temp = self::subtractHelper($this->value, $this->is_negative, $y->value, $y->is_negative); + + return $this->convertToObj($temp); + } + + /** + * Multiplies two BigIntegers. + * + * @param PHP32 $y + * @return PHP32 + */ + public function multiply(PHP32 $y) + { + $temp = self::multiplyHelper($this->value, $this->is_negative, $y->value, $y->is_negative); + + return $this->convertToObj($temp); + } + + /** + * Divides two BigIntegers. + * + * Returns an array whose first element contains the quotient and whose second element contains the + * "common residue". If the remainder would be positive, the "common residue" and the remainder are the + * same. If the remainder would be negative, the "common residue" is equal to the sum of the remainder + * and the divisor (basically, the "common residue" is the first positive modulo). + * + * @param PHP32 $y + * @return array{PHP32, PHP32} + */ + public function divide(PHP32 $y) + { + return $this->divideHelper($y); + } + + /** + * Calculates modular inverses. + * + * Say you have (30 mod 17 * x mod 17) mod 17 == 1. x can be found using modular inverses. + * @param PHP32 $n + * @return false|PHP32 + */ + public function modInverse(PHP32 $n) + { + return $this->modInverseHelper($n); + } + + /** + * Calculates modular inverses. + * + * Say you have (30 mod 17 * x mod 17) mod 17 == 1. x can be found using modular inverses. + * @param PHP32 $n + * @return PHP32[] + */ + public function extendedGCD(PHP32 $n) + { + return $this->extendedGCDHelper($n); + } + + /** + * Calculates the greatest common divisor + * + * Say you have 693 and 609. The GCD is 21. + * + * @param PHP32 $n + * @return PHP32 + */ + public function gcd(PHP32 $n) + { + return $this->extendedGCD($n)['gcd']; + } + + /** + * Logical And + * + * @param PHP32 $x + * @return PHP32 + */ + public function bitwise_and(PHP32 $x) + { + return $this->bitwiseAndHelper($x); + } + + /** + * Logical Or + * + * @param PHP32 $x + * @return PHP32 + */ + public function bitwise_or(PHP32 $x) + { + return $this->bitwiseOrHelper($x); + } + + /** + * Logical Exclusive Or + * + * @param PHP32 $x + * @return PHP32 + */ + public function bitwise_xor(PHP32 $x) + { + return $this->bitwiseXorHelper($x); + } + + /** + * Compares two numbers. + * + * Although one might think !$x->compare($y) means $x != $y, it, in fact, means the opposite. The reason for this is + * demonstrated thusly: + * + * $x > $y: $x->compare($y) > 0 + * $x < $y: $x->compare($y) < 0 + * $x == $y: $x->compare($y) == 0 + * + * Note how the same comparison operator is used. If you want to test for equality, use $x->equals($y). + * + * {@internal Could return $this->subtract($x), but that's not as fast as what we do do.} + * + * @param PHP32 $y + * @return int in case < 0 if $this is less than $y; > 0 if $this is greater than $y, and 0 if they are equal. + * @see self::equals() + */ + public function compare(PHP32 $y) + { + return $this->compareHelper($this->value, $this->is_negative, $y->value, $y->is_negative); + } + + /** + * Tests the equality of two numbers. + * + * If you need to see if one number is greater than or less than another number, use BigInteger::compare() + * + * @param PHP32 $x + * @return bool + */ + public function equals(PHP32 $x) + { + return $this->value === $x->value && $this->is_negative == $x->is_negative; + } + + /** + * Performs modular exponentiation. + * + * @param PHP32 $e + * @param PHP32 $n + * @return PHP32 + */ + public function modPow(PHP32 $e, PHP32 $n) + { + return $this->powModOuter($e, $n); + } + + /** + * Performs modular exponentiation. + * + * Alias for modPow(). + * + * @param PHP32 $e + * @param PHP32 $n + * @return PHP32 + */ + public function powMod(PHP32 $e, PHP32 $n) + { + return $this->powModOuter($e, $n); + } + + /** + * Generate a random prime number between a range + * + * If there's not a prime within the given range, false will be returned. + * + * @param PHP32 $min + * @param PHP32 $max + * @return false|PHP32 + */ + public static function randomRangePrime(PHP32 $min, PHP32 $max) + { + return self::randomRangePrimeOuter($min, $max); + } + + /** + * Generate a random number between a range + * + * Returns a random number between $min and $max where $min and $max + * can be defined using one of the two methods: + * + * BigInteger::randomRange($min, $max) + * BigInteger::randomRange($max, $min) + * + * @param PHP32 $min + * @param PHP32 $max + * @return PHP32 + */ + public static function randomRange(PHP32 $min, PHP32 $max) + { + return self::randomRangeHelper($min, $max); + } + + /** + * Performs exponentiation. + * + * @param PHP32 $n + * @return PHP32 + */ + public function pow(PHP32 $n) + { + return $this->powHelper($n); + } + + /** + * Return the minimum BigInteger between an arbitrary number of BigIntegers. + * + * @param PHP32 ...$nums + * @return PHP32 + */ + public static function min(PHP32 ...$nums) + { + return self::minHelper($nums); + } + + /** + * Return the maximum BigInteger between an arbitrary number of BigIntegers. + * + * @param PHP32 ...$nums + * @return PHP32 + */ + public static function max(PHP32 ...$nums) + { + return self::maxHelper($nums); + } + + /** + * Tests BigInteger to see if it is between two integers, inclusive + * + * @param PHP32 $min + * @param PHP32 $max + * @return bool + */ + public function between(PHP32 $min, PHP32 $max) + { + return $this->compare($min) >= 0 && $this->compare($max) <= 0; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP64.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP64.php new file mode 100644 index 0000000..70a2e17 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP64.php @@ -0,0 +1,372 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Math\BigInteger\Engines; + +/** + * Pure-PHP 64-bit Engine. + * + * Uses 64-bit integers if int size is 8 bits + * + * @author Jim Wigginton + */ +class PHP64 extends PHP +{ + // Constants used by PHP.php + const BASE = 31; + const BASE_FULL = 0x80000000; + const MAX_DIGIT = 0x7FFFFFFF; + const MSB = 0x40000000; + + /** + * MAX10 in greatest MAX10LEN satisfying + * MAX10 = 10**MAX10LEN <= 2**BASE. + */ + const MAX10 = 1000000000; + + /** + * MAX10LEN in greatest MAX10LEN satisfying + * MAX10 = 10**MAX10LEN <= 2**BASE. + */ + const MAX10LEN = 9; + const MAX_DIGIT2 = 4611686018427387904; + + /** + * Initialize a PHP64 BigInteger Engine instance + * + * @param int $base + * @see parent::initialize() + */ + protected function initialize($base) + { + if ($base != 256 && $base != -256) { + return parent::initialize($base); + } + + $val = $this->value; + $this->value = []; + $vals = &$this->value; + $i = strlen($val); + if (!$i) { + return; + } + + while (true) { + $i -= 4; + if ($i < 0) { + if ($i == -4) { + break; + } + $val = substr($val, 0, 4 + $i); + $val = str_pad($val, 4, "\0", STR_PAD_LEFT); + if ($val == "\0\0\0\0") { + break; + } + $i = 0; + } + list(, $digit) = unpack('N', substr($val, $i, 4)); + $step = count($vals) & 7; + if (!$step) { + $digit &= static::MAX_DIGIT; + $i++; + } else { + $shift = 8 - $step; + $digit >>= $shift; + $shift = 32 - $shift; + $digit &= (1 << $shift) - 1; + $temp = $i > 0 ? ord($val[$i - 1]) : 0; + $digit |= ($temp << $shift) & 0x7F000000; + } + $vals[] = $digit; + } + while (end($vals) === 0) { + array_pop($vals); + } + reset($vals); + } + + /** + * Test for engine validity + * + * @see parent::__construct() + * @return bool + */ + public static function isValidEngine() + { + return PHP_INT_SIZE >= 8 && !self::testJITOnWindows(); + } + + /** + * Adds two BigIntegers. + * + * @param PHP64 $y + * @return PHP64 + */ + public function add(PHP64 $y) + { + $temp = self::addHelper($this->value, $this->is_negative, $y->value, $y->is_negative); + + return $this->convertToObj($temp); + } + + /** + * Subtracts two BigIntegers. + * + * @param PHP64 $y + * @return PHP64 + */ + public function subtract(PHP64 $y) + { + $temp = self::subtractHelper($this->value, $this->is_negative, $y->value, $y->is_negative); + + return $this->convertToObj($temp); + } + + /** + * Multiplies two BigIntegers. + * + * @param PHP64 $y + * @return PHP64 + */ + public function multiply(PHP64 $y) + { + $temp = self::multiplyHelper($this->value, $this->is_negative, $y->value, $y->is_negative); + + return $this->convertToObj($temp); + } + + /** + * Divides two BigIntegers. + * + * Returns an array whose first element contains the quotient and whose second element contains the + * "common residue". If the remainder would be positive, the "common residue" and the remainder are the + * same. If the remainder would be negative, the "common residue" is equal to the sum of the remainder + * and the divisor (basically, the "common residue" is the first positive modulo). + * + * @param PHP64 $y + * @return array{PHP64, PHP64} + */ + public function divide(PHP64 $y) + { + return $this->divideHelper($y); + } + + /** + * Calculates modular inverses. + * + * Say you have (30 mod 17 * x mod 17) mod 17 == 1. x can be found using modular inverses. + * @param PHP64 $n + * @return false|PHP64 + */ + public function modInverse(PHP64 $n) + { + return $this->modInverseHelper($n); + } + + /** + * Calculates modular inverses. + * + * Say you have (30 mod 17 * x mod 17) mod 17 == 1. x can be found using modular inverses. + * @param PHP64 $n + * @return PHP64[] + */ + public function extendedGCD(PHP64 $n) + { + return $this->extendedGCDHelper($n); + } + + /** + * Calculates the greatest common divisor + * + * Say you have 693 and 609. The GCD is 21. + * + * @param PHP64 $n + * @return PHP64 + */ + public function gcd(PHP64 $n) + { + return $this->extendedGCD($n)['gcd']; + } + + /** + * Logical And + * + * @param PHP64 $x + * @return PHP64 + */ + public function bitwise_and(PHP64 $x) + { + return $this->bitwiseAndHelper($x); + } + + /** + * Logical Or + * + * @param PHP64 $x + * @return PHP64 + */ + public function bitwise_or(PHP64 $x) + { + return $this->bitwiseOrHelper($x); + } + + /** + * Logical Exclusive Or + * + * @param PHP64 $x + * @return PHP64 + */ + public function bitwise_xor(PHP64 $x) + { + return $this->bitwiseXorHelper($x); + } + + /** + * Compares two numbers. + * + * Although one might think !$x->compare($y) means $x != $y, it, in fact, means the opposite. The reason for this is + * demonstrated thusly: + * + * $x > $y: $x->compare($y) > 0 + * $x < $y: $x->compare($y) < 0 + * $x == $y: $x->compare($y) == 0 + * + * Note how the same comparison operator is used. If you want to test for equality, use $x->equals($y). + * + * {@internal Could return $this->subtract($x), but that's not as fast as what we do do.} + * + * @param PHP64 $y + * @return int in case < 0 if $this is less than $y; > 0 if $this is greater than $y, and 0 if they are equal. + * @see self::equals() + */ + public function compare(PHP64 $y) + { + return parent::compareHelper($this->value, $this->is_negative, $y->value, $y->is_negative); + } + + /** + * Tests the equality of two numbers. + * + * If you need to see if one number is greater than or less than another number, use BigInteger::compare() + * + * @param PHP64 $x + * @return bool + */ + public function equals(PHP64 $x) + { + return $this->value === $x->value && $this->is_negative == $x->is_negative; + } + + /** + * Performs modular exponentiation. + * + * @param PHP64 $e + * @param PHP64 $n + * @return PHP64 + */ + public function modPow(PHP64 $e, PHP64 $n) + { + return $this->powModOuter($e, $n); + } + + /** + * Performs modular exponentiation. + * + * Alias for modPow(). + * + * @param PHP64 $e + * @param PHP64 $n + * @return PHP64|false + */ + public function powMod(PHP64 $e, PHP64 $n) + { + return $this->powModOuter($e, $n); + } + + /** + * Generate a random prime number between a range + * + * If there's not a prime within the given range, false will be returned. + * + * @param PHP64 $min + * @param PHP64 $max + * @return false|PHP64 + */ + public static function randomRangePrime(PHP64 $min, PHP64 $max) + { + return self::randomRangePrimeOuter($min, $max); + } + + /** + * Generate a random number between a range + * + * Returns a random number between $min and $max where $min and $max + * can be defined using one of the two methods: + * + * BigInteger::randomRange($min, $max) + * BigInteger::randomRange($max, $min) + * + * @param PHP64 $min + * @param PHP64 $max + * @return PHP64 + */ + public static function randomRange(PHP64 $min, PHP64 $max) + { + return self::randomRangeHelper($min, $max); + } + + /** + * Performs exponentiation. + * + * @param PHP64 $n + * @return PHP64 + */ + public function pow(PHP64 $n) + { + return $this->powHelper($n); + } + + /** + * Return the minimum BigInteger between an arbitrary number of BigIntegers. + * + * @param PHP64 ...$nums + * @return PHP64 + */ + public static function min(PHP64 ...$nums) + { + return self::minHelper($nums); + } + + /** + * Return the maximum BigInteger between an arbitrary number of BigIntegers. + * + * @param PHP64 ...$nums + * @return PHP64 + */ + public static function max(PHP64 ...$nums) + { + return self::maxHelper($nums); + } + + /** + * Tests BigInteger to see if it is between two integers, inclusive + * + * @param PHP64 $min + * @param PHP64 $max + * @return bool + */ + public function between(PHP64 $min, PHP64 $max) + { + return $this->compare($min) >= 0 && $this->compare($max) <= 0; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BinaryField.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BinaryField.php new file mode 100644 index 0000000..5da8c93 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BinaryField.php @@ -0,0 +1,203 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + */ + +namespace phpseclib3\Math; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Math\BinaryField\Integer; +use phpseclib3\Math\Common\FiniteField; + +/** + * Binary Finite Fields + * + * @author Jim Wigginton + */ +class BinaryField extends FiniteField +{ + /** + * Instance Counter + * + * @var int + */ + private static $instanceCounter = 0; + + /** + * Keeps track of current instance + * + * @var int + */ + protected $instanceID; + + /** @var BigInteger */ + private $randomMax; + + /** + * Default constructor + */ + public function __construct(...$indices) + { + $m = array_shift($indices); + if ($m > 571) { + /* sect571r1 and sect571k1 are the largest binary curves that https://www.secg.org/sec2-v2.pdf defines + altho theoretically there may be legit reasons to use binary finite fields with larger degrees + imposing a limit on the maximum size is both reasonable and precedented. in particular, + http://tools.ietf.org/html/rfc4253#section-6.1 (The Secure Shell (SSH) Transport Layer Protocol) says + "implementations SHOULD check that the packet length is reasonable in order for the implementation to + avoid denial of service and/or buffer overflow attacks" */ + throw new \OutOfBoundsException('Degrees larger than 571 are not supported'); + } + $val = str_repeat('0', $m) . '1'; + foreach ($indices as $index) { + $val[$index] = '1'; + } + $modulo = static::base2ToBase256(strrev($val)); + + $mStart = 2 * $m - 2; + $t = ceil($m / 8); + $finalMask = chr((1 << ($m % 8)) - 1); + if ($finalMask == "\0") { + $finalMask = "\xFF"; + } + $bitLen = $mStart + 1; + $pad = ceil($bitLen / 8); + $h = $bitLen & 7; + $h = $h ? 8 - $h : 0; + + $r = rtrim(substr($val, 0, -1), '0'); + $u = [static::base2ToBase256(strrev($r))]; + for ($i = 1; $i < 8; $i++) { + $u[] = static::base2ToBase256(strrev(str_repeat('0', $i) . $r)); + } + + // implements algorithm 2.40 (in section 2.3.5) in "Guide to Elliptic Curve Cryptography" + // with W = 8 + $reduce = function ($c) use ($u, $mStart, $m, $t, $finalMask, $pad, $h) { + $c = str_pad($c, $pad, "\0", STR_PAD_LEFT); + for ($i = $mStart; $i >= $m;) { + $g = $h >> 3; + $mask = $h & 7; + $mask = $mask ? 1 << (7 - $mask) : 0x80; + for (; $mask > 0; $mask >>= 1, $i--, $h++) { + if (ord($c[$g]) & $mask) { + $temp = $i - $m; + $j = $temp >> 3; + $k = $temp & 7; + $t1 = $j ? substr($c, 0, -$j) : $c; + $length = strlen($t1); + if ($length) { + $t2 = str_pad($u[$k], $length, "\0", STR_PAD_LEFT); + $temp = $t1 ^ $t2; + $c = $j ? substr_replace($c, $temp, 0, $length) : $temp; + } + } + } + } + $c = substr($c, -$t); + if (strlen($c) == $t) { + $c[0] = $c[0] & $finalMask; + } + return ltrim($c, "\0"); + }; + + $this->instanceID = self::$instanceCounter++; + Integer::setModulo($this->instanceID, $modulo); + Integer::setRecurringModuloFunction($this->instanceID, $reduce); + + $this->randomMax = new BigInteger($modulo, 2); + } + + /** + * Returns an instance of a dynamically generated PrimeFieldInteger class + * + * @param string $num + * @return Integer + */ + public function newInteger($num) + { + return new Integer($this->instanceID, $num instanceof BigInteger ? $num->toBytes() : $num); + } + + /** + * Returns an integer on the finite field between one and the prime modulo + * + * @return Integer + */ + public function randomInteger() + { + static $one; + if (!isset($one)) { + $one = new BigInteger(1); + } + + return new Integer($this->instanceID, BigInteger::randomRange($one, $this->randomMax)->toBytes()); + } + + /** + * Returns the length of the modulo in bytes + * + * @return int + */ + public function getLengthInBytes() + { + return strlen(Integer::getModulo($this->instanceID)); + } + + /** + * Returns the length of the modulo in bits + * + * @return int + */ + public function getLength() + { + return strlen(Integer::getModulo($this->instanceID)) << 3; + } + + /** + * Converts a base-2 string to a base-256 string + * + * @param string $x + * @param int|null $size + * @return string + */ + public static function base2ToBase256($x, $size = null) + { + $str = Strings::bits2bin($x); + + $pad = strlen($x) >> 3; + if (strlen($x) & 3) { + $pad++; + } + $str = str_pad($str, $pad, "\0", STR_PAD_LEFT); + if (isset($size)) { + $str = str_pad($str, $size, "\0", STR_PAD_LEFT); + } + + return $str; + } + + /** + * Converts a base-256 string to a base-2 string + * + * @param string $x + * @return string + */ + public static function base256ToBase2($x) + { + if (function_exists('gmp_import')) { + return gmp_strval(gmp_import($x), 2); + } + + return Strings::bin2bits($x); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BinaryField/Integer.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BinaryField/Integer.php new file mode 100644 index 0000000..8e88058 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BinaryField/Integer.php @@ -0,0 +1,516 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + */ + +namespace phpseclib3\Math\BinaryField; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Math\BigInteger; +use phpseclib3\Math\BinaryField; +use phpseclib3\Math\Common\FiniteField\Integer as Base; + +/** + * Binary Finite Fields + * + * @author Jim Wigginton + */ +class Integer extends Base +{ + /** + * Holds the BinaryField's value + * + * @var string + */ + protected $value; + + /** + * Keeps track of current instance + * + * @var int + */ + protected $instanceID; + + /** + * Holds the PrimeField's modulo + * + * @var array + */ + protected static $modulo; + + /** + * Holds a pre-generated function to perform modulo reductions + * + * @var callable[] + */ + protected static $reduce; + + /** + * Default constructor + */ + public function __construct($instanceID, $num = '') + { + $this->instanceID = $instanceID; + if (!strlen($num)) { + $this->value = ''; + } else { + $reduce = static::$reduce[$instanceID]; + $this->value = $reduce($num); + } + } + + /** + * Set the modulo for a given instance + * @param int $instanceID + * @param string $modulo + */ + public static function setModulo($instanceID, $modulo) + { + static::$modulo[$instanceID] = $modulo; + } + + /** + * Set the modulo for a given instance + */ + public static function setRecurringModuloFunction($instanceID, callable $function) + { + static::$reduce[$instanceID] = $function; + } + + /** + * Tests a parameter to see if it's of the right instance + * + * Throws an exception if the incorrect class is being utilized + */ + private static function checkInstance(self $x, self $y) + { + if ($x->instanceID != $y->instanceID) { + throw new \UnexpectedValueException('The instances of the two BinaryField\Integer objects do not match'); + } + } + + /** + * Tests the equality of two numbers. + * + * @return bool + */ + public function equals(self $x) + { + static::checkInstance($this, $x); + + return $this->value == $x->value; + } + + /** + * Compares two numbers. + * + * @return int + */ + public function compare(self $x) + { + static::checkInstance($this, $x); + + $a = $this->value; + $b = $x->value; + + $length = max(strlen($a), strlen($b)); + + $a = str_pad($a, $length, "\0", STR_PAD_LEFT); + $b = str_pad($b, $length, "\0", STR_PAD_LEFT); + + return strcmp($a, $b); + } + + /** + * Returns the degree of the polynomial + * + * @param string $x + * @return int + */ + private static function deg($x) + { + $x = ltrim($x, "\0"); + $xbit = decbin(ord($x[0])); + $xlen = $xbit == '0' ? 0 : strlen($xbit); + $len = strlen($x); + if (!$len) { + return -1; + } + return 8 * strlen($x) - 9 + $xlen; + } + + /** + * Perform polynomial division + * + * @return string[] + * @link https://en.wikipedia.org/wiki/Polynomial_greatest_common_divisor#Euclidean_division + */ + private static function polynomialDivide($x, $y) + { + // in wikipedia's description of the algorithm, lc() is the leading coefficient. over a binary field that's + // always going to be 1. + + $q = chr(0); + $d = static::deg($y); + $r = $x; + while (($degr = static::deg($r)) >= $d) { + $s = '1' . str_repeat('0', $degr - $d); + $s = BinaryField::base2ToBase256($s); + $length = max(strlen($s), strlen($q)); + $q = !isset($q) ? $s : + str_pad($q, $length, "\0", STR_PAD_LEFT) ^ + str_pad($s, $length, "\0", STR_PAD_LEFT); + $s = static::polynomialMultiply($s, $y); + $length = max(strlen($r), strlen($s)); + $r = str_pad($r, $length, "\0", STR_PAD_LEFT) ^ + str_pad($s, $length, "\0", STR_PAD_LEFT); + } + + return [ltrim($q, "\0"), ltrim($r, "\0")]; + } + + /** + * Perform polynomial multiplation in the traditional way + * + * @return string + * @link https://en.wikipedia.org/wiki/Finite_field_arithmetic#Multiplication + */ + private static function regularPolynomialMultiply($x, $y) + { + $precomputed = [ltrim($x, "\0")]; + $x = strrev(BinaryField::base256ToBase2($x)); + $y = strrev(BinaryField::base256ToBase2($y)); + if (strlen($x) == strlen($y)) { + $length = strlen($x); + } else { + $length = max(strlen($x), strlen($y)); + $x = str_pad($x, $length, '0'); + $y = str_pad($y, $length, '0'); + } + $result = str_repeat('0', 2 * $length - 1); + $result = BinaryField::base2ToBase256($result); + $size = strlen($result); + $x = strrev($x); + + // precompute left shift 1 through 7 + for ($i = 1; $i < 8; $i++) { + $precomputed[$i] = BinaryField::base2ToBase256($x . str_repeat('0', $i)); + } + for ($i = 0; $i < strlen($y); $i++) { + if ($y[$i] == '1') { + $temp = $precomputed[$i & 7] . str_repeat("\0", $i >> 3); + $result ^= str_pad($temp, $size, "\0", STR_PAD_LEFT); + } + } + + return $result; + } + + /** + * Perform polynomial multiplation + * + * Uses karatsuba multiplication to reduce x-bit multiplications to a series of 32-bit multiplications + * + * @return string + * @link https://en.wikipedia.org/wiki/Karatsuba_algorithm + */ + private static function polynomialMultiply($x, $y) + { + if (strlen($x) == strlen($y)) { + $length = strlen($x); + } else { + $length = max(strlen($x), strlen($y)); + $x = str_pad($x, $length, "\0", STR_PAD_LEFT); + $y = str_pad($y, $length, "\0", STR_PAD_LEFT); + } + + switch (true) { + case PHP_INT_SIZE == 8 && $length <= 4: + return $length != 4 ? + self::subMultiply(str_pad($x, 4, "\0", STR_PAD_LEFT), str_pad($y, 4, "\0", STR_PAD_LEFT)) : + self::subMultiply($x, $y); + case PHP_INT_SIZE == 4 || $length > 32: + return self::regularPolynomialMultiply($x, $y); + } + + $m = $length >> 1; + + $x1 = substr($x, 0, -$m); + $x0 = substr($x, -$m); + $y1 = substr($y, 0, -$m); + $y0 = substr($y, -$m); + + $z2 = self::polynomialMultiply($x1, $y1); + $z0 = self::polynomialMultiply($x0, $y0); + $z1 = self::polynomialMultiply( + self::subAdd2($x1, $x0), + self::subAdd2($y1, $y0) + ); + + $z1 = self::subAdd3($z1, $z2, $z0); + + $xy = self::subAdd3( + $z2 . str_repeat("\0", 2 * $m), + $z1 . str_repeat("\0", $m), + $z0 + ); + + return ltrim($xy, "\0"); + } + + /** + * Perform polynomial multiplication on 2x 32-bit numbers, returning + * a 64-bit number + * + * @param string $x + * @param string $y + * @return string + * @link https://www.bearssl.org/constanttime.html#ghash-for-gcm + */ + private static function subMultiply($x, $y) + { + $x = unpack('N', $x)[1]; + $y = unpack('N', $y)[1]; + + $x0 = $x & 0x11111111; + $x1 = $x & 0x22222222; + $x2 = $x & 0x44444444; + $x3 = $x & 0x88888888; + + $y0 = $y & 0x11111111; + $y1 = $y & 0x22222222; + $y2 = $y & 0x44444444; + $y3 = $y & 0x88888888; + + $z0 = ($x0 * $y0) ^ ($x1 * $y3) ^ ($x2 * $y2) ^ ($x3 * $y1); + $z1 = ($x0 * $y1) ^ ($x1 * $y0) ^ ($x2 * $y3) ^ ($x3 * $y2); + $z2 = ($x0 * $y2) ^ ($x1 * $y1) ^ ($x2 * $y0) ^ ($x3 * $y3); + $z3 = ($x0 * $y3) ^ ($x1 * $y2) ^ ($x2 * $y1) ^ ($x3 * $y0); + + $z0 &= 0x1111111111111111; + $z1 &= 0x2222222222222222; + $z2 &= 0x4444444444444444; + $z3 &= -8608480567731124088; // 0x8888888888888888 gets interpreted as a float + + $z = $z0 | $z1 | $z2 | $z3; + + return pack('J', $z); + } + + /** + * Adds two numbers + * + * @param string $x + * @param string $y + * @return string + */ + private static function subAdd2($x, $y) + { + $length = max(strlen($x), strlen($y)); + $x = str_pad($x, $length, "\0", STR_PAD_LEFT); + $y = str_pad($y, $length, "\0", STR_PAD_LEFT); + return $x ^ $y; + } + + /** + * Adds three numbers + * + * @param string $x + * @param string $y + * @return string + */ + private static function subAdd3($x, $y, $z) + { + $length = max(strlen($x), strlen($y), strlen($z)); + $x = str_pad($x, $length, "\0", STR_PAD_LEFT); + $y = str_pad($y, $length, "\0", STR_PAD_LEFT); + $z = str_pad($z, $length, "\0", STR_PAD_LEFT); + return $x ^ $y ^ $z; + } + + /** + * Adds two BinaryFieldIntegers. + * + * @return static + */ + public function add(self $y) + { + static::checkInstance($this, $y); + + $length = strlen(static::$modulo[$this->instanceID]); + + $x = str_pad($this->value, $length, "\0", STR_PAD_LEFT); + $y = str_pad($y->value, $length, "\0", STR_PAD_LEFT); + + return new static($this->instanceID, $x ^ $y); + } + + /** + * Subtracts two BinaryFieldIntegers. + * + * @return static + */ + public function subtract(self $x) + { + return $this->add($x); + } + + /** + * Multiplies two BinaryFieldIntegers. + * + * @return static + */ + public function multiply(self $y) + { + static::checkInstance($this, $y); + + return new static($this->instanceID, static::polynomialMultiply($this->value, $y->value)); + } + + /** + * Returns the modular inverse of a BinaryFieldInteger + * + * @return static + */ + public function modInverse() + { + $remainder0 = static::$modulo[$this->instanceID]; + $remainder1 = $this->value; + + if ($remainder1 == '') { + return new static($this->instanceID); + } + + $aux0 = "\0"; + $aux1 = "\1"; + while ($remainder1 != "\1") { + list($q, $r) = static::polynomialDivide($remainder0, $remainder1); + $remainder0 = $remainder1; + $remainder1 = $r; + // the auxiliary in row n is given by the sum of the auxiliary in + // row n-2 and the product of the quotient and the auxiliary in row + // n-1 + $temp = static::polynomialMultiply($aux1, $q); + $aux = str_pad($aux0, strlen($temp), "\0", STR_PAD_LEFT) ^ + str_pad($temp, strlen($aux0), "\0", STR_PAD_LEFT); + $aux0 = $aux1; + $aux1 = $aux; + } + + $temp = new static($this->instanceID); + $temp->value = ltrim($aux1, "\0"); + return $temp; + } + + /** + * Divides two PrimeFieldIntegers. + * + * @return static + */ + public function divide(self $x) + { + static::checkInstance($this, $x); + + $x = $x->modInverse(); + return $this->multiply($x); + } + + /** + * Negate + * + * A negative number can be written as 0-12. With modulos, 0 is the same thing as the modulo + * so 0-12 is the same thing as modulo-12 + * + * @return object + */ + public function negate() + { + $x = str_pad($this->value, strlen(static::$modulo[$this->instanceID]), "\0", STR_PAD_LEFT); + + return new static($this->instanceID, $x ^ static::$modulo[$this->instanceID]); + } + + /** + * Returns the modulo + * + * @return string + */ + public static function getModulo($instanceID) + { + return static::$modulo[$instanceID]; + } + + /** + * Converts an Integer to a byte string (eg. base-256). + * + * @return string + */ + public function toBytes() + { + return str_pad($this->value, strlen(static::$modulo[$this->instanceID]), "\0", STR_PAD_LEFT); + } + + /** + * Converts an Integer to a hex string (eg. base-16). + * + * @return string + */ + public function toHex() + { + return Strings::bin2hex($this->toBytes()); + } + + /** + * Converts an Integer to a bit string (eg. base-2). + * + * @return string + */ + public function toBits() + { + //return str_pad(BinaryField::base256ToBase2($this->value), strlen(static::$modulo[$this->instanceID]), '0', STR_PAD_LEFT); + return BinaryField::base256ToBase2($this->value); + } + + /** + * Converts an Integer to a BigInteger + * + * @return string + */ + public function toBigInteger() + { + return new BigInteger($this->value, 256); + } + + /** + * __toString() magic method + * + */ + public function __toString() + { + return (string) $this->toBigInteger(); + } + + /** + * __debugInfo() magic method + * + */ + public function __debugInfo() + { + return ['value' => $this->toHex()]; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/Common/FiniteField.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/Common/FiniteField.php new file mode 100644 index 0000000..2ea5f48 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/Common/FiniteField.php @@ -0,0 +1,22 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + */ + +namespace phpseclib3\Math\Common; + +/** + * Finite Fields + * + * @author Jim Wigginton + */ +abstract class FiniteField +{ +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/Common/FiniteField/Integer.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/Common/FiniteField/Integer.php new file mode 100644 index 0000000..3c959e9 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/Common/FiniteField/Integer.php @@ -0,0 +1,44 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + */ + +namespace phpseclib3\Math\Common\FiniteField; + +/** + * Finite Field Integer + * + * @author Jim Wigginton + */ +abstract class Integer implements \JsonSerializable +{ + /** + * JSON Serialize + * + * Will be called, automatically, when json_encode() is called on a BigInteger object. + * + * PHP Serialize isn't supported because unserializing would require the factory be + * serialized as well and that just sounds like too much + * + * @return array{hex: string} + */ + #[\ReturnTypeWillChange] + public function jsonSerialize() + { + return ['hex' => $this->toHex(true)]; + } + + /** + * Converts an Integer to a hex string (eg. base-16). + * + * @return string + */ + abstract public function toHex(); +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/PrimeField.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/PrimeField.php new file mode 100644 index 0000000..1a0667f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/PrimeField.php @@ -0,0 +1,118 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger + */ + +namespace phpseclib3\Math; + +use phpseclib3\Math\Common\FiniteField; +use phpseclib3\Math\PrimeField\Integer; + +/** + * Prime Finite Fields + * + * @author Jim Wigginton + */ +class PrimeField extends FiniteField +{ + /** + * Instance Counter + * + * @var int + */ + private static $instanceCounter = 0; + + /** + * Keeps track of current instance + * + * @var int + */ + protected $instanceID; + + /** + * Default constructor + */ + public function __construct(BigInteger $modulo) + { + if (!$modulo->isPrime()) { + throw new \UnexpectedValueException('PrimeField requires a prime number be passed to the constructor'); + } + + $this->instanceID = self::$instanceCounter++; + Integer::setModulo($this->instanceID, $modulo); + Integer::setRecurringModuloFunction($this->instanceID, $modulo->createRecurringModuloFunction()); + } + + /** + * Use a custom defined modular reduction function + * + * @return void + */ + public function setReduction(\Closure $func) + { + $this->reduce = $func->bindTo($this, $this); + } + + /** + * Returns an instance of a dynamically generated PrimeFieldInteger class + * + * @return Integer + */ + public function newInteger(BigInteger $num) + { + return new Integer($this->instanceID, $num); + } + + /** + * Returns an integer on the finite field between one and the prime modulo + * + * @return Integer + */ + public function randomInteger() + { + static $one; + if (!isset($one)) { + $one = new BigInteger(1); + } + + return new Integer($this->instanceID, BigInteger::randomRange($one, Integer::getModulo($this->instanceID))); + } + + /** + * Returns the length of the modulo in bytes + * + * @return int + */ + public function getLengthInBytes() + { + return Integer::getModulo($this->instanceID)->getLengthInBytes(); + } + + /** + * Returns the length of the modulo in bits + * + * @return int + */ + public function getLength() + { + return Integer::getModulo($this->instanceID)->getLength(); + } + + /** + * Destructor + */ + public function __destruct() + { + Integer::cleanupCache($this->instanceID); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/PrimeField/Integer.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/PrimeField/Integer.php new file mode 100644 index 0000000..1bd7aaf --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/PrimeField/Integer.php @@ -0,0 +1,419 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + */ + +namespace phpseclib3\Math\PrimeField; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Math\BigInteger; +use phpseclib3\Math\Common\FiniteField\Integer as Base; + +/** + * Prime Finite Fields + * + * @author Jim Wigginton + */ +class Integer extends Base +{ + /** + * Holds the PrimeField's value + * + * @var BigInteger + */ + protected $value; + + /** + * Keeps track of current instance + * + * @var int + */ + protected $instanceID; + + /** + * Holds the PrimeField's modulo + * + * @var array + */ + protected static $modulo; + + /** + * Holds a pre-generated function to perform modulo reductions + * + * @var array + */ + protected static $reduce; + + /** + * Zero + * + * @var BigInteger + */ + protected static $zero; + + /** + * Default constructor + * + * @param int $instanceID + */ + public function __construct($instanceID, BigInteger $num = null) + { + $this->instanceID = $instanceID; + if (!isset($num)) { + $this->value = clone static::$zero[static::class]; + } else { + $reduce = static::$reduce[$instanceID]; + $this->value = $reduce($num); + } + } + + /** + * Set the modulo for a given instance + * + * @param int $instanceID + * @return void + */ + public static function setModulo($instanceID, BigInteger $modulo) + { + static::$modulo[$instanceID] = $modulo; + } + + /** + * Set the modulo for a given instance + * + * @param int $instanceID + * @return void + */ + public static function setRecurringModuloFunction($instanceID, callable $function) + { + static::$reduce[$instanceID] = $function; + if (!isset(static::$zero[static::class])) { + static::$zero[static::class] = new BigInteger(); + } + } + + /** + * Delete the modulo for a given instance + */ + public static function cleanupCache($instanceID) + { + unset(static::$modulo[$instanceID]); + unset(static::$reduce[$instanceID]); + } + + /** + * Returns the modulo + * + * @param int $instanceID + * @return BigInteger + */ + public static function getModulo($instanceID) + { + return static::$modulo[$instanceID]; + } + + /** + * Tests a parameter to see if it's of the right instance + * + * Throws an exception if the incorrect class is being utilized + * + * @return void + */ + public static function checkInstance(self $x, self $y) + { + if ($x->instanceID != $y->instanceID) { + throw new \UnexpectedValueException('The instances of the two PrimeField\Integer objects do not match'); + } + } + + /** + * Tests the equality of two numbers. + * + * @return bool + */ + public function equals(self $x) + { + static::checkInstance($this, $x); + + return $this->value->equals($x->value); + } + + /** + * Compares two numbers. + * + * @return int + */ + public function compare(self $x) + { + static::checkInstance($this, $x); + + return $this->value->compare($x->value); + } + + /** + * Adds two PrimeFieldIntegers. + * + * @return static + */ + public function add(self $x) + { + static::checkInstance($this, $x); + + $temp = new static($this->instanceID); + $temp->value = $this->value->add($x->value); + if ($temp->value->compare(static::$modulo[$this->instanceID]) >= 0) { + $temp->value = $temp->value->subtract(static::$modulo[$this->instanceID]); + } + + return $temp; + } + + /** + * Subtracts two PrimeFieldIntegers. + * + * @return static + */ + public function subtract(self $x) + { + static::checkInstance($this, $x); + + $temp = new static($this->instanceID); + $temp->value = $this->value->subtract($x->value); + if ($temp->value->isNegative()) { + $temp->value = $temp->value->add(static::$modulo[$this->instanceID]); + } + + return $temp; + } + + /** + * Multiplies two PrimeFieldIntegers. + * + * @return static + */ + public function multiply(self $x) + { + static::checkInstance($this, $x); + + return new static($this->instanceID, $this->value->multiply($x->value)); + } + + /** + * Divides two PrimeFieldIntegers. + * + * @return static + */ + public function divide(self $x) + { + static::checkInstance($this, $x); + + $denominator = $x->value->modInverse(static::$modulo[$this->instanceID]); + return new static($this->instanceID, $this->value->multiply($denominator)); + } + + /** + * Performs power operation on a PrimeFieldInteger. + * + * @return static + */ + public function pow(BigInteger $x) + { + $temp = new static($this->instanceID); + $temp->value = $this->value->powMod($x, static::$modulo[$this->instanceID]); + + return $temp; + } + + /** + * Calculates the square root + * + * @link https://en.wikipedia.org/wiki/Tonelli%E2%80%93Shanks_algorithm + * @return static|false + */ + public function squareRoot() + { + static $one, $two; + if (!isset($one)) { + $one = new BigInteger(1); + $two = new BigInteger(2); + } + $reduce = static::$reduce[$this->instanceID]; + $p_1 = static::$modulo[$this->instanceID]->subtract($one); + $q = clone $p_1; + $s = BigInteger::scan1divide($q); + list($pow) = $p_1->divide($two); + for ($z = $one; !$z->equals(static::$modulo[$this->instanceID]); $z = $z->add($one)) { + $temp = $z->powMod($pow, static::$modulo[$this->instanceID]); + if ($temp->equals($p_1)) { + break; + } + } + + $m = new BigInteger($s); + $c = $z->powMod($q, static::$modulo[$this->instanceID]); + $t = $this->value->powMod($q, static::$modulo[$this->instanceID]); + list($temp) = $q->add($one)->divide($two); + $r = $this->value->powMod($temp, static::$modulo[$this->instanceID]); + + while (!$t->equals($one)) { + for ($i = clone $one; $i->compare($m) < 0; $i = $i->add($one)) { + if ($t->powMod($two->pow($i), static::$modulo[$this->instanceID])->equals($one)) { + break; + } + } + + if ($i->compare($m) == 0) { + return false; + } + $b = $c->powMod($two->pow($m->subtract($i)->subtract($one)), static::$modulo[$this->instanceID]); + $m = $i; + $c = $reduce($b->multiply($b)); + $t = $reduce($t->multiply($c)); + $r = $reduce($r->multiply($b)); + } + + return new static($this->instanceID, $r); + } + + /** + * Is Odd? + * + * @return bool + */ + public function isOdd() + { + return $this->value->isOdd(); + } + + /** + * Negate + * + * A negative number can be written as 0-12. With modulos, 0 is the same thing as the modulo + * so 0-12 is the same thing as modulo-12 + * + * @return static + */ + public function negate() + { + return new static($this->instanceID, static::$modulo[$this->instanceID]->subtract($this->value)); + } + + /** + * Converts an Integer to a byte string (eg. base-256). + * + * @return string + */ + public function toBytes() + { + if (isset(static::$modulo[$this->instanceID])) { + $length = static::$modulo[$this->instanceID]->getLengthInBytes(); + return str_pad($this->value->toBytes(), $length, "\0", STR_PAD_LEFT); + } + return $this->value->toBytes(); + } + + /** + * Converts an Integer to a hex string (eg. base-16). + * + * @return string + */ + public function toHex() + { + return Strings::bin2hex($this->toBytes()); + } + + /** + * Converts an Integer to a bit string (eg. base-2). + * + * @return string + */ + public function toBits() + { + // return $this->value->toBits(); + static $length; + if (!isset($length)) { + $length = static::$modulo[$this->instanceID]->getLength(); + } + + return str_pad($this->value->toBits(), $length, '0', STR_PAD_LEFT); + } + + /** + * Returns the w-ary non-adjacent form (wNAF) + * + * @param int $w optional + * @return array + */ + public function getNAF($w = 1) + { + $w++; + + $mask = new BigInteger((1 << $w) - 1); + $sub = new BigInteger(1 << $w); + //$sub = new BigInteger(1 << ($w - 1)); + $d = $this->toBigInteger(); + $d_i = []; + + $i = 0; + while ($d->compare(static::$zero[static::class]) > 0) { + if ($d->isOdd()) { + // start mods + + $bigInteger = $d->testBit($w - 1) ? + $d->bitwise_and($mask)->subtract($sub) : + //$sub->subtract($d->bitwise_and($mask)) : + $d->bitwise_and($mask); + // end mods + $d = $d->subtract($bigInteger); + $d_i[$i] = (int) $bigInteger->toString(); + } else { + $d_i[$i] = 0; + } + $shift = !$d->equals(static::$zero[static::class]) && $d->bitwise_and($mask)->equals(static::$zero[static::class]) ? $w : 1; // $w or $w + 1? + $d = $d->bitwise_rightShift($shift); + while (--$shift > 0) { + $d_i[++$i] = 0; + } + $i++; + } + + return $d_i; + } + + /** + * Converts an Integer to a BigInteger + * + * @return BigInteger + */ + public function toBigInteger() + { + return clone $this->value; + } + + /** + * __toString() magic method + * + * @return string + */ + public function __toString() + { + return (string) $this->value; + } + + /** + * __debugInfo() magic method + * + * @return array + */ + public function __debugInfo() + { + return ['value' => $this->toHex()]; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Net/SFTP.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Net/SFTP.php new file mode 100644 index 0000000..45f748d --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Net/SFTP.php @@ -0,0 +1,3547 @@ + + * login('username', 'password')) { + * exit('Login Failed'); + * } + * + * echo $sftp->pwd() . "\r\n"; + * $sftp->put('filename.ext', 'hello, world!'); + * print_r($sftp->nlist()); + * ?> + * + * + * @author Jim Wigginton + * @copyright 2009 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Net; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Exception\FileNotFoundException; + +/** + * Pure-PHP implementations of SFTP. + * + * @author Jim Wigginton + */ +class SFTP extends SSH2 +{ + /** + * SFTP channel constant + * + * \phpseclib3\Net\SSH2::exec() uses 0 and \phpseclib3\Net\SSH2::read() / \phpseclib3\Net\SSH2::write() use 1. + * + * @see \phpseclib3\Net\SSH2::send_channel_packet() + * @see \phpseclib3\Net\SSH2::get_channel_packet() + */ + const CHANNEL = 0x100; + + /** + * Reads data from a local file. + * + * @see \phpseclib3\Net\SFTP::put() + */ + const SOURCE_LOCAL_FILE = 1; + /** + * Reads data from a string. + * + * @see \phpseclib3\Net\SFTP::put() + */ + // this value isn't really used anymore but i'm keeping it reserved for historical reasons + const SOURCE_STRING = 2; + /** + * Reads data from callback: + * function callback($length) returns string to proceed, null for EOF + * + * @see \phpseclib3\Net\SFTP::put() + */ + const SOURCE_CALLBACK = 16; + /** + * Resumes an upload + * + * @see \phpseclib3\Net\SFTP::put() + */ + const RESUME = 4; + /** + * Append a local file to an already existing remote file + * + * @see \phpseclib3\Net\SFTP::put() + */ + const RESUME_START = 8; + + /** + * Packet Types + * + * @see self::__construct() + * @var array + * @access private + */ + private static $packet_types = []; + + /** + * Status Codes + * + * @see self::__construct() + * @var array + * @access private + */ + private static $status_codes = []; + + /** @var array */ + private static $attributes; + + /** @var array */ + private static $open_flags; + + /** @var array */ + private static $open_flags5; + + /** @var array */ + private static $file_types; + + /** + * The Request ID + * + * The request ID exists in the off chance that a packet is sent out-of-order. Of course, this library doesn't support + * concurrent actions, so it's somewhat academic, here. + * + * @var boolean + * @see self::_send_sftp_packet() + */ + private $use_request_id = false; + + /** + * The Packet Type + * + * The request ID exists in the off chance that a packet is sent out-of-order. Of course, this library doesn't support + * concurrent actions, so it's somewhat academic, here. + * + * @var int + * @see self::_get_sftp_packet() + */ + private $packet_type = -1; + + /** + * Packet Buffer + * + * @var string + * @see self::_get_sftp_packet() + */ + private $packet_buffer = ''; + + /** + * Extensions supported by the server + * + * @var array + * @see self::_initChannel() + */ + private $extensions = []; + + /** + * Server SFTP version + * + * @var int + * @see self::_initChannel() + */ + private $version; + + /** + * Default Server SFTP version + * + * @var int + * @see self::_initChannel() + */ + private $defaultVersion; + + /** + * Preferred SFTP version + * + * @var int + * @see self::_initChannel() + */ + private $preferredVersion = 3; + + /** + * Current working directory + * + * @var string|bool + * @see self::realpath() + * @see self::chdir() + */ + private $pwd = false; + + /** + * Packet Type Log + * + * @see self::getLog() + * @var array + */ + private $packet_type_log = []; + + /** + * Packet Log + * + * @see self::getLog() + * @var array + */ + private $packet_log = []; + + /** + * Real-time log file pointer + * + * @see self::_append_log() + * @var resource|closed-resource + */ + private $realtime_log_file; + + /** + * Real-time log file size + * + * @see self::_append_log() + * @var int + */ + private $realtime_log_size; + + /** + * Real-time log file wrap boolean + * + * @see self::_append_log() + * @var bool + */ + private $realtime_log_wrap; + + /** + * Current log size + * + * Should never exceed self::LOG_MAX_SIZE + * + * @var int + */ + private $log_size; + + /** + * Error information + * + * @see self::getSFTPErrors() + * @see self::getLastSFTPError() + * @var array + */ + private $sftp_errors = []; + + /** + * Stat Cache + * + * Rather than always having to open a directory and close it immediately there after to see if a file is a directory + * we'll cache the results. + * + * @see self::_update_stat_cache() + * @see self::_remove_from_stat_cache() + * @see self::_query_stat_cache() + * @var array + */ + private $stat_cache = []; + + /** + * Max SFTP Packet Size + * + * @see self::__construct() + * @see self::get() + * @var int + */ + private $max_sftp_packet; + + /** + * Stat Cache Flag + * + * @see self::disableStatCache() + * @see self::enableStatCache() + * @var bool + */ + private $use_stat_cache = true; + + /** + * Sort Options + * + * @see self::_comparator() + * @see self::setListOrder() + * @var array + */ + protected $sortOptions = []; + + /** + * Canonicalization Flag + * + * Determines whether or not paths should be canonicalized before being + * passed on to the remote server. + * + * @see self::enablePathCanonicalization() + * @see self::disablePathCanonicalization() + * @see self::realpath() + * @var bool + */ + private $canonicalize_paths = true; + + /** + * Request Buffers + * + * @see self::_get_sftp_packet() + * @var array + */ + private $requestBuffer = []; + + /** + * Preserve timestamps on file downloads / uploads + * + * @see self::get() + * @see self::put() + * @var bool + */ + private $preserveTime = false; + + /** + * Arbitrary Length Packets Flag + * + * Determines whether or not packets of any length should be allowed, + * in cases where the server chooses the packet length (such as + * directory listings). By default, packets are only allowed to be + * 256 * 1024 bytes (SFTP_MAX_MSG_LENGTH from OpenSSH's sftp-common.h) + * + * @see self::enableArbitraryLengthPackets() + * @see self::_get_sftp_packet() + * @var bool + */ + private $allow_arbitrary_length_packets = false; + + /** + * Was the last packet due to the channels being closed or not? + * + * @see self::get() + * @see self::get_sftp_packet() + * @var bool + */ + private $channel_close = false; + + /** + * Has the SFTP channel been partially negotiated? + * + * @var bool + */ + private $partial_init = false; + + /** + * Default Constructor. + * + * Connects to an SFTP server + * + * $host can either be a string, representing the host, or a stream resource. + * + * @param mixed $host + * @param int $port + * @param int $timeout + */ + public function __construct($host, $port = 22, $timeout = 10) + { + parent::__construct($host, $port, $timeout); + + $this->max_sftp_packet = 1 << 15; + + if (empty(self::$packet_types)) { + self::$packet_types = [ + 1 => 'NET_SFTP_INIT', + 2 => 'NET_SFTP_VERSION', + 3 => 'NET_SFTP_OPEN', + 4 => 'NET_SFTP_CLOSE', + 5 => 'NET_SFTP_READ', + 6 => 'NET_SFTP_WRITE', + 7 => 'NET_SFTP_LSTAT', + 9 => 'NET_SFTP_SETSTAT', + 10 => 'NET_SFTP_FSETSTAT', + 11 => 'NET_SFTP_OPENDIR', + 12 => 'NET_SFTP_READDIR', + 13 => 'NET_SFTP_REMOVE', + 14 => 'NET_SFTP_MKDIR', + 15 => 'NET_SFTP_RMDIR', + 16 => 'NET_SFTP_REALPATH', + 17 => 'NET_SFTP_STAT', + 18 => 'NET_SFTP_RENAME', + 19 => 'NET_SFTP_READLINK', + 20 => 'NET_SFTP_SYMLINK', + 21 => 'NET_SFTP_LINK', + + 101 => 'NET_SFTP_STATUS', + 102 => 'NET_SFTP_HANDLE', + 103 => 'NET_SFTP_DATA', + 104 => 'NET_SFTP_NAME', + 105 => 'NET_SFTP_ATTRS', + + 200 => 'NET_SFTP_EXTENDED' + ]; + self::$status_codes = [ + 0 => 'NET_SFTP_STATUS_OK', + 1 => 'NET_SFTP_STATUS_EOF', + 2 => 'NET_SFTP_STATUS_NO_SUCH_FILE', + 3 => 'NET_SFTP_STATUS_PERMISSION_DENIED', + 4 => 'NET_SFTP_STATUS_FAILURE', + 5 => 'NET_SFTP_STATUS_BAD_MESSAGE', + 6 => 'NET_SFTP_STATUS_NO_CONNECTION', + 7 => 'NET_SFTP_STATUS_CONNECTION_LOST', + 8 => 'NET_SFTP_STATUS_OP_UNSUPPORTED', + 9 => 'NET_SFTP_STATUS_INVALID_HANDLE', + 10 => 'NET_SFTP_STATUS_NO_SUCH_PATH', + 11 => 'NET_SFTP_STATUS_FILE_ALREADY_EXISTS', + 12 => 'NET_SFTP_STATUS_WRITE_PROTECT', + 13 => 'NET_SFTP_STATUS_NO_MEDIA', + 14 => 'NET_SFTP_STATUS_NO_SPACE_ON_FILESYSTEM', + 15 => 'NET_SFTP_STATUS_QUOTA_EXCEEDED', + 16 => 'NET_SFTP_STATUS_UNKNOWN_PRINCIPAL', + 17 => 'NET_SFTP_STATUS_LOCK_CONFLICT', + 18 => 'NET_SFTP_STATUS_DIR_NOT_EMPTY', + 19 => 'NET_SFTP_STATUS_NOT_A_DIRECTORY', + 20 => 'NET_SFTP_STATUS_INVALID_FILENAME', + 21 => 'NET_SFTP_STATUS_LINK_LOOP', + 22 => 'NET_SFTP_STATUS_CANNOT_DELETE', + 23 => 'NET_SFTP_STATUS_INVALID_PARAMETER', + 24 => 'NET_SFTP_STATUS_FILE_IS_A_DIRECTORY', + 25 => 'NET_SFTP_STATUS_BYTE_RANGE_LOCK_CONFLICT', + 26 => 'NET_SFTP_STATUS_BYTE_RANGE_LOCK_REFUSED', + 27 => 'NET_SFTP_STATUS_DELETE_PENDING', + 28 => 'NET_SFTP_STATUS_FILE_CORRUPT', + 29 => 'NET_SFTP_STATUS_OWNER_INVALID', + 30 => 'NET_SFTP_STATUS_GROUP_INVALID', + 31 => 'NET_SFTP_STATUS_NO_MATCHING_BYTE_RANGE_LOCK' + ]; + // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-7.1 + // the order, in this case, matters quite a lot - see \phpseclib3\Net\SFTP::_parseAttributes() to understand why + self::$attributes = [ + 0x00000001 => 'NET_SFTP_ATTR_SIZE', + 0x00000002 => 'NET_SFTP_ATTR_UIDGID', // defined in SFTPv3, removed in SFTPv4+ + 0x00000080 => 'NET_SFTP_ATTR_OWNERGROUP', // defined in SFTPv4+ + 0x00000004 => 'NET_SFTP_ATTR_PERMISSIONS', + 0x00000008 => 'NET_SFTP_ATTR_ACCESSTIME', + 0x00000010 => 'NET_SFTP_ATTR_CREATETIME', // SFTPv4+ + 0x00000020 => 'NET_SFTP_ATTR_MODIFYTIME', + 0x00000040 => 'NET_SFTP_ATTR_ACL', + 0x00000100 => 'NET_SFTP_ATTR_SUBSECOND_TIMES', + 0x00000200 => 'NET_SFTP_ATTR_BITS', // SFTPv5+ + 0x00000400 => 'NET_SFTP_ATTR_ALLOCATION_SIZE', // SFTPv6+ + 0x00000800 => 'NET_SFTP_ATTR_TEXT_HINT', + 0x00001000 => 'NET_SFTP_ATTR_MIME_TYPE', + 0x00002000 => 'NET_SFTP_ATTR_LINK_COUNT', + 0x00004000 => 'NET_SFTP_ATTR_UNTRANSLATED_NAME', + 0x00008000 => 'NET_SFTP_ATTR_CTIME', + // 0x80000000 will yield a floating point on 32-bit systems and converting floating points to integers + // yields inconsistent behavior depending on how php is compiled. so we left shift -1 (which, in + // two's compliment, consists of all 1 bits) by 31. on 64-bit systems this'll yield 0xFFFFFFFF80000000. + // that's not a problem, however, and 'anded' and a 32-bit number, as all the leading 1 bits are ignored. + (PHP_INT_SIZE == 4 ? (-1 << 31) : 0x80000000) => 'NET_SFTP_ATTR_EXTENDED' + ]; + // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-6.3 + // the flag definitions change somewhat in SFTPv5+. if SFTPv5+ support is added to this library, maybe name + // the array for that $this->open5_flags and similarly alter the constant names. + self::$open_flags = [ + 0x00000001 => 'NET_SFTP_OPEN_READ', + 0x00000002 => 'NET_SFTP_OPEN_WRITE', + 0x00000004 => 'NET_SFTP_OPEN_APPEND', + 0x00000008 => 'NET_SFTP_OPEN_CREATE', + 0x00000010 => 'NET_SFTP_OPEN_TRUNCATE', + 0x00000020 => 'NET_SFTP_OPEN_EXCL', + 0x00000040 => 'NET_SFTP_OPEN_TEXT' // defined in SFTPv4 + ]; + // SFTPv5+ changed the flags up: + // https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-13#section-8.1.1.3 + self::$open_flags5 = [ + // when SSH_FXF_ACCESS_DISPOSITION is a 3 bit field that controls how the file is opened + 0x00000000 => 'NET_SFTP_OPEN_CREATE_NEW', + 0x00000001 => 'NET_SFTP_OPEN_CREATE_TRUNCATE', + 0x00000002 => 'NET_SFTP_OPEN_OPEN_EXISTING', + 0x00000003 => 'NET_SFTP_OPEN_OPEN_OR_CREATE', + 0x00000004 => 'NET_SFTP_OPEN_TRUNCATE_EXISTING', + // the rest of the flags are not supported + 0x00000008 => 'NET_SFTP_OPEN_APPEND_DATA', // "the offset field of SS_FXP_WRITE requests is ignored" + 0x00000010 => 'NET_SFTP_OPEN_APPEND_DATA_ATOMIC', + 0x00000020 => 'NET_SFTP_OPEN_TEXT_MODE', + 0x00000040 => 'NET_SFTP_OPEN_BLOCK_READ', + 0x00000080 => 'NET_SFTP_OPEN_BLOCK_WRITE', + 0x00000100 => 'NET_SFTP_OPEN_BLOCK_DELETE', + 0x00000200 => 'NET_SFTP_OPEN_BLOCK_ADVISORY', + 0x00000400 => 'NET_SFTP_OPEN_NOFOLLOW', + 0x00000800 => 'NET_SFTP_OPEN_DELETE_ON_CLOSE', + 0x00001000 => 'NET_SFTP_OPEN_ACCESS_AUDIT_ALARM_INFO', + 0x00002000 => 'NET_SFTP_OPEN_ACCESS_BACKUP', + 0x00004000 => 'NET_SFTP_OPEN_BACKUP_STREAM', + 0x00008000 => 'NET_SFTP_OPEN_OVERRIDE_OWNER', + ]; + // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-5.2 + // see \phpseclib3\Net\SFTP::_parseLongname() for an explanation + self::$file_types = [ + 1 => 'NET_SFTP_TYPE_REGULAR', + 2 => 'NET_SFTP_TYPE_DIRECTORY', + 3 => 'NET_SFTP_TYPE_SYMLINK', + 4 => 'NET_SFTP_TYPE_SPECIAL', + 5 => 'NET_SFTP_TYPE_UNKNOWN', + // the following types were first defined for use in SFTPv5+ + // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-05#section-5.2 + 6 => 'NET_SFTP_TYPE_SOCKET', + 7 => 'NET_SFTP_TYPE_CHAR_DEVICE', + 8 => 'NET_SFTP_TYPE_BLOCK_DEVICE', + 9 => 'NET_SFTP_TYPE_FIFO' + ]; + self::define_array( + self::$packet_types, + self::$status_codes, + self::$attributes, + self::$open_flags, + self::$open_flags5, + self::$file_types + ); + } + + if (!defined('NET_SFTP_QUEUE_SIZE')) { + define('NET_SFTP_QUEUE_SIZE', 32); + } + if (!defined('NET_SFTP_UPLOAD_QUEUE_SIZE')) { + define('NET_SFTP_UPLOAD_QUEUE_SIZE', 1024); + } + } + + /** + * Check a few things before SFTP functions are called + * + * @return bool + */ + private function precheck() + { + if (!($this->bitmap & SSH2::MASK_LOGIN)) { + return false; + } + + if ($this->pwd === false) { + return $this->init_sftp_connection(); + } + + return true; + } + + /** + * Partially initialize an SFTP connection + * + * @throws \UnexpectedValueException on receipt of unexpected packets + * @return bool + */ + private function partial_init_sftp_connection() + { + $response = $this->openChannel(self::CHANNEL, true); + if ($response === true && $this->isTimeout()) { + return false; + } + + $packet = Strings::packSSH2( + 'CNsbs', + NET_SSH2_MSG_CHANNEL_REQUEST, + $this->server_channels[self::CHANNEL], + 'subsystem', + true, + 'sftp' + ); + $this->send_binary_packet($packet); + + $this->channel_status[self::CHANNEL] = NET_SSH2_MSG_CHANNEL_REQUEST; + + $response = $this->get_channel_packet(self::CHANNEL, true); + if ($response === false) { + // from PuTTY's psftp.exe + $command = "test -x /usr/lib/sftp-server && exec /usr/lib/sftp-server\n" . + "test -x /usr/local/lib/sftp-server && exec /usr/local/lib/sftp-server\n" . + "exec sftp-server"; + // we don't do $this->exec($command, false) because exec() operates on a different channel and plus the SSH_MSG_CHANNEL_OPEN that exec() does + // is redundant + $packet = Strings::packSSH2( + 'CNsCs', + NET_SSH2_MSG_CHANNEL_REQUEST, + $this->server_channels[self::CHANNEL], + 'exec', + 1, + $command + ); + $this->send_binary_packet($packet); + + $this->channel_status[self::CHANNEL] = NET_SSH2_MSG_CHANNEL_REQUEST; + + $response = $this->get_channel_packet(self::CHANNEL, true); + if ($response === false) { + return false; + } + } elseif ($response === true && $this->isTimeout()) { + return false; + } + + $this->channel_status[self::CHANNEL] = NET_SSH2_MSG_CHANNEL_DATA; + $this->send_sftp_packet(NET_SFTP_INIT, "\0\0\0\3"); + + $response = $this->get_sftp_packet(); + if ($this->packet_type != NET_SFTP_VERSION) { + throw new \UnexpectedValueException('Expected NET_SFTP_VERSION. ' + . 'Got packet type: ' . $this->packet_type); + } + + $this->use_request_id = true; + + list($this->defaultVersion) = Strings::unpackSSH2('N', $response); + while (!empty($response)) { + list($key, $value) = Strings::unpackSSH2('ss', $response); + $this->extensions[$key] = $value; + } + + $this->partial_init = true; + + return true; + } + + /** + * (Re)initializes the SFTP channel + * + * @return bool + */ + private function init_sftp_connection() + { + if (!$this->partial_init && !$this->partial_init_sftp_connection()) { + return false; + } + + /* + A Note on SFTPv4/5/6 support: + states the following: + + "If the client wishes to interoperate with servers that support noncontiguous version + numbers it SHOULD send '3'" + + Given that the server only sends its version number after the client has already done so, the above + seems to be suggesting that v3 should be the default version. This makes sense given that v3 is the + most popular. + + states the following; + + "If the server did not send the "versions" extension, or the version-from-list was not included, the + server MAY send a status response describing the failure, but MUST then close the channel without + processing any further requests." + + So what do you do if you have a client whose initial SSH_FXP_INIT packet says it implements v3 and + a server whose initial SSH_FXP_VERSION reply says it implements v4 and only v4? If it only implements + v4, the "versions" extension is likely not going to have been sent so version re-negotiation as discussed + in draft-ietf-secsh-filexfer-13 would be quite impossible. As such, what \phpseclib3\Net\SFTP would do is close the + channel and reopen it with a new and updated SSH_FXP_INIT packet. + */ + $this->version = $this->defaultVersion; + if (isset($this->extensions['versions']) && (!$this->preferredVersion || $this->preferredVersion != $this->version)) { + $versions = explode(',', $this->extensions['versions']); + $supported = [6, 5, 4]; + if ($this->preferredVersion) { + $supported = array_diff($supported, [$this->preferredVersion]); + array_unshift($supported, $this->preferredVersion); + } + foreach ($supported as $ver) { + if (in_array($ver, $versions)) { + if ($ver === $this->version) { + break; + } + $this->version = (int) $ver; + $packet = Strings::packSSH2('ss', 'version-select', "$ver"); + $this->send_sftp_packet(NET_SFTP_EXTENDED, $packet); + $response = $this->get_sftp_packet(); + if ($this->packet_type != NET_SFTP_STATUS) { + throw new \UnexpectedValueException('Expected NET_SFTP_STATUS. ' + . 'Got packet type: ' . $this->packet_type); + } + list($status) = Strings::unpackSSH2('N', $response); + if ($status != NET_SFTP_STATUS_OK) { + $this->logError($response, $status); + throw new \UnexpectedValueException('Expected NET_SFTP_STATUS_OK. ' + . ' Got ' . $status); + } + break; + } + } + } + + /* + SFTPv4+ defines a 'newline' extension. SFTPv3 seems to have unofficial support for it via 'newline@vandyke.com', + however, I'm not sure what 'newline@vandyke.com' is supposed to do (the fact that it's unofficial means that it's + not in the official SFTPv3 specs) and 'newline@vandyke.com' / 'newline' are likely not drop-in substitutes for + one another due to the fact that 'newline' comes with a SSH_FXF_TEXT bitmask whereas it seems unlikely that + 'newline@vandyke.com' would. + */ + /* + if (isset($this->extensions['newline@vandyke.com'])) { + $this->extensions['newline'] = $this->extensions['newline@vandyke.com']; + unset($this->extensions['newline@vandyke.com']); + } + */ + if ($this->version < 2 || $this->version > 6) { + return false; + } + + $this->pwd = true; + try { + $this->pwd = $this->realpath('.'); + } catch (\UnexpectedValueException $e) { + if (!$this->canonicalize_paths) { + throw $e; + } + $this->canonicalize_paths = false; + $this->reset_connection(NET_SSH2_DISCONNECT_CONNECTION_LOST); + } + + $this->update_stat_cache($this->pwd, []); + + return true; + } + + /** + * Disable the stat cache + * + */ + public function disableStatCache() + { + $this->use_stat_cache = false; + } + + /** + * Enable the stat cache + * + */ + public function enableStatCache() + { + $this->use_stat_cache = true; + } + + /** + * Clear the stat cache + * + */ + public function clearStatCache() + { + $this->stat_cache = []; + } + + /** + * Enable path canonicalization + * + */ + public function enablePathCanonicalization() + { + $this->canonicalize_paths = true; + } + + /** + * Disable path canonicalization + * + * If this is enabled then $sftp->pwd() will not return the canonicalized absolute path + * + */ + public function disablePathCanonicalization() + { + $this->canonicalize_paths = false; + } + + /** + * Enable arbitrary length packets + * + */ + public function enableArbitraryLengthPackets() + { + $this->allow_arbitrary_length_packets = true; + } + + /** + * Disable arbitrary length packets + * + */ + public function disableArbitraryLengthPackets() + { + $this->allow_arbitrary_length_packets = false; + } + + /** + * Returns the current directory name + * + * @return string|bool + */ + public function pwd() + { + if (!$this->precheck()) { + return false; + } + + return $this->pwd; + } + + /** + * Logs errors + * + * @param string $response + * @param int $status + */ + private function logError($response, $status = -1) + { + if ($status == -1) { + list($status) = Strings::unpackSSH2('N', $response); + } + + $error = self::$status_codes[$status]; + + if ($this->version > 2) { + list($message) = Strings::unpackSSH2('s', $response); + $this->sftp_errors[] = "$error: $message"; + } else { + $this->sftp_errors[] = $error; + } + } + + /** + * Canonicalize the Server-Side Path Name + * + * SFTP doesn't provide a mechanism by which the current working directory can be changed, so we'll emulate it. Returns + * the absolute (canonicalized) path. + * + * If canonicalize_paths has been disabled using disablePathCanonicalization(), $path is returned as-is. + * + * @see self::chdir() + * @see self::disablePathCanonicalization() + * @param string $path + * @throws \UnexpectedValueException on receipt of unexpected packets + * @return mixed + */ + public function realpath($path) + { + if ($this->precheck() === false) { + return false; + } + + if (!$this->canonicalize_paths) { + if ($this->pwd === true) { + return '.'; + } + if (!strlen($path) || $path[0] != '/') { + $path = $this->pwd . '/' . $path; + } + $parts = explode('/', $path); + $afterPWD = $beforePWD = []; + foreach ($parts as $part) { + switch ($part) { + //case '': // some SFTP servers /require/ double /'s. see https://github.com/phpseclib/phpseclib/pull/1137 + case '.': + break; + case '..': + if (!empty($afterPWD)) { + array_pop($afterPWD); + } else { + $beforePWD[] = '..'; + } + break; + default: + $afterPWD[] = $part; + } + } + $beforePWD = count($beforePWD) ? implode('/', $beforePWD) : '.'; + return $beforePWD . '/' . implode('/', $afterPWD); + } + + if ($this->pwd === true) { + // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.9 + $this->send_sftp_packet(NET_SFTP_REALPATH, Strings::packSSH2('s', $path)); + + $response = $this->get_sftp_packet(); + switch ($this->packet_type) { + case NET_SFTP_NAME: + // although SSH_FXP_NAME is implemented differently in SFTPv3 than it is in SFTPv4+, the following + // should work on all SFTP versions since the only part of the SSH_FXP_NAME packet the following looks + // at is the first part and that part is defined the same in SFTP versions 3 through 6. + list(, $filename) = Strings::unpackSSH2('Ns', $response); + return $filename; + case NET_SFTP_STATUS: + $this->logError($response); + return false; + default: + throw new \UnexpectedValueException('Expected NET_SFTP_NAME or NET_SFTP_STATUS. ' + . 'Got packet type: ' . $this->packet_type); + } + } + + if (!strlen($path) || $path[0] != '/') { + $path = $this->pwd . '/' . $path; + } + + $path = explode('/', $path); + $new = []; + foreach ($path as $dir) { + if (!strlen($dir)) { + continue; + } + switch ($dir) { + case '..': + array_pop($new); + // fall-through + case '.': + break; + default: + $new[] = $dir; + } + } + + return '/' . implode('/', $new); + } + + /** + * Changes the current directory + * + * @param string $dir + * @throws \UnexpectedValueException on receipt of unexpected packets + * @return bool + */ + public function chdir($dir) + { + if (!$this->precheck()) { + return false; + } + + // assume current dir if $dir is empty + if ($dir === '') { + $dir = './'; + // suffix a slash if needed + } elseif ($dir[strlen($dir) - 1] != '/') { + $dir .= '/'; + } + + $dir = $this->realpath($dir); + + // confirm that $dir is, in fact, a valid directory + if ($this->use_stat_cache && is_array($this->query_stat_cache($dir))) { + $this->pwd = $dir; + return true; + } + + // we could do a stat on the alleged $dir to see if it's a directory but that doesn't tell us + // the currently logged in user has the appropriate permissions or not. maybe you could see if + // the file's uid / gid match the currently logged in user's uid / gid but how there's no easy + // way to get those with SFTP + + $this->send_sftp_packet(NET_SFTP_OPENDIR, Strings::packSSH2('s', $dir)); + + // see \phpseclib3\Net\SFTP::nlist() for a more thorough explanation of the following + $response = $this->get_sftp_packet(); + switch ($this->packet_type) { + case NET_SFTP_HANDLE: + $handle = substr($response, 4); + break; + case NET_SFTP_STATUS: + $this->logError($response); + return false; + default: + throw new \UnexpectedValueException('Expected NET_SFTP_HANDLE or NET_SFTP_STATUS' . + 'Got packet type: ' . $this->packet_type); + } + + if (!$this->close_handle($handle)) { + return false; + } + + $this->update_stat_cache($dir, []); + + $this->pwd = $dir; + return true; + } + + /** + * Returns a list of files in the given directory + * + * @param string $dir + * @param bool $recursive + * @return array|false + */ + public function nlist($dir = '.', $recursive = false) + { + return $this->nlist_helper($dir, $recursive, ''); + } + + /** + * Helper method for nlist + * + * @param string $dir + * @param bool $recursive + * @param string $relativeDir + * @return array|false + */ + private function nlist_helper($dir, $recursive, $relativeDir) + { + $files = $this->readlist($dir, false); + + // If we get an int back, then that is an "unexpected" status. + // We do not have a file list, so return false. + if (is_int($files)) { + return false; + } + + if (!$recursive || $files === false) { + return $files; + } + + $result = []; + foreach ($files as $value) { + if ($value == '.' || $value == '..') { + $result[] = $relativeDir . $value; + continue; + } + if (is_array($this->query_stat_cache($this->realpath($dir . '/' . $value)))) { + $temp = $this->nlist_helper($dir . '/' . $value, true, $relativeDir . $value . '/'); + $temp = is_array($temp) ? $temp : []; + $result = array_merge($result, $temp); + } else { + $result[] = $relativeDir . $value; + } + } + + return $result; + } + + /** + * Returns a detailed list of files in the given directory + * + * @param string $dir + * @param bool $recursive + * @return array|false + */ + public function rawlist($dir = '.', $recursive = false) + { + $files = $this->readlist($dir, true); + + // If we get an int back, then that is an "unexpected" status. + // We do not have a file list, so return false. + if (is_int($files)) { + return false; + } + + if (!$recursive || $files === false) { + return $files; + } + + static $depth = 0; + + foreach ($files as $key => $value) { + if ($depth != 0 && $key == '..') { + unset($files[$key]); + continue; + } + $is_directory = false; + if ($key != '.' && $key != '..') { + if ($this->use_stat_cache) { + $is_directory = is_array($this->query_stat_cache($this->realpath($dir . '/' . $key))); + } else { + $stat = $this->lstat($dir . '/' . $key); + $is_directory = $stat && $stat['type'] === NET_SFTP_TYPE_DIRECTORY; + } + } + + if ($is_directory) { + $depth++; + $files[$key] = $this->rawlist($dir . '/' . $key, true); + $depth--; + } else { + $files[$key] = (object) $value; + } + } + + return $files; + } + + /** + * Reads a list, be it detailed or not, of files in the given directory + * + * @param string $dir + * @param bool $raw + * @return array|false + * @throws \UnexpectedValueException on receipt of unexpected packets + */ + private function readlist($dir, $raw = true) + { + if (!$this->precheck()) { + return false; + } + + $dir = $this->realpath($dir . '/'); + if ($dir === false) { + return false; + } + + // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.1.2 + $this->send_sftp_packet(NET_SFTP_OPENDIR, Strings::packSSH2('s', $dir)); + + $response = $this->get_sftp_packet(); + switch ($this->packet_type) { + case NET_SFTP_HANDLE: + // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-9.2 + // since 'handle' is the last field in the SSH_FXP_HANDLE packet, we'll just remove the first four bytes that + // represent the length of the string and leave it at that + $handle = substr($response, 4); + break; + case NET_SFTP_STATUS: + // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED + list($status) = Strings::unpackSSH2('N', $response); + $this->logError($response, $status); + return $status; + default: + throw new \UnexpectedValueException('Expected NET_SFTP_HANDLE or NET_SFTP_STATUS. ' + . 'Got packet type: ' . $this->packet_type); + } + + $this->update_stat_cache($dir, []); + + $contents = []; + while (true) { + // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.2.2 + // why multiple SSH_FXP_READDIR packets would be sent when the response to a single one can span arbitrarily many + // SSH_MSG_CHANNEL_DATA messages is not known to me. + $this->send_sftp_packet(NET_SFTP_READDIR, Strings::packSSH2('s', $handle)); + + $response = $this->get_sftp_packet(); + switch ($this->packet_type) { + case NET_SFTP_NAME: + list($count) = Strings::unpackSSH2('N', $response); + for ($i = 0; $i < $count; $i++) { + list($shortname) = Strings::unpackSSH2('s', $response); + // SFTPv4 "removed the long filename from the names structure-- it can now be + // built from information available in the attrs structure." + if ($this->version < 4) { + list($longname) = Strings::unpackSSH2('s', $response); + } + $attributes = $this->parseAttributes($response); + if (!isset($attributes['type']) && $this->version < 4) { + $fileType = $this->parseLongname($longname); + if ($fileType) { + $attributes['type'] = $fileType; + } + } + $contents[$shortname] = $attributes + ['filename' => $shortname]; + + if (isset($attributes['type']) && $attributes['type'] == NET_SFTP_TYPE_DIRECTORY && ($shortname != '.' && $shortname != '..')) { + $this->update_stat_cache($dir . '/' . $shortname, []); + } else { + if ($shortname == '..') { + $temp = $this->realpath($dir . '/..') . '/.'; + } else { + $temp = $dir . '/' . $shortname; + } + $this->update_stat_cache($temp, (object) ['lstat' => $attributes]); + } + // SFTPv6 has an optional boolean end-of-list field, but we'll ignore that, since the + // final SSH_FXP_STATUS packet should tell us that, already. + } + break; + case NET_SFTP_STATUS: + list($status) = Strings::unpackSSH2('N', $response); + if ($status != NET_SFTP_STATUS_EOF) { + $this->logError($response, $status); + return $status; + } + break 2; + default: + throw new \UnexpectedValueException('Expected NET_SFTP_NAME or NET_SFTP_STATUS. ' + . 'Got packet type: ' . $this->packet_type); + } + } + + if (!$this->close_handle($handle)) { + return false; + } + + if (count($this->sortOptions)) { + uasort($contents, [&$this, 'comparator']); + } + + return $raw ? $contents : array_map('strval', array_keys($contents)); + } + + /** + * Compares two rawlist entries using parameters set by setListOrder() + * + * Intended for use with uasort() + * + * @param array $a + * @param array $b + * @return int + */ + private function comparator(array $a, array $b) + { + switch (true) { + case $a['filename'] === '.' || $b['filename'] === '.': + if ($a['filename'] === $b['filename']) { + return 0; + } + return $a['filename'] === '.' ? -1 : 1; + case $a['filename'] === '..' || $b['filename'] === '..': + if ($a['filename'] === $b['filename']) { + return 0; + } + return $a['filename'] === '..' ? -1 : 1; + case isset($a['type']) && $a['type'] === NET_SFTP_TYPE_DIRECTORY: + if (!isset($b['type'])) { + return 1; + } + if ($b['type'] !== $a['type']) { + return -1; + } + break; + case isset($b['type']) && $b['type'] === NET_SFTP_TYPE_DIRECTORY: + return 1; + } + foreach ($this->sortOptions as $sort => $order) { + if (!isset($a[$sort]) || !isset($b[$sort])) { + if (isset($a[$sort])) { + return -1; + } + if (isset($b[$sort])) { + return 1; + } + return 0; + } + switch ($sort) { + case 'filename': + $result = strcasecmp($a['filename'], $b['filename']); + if ($result) { + return $order === SORT_DESC ? -$result : $result; + } + break; + case 'mode': + $a[$sort] &= 07777; + $b[$sort] &= 07777; + // fall-through + default: + if ($a[$sort] === $b[$sort]) { + break; + } + return $order === SORT_ASC ? $a[$sort] - $b[$sort] : $b[$sort] - $a[$sort]; + } + } + } + + /** + * Defines how nlist() and rawlist() will be sorted - if at all. + * + * If sorting is enabled directories and files will be sorted independently with + * directories appearing before files in the resultant array that is returned. + * + * Any parameter returned by stat is a valid sort parameter for this function. + * Filename comparisons are case insensitive. + * + * Examples: + * + * $sftp->setListOrder('filename', SORT_ASC); + * $sftp->setListOrder('size', SORT_DESC, 'filename', SORT_ASC); + * $sftp->setListOrder(true); + * Separates directories from files but doesn't do any sorting beyond that + * $sftp->setListOrder(); + * Don't do any sort of sorting + * + * @param string ...$args + */ + public function setListOrder(...$args) + { + $this->sortOptions = []; + if (empty($args)) { + return; + } + $len = count($args) & 0x7FFFFFFE; + for ($i = 0; $i < $len; $i += 2) { + $this->sortOptions[$args[$i]] = $args[$i + 1]; + } + if (!count($this->sortOptions)) { + $this->sortOptions = ['bogus' => true]; + } + } + + /** + * Save files / directories to cache + * + * @param string $path + * @param mixed $value + */ + private function update_stat_cache($path, $value) + { + if ($this->use_stat_cache === false) { + return; + } + + // preg_replace('#^/|/(?=/)|/$#', '', $dir) == str_replace('//', '/', trim($path, '/')) + $dirs = explode('/', preg_replace('#^/|/(?=/)|/$#', '', $path)); + + $temp = &$this->stat_cache; + $max = count($dirs) - 1; + foreach ($dirs as $i => $dir) { + // if $temp is an object that means one of two things. + // 1. a file was deleted and changed to a directory behind phpseclib's back + // 2. it's a symlink. when lstat is done it's unclear what it's a symlink to + if (is_object($temp)) { + $temp = []; + } + if (!isset($temp[$dir])) { + $temp[$dir] = []; + } + if ($i === $max) { + if (is_object($temp[$dir]) && is_object($value)) { + if (!isset($value->stat) && isset($temp[$dir]->stat)) { + $value->stat = $temp[$dir]->stat; + } + if (!isset($value->lstat) && isset($temp[$dir]->lstat)) { + $value->lstat = $temp[$dir]->lstat; + } + } + $temp[$dir] = $value; + break; + } + $temp = &$temp[$dir]; + } + } + + /** + * Remove files / directories from cache + * + * @param string $path + * @return bool + */ + private function remove_from_stat_cache($path) + { + $dirs = explode('/', preg_replace('#^/|/(?=/)|/$#', '', $path)); + + $temp = &$this->stat_cache; + $max = count($dirs) - 1; + foreach ($dirs as $i => $dir) { + if (!is_array($temp)) { + return false; + } + if ($i === $max) { + unset($temp[$dir]); + return true; + } + if (!isset($temp[$dir])) { + return false; + } + $temp = &$temp[$dir]; + } + } + + /** + * Checks cache for path + * + * Mainly used by file_exists + * + * @param string $path + * @return mixed + */ + private function query_stat_cache($path) + { + $dirs = explode('/', preg_replace('#^/|/(?=/)|/$#', '', $path)); + + $temp = &$this->stat_cache; + foreach ($dirs as $dir) { + if (!is_array($temp)) { + return null; + } + if (!isset($temp[$dir])) { + return null; + } + $temp = &$temp[$dir]; + } + return $temp; + } + + /** + * Returns general information about a file. + * + * Returns an array on success and false otherwise. + * + * @param string $filename + * @return array|false + */ + public function stat($filename) + { + if (!$this->precheck()) { + return false; + } + + $filename = $this->realpath($filename); + if ($filename === false) { + return false; + } + + if ($this->use_stat_cache) { + $result = $this->query_stat_cache($filename); + if (is_array($result) && isset($result['.']) && isset($result['.']->stat)) { + return $result['.']->stat; + } + if (is_object($result) && isset($result->stat)) { + return $result->stat; + } + } + + $stat = $this->stat_helper($filename, NET_SFTP_STAT); + if ($stat === false) { + $this->remove_from_stat_cache($filename); + return false; + } + if (isset($stat['type'])) { + if ($stat['type'] == NET_SFTP_TYPE_DIRECTORY) { + $filename .= '/.'; + } + $this->update_stat_cache($filename, (object) ['stat' => $stat]); + return $stat; + } + + $pwd = $this->pwd; + $stat['type'] = $this->chdir($filename) ? + NET_SFTP_TYPE_DIRECTORY : + NET_SFTP_TYPE_REGULAR; + $this->pwd = $pwd; + + if ($stat['type'] == NET_SFTP_TYPE_DIRECTORY) { + $filename .= '/.'; + } + $this->update_stat_cache($filename, (object) ['stat' => $stat]); + + return $stat; + } + + /** + * Returns general information about a file or symbolic link. + * + * Returns an array on success and false otherwise. + * + * @param string $filename + * @return array|false + */ + public function lstat($filename) + { + if (!$this->precheck()) { + return false; + } + + $filename = $this->realpath($filename); + if ($filename === false) { + return false; + } + + if ($this->use_stat_cache) { + $result = $this->query_stat_cache($filename); + if (is_array($result) && isset($result['.']) && isset($result['.']->lstat)) { + return $result['.']->lstat; + } + if (is_object($result) && isset($result->lstat)) { + return $result->lstat; + } + } + + $lstat = $this->stat_helper($filename, NET_SFTP_LSTAT); + if ($lstat === false) { + $this->remove_from_stat_cache($filename); + return false; + } + if (isset($lstat['type'])) { + if ($lstat['type'] == NET_SFTP_TYPE_DIRECTORY) { + $filename .= '/.'; + } + $this->update_stat_cache($filename, (object) ['lstat' => $lstat]); + return $lstat; + } + + $stat = $this->stat_helper($filename, NET_SFTP_STAT); + + if ($lstat != $stat) { + $lstat = array_merge($lstat, ['type' => NET_SFTP_TYPE_SYMLINK]); + $this->update_stat_cache($filename, (object) ['lstat' => $lstat]); + return $stat; + } + + $pwd = $this->pwd; + $lstat['type'] = $this->chdir($filename) ? + NET_SFTP_TYPE_DIRECTORY : + NET_SFTP_TYPE_REGULAR; + $this->pwd = $pwd; + + if ($lstat['type'] == NET_SFTP_TYPE_DIRECTORY) { + $filename .= '/.'; + } + $this->update_stat_cache($filename, (object) ['lstat' => $lstat]); + + return $lstat; + } + + /** + * Returns general information about a file or symbolic link + * + * Determines information without calling \phpseclib3\Net\SFTP::realpath(). + * The second parameter can be either NET_SFTP_STAT or NET_SFTP_LSTAT. + * + * @param string $filename + * @param int $type + * @throws \UnexpectedValueException on receipt of unexpected packets + * @return array|false + */ + private function stat_helper($filename, $type) + { + // SFTPv4+ adds an additional 32-bit integer field - flags - to the following: + $packet = Strings::packSSH2('s', $filename); + $this->send_sftp_packet($type, $packet); + + $response = $this->get_sftp_packet(); + switch ($this->packet_type) { + case NET_SFTP_ATTRS: + return $this->parseAttributes($response); + case NET_SFTP_STATUS: + $this->logError($response); + return false; + } + + throw new \UnexpectedValueException('Expected NET_SFTP_ATTRS or NET_SFTP_STATUS. ' + . 'Got packet type: ' . $this->packet_type); + } + + /** + * Truncates a file to a given length + * + * @param string $filename + * @param int $new_size + * @return bool + */ + public function truncate($filename, $new_size) + { + $attr = Strings::packSSH2('NQ', NET_SFTP_ATTR_SIZE, $new_size); + + return $this->setstat($filename, $attr, false); + } + + /** + * Sets access and modification time of file. + * + * If the file does not exist, it will be created. + * + * @param string $filename + * @param int $time + * @param int $atime + * @throws \UnexpectedValueException on receipt of unexpected packets + * @return bool + */ + public function touch($filename, $time = null, $atime = null) + { + if (!$this->precheck()) { + return false; + } + + $filename = $this->realpath($filename); + if ($filename === false) { + return false; + } + + if (!isset($time)) { + $time = time(); + } + if (!isset($atime)) { + $atime = $time; + } + + $attr = $this->version < 4 ? + pack('N3', NET_SFTP_ATTR_ACCESSTIME, $atime, $time) : + Strings::packSSH2('NQ2', NET_SFTP_ATTR_ACCESSTIME | NET_SFTP_ATTR_MODIFYTIME, $atime, $time); + + $packet = Strings::packSSH2('s', $filename); + $packet .= $this->version >= 5 ? + pack('N2', 0, NET_SFTP_OPEN_OPEN_EXISTING) : + pack('N', NET_SFTP_OPEN_WRITE | NET_SFTP_OPEN_CREATE | NET_SFTP_OPEN_EXCL); + $packet .= $attr; + + $this->send_sftp_packet(NET_SFTP_OPEN, $packet); + + $response = $this->get_sftp_packet(); + switch ($this->packet_type) { + case NET_SFTP_HANDLE: + return $this->close_handle(substr($response, 4)); + case NET_SFTP_STATUS: + $this->logError($response); + break; + default: + throw new \UnexpectedValueException('Expected NET_SFTP_HANDLE or NET_SFTP_STATUS. ' + . 'Got packet type: ' . $this->packet_type); + } + + return $this->setstat($filename, $attr, false); + } + + /** + * Changes file or directory owner + * + * $uid should be an int for SFTPv3 and a string for SFTPv4+. Ideally the string + * would be of the form "user@dns_domain" but it does not need to be. + * `$sftp->getSupportedVersions()['version']` will return the specific version + * that's being used. + * + * Returns true on success or false on error. + * + * @param string $filename + * @param int|string $uid + * @param bool $recursive + * @return bool + */ + public function chown($filename, $uid, $recursive = false) + { + /* + quoting , + + "To avoid a representation that is tied to a particular underlying + implementation at the client or server, the use of UTF-8 strings has + been chosen. The string should be of the form "user@dns_domain". + This will allow for a client and server that do not use the same + local representation the ability to translate to a common syntax that + can be interpreted by both. In the case where there is no + translation available to the client or server, the attribute value + must be constructed without the "@"." + + phpseclib _could_ auto append the dns_domain to $uid BUT what if it shouldn't + have one? phpseclib would have no way of knowing so rather than guess phpseclib + will just use whatever value the user provided + */ + + $attr = $this->version < 4 ? + // quoting , + // "if the owner or group is specified as -1, then that ID is not changed" + pack('N3', NET_SFTP_ATTR_UIDGID, $uid, -1) : + // quoting , + // "If either the owner or group field is zero length, the field should be + // considered absent, and no change should be made to that specific field + // during a modification operation" + Strings::packSSH2('Nss', NET_SFTP_ATTR_OWNERGROUP, $uid, ''); + + return $this->setstat($filename, $attr, $recursive); + } + + /** + * Changes file or directory group + * + * $gid should be an int for SFTPv3 and a string for SFTPv4+. Ideally the string + * would be of the form "user@dns_domain" but it does not need to be. + * `$sftp->getSupportedVersions()['version']` will return the specific version + * that's being used. + * + * Returns true on success or false on error. + * + * @param string $filename + * @param int|string $gid + * @param bool $recursive + * @return bool + */ + public function chgrp($filename, $gid, $recursive = false) + { + $attr = $this->version < 4 ? + pack('N3', NET_SFTP_ATTR_UIDGID, -1, $gid) : + Strings::packSSH2('Nss', NET_SFTP_ATTR_OWNERGROUP, '', $gid); + + return $this->setstat($filename, $attr, $recursive); + } + + /** + * Set permissions on a file. + * + * Returns the new file permissions on success or false on error. + * If $recursive is true than this just returns true or false. + * + * @param int $mode + * @param string $filename + * @param bool $recursive + * @throws \UnexpectedValueException on receipt of unexpected packets + * @return mixed + */ + public function chmod($mode, $filename, $recursive = false) + { + if (is_string($mode) && is_int($filename)) { + $temp = $mode; + $mode = $filename; + $filename = $temp; + } + + $attr = pack('N2', NET_SFTP_ATTR_PERMISSIONS, $mode & 07777); + if (!$this->setstat($filename, $attr, $recursive)) { + return false; + } + if ($recursive) { + return true; + } + + $filename = $this->realpath($filename); + // rather than return what the permissions *should* be, we'll return what they actually are. this will also + // tell us if the file actually exists. + // incidentally, SFTPv4+ adds an additional 32-bit integer field - flags - to the following: + $packet = pack('Na*', strlen($filename), $filename); + $this->send_sftp_packet(NET_SFTP_STAT, $packet); + + $response = $this->get_sftp_packet(); + switch ($this->packet_type) { + case NET_SFTP_ATTRS: + $attrs = $this->parseAttributes($response); + return $attrs['mode']; + case NET_SFTP_STATUS: + $this->logError($response); + return false; + } + + throw new \UnexpectedValueException('Expected NET_SFTP_ATTRS or NET_SFTP_STATUS. ' + . 'Got packet type: ' . $this->packet_type); + } + + /** + * Sets information about a file + * + * @param string $filename + * @param string $attr + * @param bool $recursive + * @throws \UnexpectedValueException on receipt of unexpected packets + * @return bool + */ + private function setstat($filename, $attr, $recursive) + { + if (!$this->precheck()) { + return false; + } + + $filename = $this->realpath($filename); + if ($filename === false) { + return false; + } + + $this->remove_from_stat_cache($filename); + + if ($recursive) { + $i = 0; + $result = $this->setstat_recursive($filename, $attr, $i); + $this->read_put_responses($i); + return $result; + } + + $packet = Strings::packSSH2('s', $filename); + $packet .= $this->version >= 4 ? + pack('a*Ca*', substr($attr, 0, 4), NET_SFTP_TYPE_UNKNOWN, substr($attr, 4)) : + $attr; + $this->send_sftp_packet(NET_SFTP_SETSTAT, $packet); + + /* + "Because some systems must use separate system calls to set various attributes, it is possible that a failure + response will be returned, but yet some of the attributes may be have been successfully modified. If possible, + servers SHOULD avoid this situation; however, clients MUST be aware that this is possible." + + -- http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.6 + */ + $response = $this->get_sftp_packet(); + if ($this->packet_type != NET_SFTP_STATUS) { + throw new \UnexpectedValueException('Expected NET_SFTP_STATUS. ' + . 'Got packet type: ' . $this->packet_type); + } + + list($status) = Strings::unpackSSH2('N', $response); + if ($status != NET_SFTP_STATUS_OK) { + $this->logError($response, $status); + return false; + } + + return true; + } + + /** + * Recursively sets information on directories on the SFTP server + * + * Minimizes directory lookups and SSH_FXP_STATUS requests for speed. + * + * @param string $path + * @param string $attr + * @param int $i + * @return bool + */ + private function setstat_recursive($path, $attr, &$i) + { + if (!$this->read_put_responses($i)) { + return false; + } + $i = 0; + $entries = $this->readlist($path, true); + + if ($entries === false || is_int($entries)) { + return $this->setstat($path, $attr, false); + } + + // normally $entries would have at least . and .. but it might not if the directories + // permissions didn't allow reading + if (empty($entries)) { + return false; + } + + unset($entries['.'], $entries['..']); + foreach ($entries as $filename => $props) { + if (!isset($props['type'])) { + return false; + } + + $temp = $path . '/' . $filename; + if ($props['type'] == NET_SFTP_TYPE_DIRECTORY) { + if (!$this->setstat_recursive($temp, $attr, $i)) { + return false; + } + } else { + $packet = Strings::packSSH2('s', $temp); + $packet .= $this->version >= 4 ? + pack('Ca*', NET_SFTP_TYPE_UNKNOWN, $attr) : + $attr; + $this->send_sftp_packet(NET_SFTP_SETSTAT, $packet); + + $i++; + + if ($i >= NET_SFTP_QUEUE_SIZE) { + if (!$this->read_put_responses($i)) { + return false; + } + $i = 0; + } + } + } + + $packet = Strings::packSSH2('s', $path); + $packet .= $this->version >= 4 ? + pack('Ca*', NET_SFTP_TYPE_UNKNOWN, $attr) : + $attr; + $this->send_sftp_packet(NET_SFTP_SETSTAT, $packet); + + $i++; + + if ($i >= NET_SFTP_QUEUE_SIZE) { + if (!$this->read_put_responses($i)) { + return false; + } + $i = 0; + } + + return true; + } + + /** + * Return the target of a symbolic link + * + * @param string $link + * @throws \UnexpectedValueException on receipt of unexpected packets + * @return mixed + */ + public function readlink($link) + { + if (!$this->precheck()) { + return false; + } + + $link = $this->realpath($link); + + $this->send_sftp_packet(NET_SFTP_READLINK, Strings::packSSH2('s', $link)); + + $response = $this->get_sftp_packet(); + switch ($this->packet_type) { + case NET_SFTP_NAME: + break; + case NET_SFTP_STATUS: + $this->logError($response); + return false; + default: + throw new \UnexpectedValueException('Expected NET_SFTP_NAME or NET_SFTP_STATUS. ' + . 'Got packet type: ' . $this->packet_type); + } + + list($count) = Strings::unpackSSH2('N', $response); + // the file isn't a symlink + if (!$count) { + return false; + } + + list($filename) = Strings::unpackSSH2('s', $response); + + return $filename; + } + + /** + * Create a symlink + * + * symlink() creates a symbolic link to the existing target with the specified name link. + * + * @param string $target + * @param string $link + * @throws \UnexpectedValueException on receipt of unexpected packets + * @return bool + */ + public function symlink($target, $link) + { + if (!$this->precheck()) { + return false; + } + + //$target = $this->realpath($target); + $link = $this->realpath($link); + + /* quoting https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-09#section-12.1 : + + Changed the SYMLINK packet to be LINK and give it the ability to + create hard links. Also change it's packet number because many + implementation implemented SYMLINK with the arguments reversed. + Hopefully the new argument names make it clear which way is which. + */ + if ($this->version == 6) { + $type = NET_SFTP_LINK; + $packet = Strings::packSSH2('ssC', $link, $target, 1); + } else { + $type = NET_SFTP_SYMLINK; + /* quoting http://bxr.su/OpenBSD/usr.bin/ssh/PROTOCOL#347 : + + 3.1. sftp: Reversal of arguments to SSH_FXP_SYMLINK + + When OpenSSH's sftp-server was implemented, the order of the arguments + to the SSH_FXP_SYMLINK method was inadvertently reversed. Unfortunately, + the reversal was not noticed until the server was widely deployed. Since + fixing this to follow the specification would cause incompatibility, the + current order was retained. For correct operation, clients should send + SSH_FXP_SYMLINK as follows: + + uint32 id + string targetpath + string linkpath */ + $packet = substr($this->server_identifier, 0, 15) == 'SSH-2.0-OpenSSH' ? + Strings::packSSH2('ss', $target, $link) : + Strings::packSSH2('ss', $link, $target); + } + $this->send_sftp_packet($type, $packet); + + $response = $this->get_sftp_packet(); + if ($this->packet_type != NET_SFTP_STATUS) { + throw new \UnexpectedValueException('Expected NET_SFTP_STATUS. ' + . 'Got packet type: ' . $this->packet_type); + } + + list($status) = Strings::unpackSSH2('N', $response); + if ($status != NET_SFTP_STATUS_OK) { + $this->logError($response, $status); + return false; + } + + return true; + } + + /** + * Creates a directory. + * + * @param string $dir + * @param int $mode + * @param bool $recursive + * @return bool + */ + public function mkdir($dir, $mode = -1, $recursive = false) + { + if (!$this->precheck()) { + return false; + } + + $dir = $this->realpath($dir); + + if ($recursive) { + $dirs = explode('/', preg_replace('#/(?=/)|/$#', '', $dir)); + if (empty($dirs[0])) { + array_shift($dirs); + $dirs[0] = '/' . $dirs[0]; + } + for ($i = 0; $i < count($dirs); $i++) { + $temp = array_slice($dirs, 0, $i + 1); + $temp = implode('/', $temp); + $result = $this->mkdir_helper($temp, $mode); + } + return $result; + } + + return $this->mkdir_helper($dir, $mode); + } + + /** + * Helper function for directory creation + * + * @param string $dir + * @param int $mode + * @return bool + */ + private function mkdir_helper($dir, $mode) + { + // send SSH_FXP_MKDIR without any attributes (that's what the \0\0\0\0 is doing) + $this->send_sftp_packet(NET_SFTP_MKDIR, Strings::packSSH2('s', $dir) . "\0\0\0\0"); + + $response = $this->get_sftp_packet(); + if ($this->packet_type != NET_SFTP_STATUS) { + throw new \UnexpectedValueException('Expected NET_SFTP_STATUS. ' + . 'Got packet type: ' . $this->packet_type); + } + + list($status) = Strings::unpackSSH2('N', $response); + if ($status != NET_SFTP_STATUS_OK) { + $this->logError($response, $status); + return false; + } + + if ($mode !== -1) { + $this->chmod($mode, $dir); + } + + return true; + } + + /** + * Removes a directory. + * + * @param string $dir + * @throws \UnexpectedValueException on receipt of unexpected packets + * @return bool + */ + public function rmdir($dir) + { + if (!$this->precheck()) { + return false; + } + + $dir = $this->realpath($dir); + if ($dir === false) { + return false; + } + + $this->send_sftp_packet(NET_SFTP_RMDIR, Strings::packSSH2('s', $dir)); + + $response = $this->get_sftp_packet(); + if ($this->packet_type != NET_SFTP_STATUS) { + throw new \UnexpectedValueException('Expected NET_SFTP_STATUS. ' + . 'Got packet type: ' . $this->packet_type); + } + + list($status) = Strings::unpackSSH2('N', $response); + if ($status != NET_SFTP_STATUS_OK) { + // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED? + $this->logError($response, $status); + return false; + } + + $this->remove_from_stat_cache($dir); + // the following will do a soft delete, which would be useful if you deleted a file + // and then tried to do a stat on the deleted file. the above, in contrast, does + // a hard delete + //$this->update_stat_cache($dir, false); + + return true; + } + + /** + * Uploads a file to the SFTP server. + * + * By default, \phpseclib3\Net\SFTP::put() does not read from the local filesystem. $data is dumped directly into $remote_file. + * So, for example, if you set $data to 'filename.ext' and then do \phpseclib3\Net\SFTP::get(), you will get a file, twelve bytes + * long, containing 'filename.ext' as its contents. + * + * Setting $mode to self::SOURCE_LOCAL_FILE will change the above behavior. With self::SOURCE_LOCAL_FILE, $remote_file will + * contain as many bytes as filename.ext does on your local filesystem. If your filename.ext is 1MB then that is how + * large $remote_file will be, as well. + * + * Setting $mode to self::SOURCE_CALLBACK will use $data as callback function, which gets only one parameter -- number + * of bytes to return, and returns a string if there is some data or null if there is no more data + * + * If $data is a resource then it'll be used as a resource instead. + * + * Currently, only binary mode is supported. As such, if the line endings need to be adjusted, you will need to take + * care of that, yourself. + * + * $mode can take an additional two parameters - self::RESUME and self::RESUME_START. These are bitwise AND'd with + * $mode. So if you want to resume upload of a 300mb file on the local file system you'd set $mode to the following: + * + * self::SOURCE_LOCAL_FILE | self::RESUME + * + * If you wanted to simply append the full contents of a local file to the full contents of a remote file you'd replace + * self::RESUME with self::RESUME_START. + * + * If $mode & (self::RESUME | self::RESUME_START) then self::RESUME_START will be assumed. + * + * $start and $local_start give you more fine grained control over this process and take precident over self::RESUME + * when they're non-negative. ie. $start could let you write at the end of a file (like self::RESUME) or in the middle + * of one. $local_start could let you start your reading from the end of a file (like self::RESUME_START) or in the + * middle of one. + * + * Setting $local_start to > 0 or $mode | self::RESUME_START doesn't do anything unless $mode | self::SOURCE_LOCAL_FILE. + * + * {@internal ASCII mode for SFTPv4/5/6 can be supported by adding a new function - \phpseclib3\Net\SFTP::setMode().} + * + * @param string $remote_file + * @param string|resource $data + * @param int $mode + * @param int $start + * @param int $local_start + * @param callable|null $progressCallback + * @throws \UnexpectedValueException on receipt of unexpected packets + * @throws \BadFunctionCallException if you're uploading via a callback and the callback function is invalid + * @throws \phpseclib3\Exception\FileNotFoundException if you're uploading via a file and the file doesn't exist + * @return bool + */ + public function put($remote_file, $data, $mode = self::SOURCE_STRING, $start = -1, $local_start = -1, $progressCallback = null) + { + if (!$this->precheck()) { + return false; + } + + $remote_file = $this->realpath($remote_file); + if ($remote_file === false) { + return false; + } + + $this->remove_from_stat_cache($remote_file); + + if ($this->version >= 5) { + $flags = NET_SFTP_OPEN_OPEN_OR_CREATE; + } else { + $flags = NET_SFTP_OPEN_WRITE | NET_SFTP_OPEN_CREATE; + // according to the SFTP specs, NET_SFTP_OPEN_APPEND should "force all writes to append data at the end of the file." + // in practice, it doesn't seem to do that. + //$flags|= ($mode & self::RESUME) ? NET_SFTP_OPEN_APPEND : NET_SFTP_OPEN_TRUNCATE; + } + + if ($start >= 0) { + $offset = $start; + } elseif ($mode & (self::RESUME | self::RESUME_START)) { + // if NET_SFTP_OPEN_APPEND worked as it should _size() wouldn't need to be called + $size = $this->stat($remote_file)['size']; + $offset = $size !== false ? $size : 0; + } else { + $offset = 0; + if ($this->version >= 5) { + $flags = NET_SFTP_OPEN_CREATE_TRUNCATE; + } else { + $flags |= NET_SFTP_OPEN_TRUNCATE; + } + } + + $this->remove_from_stat_cache($remote_file); + + $packet = Strings::packSSH2('s', $remote_file); + $packet .= $this->version >= 5 ? + pack('N3', 0, $flags, 0) : + pack('N2', $flags, 0); + $this->send_sftp_packet(NET_SFTP_OPEN, $packet); + + $response = $this->get_sftp_packet(); + switch ($this->packet_type) { + case NET_SFTP_HANDLE: + $handle = substr($response, 4); + break; + case NET_SFTP_STATUS: + $this->logError($response); + return false; + default: + throw new \UnexpectedValueException('Expected NET_SFTP_HANDLE or NET_SFTP_STATUS. ' + . 'Got packet type: ' . $this->packet_type); + } + + // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.2.3 + $dataCallback = false; + switch (true) { + case $mode & self::SOURCE_CALLBACK: + if (!is_callable($data)) { + throw new \BadFunctionCallException("\$data should be is_callable() if you specify SOURCE_CALLBACK flag"); + } + $dataCallback = $data; + // do nothing + break; + case is_resource($data): + $mode = $mode & ~self::SOURCE_LOCAL_FILE; + $info = stream_get_meta_data($data); + if (isset($info['wrapper_type']) && $info['wrapper_type'] == 'PHP' && $info['stream_type'] == 'Input') { + $fp = fopen('php://memory', 'w+'); + stream_copy_to_stream($data, $fp); + rewind($fp); + } else { + $fp = $data; + } + break; + case $mode & self::SOURCE_LOCAL_FILE: + if (!is_file($data)) { + throw new FileNotFoundException("$data is not a valid file"); + } + $fp = @fopen($data, 'rb'); + if (!$fp) { + return false; + } + } + + if (isset($fp)) { + $stat = fstat($fp); + $size = !empty($stat) ? $stat['size'] : 0; + + if ($local_start >= 0) { + fseek($fp, $local_start); + $size -= $local_start; + } elseif ($mode & self::RESUME) { + fseek($fp, $offset); + $size -= $offset; + } + } elseif ($dataCallback) { + $size = 0; + } else { + $size = strlen($data); + } + + $sent = 0; + $size = $size < 0 ? ($size & 0x7FFFFFFF) + 0x80000000 : $size; + + $sftp_packet_size = $this->max_sftp_packet; + // make the SFTP packet be exactly the SFTP packet size by including the bytes in the NET_SFTP_WRITE packets "header" + $sftp_packet_size -= strlen($handle) + 25; + $i = $j = 0; + while ($dataCallback || ($size === 0 || $sent < $size)) { + if ($dataCallback) { + $temp = $dataCallback($sftp_packet_size); + if (is_null($temp)) { + break; + } + } else { + $temp = isset($fp) ? fread($fp, $sftp_packet_size) : substr($data, $sent, $sftp_packet_size); + if ($temp === false || $temp === '') { + break; + } + } + + $subtemp = $offset + $sent; + $packet = pack('Na*N3a*', strlen($handle), $handle, $subtemp / 4294967296, $subtemp, strlen($temp), $temp); + try { + $this->send_sftp_packet(NET_SFTP_WRITE, $packet, $j); + } catch (\Exception $e) { + if ($mode & self::SOURCE_LOCAL_FILE) { + fclose($fp); + } + throw $e; + } + $sent += strlen($temp); + if (is_callable($progressCallback)) { + $progressCallback($sent); + } + + $i++; + $j++; + if ($i == NET_SFTP_UPLOAD_QUEUE_SIZE) { + if (!$this->read_put_responses($i)) { + $i = 0; + break; + } + $i = 0; + } + } + + $result = $this->close_handle($handle); + + if (!$this->read_put_responses($i)) { + if ($mode & self::SOURCE_LOCAL_FILE) { + fclose($fp); + } + $this->close_handle($handle); + return false; + } + + if ($mode & SFTP::SOURCE_LOCAL_FILE) { + if (isset($fp) && is_resource($fp)) { + fclose($fp); + } + + if ($this->preserveTime) { + $stat = stat($data); + $attr = $this->version < 4 ? + pack('N3', NET_SFTP_ATTR_ACCESSTIME, $stat['atime'], $stat['mtime']) : + Strings::packSSH2('NQ2', NET_SFTP_ATTR_ACCESSTIME | NET_SFTP_ATTR_MODIFYTIME, $stat['atime'], $stat['mtime']); + if (!$this->setstat($remote_file, $attr, false)) { + throw new \RuntimeException('Error setting file time'); + } + } + } + + return $result; + } + + /** + * Reads multiple successive SSH_FXP_WRITE responses + * + * Sending an SSH_FXP_WRITE packet and immediately reading its response isn't as efficient as blindly sending out $i + * SSH_FXP_WRITEs, in succession, and then reading $i responses. + * + * @param int $i + * @return bool + * @throws \UnexpectedValueException on receipt of unexpected packets + */ + private function read_put_responses($i) + { + while ($i--) { + $response = $this->get_sftp_packet(); + if ($this->packet_type != NET_SFTP_STATUS) { + throw new \UnexpectedValueException('Expected NET_SFTP_STATUS. ' + . 'Got packet type: ' . $this->packet_type); + } + + list($status) = Strings::unpackSSH2('N', $response); + if ($status != NET_SFTP_STATUS_OK) { + $this->logError($response, $status); + break; + } + } + + return $i < 0; + } + + /** + * Close handle + * + * @param string $handle + * @return bool + * @throws \UnexpectedValueException on receipt of unexpected packets + */ + private function close_handle($handle) + { + $this->send_sftp_packet(NET_SFTP_CLOSE, pack('Na*', strlen($handle), $handle)); + + // "The client MUST release all resources associated with the handle regardless of the status." + // -- http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.1.3 + $response = $this->get_sftp_packet(); + if ($this->packet_type != NET_SFTP_STATUS) { + throw new \UnexpectedValueException('Expected NET_SFTP_STATUS. ' + . 'Got packet type: ' . $this->packet_type); + } + + list($status) = Strings::unpackSSH2('N', $response); + if ($status != NET_SFTP_STATUS_OK) { + $this->logError($response, $status); + return false; + } + + return true; + } + + /** + * Downloads a file from the SFTP server. + * + * Returns a string containing the contents of $remote_file if $local_file is left undefined or a boolean false if + * the operation was unsuccessful. If $local_file is defined, returns true or false depending on the success of the + * operation. + * + * $offset and $length can be used to download files in chunks. + * + * @param string $remote_file + * @param string|bool|resource|callable $local_file + * @param int $offset + * @param int $length + * @param callable|null $progressCallback + * @throws \UnexpectedValueException on receipt of unexpected packets + * @return string|bool + */ + public function get($remote_file, $local_file = false, $offset = 0, $length = -1, $progressCallback = null) + { + if (!$this->precheck()) { + return false; + } + + $remote_file = $this->realpath($remote_file); + if ($remote_file === false) { + return false; + } + + $packet = Strings::packSSH2('s', $remote_file); + $packet .= $this->version >= 5 ? + pack('N3', 0, NET_SFTP_OPEN_OPEN_EXISTING, 0) : + pack('N2', NET_SFTP_OPEN_READ, 0); + $this->send_sftp_packet(NET_SFTP_OPEN, $packet); + + $response = $this->get_sftp_packet(); + switch ($this->packet_type) { + case NET_SFTP_HANDLE: + $handle = substr($response, 4); + break; + case NET_SFTP_STATUS: // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED + $this->logError($response); + return false; + default: + throw new \UnexpectedValueException('Expected NET_SFTP_HANDLE or NET_SFTP_STATUS. ' + . 'Got packet type: ' . $this->packet_type); + } + + if (is_resource($local_file)) { + $fp = $local_file; + $stat = fstat($fp); + $res_offset = $stat['size']; + } else { + $res_offset = 0; + if ($local_file !== false && !is_callable($local_file)) { + $fp = fopen($local_file, 'wb'); + if (!$fp) { + return false; + } + } else { + $content = ''; + } + } + + $fclose_check = $local_file !== false && !is_callable($local_file) && !is_resource($local_file); + + $start = $offset; + $read = 0; + while (true) { + $i = 0; + + while ($i < NET_SFTP_QUEUE_SIZE && ($length < 0 || $read < $length)) { + $tempoffset = $start + $read; + + $packet_size = $length > 0 ? min($this->max_sftp_packet, $length - $read) : $this->max_sftp_packet; + + $packet = Strings::packSSH2('sN3', $handle, $tempoffset / 4294967296, $tempoffset, $packet_size); + try { + $this->send_sftp_packet(NET_SFTP_READ, $packet, $i); + } catch (\Exception $e) { + if ($fclose_check) { + fclose($fp); + } + throw $e; + } + $packet = null; + $read += $packet_size; + $i++; + } + + if (!$i) { + break; + } + + $packets_sent = $i - 1; + + $clear_responses = false; + while ($i > 0) { + $i--; + + if ($clear_responses) { + $this->get_sftp_packet($packets_sent - $i); + continue; + } else { + $response = $this->get_sftp_packet($packets_sent - $i); + } + + switch ($this->packet_type) { + case NET_SFTP_DATA: + $temp = substr($response, 4); + $offset += strlen($temp); + if ($local_file === false) { + $content .= $temp; + } elseif (is_callable($local_file)) { + $local_file($temp); + } else { + fputs($fp, $temp); + } + if (is_callable($progressCallback)) { + call_user_func($progressCallback, $offset); + } + $temp = null; + break; + case NET_SFTP_STATUS: + // could, in theory, return false if !strlen($content) but we'll hold off for the time being + $this->logError($response); + $clear_responses = true; // don't break out of the loop yet, so we can read the remaining responses + break; + default: + if ($fclose_check) { + fclose($fp); + } + if ($this->channel_close) { + $this->partial_init = false; + $this->init_sftp_connection(); + return false; + } else { + throw new \UnexpectedValueException('Expected NET_SFTP_DATA or NET_SFTP_STATUS. ' + . 'Got packet type: ' . $this->packet_type); + } + } + $response = null; + } + + if ($clear_responses) { + break; + } + } + + if ($fclose_check) { + fclose($fp); + + if ($this->preserveTime) { + $stat = $this->stat($remote_file); + touch($local_file, $stat['mtime'], $stat['atime']); + } + } + + if (!$this->close_handle($handle)) { + return false; + } + + // if $content isn't set that means a file was written to + return isset($content) ? $content : true; + } + + /** + * Deletes a file on the SFTP server. + * + * @param string $path + * @param bool $recursive + * @return bool + * @throws \UnexpectedValueException on receipt of unexpected packets + */ + public function delete($path, $recursive = true) + { + if (!$this->precheck()) { + return false; + } + + if (is_object($path)) { + // It's an object. Cast it as string before we check anything else. + $path = (string) $path; + } + + if (!is_string($path) || $path == '') { + return false; + } + + $path = $this->realpath($path); + if ($path === false) { + return false; + } + + // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.3 + $this->send_sftp_packet(NET_SFTP_REMOVE, pack('Na*', strlen($path), $path)); + + $response = $this->get_sftp_packet(); + if ($this->packet_type != NET_SFTP_STATUS) { + throw new \UnexpectedValueException('Expected NET_SFTP_STATUS. ' + . 'Got packet type: ' . $this->packet_type); + } + + // if $status isn't SSH_FX_OK it's probably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED + list($status) = Strings::unpackSSH2('N', $response); + if ($status != NET_SFTP_STATUS_OK) { + $this->logError($response, $status); + if (!$recursive) { + return false; + } + + $i = 0; + $result = $this->delete_recursive($path, $i); + $this->read_put_responses($i); + return $result; + } + + $this->remove_from_stat_cache($path); + + return true; + } + + /** + * Recursively deletes directories on the SFTP server + * + * Minimizes directory lookups and SSH_FXP_STATUS requests for speed. + * + * @param string $path + * @param int $i + * @return bool + */ + private function delete_recursive($path, &$i) + { + if (!$this->read_put_responses($i)) { + return false; + } + $i = 0; + $entries = $this->readlist($path, true); + + // The folder does not exist at all, so we cannot delete it. + if ($entries === NET_SFTP_STATUS_NO_SUCH_FILE) { + return false; + } + + // Normally $entries would have at least . and .. but it might not if the directories + // permissions didn't allow reading. If this happens then default to an empty list of files. + if ($entries === false || is_int($entries)) { + $entries = []; + } + + unset($entries['.'], $entries['..']); + foreach ($entries as $filename => $props) { + if (!isset($props['type'])) { + return false; + } + + $temp = $path . '/' . $filename; + if ($props['type'] == NET_SFTP_TYPE_DIRECTORY) { + if (!$this->delete_recursive($temp, $i)) { + return false; + } + } else { + $this->send_sftp_packet(NET_SFTP_REMOVE, Strings::packSSH2('s', $temp)); + $this->remove_from_stat_cache($temp); + + $i++; + + if ($i >= NET_SFTP_QUEUE_SIZE) { + if (!$this->read_put_responses($i)) { + return false; + } + $i = 0; + } + } + } + + $this->send_sftp_packet(NET_SFTP_RMDIR, Strings::packSSH2('s', $path)); + $this->remove_from_stat_cache($path); + + $i++; + + if ($i >= NET_SFTP_QUEUE_SIZE) { + if (!$this->read_put_responses($i)) { + return false; + } + $i = 0; + } + + return true; + } + + /** + * Checks whether a file or directory exists + * + * @param string $path + * @return bool + */ + public function file_exists($path) + { + if ($this->use_stat_cache) { + if (!$this->precheck()) { + return false; + } + + $path = $this->realpath($path); + + $result = $this->query_stat_cache($path); + + if (isset($result)) { + // return true if $result is an array or if it's an stdClass object + return $result !== false; + } + } + + return $this->stat($path) !== false; + } + + /** + * Tells whether the filename is a directory + * + * @param string $path + * @return bool + */ + public function is_dir($path) + { + $result = $this->get_stat_cache_prop($path, 'type'); + if ($result === false) { + return false; + } + return $result === NET_SFTP_TYPE_DIRECTORY; + } + + /** + * Tells whether the filename is a regular file + * + * @param string $path + * @return bool + */ + public function is_file($path) + { + $result = $this->get_stat_cache_prop($path, 'type'); + if ($result === false) { + return false; + } + return $result === NET_SFTP_TYPE_REGULAR; + } + + /** + * Tells whether the filename is a symbolic link + * + * @param string $path + * @return bool + */ + public function is_link($path) + { + $result = $this->get_lstat_cache_prop($path, 'type'); + if ($result === false) { + return false; + } + return $result === NET_SFTP_TYPE_SYMLINK; + } + + /** + * Tells whether a file exists and is readable + * + * @param string $path + * @return bool + */ + public function is_readable($path) + { + if (!$this->precheck()) { + return false; + } + + $packet = Strings::packSSH2('sNN', $this->realpath($path), NET_SFTP_OPEN_READ, 0); + $this->send_sftp_packet(NET_SFTP_OPEN, $packet); + + $response = $this->get_sftp_packet(); + switch ($this->packet_type) { + case NET_SFTP_HANDLE: + return true; + case NET_SFTP_STATUS: // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED + return false; + default: + throw new \UnexpectedValueException('Expected NET_SFTP_HANDLE or NET_SFTP_STATUS. ' + . 'Got packet type: ' . $this->packet_type); + } + } + + /** + * Tells whether the filename is writable + * + * @param string $path + * @return bool + */ + public function is_writable($path) + { + if (!$this->precheck()) { + return false; + } + + $packet = Strings::packSSH2('sNN', $this->realpath($path), NET_SFTP_OPEN_WRITE, 0); + $this->send_sftp_packet(NET_SFTP_OPEN, $packet); + + $response = $this->get_sftp_packet(); + switch ($this->packet_type) { + case NET_SFTP_HANDLE: + return true; + case NET_SFTP_STATUS: // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED + return false; + default: + throw new \UnexpectedValueException('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS. ' + . 'Got packet type: ' . $this->packet_type); + } + } + + /** + * Tells whether the filename is writeable + * + * Alias of is_writable + * + * @param string $path + * @return bool + */ + public function is_writeable($path) + { + return $this->is_writable($path); + } + + /** + * Gets last access time of file + * + * @param string $path + * @return mixed + */ + public function fileatime($path) + { + return $this->get_stat_cache_prop($path, 'atime'); + } + + /** + * Gets file modification time + * + * @param string $path + * @return mixed + */ + public function filemtime($path) + { + return $this->get_stat_cache_prop($path, 'mtime'); + } + + /** + * Gets file permissions + * + * @param string $path + * @return mixed + */ + public function fileperms($path) + { + return $this->get_stat_cache_prop($path, 'mode'); + } + + /** + * Gets file owner + * + * @param string $path + * @return mixed + */ + public function fileowner($path) + { + return $this->get_stat_cache_prop($path, 'uid'); + } + + /** + * Gets file group + * + * @param string $path + * @return mixed + */ + public function filegroup($path) + { + return $this->get_stat_cache_prop($path, 'gid'); + } + + /** + * Recursively go through rawlist() output to get the total filesize + * + * @return int + */ + private static function recursiveFilesize(array $files) + { + $size = 0; + foreach ($files as $name => $file) { + if ($name == '.' || $name == '..') { + continue; + } + $size += is_array($file) ? + self::recursiveFilesize($file) : + $file->size; + } + return $size; + } + + /** + * Gets file size + * + * @param string $path + * @param bool $recursive + * @return mixed + */ + public function filesize($path, $recursive = false) + { + return !$recursive || $this->filetype($path) != 'dir' ? + $this->get_stat_cache_prop($path, 'size') : + self::recursiveFilesize($this->rawlist($path, true)); + } + + /** + * Gets file type + * + * @param string $path + * @return string|false + */ + public function filetype($path) + { + $type = $this->get_stat_cache_prop($path, 'type'); + if ($type === false) { + return false; + } + + switch ($type) { + case NET_SFTP_TYPE_BLOCK_DEVICE: + return 'block'; + case NET_SFTP_TYPE_CHAR_DEVICE: + return 'char'; + case NET_SFTP_TYPE_DIRECTORY: + return 'dir'; + case NET_SFTP_TYPE_FIFO: + return 'fifo'; + case NET_SFTP_TYPE_REGULAR: + return 'file'; + case NET_SFTP_TYPE_SYMLINK: + return 'link'; + default: + return false; + } + } + + /** + * Return a stat properity + * + * Uses cache if appropriate. + * + * @param string $path + * @param string $prop + * @return mixed + */ + private function get_stat_cache_prop($path, $prop) + { + return $this->get_xstat_cache_prop($path, $prop, 'stat'); + } + + /** + * Return an lstat properity + * + * Uses cache if appropriate. + * + * @param string $path + * @param string $prop + * @return mixed + */ + private function get_lstat_cache_prop($path, $prop) + { + return $this->get_xstat_cache_prop($path, $prop, 'lstat'); + } + + /** + * Return a stat or lstat properity + * + * Uses cache if appropriate. + * + * @param string $path + * @param string $prop + * @param string $type + * @return mixed + */ + private function get_xstat_cache_prop($path, $prop, $type) + { + if (!$this->precheck()) { + return false; + } + + if ($this->use_stat_cache) { + $path = $this->realpath($path); + + $result = $this->query_stat_cache($path); + + if (is_object($result) && isset($result->$type)) { + return $result->{$type}[$prop]; + } + } + + $result = $this->$type($path); + + if ($result === false || !isset($result[$prop])) { + return false; + } + + return $result[$prop]; + } + + /** + * Renames a file or a directory on the SFTP server. + * + * If the file already exists this will return false + * + * @param string $oldname + * @param string $newname + * @return bool + * @throws \UnexpectedValueException on receipt of unexpected packets + */ + public function rename($oldname, $newname) + { + if (!$this->precheck()) { + return false; + } + + $oldname = $this->realpath($oldname); + $newname = $this->realpath($newname); + if ($oldname === false || $newname === false) { + return false; + } + + // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.3 + $packet = Strings::packSSH2('ss', $oldname, $newname); + if ($this->version >= 5) { + /* quoting https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-05#section-6.5 , + + 'flags' is 0 or a combination of: + + SSH_FXP_RENAME_OVERWRITE 0x00000001 + SSH_FXP_RENAME_ATOMIC 0x00000002 + SSH_FXP_RENAME_NATIVE 0x00000004 + + (none of these are currently supported) */ + $packet .= "\0\0\0\0"; + } + $this->send_sftp_packet(NET_SFTP_RENAME, $packet); + + $response = $this->get_sftp_packet(); + if ($this->packet_type != NET_SFTP_STATUS) { + throw new \UnexpectedValueException('Expected NET_SFTP_STATUS. ' + . 'Got packet type: ' . $this->packet_type); + } + + // if $status isn't SSH_FX_OK it's probably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED + list($status) = Strings::unpackSSH2('N', $response); + if ($status != NET_SFTP_STATUS_OK) { + $this->logError($response, $status); + return false; + } + + // don't move the stat cache entry over since this operation could very well change the + // atime and mtime attributes + //$this->update_stat_cache($newname, $this->query_stat_cache($oldname)); + $this->remove_from_stat_cache($oldname); + $this->remove_from_stat_cache($newname); + + return true; + } + + /** + * Parse Time + * + * See '7.7. Times' of draft-ietf-secsh-filexfer-13 for more info. + * + * @param string $key + * @param int $flags + * @param string $response + * @return array + */ + private function parseTime($key, $flags, &$response) + { + $attr = []; + list($attr[$key]) = Strings::unpackSSH2('Q', $response); + if ($flags & NET_SFTP_ATTR_SUBSECOND_TIMES) { + list($attr[$key . '-nseconds']) = Strings::unpackSSH2('N', $response); + } + return $attr; + } + + /** + * Parse Attributes + * + * See '7. File Attributes' of draft-ietf-secsh-filexfer-13 for more info. + * + * @param string $response + * @return array + */ + protected function parseAttributes(&$response) + { + if ($this->version >= 4) { + list($flags, $attr['type']) = Strings::unpackSSH2('NC', $response); + } else { + list($flags) = Strings::unpackSSH2('N', $response); + } + + foreach (self::$attributes as $key => $value) { + switch ($flags & $key) { + case NET_SFTP_ATTR_UIDGID: + if ($this->version > 3) { + continue 2; + } + break; + case NET_SFTP_ATTR_CREATETIME: + case NET_SFTP_ATTR_MODIFYTIME: + case NET_SFTP_ATTR_ACL: + case NET_SFTP_ATTR_OWNERGROUP: + case NET_SFTP_ATTR_SUBSECOND_TIMES: + if ($this->version < 4) { + continue 2; + } + break; + case NET_SFTP_ATTR_BITS: + if ($this->version < 5) { + continue 2; + } + break; + case NET_SFTP_ATTR_ALLOCATION_SIZE: + case NET_SFTP_ATTR_TEXT_HINT: + case NET_SFTP_ATTR_MIME_TYPE: + case NET_SFTP_ATTR_LINK_COUNT: + case NET_SFTP_ATTR_UNTRANSLATED_NAME: + case NET_SFTP_ATTR_CTIME: + if ($this->version < 6) { + continue 2; + } + } + switch ($flags & $key) { + case NET_SFTP_ATTR_SIZE: // 0x00000001 + // The size attribute is defined as an unsigned 64-bit integer. + // The following will use floats on 32-bit platforms, if necessary. + // As can be seen in the BigInteger class, floats are generally + // IEEE 754 binary64 "double precision" on such platforms and + // as such can represent integers of at least 2^50 without loss + // of precision. Interpreted in filesize, 2^50 bytes = 1024 TiB. + list($attr['size']) = Strings::unpackSSH2('Q', $response); + break; + case NET_SFTP_ATTR_UIDGID: // 0x00000002 (SFTPv3 only) + list($attr['uid'], $attr['gid']) = Strings::unpackSSH2('NN', $response); + break; + case NET_SFTP_ATTR_PERMISSIONS: // 0x00000004 + list($attr['mode']) = Strings::unpackSSH2('N', $response); + $fileType = $this->parseMode($attr['mode']); + if ($this->version < 4 && $fileType !== false) { + $attr += ['type' => $fileType]; + } + break; + case NET_SFTP_ATTR_ACCESSTIME: // 0x00000008 + if ($this->version >= 4) { + $attr += $this->parseTime('atime', $flags, $response); + break; + } + list($attr['atime'], $attr['mtime']) = Strings::unpackSSH2('NN', $response); + break; + case NET_SFTP_ATTR_CREATETIME: // 0x00000010 (SFTPv4+) + $attr += $this->parseTime('createtime', $flags, $response); + break; + case NET_SFTP_ATTR_MODIFYTIME: // 0x00000020 + $attr += $this->parseTime('mtime', $flags, $response); + break; + case NET_SFTP_ATTR_ACL: // 0x00000040 + // access control list + // see https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-04#section-5.7 + // currently unsupported + list($count) = Strings::unpackSSH2('N', $response); + for ($i = 0; $i < $count; $i++) { + list($type, $flag, $mask, $who) = Strings::unpackSSH2('N3s', $result); + } + break; + case NET_SFTP_ATTR_OWNERGROUP: // 0x00000080 + list($attr['owner'], $attr['$group']) = Strings::unpackSSH2('ss', $response); + break; + case NET_SFTP_ATTR_SUBSECOND_TIMES: // 0x00000100 + break; + case NET_SFTP_ATTR_BITS: // 0x00000200 (SFTPv5+) + // see https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-05#section-5.8 + // currently unsupported + // tells if you file is: + // readonly, system, hidden, case inensitive, archive, encrypted, compressed, sparse + // append only, immutable, sync + list($attrib_bits, $attrib_bits_valid) = Strings::unpackSSH2('N2', $response); + // if we were actually gonna implement the above it ought to be + // $attr['attrib-bits'] and $attr['attrib-bits-valid'] + // eg. - instead of _ + break; + case NET_SFTP_ATTR_ALLOCATION_SIZE: // 0x00000400 (SFTPv6+) + // see https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-13#section-7.4 + // represents the number of bytes that the file consumes on the disk. will + // usually be larger than the 'size' field + list($attr['allocation-size']) = Strings::unpackSSH2('Q', $response); + break; + case NET_SFTP_ATTR_TEXT_HINT: // 0x00000800 + // https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-13#section-7.10 + // currently unsupported + // tells if file is "known text", "guessed text", "known binary", "guessed binary" + list($text_hint) = Strings::unpackSSH2('C', $response); + // the above should be $attr['text-hint'] + break; + case NET_SFTP_ATTR_MIME_TYPE: // 0x00001000 + // see https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-13#section-7.11 + list($attr['mime-type']) = Strings::unpackSSH2('s', $response); + break; + case NET_SFTP_ATTR_LINK_COUNT: // 0x00002000 + // see https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-13#section-7.12 + list($attr['link-count']) = Strings::unpackSSH2('N', $response); + break; + case NET_SFTP_ATTR_UNTRANSLATED_NAME:// 0x00004000 + // see https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-13#section-7.13 + list($attr['untranslated-name']) = Strings::unpackSSH2('s', $response); + break; + case NET_SFTP_ATTR_CTIME: // 0x00008000 + // 'ctime' contains the last time the file attributes were changed. The + // exact meaning of this field depends on the server. + $attr += $this->parseTime('ctime', $flags, $response); + break; + case NET_SFTP_ATTR_EXTENDED: // 0x80000000 + list($count) = Strings::unpackSSH2('N', $response); + for ($i = 0; $i < $count; $i++) { + list($key, $value) = Strings::unpackSSH2('ss', $response); + $attr[$key] = $value; + } + } + } + return $attr; + } + + /** + * Attempt to identify the file type + * + * Quoting the SFTP RFC, "Implementations MUST NOT send bits that are not defined" but they seem to anyway + * + * @param int $mode + * @return int + */ + private function parseMode($mode) + { + // values come from http://lxr.free-electrons.com/source/include/uapi/linux/stat.h#L12 + // see, also, http://linux.die.net/man/2/stat + switch ($mode & 0170000) {// ie. 1111 0000 0000 0000 + case 0000000: // no file type specified - figure out the file type using alternative means + return false; + case 0040000: + return NET_SFTP_TYPE_DIRECTORY; + case 0100000: + return NET_SFTP_TYPE_REGULAR; + case 0120000: + return NET_SFTP_TYPE_SYMLINK; + // new types introduced in SFTPv5+ + // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-05#section-5.2 + case 0010000: // named pipe (fifo) + return NET_SFTP_TYPE_FIFO; + case 0020000: // character special + return NET_SFTP_TYPE_CHAR_DEVICE; + case 0060000: // block special + return NET_SFTP_TYPE_BLOCK_DEVICE; + case 0140000: // socket + return NET_SFTP_TYPE_SOCKET; + case 0160000: // whiteout + // "SPECIAL should be used for files that are of + // a known type which cannot be expressed in the protocol" + return NET_SFTP_TYPE_SPECIAL; + default: + return NET_SFTP_TYPE_UNKNOWN; + } + } + + /** + * Parse Longname + * + * SFTPv3 doesn't provide any easy way of identifying a file type. You could try to open + * a file as a directory and see if an error is returned or you could try to parse the + * SFTPv3-specific longname field of the SSH_FXP_NAME packet. That's what this function does. + * The result is returned using the + * {@link http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-5.2 SFTPv4 type constants}. + * + * If the longname is in an unrecognized format bool(false) is returned. + * + * @param string $longname + * @return mixed + */ + private function parseLongname($longname) + { + // http://en.wikipedia.org/wiki/Unix_file_types + // http://en.wikipedia.org/wiki/Filesystem_permissions#Notation_of_traditional_Unix_permissions + if (preg_match('#^[^/]([r-][w-][xstST-]){3}#', $longname)) { + switch ($longname[0]) { + case '-': + return NET_SFTP_TYPE_REGULAR; + case 'd': + return NET_SFTP_TYPE_DIRECTORY; + case 'l': + return NET_SFTP_TYPE_SYMLINK; + default: + return NET_SFTP_TYPE_SPECIAL; + } + } + + return false; + } + + /** + * Sends SFTP Packets + * + * See '6. General Packet Format' of draft-ietf-secsh-filexfer-13 for more info. + * + * @param int $type + * @param string $data + * @param int $request_id + * @see self::_get_sftp_packet() + * @see self::send_channel_packet() + * @return void + */ + private function send_sftp_packet($type, $data, $request_id = 1) + { + // in SSH2.php the timeout is cumulative per function call. eg. exec() will + // timeout after 10s. but for SFTP.php it's cumulative per packet + $this->curTimeout = $this->timeout; + + $packet = $this->use_request_id ? + pack('NCNa*', strlen($data) + 5, $type, $request_id, $data) : + pack('NCa*', strlen($data) + 1, $type, $data); + + $start = microtime(true); + $this->send_channel_packet(self::CHANNEL, $packet); + $stop = microtime(true); + + if (defined('NET_SFTP_LOGGING')) { + $packet_type = '-> ' . self::$packet_types[$type] . + ' (' . round($stop - $start, 4) . 's)'; + $this->append_log($packet_type, $data); + } + } + + /** + * Resets a connection for re-use + * + * @param int $reason + */ + protected function reset_connection($reason) + { + parent::reset_connection($reason); + $this->use_request_id = false; + $this->pwd = false; + $this->requestBuffer = []; + $this->partial_init = false; + } + + /** + * Receives SFTP Packets + * + * See '6. General Packet Format' of draft-ietf-secsh-filexfer-13 for more info. + * + * Incidentally, the number of SSH_MSG_CHANNEL_DATA messages has no bearing on the number of SFTP packets present. + * There can be one SSH_MSG_CHANNEL_DATA messages containing two SFTP packets or there can be two SSH_MSG_CHANNEL_DATA + * messages containing one SFTP packet. + * + * @see self::_send_sftp_packet() + * @return string + */ + private function get_sftp_packet($request_id = null) + { + $this->channel_close = false; + + if (isset($request_id) && isset($this->requestBuffer[$request_id])) { + $this->packet_type = $this->requestBuffer[$request_id]['packet_type']; + $temp = $this->requestBuffer[$request_id]['packet']; + unset($this->requestBuffer[$request_id]); + return $temp; + } + + // in SSH2.php the timeout is cumulative per function call. eg. exec() will + // timeout after 10s. but for SFTP.php it's cumulative per packet + $this->curTimeout = $this->timeout; + + $start = microtime(true); + + // SFTP packet length + while (strlen($this->packet_buffer) < 4) { + $temp = $this->get_channel_packet(self::CHANNEL, true); + if ($temp === true) { + if ($this->channel_status[self::CHANNEL] === NET_SSH2_MSG_CHANNEL_CLOSE) { + $this->channel_close = true; + } + $this->packet_type = false; + $this->packet_buffer = ''; + return false; + } + $this->packet_buffer .= $temp; + } + if (strlen($this->packet_buffer) < 4) { + throw new \RuntimeException('Packet is too small'); + } + extract(unpack('Nlength', Strings::shift($this->packet_buffer, 4))); + /** @var integer $length */ + + $tempLength = $length; + $tempLength -= strlen($this->packet_buffer); + + // 256 * 1024 is what SFTP_MAX_MSG_LENGTH is set to in OpenSSH's sftp-common.h + if (!$this->allow_arbitrary_length_packets && !$this->use_request_id && $tempLength > 256 * 1024) { + throw new \RuntimeException('Invalid Size'); + } + + // SFTP packet type and data payload + while ($tempLength > 0) { + $temp = $this->get_channel_packet(self::CHANNEL, true); + if ($temp === true) { + if ($this->channel_status[self::CHANNEL] === NET_SSH2_MSG_CHANNEL_CLOSE) { + $this->channel_close = true; + } + $this->packet_type = false; + $this->packet_buffer = ''; + return false; + } + $this->packet_buffer .= $temp; + $tempLength -= strlen($temp); + } + + $stop = microtime(true); + + $this->packet_type = ord(Strings::shift($this->packet_buffer)); + + if ($this->use_request_id) { + extract(unpack('Npacket_id', Strings::shift($this->packet_buffer, 4))); // remove the request id + $length -= 5; // account for the request id and the packet type + } else { + $length -= 1; // account for the packet type + } + + $packet = Strings::shift($this->packet_buffer, $length); + + if (defined('NET_SFTP_LOGGING')) { + $packet_type = '<- ' . self::$packet_types[$this->packet_type] . + ' (' . round($stop - $start, 4) . 's)'; + $this->append_log($packet_type, $packet); + } + + if (isset($request_id) && $this->use_request_id && $packet_id != $request_id) { + $this->requestBuffer[$packet_id] = [ + 'packet_type' => $this->packet_type, + 'packet' => $packet + ]; + return $this->get_sftp_packet($request_id); + } + + return $packet; + } + + /** + * Logs data packets + * + * Makes sure that only the last 1MB worth of packets will be logged + * + * @param string $message_number + * @param string $message + */ + private function append_log($message_number, $message) + { + $this->append_log_helper( + NET_SFTP_LOGGING, + $message_number, + $message, + $this->packet_type_log, + $this->packet_log, + $this->log_size, + $this->realtime_log_file, + $this->realtime_log_wrap, + $this->realtime_log_size + ); + } + + /** + * Returns a log of the packets that have been sent and received. + * + * Returns a string if NET_SFTP_LOGGING == self::LOG_COMPLEX, an array if NET_SFTP_LOGGING == self::LOG_SIMPLE and false if !defined('NET_SFTP_LOGGING') + * + * @return array|string|false + */ + public function getSFTPLog() + { + if (!defined('NET_SFTP_LOGGING')) { + return false; + } + + switch (NET_SFTP_LOGGING) { + case self::LOG_COMPLEX: + return $this->format_log($this->packet_log, $this->packet_type_log); + break; + //case self::LOG_SIMPLE: + default: + return $this->packet_type_log; + } + } + + /** + * Returns all errors + * + * @return array + */ + public function getSFTPErrors() + { + return $this->sftp_errors; + } + + /** + * Returns the last error + * + * @return string + */ + public function getLastSFTPError() + { + return count($this->sftp_errors) ? $this->sftp_errors[count($this->sftp_errors) - 1] : ''; + } + + /** + * Get supported SFTP versions + * + * @return array + */ + public function getSupportedVersions() + { + if (!($this->bitmap & SSH2::MASK_LOGIN)) { + return false; + } + + if (!$this->partial_init) { + $this->partial_init_sftp_connection(); + } + + $temp = ['version' => $this->defaultVersion]; + if (isset($this->extensions['versions'])) { + $temp['extensions'] = $this->extensions['versions']; + } + return $temp; + } + + /** + * Get supported SFTP versions + * + * @return int|false + */ + public function getNegotiatedVersion() + { + if (!$this->precheck()) { + return false; + } + + return $this->version; + } + + /** + * Set preferred version + * + * If you're preferred version isn't supported then the highest supported + * version of SFTP will be utilized. Set to null or false or int(0) to + * unset the preferred version + * + * @param int $version + */ + public function setPreferredVersion($version) + { + $this->preferredVersion = $version; + } + + /** + * Disconnect + * + * @param int $reason + * @return false + */ + protected function disconnect_helper($reason) + { + $this->pwd = false; + return parent::disconnect_helper($reason); + } + + /** + * Enable Date Preservation + * + */ + public function enableDatePreservation() + { + $this->preserveTime = true; + } + + /** + * Disable Date Preservation + * + */ + public function disableDatePreservation() + { + $this->preserveTime = false; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Net/SFTP/Stream.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Net/SFTP/Stream.php new file mode 100644 index 0000000..24047b4 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Net/SFTP/Stream.php @@ -0,0 +1,756 @@ + + * @copyright 2013 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Net\SFTP; + +use phpseclib3\Crypt\Common\PrivateKey; +use phpseclib3\Net\SFTP; +use phpseclib3\Net\SSH2; + +/** + * SFTP Stream Wrapper + * + * @author Jim Wigginton + */ +class Stream +{ + /** + * SFTP instances + * + * Rather than re-create the connection we re-use instances if possible + * + * @var array + */ + public static $instances; + + /** + * SFTP instance + * + * @var object + */ + private $sftp; + + /** + * Path + * + * @var string + */ + private $path; + + /** + * Mode + * + * @var string + */ + private $mode; + + /** + * Position + * + * @var int + */ + private $pos; + + /** + * Size + * + * @var int + */ + private $size; + + /** + * Directory entries + * + * @var array + */ + private $entries; + + /** + * EOF flag + * + * @var bool + */ + private $eof; + + /** + * Context resource + * + * Technically this needs to be publicly accessible so PHP can set it directly + * + * @var resource + */ + public $context; + + /** + * Notification callback function + * + * @var callable + */ + private $notification; + + /** + * Registers this class as a URL wrapper. + * + * @param string $protocol The wrapper name to be registered. + * @return bool True on success, false otherwise. + */ + public static function register($protocol = 'sftp') + { + if (in_array($protocol, stream_get_wrappers(), true)) { + return false; + } + return stream_wrapper_register($protocol, get_called_class()); + } + + /** + * The Constructor + * + */ + public function __construct() + { + if (defined('NET_SFTP_STREAM_LOGGING')) { + echo "__construct()\r\n"; + } + } + + /** + * Path Parser + * + * Extract a path from a URI and actually connect to an SSH server if appropriate + * + * If "notification" is set as a context parameter the message code for successful login is + * NET_SSH2_MSG_USERAUTH_SUCCESS. For a failed login it's NET_SSH2_MSG_USERAUTH_FAILURE. + * + * @param string $path + * @return string + */ + protected function parse_path($path) + { + $orig = $path; + extract(parse_url($path) + ['port' => 22]); + if (isset($query)) { + $path .= '?' . $query; + } elseif (preg_match('/(\?|\?#)$/', $orig)) { + $path .= '?'; + } + if (isset($fragment)) { + $path .= '#' . $fragment; + } elseif ($orig[strlen($orig) - 1] == '#') { + $path .= '#'; + } + + if (!isset($host)) { + return false; + } + + if (isset($this->context)) { + $context = stream_context_get_params($this->context); + if (isset($context['notification'])) { + $this->notification = $context['notification']; + } + } + + if (preg_match('/^{[a-z0-9]+}$/i', $host)) { + $host = SSH2::getConnectionByResourceId($host); + if ($host === false) { + return false; + } + $this->sftp = $host; + } else { + if (isset($this->context)) { + $context = stream_context_get_options($this->context); + } + if (isset($context[$scheme]['session'])) { + $sftp = $context[$scheme]['session']; + } + if (isset($context[$scheme]['sftp'])) { + $sftp = $context[$scheme]['sftp']; + } + if (isset($sftp) && $sftp instanceof SFTP) { + $this->sftp = $sftp; + return $path; + } + if (isset($context[$scheme]['username'])) { + $user = $context[$scheme]['username']; + } + if (isset($context[$scheme]['password'])) { + $pass = $context[$scheme]['password']; + } + if (isset($context[$scheme]['privkey']) && $context[$scheme]['privkey'] instanceof PrivateKey) { + $pass = $context[$scheme]['privkey']; + } + + if (!isset($user) || !isset($pass)) { + return false; + } + + // casting $pass to a string is necessary in the event that it's a \phpseclib3\Crypt\RSA object + if (isset(self::$instances[$host][$port][$user][(string) $pass])) { + $this->sftp = self::$instances[$host][$port][$user][(string) $pass]; + } else { + $this->sftp = new SFTP($host, $port); + $this->sftp->disableStatCache(); + if (isset($this->notification) && is_callable($this->notification)) { + /* if !is_callable($this->notification) we could do this: + + user_error('fopen(): failed to call user notifier', E_USER_WARNING); + + the ftp wrapper gives errors like that when the notifier isn't callable. + i've opted not to do that, however, since the ftp wrapper gives the line + on which the fopen occurred as the line number - not the line that the + user_error is on. + */ + call_user_func($this->notification, STREAM_NOTIFY_CONNECT, STREAM_NOTIFY_SEVERITY_INFO, '', 0, 0, 0); + call_user_func($this->notification, STREAM_NOTIFY_AUTH_REQUIRED, STREAM_NOTIFY_SEVERITY_INFO, '', 0, 0, 0); + if (!$this->sftp->login($user, $pass)) { + call_user_func($this->notification, STREAM_NOTIFY_AUTH_RESULT, STREAM_NOTIFY_SEVERITY_ERR, 'Login Failure', NET_SSH2_MSG_USERAUTH_FAILURE, 0, 0); + return false; + } + call_user_func($this->notification, STREAM_NOTIFY_AUTH_RESULT, STREAM_NOTIFY_SEVERITY_INFO, 'Login Success', NET_SSH2_MSG_USERAUTH_SUCCESS, 0, 0); + } else { + if (!$this->sftp->login($user, $pass)) { + return false; + } + } + self::$instances[$host][$port][$user][(string) $pass] = $this->sftp; + } + } + + return $path; + } + + /** + * Opens file or URL + * + * @param string $path + * @param string $mode + * @param int $options + * @param string $opened_path + * @return bool + */ + private function _stream_open($path, $mode, $options, &$opened_path) + { + $path = $this->parse_path($path); + + if ($path === false) { + return false; + } + $this->path = $path; + + $this->size = $this->sftp->filesize($path); + $this->mode = preg_replace('#[bt]$#', '', $mode); + $this->eof = false; + + if ($this->size === false) { + if ($this->mode[0] == 'r') { + return false; + } else { + $this->sftp->touch($path); + $this->size = 0; + } + } else { + switch ($this->mode[0]) { + case 'x': + return false; + case 'w': + $this->sftp->truncate($path, 0); + $this->size = 0; + } + } + + $this->pos = $this->mode[0] != 'a' ? 0 : $this->size; + + return true; + } + + /** + * Read from stream + * + * @param int $count + * @return mixed + */ + private function _stream_read($count) + { + switch ($this->mode) { + case 'w': + case 'a': + case 'x': + case 'c': + return false; + } + + // commented out because some files - eg. /dev/urandom - will say their size is 0 when in fact it's kinda infinite + //if ($this->pos >= $this->size) { + // $this->eof = true; + // return false; + //} + + $result = $this->sftp->get($this->path, false, $this->pos, $count); + if (isset($this->notification) && is_callable($this->notification)) { + if ($result === false) { + call_user_func($this->notification, STREAM_NOTIFY_FAILURE, STREAM_NOTIFY_SEVERITY_ERR, $this->sftp->getLastSFTPError(), NET_SFTP_OPEN, 0, 0); + return 0; + } + // seems that PHP calls stream_read in 8k chunks + call_user_func($this->notification, STREAM_NOTIFY_PROGRESS, STREAM_NOTIFY_SEVERITY_INFO, '', 0, strlen($result), $this->size); + } + + if (empty($result)) { // ie. false or empty string + $this->eof = true; + return false; + } + $this->pos += strlen($result); + + return $result; + } + + /** + * Write to stream + * + * @param string $data + * @return int|false + */ + private function _stream_write($data) + { + switch ($this->mode) { + case 'r': + return false; + } + + $result = $this->sftp->put($this->path, $data, SFTP::SOURCE_STRING, $this->pos); + if (isset($this->notification) && is_callable($this->notification)) { + if (!$result) { + call_user_func($this->notification, STREAM_NOTIFY_FAILURE, STREAM_NOTIFY_SEVERITY_ERR, $this->sftp->getLastSFTPError(), NET_SFTP_OPEN, 0, 0); + return 0; + } + // seems that PHP splits up strings into 8k blocks before calling stream_write + call_user_func($this->notification, STREAM_NOTIFY_PROGRESS, STREAM_NOTIFY_SEVERITY_INFO, '', 0, strlen($data), strlen($data)); + } + + if ($result === false) { + return false; + } + $this->pos += strlen($data); + if ($this->pos > $this->size) { + $this->size = $this->pos; + } + $this->eof = false; + return strlen($data); + } + + /** + * Retrieve the current position of a stream + * + * @return int + */ + private function _stream_tell() + { + return $this->pos; + } + + /** + * Tests for end-of-file on a file pointer + * + * In my testing there are four classes functions that normally effect the pointer: + * fseek, fputs / fwrite, fgets / fread and ftruncate. + * + * Only fgets / fread, however, results in feof() returning true. do fputs($fp, 'aaa') on a blank file and feof() + * will return false. do fread($fp, 1) and feof() will then return true. do fseek($fp, 10) on ablank file and feof() + * will return false. do fread($fp, 1) and feof() will then return true. + * + * @return bool + */ + private function _stream_eof() + { + return $this->eof; + } + + /** + * Seeks to specific location in a stream + * + * @param int $offset + * @param int $whence + * @return bool + */ + private function _stream_seek($offset, $whence) + { + switch ($whence) { + case SEEK_SET: + if ($offset < 0) { + return false; + } + break; + case SEEK_CUR: + $offset += $this->pos; + break; + case SEEK_END: + $offset += $this->size; + } + + $this->pos = $offset; + $this->eof = false; + return true; + } + + /** + * Change stream options + * + * @param string $path + * @param int $option + * @param mixed $var + * @return bool + */ + private function _stream_metadata($path, $option, $var) + { + $path = $this->parse_path($path); + if ($path === false) { + return false; + } + + // stream_metadata was introduced in PHP 5.4.0 but as of 5.4.11 the constants haven't been defined + // see http://www.php.net/streamwrapper.stream-metadata and https://bugs.php.net/64246 + // and https://github.com/php/php-src/blob/master/main/php_streams.h#L592 + switch ($option) { + case 1: // PHP_STREAM_META_TOUCH + $time = isset($var[0]) ? $var[0] : null; + $atime = isset($var[1]) ? $var[1] : null; + return $this->sftp->touch($path, $time, $atime); + case 2: // PHP_STREAM_OWNER_NAME + case 3: // PHP_STREAM_GROUP_NAME + return false; + case 4: // PHP_STREAM_META_OWNER + return $this->sftp->chown($path, $var); + case 5: // PHP_STREAM_META_GROUP + return $this->sftp->chgrp($path, $var); + case 6: // PHP_STREAM_META_ACCESS + return $this->sftp->chmod($path, $var) !== false; + } + } + + /** + * Retrieve the underlaying resource + * + * @param int $cast_as + * @return resource + */ + private function _stream_cast($cast_as) + { + return $this->sftp->fsock; + } + + /** + * Advisory file locking + * + * @param int $operation + * @return bool + */ + private function _stream_lock($operation) + { + return false; + } + + /** + * Renames a file or directory + * + * Attempts to rename oldname to newname, moving it between directories if necessary. + * If newname exists, it will be overwritten. This is a departure from what \phpseclib3\Net\SFTP + * does. + * + * @param string $path_from + * @param string $path_to + * @return bool + */ + private function _rename($path_from, $path_to) + { + $path1 = parse_url($path_from); + $path2 = parse_url($path_to); + unset($path1['path'], $path2['path']); + if ($path1 != $path2) { + return false; + } + + $path_from = $this->parse_path($path_from); + $path_to = parse_url($path_to); + if ($path_from === false) { + return false; + } + + $path_to = $path_to['path']; // the $component part of parse_url() was added in PHP 5.1.2 + // "It is an error if there already exists a file with the name specified by newpath." + // -- http://tools.ietf.org/html/draft-ietf-secsh-filexfer-02#section-6.5 + if (!$this->sftp->rename($path_from, $path_to)) { + if ($this->sftp->stat($path_to)) { + return $this->sftp->delete($path_to, true) && $this->sftp->rename($path_from, $path_to); + } + return false; + } + + return true; + } + + /** + * Open directory handle + * + * The only $options is "whether or not to enforce safe_mode (0x04)". Since safe mode was deprecated in 5.3 and + * removed in 5.4 I'm just going to ignore it. + * + * Also, nlist() is the best that this function is realistically going to be able to do. When an SFTP client + * sends a SSH_FXP_READDIR packet you don't generally get info on just one file but on multiple files. Quoting + * the SFTP specs: + * + * The SSH_FXP_NAME response has the following format: + * + * uint32 id + * uint32 count + * repeats count times: + * string filename + * string longname + * ATTRS attrs + * + * @param string $path + * @param int $options + * @return bool + */ + private function _dir_opendir($path, $options) + { + $path = $this->parse_path($path); + if ($path === false) { + return false; + } + $this->pos = 0; + $this->entries = $this->sftp->nlist($path); + return $this->entries !== false; + } + + /** + * Read entry from directory handle + * + * @return mixed + */ + private function _dir_readdir() + { + if (isset($this->entries[$this->pos])) { + return $this->entries[$this->pos++]; + } + return false; + } + + /** + * Rewind directory handle + * + * @return bool + */ + private function _dir_rewinddir() + { + $this->pos = 0; + return true; + } + + /** + * Close directory handle + * + * @return bool + */ + private function _dir_closedir() + { + return true; + } + + /** + * Create a directory + * + * Only valid $options is STREAM_MKDIR_RECURSIVE + * + * @param string $path + * @param int $mode + * @param int $options + * @return bool + */ + private function _mkdir($path, $mode, $options) + { + $path = $this->parse_path($path); + if ($path === false) { + return false; + } + + return $this->sftp->mkdir($path, $mode, $options & STREAM_MKDIR_RECURSIVE); + } + + /** + * Removes a directory + * + * Only valid $options is STREAM_MKDIR_RECURSIVE per , however, + * does not have a $recursive parameter as mkdir() does so I don't know how + * STREAM_MKDIR_RECURSIVE is supposed to be set. Also, when I try it out with rmdir() I get 8 as + * $options. What does 8 correspond to? + * + * @param string $path + * @param int $options + * @return bool + */ + private function _rmdir($path, $options) + { + $path = $this->parse_path($path); + if ($path === false) { + return false; + } + + return $this->sftp->rmdir($path); + } + + /** + * Flushes the output + * + * See . Always returns true because \phpseclib3\Net\SFTP doesn't cache stuff before writing + * + * @return bool + */ + private function _stream_flush() + { + return true; + } + + /** + * Retrieve information about a file resource + * + * @return mixed + */ + private function _stream_stat() + { + $results = $this->sftp->stat($this->path); + if ($results === false) { + return false; + } + return $results; + } + + /** + * Delete a file + * + * @param string $path + * @return bool + */ + private function _unlink($path) + { + $path = $this->parse_path($path); + if ($path === false) { + return false; + } + + return $this->sftp->delete($path, false); + } + + /** + * Retrieve information about a file + * + * Ignores the STREAM_URL_STAT_QUIET flag because the entirety of \phpseclib3\Net\SFTP\Stream is quiet by default + * might be worthwhile to reconstruct bits 12-16 (ie. the file type) if mode doesn't have them but we'll + * cross that bridge when and if it's reached + * + * @param string $path + * @param int $flags + * @return mixed + */ + private function _url_stat($path, $flags) + { + $path = $this->parse_path($path); + if ($path === false) { + return false; + } + + $results = $flags & STREAM_URL_STAT_LINK ? $this->sftp->lstat($path) : $this->sftp->stat($path); + if ($results === false) { + return false; + } + + return $results; + } + + /** + * Truncate stream + * + * @param int $new_size + * @return bool + */ + private function _stream_truncate($new_size) + { + if (!$this->sftp->truncate($this->path, $new_size)) { + return false; + } + + $this->eof = false; + $this->size = $new_size; + + return true; + } + + /** + * Change stream options + * + * STREAM_OPTION_WRITE_BUFFER isn't supported for the same reason stream_flush isn't. + * The other two aren't supported because of limitations in \phpseclib3\Net\SFTP. + * + * @param int $option + * @param int $arg1 + * @param int $arg2 + * @return bool + */ + private function _stream_set_option($option, $arg1, $arg2) + { + return false; + } + + /** + * Close an resource + * + */ + private function _stream_close() + { + } + + /** + * __call Magic Method + * + * When you're utilizing an SFTP stream you're not calling the methods in this class directly - PHP is calling them for you. + * Which kinda begs the question... what methods is PHP calling and what parameters is it passing to them? This function + * lets you figure that out. + * + * If NET_SFTP_STREAM_LOGGING is defined all calls will be output on the screen and then (regardless of whether or not + * NET_SFTP_STREAM_LOGGING is enabled) the parameters will be passed through to the appropriate method. + * + * @param string $name + * @param array $arguments + * @return mixed + */ + public function __call($name, array $arguments) + { + if (defined('NET_SFTP_STREAM_LOGGING')) { + echo $name . '('; + $last = count($arguments) - 1; + foreach ($arguments as $i => $argument) { + var_export($argument); + if ($i != $last) { + echo ','; + } + } + echo ")\r\n"; + } + $name = '_' . $name; + if (!method_exists($this, $name)) { + return false; + } + return $this->$name(...$arguments); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Net/SSH2.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Net/SSH2.php new file mode 100644 index 0000000..ac70af9 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Net/SSH2.php @@ -0,0 +1,5397 @@ + + * login('username', 'password')) { + * exit('Login Failed'); + * } + * + * echo $ssh->exec('pwd'); + * echo $ssh->exec('ls -la'); + * ?> + * + * + * + * login('username', $key)) { + * exit('Login Failed'); + * } + * + * echo $ssh->read('username@username:~$'); + * $ssh->write("ls -la\n"); + * echo $ssh->read('username@username:~$'); + * ?> + * + * + * @author Jim Wigginton + * @copyright 2007 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\Net; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\Blowfish; +use phpseclib3\Crypt\ChaCha20; +use phpseclib3\Crypt\Common\AsymmetricKey; +use phpseclib3\Crypt\Common\PrivateKey; +use phpseclib3\Crypt\Common\PublicKey; +use phpseclib3\Crypt\Common\SymmetricKey; +use phpseclib3\Crypt\DH; +use phpseclib3\Crypt\DSA; +use phpseclib3\Crypt\EC; +use phpseclib3\Crypt\Hash; +use phpseclib3\Crypt\Random; +use phpseclib3\Crypt\RC4; +use phpseclib3\Crypt\Rijndael; +use phpseclib3\Crypt\RSA; +use phpseclib3\Crypt\TripleDES; // Used to do Diffie-Hellman key exchange and DSA/RSA signature verification. +use phpseclib3\Crypt\Twofish; +use phpseclib3\Exception\ConnectionClosedException; +use phpseclib3\Exception\InsufficientSetupException; +use phpseclib3\Exception\NoSupportedAlgorithmsException; +use phpseclib3\Exception\UnableToConnectException; +use phpseclib3\Exception\UnsupportedAlgorithmException; +use phpseclib3\Exception\UnsupportedCurveException; +use phpseclib3\Math\BigInteger; +use phpseclib3\System\SSH\Agent; + +/** + * Pure-PHP implementation of SSHv2. + * + * @author Jim Wigginton + */ +class SSH2 +{ + /**#@+ + * Compression Types + * + */ + /** + * No compression + */ + const NET_SSH2_COMPRESSION_NONE = 1; + /** + * zlib compression + */ + const NET_SSH2_COMPRESSION_ZLIB = 2; + /** + * zlib@openssh.com + */ + const NET_SSH2_COMPRESSION_ZLIB_AT_OPENSSH = 3; + /**#@-*/ + + // Execution Bitmap Masks + const MASK_CONSTRUCTOR = 0x00000001; + const MASK_CONNECTED = 0x00000002; + const MASK_LOGIN_REQ = 0x00000004; + const MASK_LOGIN = 0x00000008; + const MASK_SHELL = 0x00000010; + const MASK_WINDOW_ADJUST = 0x00000020; + + /* + * Channel constants + * + * RFC4254 refers not to client and server channels but rather to sender and recipient channels. we don't refer + * to them in that way because RFC4254 toggles the meaning. the client sends a SSH_MSG_CHANNEL_OPEN message with + * a sender channel and the server sends a SSH_MSG_CHANNEL_OPEN_CONFIRMATION in response, with a sender and a + * recipient channel. at first glance, you might conclude that SSH_MSG_CHANNEL_OPEN_CONFIRMATION's sender channel + * would be the same thing as SSH_MSG_CHANNEL_OPEN's sender channel, but it's not, per this snippet: + * The 'recipient channel' is the channel number given in the original + * open request, and 'sender channel' is the channel number allocated by + * the other side. + * + * @see \phpseclib3\Net\SSH2::send_channel_packet() + * @see \phpseclib3\Net\SSH2::get_channel_packet() + */ + const CHANNEL_EXEC = 1; // PuTTy uses 0x100 + const CHANNEL_SHELL = 2; + const CHANNEL_SUBSYSTEM = 3; + const CHANNEL_AGENT_FORWARD = 4; + const CHANNEL_KEEP_ALIVE = 5; + + /** + * Returns the message numbers + * + * @see \phpseclib3\Net\SSH2::getLog() + */ + const LOG_SIMPLE = 1; + /** + * Returns the message content + * + * @see \phpseclib3\Net\SSH2::getLog() + */ + const LOG_COMPLEX = 2; + /** + * Outputs the content real-time + */ + const LOG_REALTIME = 3; + /** + * Dumps the content real-time to a file + */ + const LOG_REALTIME_FILE = 4; + /** + * Outputs the message numbers real-time + */ + const LOG_SIMPLE_REALTIME = 5; + /** + * Make sure that the log never gets larger than this + * + * @see \phpseclib3\Net\SSH2::getLog() + */ + const LOG_MAX_SIZE = 1048576; // 1024 * 1024 + + /** + * Returns when a string matching $expect exactly is found + * + * @see \phpseclib3\Net\SSH2::read() + */ + const READ_SIMPLE = 1; + /** + * Returns when a string matching the regular expression $expect is found + * + * @see \phpseclib3\Net\SSH2::read() + */ + const READ_REGEX = 2; + /** + * Returns whenever a data packet is received. + * + * Some data packets may only contain a single character so it may be necessary + * to call read() multiple times when using this option + * + * @see \phpseclib3\Net\SSH2::read() + */ + const READ_NEXT = 3; + + /** + * The SSH identifier + * + * @var string + */ + private $identifier; + + /** + * The Socket Object + * + * @var resource|closed-resource|null + */ + public $fsock; + + /** + * Execution Bitmap + * + * The bits that are set represent functions that have been called already. This is used to determine + * if a requisite function has been successfully executed. If not, an error should be thrown. + * + * @var int + */ + protected $bitmap = 0; + + /** + * Error information + * + * @see self::getErrors() + * @see self::getLastError() + * @var array + */ + private $errors = []; + + /** + * Server Identifier + * + * @see self::getServerIdentification() + * @var string|false + */ + protected $server_identifier = false; + + /** + * Key Exchange Algorithms + * + * @see self::getKexAlgorithims() + * @var array|false + */ + private $kex_algorithms = false; + + /** + * Key Exchange Algorithm + * + * @see self::getMethodsNegotiated() + * @var string|false + */ + private $kex_algorithm = false; + + /** + * Minimum Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods + * + * @see self::_key_exchange() + * @var int + */ + private $kex_dh_group_size_min = 1536; + + /** + * Preferred Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods + * + * @see self::_key_exchange() + * @var int + */ + private $kex_dh_group_size_preferred = 2048; + + /** + * Maximum Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods + * + * @see self::_key_exchange() + * @var int + */ + private $kex_dh_group_size_max = 4096; + + /** + * Server Host Key Algorithms + * + * @see self::getServerHostKeyAlgorithms() + * @var array|false + */ + private $server_host_key_algorithms = false; + + /** + * Supported Private Key Algorithms + * + * In theory this should be the same as the Server Host Key Algorithms but, in practice, + * some servers (eg. Azure) will support rsa-sha2-512 as a server host key algorithm but + * not a private key algorithm + * + * @see self::privatekey_login() + * @var array|false + */ + private $supported_private_key_algorithms = false; + + /** + * Encryption Algorithms: Client to Server + * + * @see self::getEncryptionAlgorithmsClient2Server() + * @var array|false + */ + private $encryption_algorithms_client_to_server = false; + + /** + * Encryption Algorithms: Server to Client + * + * @see self::getEncryptionAlgorithmsServer2Client() + * @var array|false + */ + private $encryption_algorithms_server_to_client = false; + + /** + * MAC Algorithms: Client to Server + * + * @see self::getMACAlgorithmsClient2Server() + * @var array|false + */ + private $mac_algorithms_client_to_server = false; + + /** + * MAC Algorithms: Server to Client + * + * @see self::getMACAlgorithmsServer2Client() + * @var array|false + */ + private $mac_algorithms_server_to_client = false; + + /** + * Compression Algorithms: Client to Server + * + * @see self::getCompressionAlgorithmsClient2Server() + * @var array|false + */ + private $compression_algorithms_client_to_server = false; + + /** + * Compression Algorithms: Server to Client + * + * @see self::getCompressionAlgorithmsServer2Client() + * @var array|false + */ + private $compression_algorithms_server_to_client = false; + + /** + * Languages: Server to Client + * + * @see self::getLanguagesServer2Client() + * @var array|false + */ + private $languages_server_to_client = false; + + /** + * Languages: Client to Server + * + * @see self::getLanguagesClient2Server() + * @var array|false + */ + private $languages_client_to_server = false; + + /** + * Preferred Algorithms + * + * @see self::setPreferredAlgorithms() + * @var array + */ + private $preferred = []; + + /** + * Block Size for Server to Client Encryption + * + * "Note that the length of the concatenation of 'packet_length', + * 'padding_length', 'payload', and 'random padding' MUST be a multiple + * of the cipher block size or 8, whichever is larger. This constraint + * MUST be enforced, even when using stream ciphers." + * + * -- http://tools.ietf.org/html/rfc4253#section-6 + * + * @see self::__construct() + * @see self::_send_binary_packet() + * @var int + */ + private $encrypt_block_size = 8; + + /** + * Block Size for Client to Server Encryption + * + * @see self::__construct() + * @see self::_get_binary_packet() + * @var int + */ + private $decrypt_block_size = 8; + + /** + * Server to Client Encryption Object + * + * @see self::_get_binary_packet() + * @var SymmetricKey|false + */ + private $decrypt = false; + + /** + * Decryption Algorithm Name + * + * @var string|null + */ + private $decryptName; + + /** + * Decryption Invocation Counter + * + * Used by GCM + * + * @var string|null + */ + private $decryptInvocationCounter; + + /** + * Fixed Part of Nonce + * + * Used by GCM + * + * @var string|null + */ + private $decryptFixedPart; + + /** + * Server to Client Length Encryption Object + * + * @see self::_get_binary_packet() + * @var object + */ + private $lengthDecrypt = false; + + /** + * Client to Server Encryption Object + * + * @see self::_send_binary_packet() + * @var SymmetricKey|false + */ + private $encrypt = false; + + /** + * Encryption Algorithm Name + * + * @var string|null + */ + private $encryptName; + + /** + * Encryption Invocation Counter + * + * Used by GCM + * + * @var string|null + */ + private $encryptInvocationCounter; + + /** + * Fixed Part of Nonce + * + * Used by GCM + * + * @var string|null + */ + private $encryptFixedPart; + + /** + * Client to Server Length Encryption Object + * + * @see self::_send_binary_packet() + * @var object + */ + private $lengthEncrypt = false; + + /** + * Client to Server HMAC Object + * + * @see self::_send_binary_packet() + * @var object + */ + private $hmac_create = false; + + /** + * Client to Server HMAC Name + * + * @var string|false + */ + private $hmac_create_name; + + /** + * Client to Server ETM + * + * @var int|false + */ + private $hmac_create_etm; + + /** + * Server to Client HMAC Object + * + * @see self::_get_binary_packet() + * @var object + */ + private $hmac_check = false; + + /** + * Server to Client HMAC Name + * + * @var string|false + */ + private $hmac_check_name; + + /** + * Server to Client ETM + * + * @var int|false + */ + private $hmac_check_etm; + + /** + * Size of server to client HMAC + * + * We need to know how big the HMAC will be for the server to client direction so that we know how many bytes to read. + * For the client to server side, the HMAC object will make the HMAC as long as it needs to be. All we need to do is + * append it. + * + * @see self::_get_binary_packet() + * @var int + */ + private $hmac_size = false; + + /** + * Server Public Host Key + * + * @see self::getServerPublicHostKey() + * @var string + */ + private $server_public_host_key; + + /** + * Session identifier + * + * "The exchange hash H from the first key exchange is additionally + * used as the session identifier, which is a unique identifier for + * this connection." + * + * -- http://tools.ietf.org/html/rfc4253#section-7.2 + * + * @see self::_key_exchange() + * @var string + */ + private $session_id = false; + + /** + * Exchange hash + * + * The current exchange hash + * + * @see self::_key_exchange() + * @var string + */ + private $exchange_hash = false; + + /** + * Message Numbers + * + * @see self::__construct() + * @var array + * @access private + */ + private static $message_numbers = []; + + /** + * Disconnection Message 'reason codes' defined in RFC4253 + * + * @see self::__construct() + * @var array + * @access private + */ + private static $disconnect_reasons = []; + + /** + * SSH_MSG_CHANNEL_OPEN_FAILURE 'reason codes', defined in RFC4254 + * + * @see self::__construct() + * @var array + * @access private + */ + private static $channel_open_failure_reasons = []; + + /** + * Terminal Modes + * + * @link http://tools.ietf.org/html/rfc4254#section-8 + * @see self::__construct() + * @var array + * @access private + */ + private static $terminal_modes = []; + + /** + * SSH_MSG_CHANNEL_EXTENDED_DATA's data_type_codes + * + * @link http://tools.ietf.org/html/rfc4254#section-5.2 + * @see self::__construct() + * @var array + * @access private + */ + private static $channel_extended_data_type_codes = []; + + /** + * Send Sequence Number + * + * See 'Section 6.4. Data Integrity' of rfc4253 for more info. + * + * @see self::_send_binary_packet() + * @var int + */ + private $send_seq_no = 0; + + /** + * Get Sequence Number + * + * See 'Section 6.4. Data Integrity' of rfc4253 for more info. + * + * @see self::_get_binary_packet() + * @var int + */ + private $get_seq_no = 0; + + /** + * Server Channels + * + * Maps client channels to server channels + * + * @see self::get_channel_packet() + * @see self::exec() + * @var array + */ + protected $server_channels = []; + + /** + * Channel Buffers + * + * If a client requests a packet from one channel but receives two packets from another those packets should + * be placed in a buffer + * + * @see self::get_channel_packet() + * @see self::exec() + * @var array + */ + private $channel_buffers = []; + + /** + * Channel Status + * + * Contains the type of the last sent message + * + * @see self::get_channel_packet() + * @var array + */ + protected $channel_status = []; + + /** + * The identifier of the interactive channel which was opened most recently + * + * @see self::getInteractiveChannelId() + * @var int + */ + private $channel_id_last_interactive = 0; + + /** + * Packet Size + * + * Maximum packet size indexed by channel + * + * @see self::send_channel_packet() + * @var array + */ + private $packet_size_client_to_server = []; + + /** + * Message Number Log + * + * @see self::getLog() + * @var array + */ + private $message_number_log = []; + + /** + * Message Log + * + * @see self::getLog() + * @var array + */ + private $message_log = []; + + /** + * The Window Size + * + * Bytes the other party can send before it must wait for the window to be adjusted (0x7FFFFFFF = 2GB) + * + * @var int + * @see self::send_channel_packet() + * @see self::exec() + */ + protected $window_size = 0x7FFFFFFF; + + /** + * What we resize the window to + * + * When PuTTY resizes the window it doesn't add an additional 0x7FFFFFFF bytes - it adds 0x40000000 bytes. + * Some SFTP clients (GoAnywhere) don't support adding 0x7FFFFFFF to the window size after the fact so + * we'll just do what PuTTY does + * + * @var int + * @see self::_send_channel_packet() + * @see self::exec() + */ + private $window_resize = 0x40000000; + + /** + * Window size, server to client + * + * Window size indexed by channel + * + * @see self::send_channel_packet() + * @var array + */ + protected $window_size_server_to_client = []; + + /** + * Window size, client to server + * + * Window size indexed by channel + * + * @see self::get_channel_packet() + * @var array + */ + private $window_size_client_to_server = []; + + /** + * Server signature + * + * Verified against $this->session_id + * + * @see self::getServerPublicHostKey() + * @var string + */ + private $signature = ''; + + /** + * Server signature format + * + * ssh-rsa or ssh-dss. + * + * @see self::getServerPublicHostKey() + * @var string + */ + private $signature_format = ''; + + /** + * Interactive Buffer + * + * @see self::read() + * @var string + */ + private $interactiveBuffer = ''; + + /** + * Current log size + * + * Should never exceed self::LOG_MAX_SIZE + * + * @see self::_send_binary_packet() + * @see self::_get_binary_packet() + * @var int + */ + private $log_size; + + /** + * Timeout + * + * @see self::setTimeout() + */ + protected $timeout; + + /** + * Current Timeout + * + * @see self::get_channel_packet() + */ + protected $curTimeout; + + /** + * Keep Alive Interval + * + * @see self::setKeepAlive() + */ + private $keepAlive; + + /** + * Real-time log file pointer + * + * @see self::_append_log() + * @var resource|closed-resource + */ + private $realtime_log_file; + + /** + * Real-time log file size + * + * @see self::_append_log() + * @var int + */ + private $realtime_log_size; + + /** + * Has the signature been validated? + * + * @see self::getServerPublicHostKey() + * @var bool + */ + private $signature_validated = false; + + /** + * Real-time log file wrap boolean + * + * @see self::_append_log() + * @var bool + */ + private $realtime_log_wrap; + + /** + * Flag to suppress stderr from output + * + * @see self::enableQuietMode() + */ + private $quiet_mode = false; + + /** + * Time of first network activity + * + * @var float + */ + private $last_packet; + + /** + * Exit status returned from ssh if any + * + * @var int + */ + private $exit_status; + + /** + * Flag to request a PTY when using exec() + * + * @var bool + * @see self::enablePTY() + */ + private $request_pty = false; + + /** + * Contents of stdError + * + * @var string + */ + private $stdErrorLog; + + /** + * The Last Interactive Response + * + * @see self::_keyboard_interactive_process() + * @var string + */ + private $last_interactive_response = ''; + + /** + * Keyboard Interactive Request / Responses + * + * @see self::_keyboard_interactive_process() + * @var array + */ + private $keyboard_requests_responses = []; + + /** + * Banner Message + * + * Quoting from the RFC, "in some jurisdictions, sending a warning message before + * authentication may be relevant for getting legal protection." + * + * @see self::_filter() + * @see self::getBannerMessage() + * @var string + */ + private $banner_message = ''; + + /** + * Did read() timeout or return normally? + * + * @see self::isTimeout() + * @var bool + */ + private $is_timeout = false; + + /** + * Log Boundary + * + * @see self::_format_log() + * @var string + */ + private $log_boundary = ':'; + + /** + * Log Long Width + * + * @see self::_format_log() + * @var int + */ + private $log_long_width = 65; + + /** + * Log Short Width + * + * @see self::_format_log() + * @var int + */ + private $log_short_width = 16; + + /** + * Hostname + * + * @see self::__construct() + * @see self::_connect() + * @var string + */ + private $host; + + /** + * Port Number + * + * @see self::__construct() + * @see self::_connect() + * @var int + */ + private $port; + + /** + * Number of columns for terminal window size + * + * @see self::getWindowColumns() + * @see self::setWindowColumns() + * @see self::setWindowSize() + * @var int + */ + private $windowColumns = 80; + + /** + * Number of columns for terminal window size + * + * @see self::getWindowRows() + * @see self::setWindowRows() + * @see self::setWindowSize() + * @var int + */ + private $windowRows = 24; + + /** + * Crypto Engine + * + * @see self::setCryptoEngine() + * @see self::_key_exchange() + * @var int + */ + private static $crypto_engine = false; + + /** + * A System_SSH_Agent for use in the SSH2 Agent Forwarding scenario + * + * @var Agent + */ + private $agent; + + /** + * Connection storage to replicates ssh2 extension functionality: + * {@link http://php.net/manual/en/wrappers.ssh2.php#refsect1-wrappers.ssh2-examples} + * + * @var array> + */ + private static $connections; + + /** + * Send the identification string first? + * + * @var bool + */ + private $send_id_string_first = true; + + /** + * Send the key exchange initiation packet first? + * + * @var bool + */ + private $send_kex_first = true; + + /** + * Some versions of OpenSSH incorrectly calculate the key size + * + * @var bool + */ + private $bad_key_size_fix = false; + + /** + * Should we try to re-connect to re-establish keys? + * + * @var bool + */ + private $retry_connect = false; + + /** + * Binary Packet Buffer + * + * @var string|false + */ + private $binary_packet_buffer = false; + + /** + * Preferred Signature Format + * + * @var string|false + */ + protected $preferred_signature_format = false; + + /** + * Authentication Credentials + * + * @var array + */ + protected $auth = []; + + /** + * Terminal + * + * @var string + */ + private $term = 'vt100'; + + /** + * The authentication methods that may productively continue authentication. + * + * @see https://tools.ietf.org/html/rfc4252#section-5.1 + * @var array|null + */ + private $auth_methods_to_continue = null; + + /** + * Compression method + * + * @var int + */ + private $compress = self::NET_SSH2_COMPRESSION_NONE; + + /** + * Decompression method + * + * @var int + */ + private $decompress = self::NET_SSH2_COMPRESSION_NONE; + + /** + * Compression context + * + * @var resource|false|null + */ + private $compress_context; + + /** + * Decompression context + * + * @var resource|object + */ + private $decompress_context; + + /** + * Regenerate Compression Context + * + * @var bool + */ + private $regenerate_compression_context = false; + + /** + * Regenerate Decompression Context + * + * @var bool + */ + private $regenerate_decompression_context = false; + + /** + * Smart multi-factor authentication flag + * + * @var bool + */ + private $smartMFA = true; + + /** + * How many channels are currently opened + * + * @var int + */ + private $channelCount = 0; + + /** + * Does the server support multiple channels? If not then error out + * when multiple channels are attempted to be opened + * + * @var bool + */ + private $errorOnMultipleChannels; + + /** + * Terrapin Countermeasure + * + * "During initial KEX, terminate the connection if any unexpected or out-of-sequence packet is received" + * -- https://github.com/openssh/openssh-portable/commit/1edb00c58f8a6875fad6a497aa2bacf37f9e6cd5 + * + * @var int + */ + private $extra_packets; + + /** + * Default Constructor. + * + * $host can either be a string, representing the host, or a stream resource. + * + * @param mixed $host + * @param int $port + * @param int $timeout + * @see self::login() + */ + public function __construct($host, $port = 22, $timeout = 10) + { + if (empty(self::$message_numbers)) { + self::$message_numbers = [ + 1 => 'NET_SSH2_MSG_DISCONNECT', + 2 => 'NET_SSH2_MSG_IGNORE', + 3 => 'NET_SSH2_MSG_UNIMPLEMENTED', + 4 => 'NET_SSH2_MSG_DEBUG', + 5 => 'NET_SSH2_MSG_SERVICE_REQUEST', + 6 => 'NET_SSH2_MSG_SERVICE_ACCEPT', + 7 => 'NET_SSH2_MSG_EXT_INFO', // RFC 8308 + 20 => 'NET_SSH2_MSG_KEXINIT', + 21 => 'NET_SSH2_MSG_NEWKEYS', + 30 => 'NET_SSH2_MSG_KEXDH_INIT', + 31 => 'NET_SSH2_MSG_KEXDH_REPLY', + 50 => 'NET_SSH2_MSG_USERAUTH_REQUEST', + 51 => 'NET_SSH2_MSG_USERAUTH_FAILURE', + 52 => 'NET_SSH2_MSG_USERAUTH_SUCCESS', + 53 => 'NET_SSH2_MSG_USERAUTH_BANNER', + + 80 => 'NET_SSH2_MSG_GLOBAL_REQUEST', + 81 => 'NET_SSH2_MSG_REQUEST_SUCCESS', + 82 => 'NET_SSH2_MSG_REQUEST_FAILURE', + 90 => 'NET_SSH2_MSG_CHANNEL_OPEN', + 91 => 'NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION', + 92 => 'NET_SSH2_MSG_CHANNEL_OPEN_FAILURE', + 93 => 'NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST', + 94 => 'NET_SSH2_MSG_CHANNEL_DATA', + 95 => 'NET_SSH2_MSG_CHANNEL_EXTENDED_DATA', + 96 => 'NET_SSH2_MSG_CHANNEL_EOF', + 97 => 'NET_SSH2_MSG_CHANNEL_CLOSE', + 98 => 'NET_SSH2_MSG_CHANNEL_REQUEST', + 99 => 'NET_SSH2_MSG_CHANNEL_SUCCESS', + 100 => 'NET_SSH2_MSG_CHANNEL_FAILURE' + ]; + self::$disconnect_reasons = [ + 1 => 'NET_SSH2_DISCONNECT_HOST_NOT_ALLOWED_TO_CONNECT', + 2 => 'NET_SSH2_DISCONNECT_PROTOCOL_ERROR', + 3 => 'NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED', + 4 => 'NET_SSH2_DISCONNECT_RESERVED', + 5 => 'NET_SSH2_DISCONNECT_MAC_ERROR', + 6 => 'NET_SSH2_DISCONNECT_COMPRESSION_ERROR', + 7 => 'NET_SSH2_DISCONNECT_SERVICE_NOT_AVAILABLE', + 8 => 'NET_SSH2_DISCONNECT_PROTOCOL_VERSION_NOT_SUPPORTED', + 9 => 'NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE', + 10 => 'NET_SSH2_DISCONNECT_CONNECTION_LOST', + 11 => 'NET_SSH2_DISCONNECT_BY_APPLICATION', + 12 => 'NET_SSH2_DISCONNECT_TOO_MANY_CONNECTIONS', + 13 => 'NET_SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER', + 14 => 'NET_SSH2_DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLE', + 15 => 'NET_SSH2_DISCONNECT_ILLEGAL_USER_NAME' + ]; + self::$channel_open_failure_reasons = [ + 1 => 'NET_SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED' + ]; + self::$terminal_modes = [ + 0 => 'NET_SSH2_TTY_OP_END' + ]; + self::$channel_extended_data_type_codes = [ + 1 => 'NET_SSH2_EXTENDED_DATA_STDERR' + ]; + + self::define_array( + self::$message_numbers, + self::$disconnect_reasons, + self::$channel_open_failure_reasons, + self::$terminal_modes, + self::$channel_extended_data_type_codes, + [60 => 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ'], + [60 => 'NET_SSH2_MSG_USERAUTH_PK_OK'], + [60 => 'NET_SSH2_MSG_USERAUTH_INFO_REQUEST', + 61 => 'NET_SSH2_MSG_USERAUTH_INFO_RESPONSE'], + // RFC 4419 - diffie-hellman-group-exchange-sha{1,256} + [30 => 'NET_SSH2_MSG_KEXDH_GEX_REQUEST_OLD', + 31 => 'NET_SSH2_MSG_KEXDH_GEX_GROUP', + 32 => 'NET_SSH2_MSG_KEXDH_GEX_INIT', + 33 => 'NET_SSH2_MSG_KEXDH_GEX_REPLY', + 34 => 'NET_SSH2_MSG_KEXDH_GEX_REQUEST'], + // RFC 5656 - Elliptic Curves (for curve25519-sha256@libssh.org) + [30 => 'NET_SSH2_MSG_KEX_ECDH_INIT', + 31 => 'NET_SSH2_MSG_KEX_ECDH_REPLY'] + ); + } + + /** + * Typehint is required due to a bug in Psalm: https://github.com/vimeo/psalm/issues/7508 + * @var \WeakReference|SSH2 + */ + self::$connections[$this->getResourceId()] = class_exists('WeakReference') + ? \WeakReference::create($this) + : $this; + + if (is_resource($host)) { + $this->fsock = $host; + return; + } + + if (Strings::is_stringable($host)) { + $this->host = $host; + $this->port = $port; + $this->timeout = $timeout; + } + } + + /** + * Set Crypto Engine Mode + * + * Possible $engine values: + * OpenSSL, mcrypt, Eval, PHP + * + * @param int $engine + */ + public static function setCryptoEngine($engine) + { + self::$crypto_engine = $engine; + } + + /** + * Send Identification String First + * + * https://tools.ietf.org/html/rfc4253#section-4.2 says "when the connection has been established, + * both sides MUST send an identification string". It does not say which side sends it first. In + * theory it shouldn't matter but it is a fact of life that some SSH servers are simply buggy + * + */ + public function sendIdentificationStringFirst() + { + $this->send_id_string_first = true; + } + + /** + * Send Identification String Last + * + * https://tools.ietf.org/html/rfc4253#section-4.2 says "when the connection has been established, + * both sides MUST send an identification string". It does not say which side sends it first. In + * theory it shouldn't matter but it is a fact of life that some SSH servers are simply buggy + * + */ + public function sendIdentificationStringLast() + { + $this->send_id_string_first = false; + } + + /** + * Send SSH_MSG_KEXINIT First + * + * https://tools.ietf.org/html/rfc4253#section-7.1 says "key exchange begins by each sending + * sending the [SSH_MSG_KEXINIT] packet". It does not say which side sends it first. In theory + * it shouldn't matter but it is a fact of life that some SSH servers are simply buggy + * + */ + public function sendKEXINITFirst() + { + $this->send_kex_first = true; + } + + /** + * Send SSH_MSG_KEXINIT Last + * + * https://tools.ietf.org/html/rfc4253#section-7.1 says "key exchange begins by each sending + * sending the [SSH_MSG_KEXINIT] packet". It does not say which side sends it first. In theory + * it shouldn't matter but it is a fact of life that some SSH servers are simply buggy + * + */ + public function sendKEXINITLast() + { + $this->send_kex_first = false; + } + + /** + * stream_select wrapper + * + * Quoting https://stackoverflow.com/a/14262151/569976, + * "The general approach to `EINTR` is to simply handle the error and retry the operation again" + * + * This wrapper does that loop + */ + private static function stream_select(&$read, &$write, &$except, $seconds, $microseconds = null) + { + $remaining = $seconds + $microseconds / 1000000; + $start = microtime(true); + while (true) { + $result = @stream_select($read, $write, $except, $seconds, $microseconds); + if ($result !== false) { + return $result; + } + $elapsed = microtime(true) - $start; + $seconds = (int) ($remaining - floor($elapsed)); + $microseconds = (int) (1000000 * ($remaining - $seconds)); + if ($elapsed >= $remaining) { + return false; + } + } + } + + /** + * Connect to an SSHv2 server + * + * @throws \UnexpectedValueException on receipt of unexpected packets + * @throws \RuntimeException on other errors + */ + private function connect() + { + if ($this->bitmap & self::MASK_CONSTRUCTOR) { + return; + } + + $this->bitmap |= self::MASK_CONSTRUCTOR; + + $this->curTimeout = $this->timeout; + + $this->last_packet = microtime(true); + + if (!is_resource($this->fsock)) { + $start = microtime(true); + // with stream_select a timeout of 0 means that no timeout takes place; + // with fsockopen a timeout of 0 means that you instantly timeout + // to resolve this incompatibility a timeout of 100,000 will be used for fsockopen if timeout is 0 + $this->fsock = @fsockopen($this->host, $this->port, $errno, $errstr, $this->curTimeout == 0 ? 100000 : $this->curTimeout); + if (!$this->fsock) { + $host = $this->host . ':' . $this->port; + throw new UnableToConnectException(rtrim("Cannot connect to $host. Error $errno. $errstr")); + } + $elapsed = microtime(true) - $start; + + if ($this->curTimeout) { + $this->curTimeout -= $elapsed; + if ($this->curTimeout < 0) { + throw new \RuntimeException('Connection timed out whilst attempting to open socket connection'); + } + } + } + + $this->identifier = $this->generate_identifier(); + + if ($this->send_id_string_first) { + fputs($this->fsock, $this->identifier . "\r\n"); + } + + /* According to the SSH2 specs, + + "The server MAY send other lines of data before sending the version + string. Each line SHOULD be terminated by a Carriage Return and Line + Feed. Such lines MUST NOT begin with "SSH-", and SHOULD be encoded + in ISO-10646 UTF-8 [RFC3629] (language is not specified). Clients + MUST be able to process such lines." */ + $data = ''; + while (!feof($this->fsock) && !preg_match('#(.*)^(SSH-(\d\.\d+).*)#ms', $data, $matches)) { + $line = ''; + while (true) { + if ($this->curTimeout) { + if ($this->curTimeout < 0) { + throw new \RuntimeException('Connection timed out whilst receiving server identification string'); + } + $read = [$this->fsock]; + $write = $except = null; + $start = microtime(true); + $sec = (int) floor($this->curTimeout); + $usec = (int) (1000000 * ($this->curTimeout - $sec)); + if (static::stream_select($read, $write, $except, $sec, $usec) === false) { + throw new \RuntimeException('Connection timed out whilst receiving server identification string'); + } + $elapsed = microtime(true) - $start; + $this->curTimeout -= $elapsed; + } + + $temp = stream_get_line($this->fsock, 255, "\n"); + if ($temp === false) { + throw new \RuntimeException('Error reading from socket'); + } + if (strlen($temp) == 255) { + continue; + } + + $line .= "$temp\n"; + + // quoting RFC4253, "Implementers who wish to maintain + // compatibility with older, undocumented versions of this protocol may + // want to process the identification string without expecting the + // presence of the carriage return character for reasons described in + // Section 5 of this document." + + //if (substr($line, -2) == "\r\n") { + // break; + //} + + break; + } + + $data .= $line; + } + + if (feof($this->fsock)) { + $this->bitmap = 0; + throw new ConnectionClosedException('Connection closed by server'); + } + + $extra = $matches[1]; + + if (defined('NET_SSH2_LOGGING')) { + $this->append_log('<-', $matches[0]); + $this->append_log('->', $this->identifier . "\r\n"); + } + + $this->server_identifier = trim($temp, "\r\n"); + if (strlen($extra)) { + $this->errors[] = $data; + } + + if (version_compare($matches[3], '1.99', '<')) { + $this->bitmap = 0; + throw new UnableToConnectException("Cannot connect to SSH $matches[3] servers"); + } + + // Ubuntu's OpenSSH from 5.8 to 6.9 didn't work with multiple channels. see + // https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1334916 for more info. + // https://lists.ubuntu.com/archives/oneiric-changes/2011-July/005772.html discusses + // when consolekit was incorporated. + // https://marc.info/?l=openssh-unix-dev&m=163409903417589&w=2 discusses some of the + // issues with how Ubuntu incorporated consolekit + $pattern = '#^SSH-2\.0-OpenSSH_([\d.]+)[^ ]* Ubuntu-.*$#'; + $match = preg_match($pattern, $this->server_identifier, $matches); + $match = $match && version_compare('5.8', $matches[1], '<='); + $match = $match && version_compare('6.9', $matches[1], '>='); + $this->errorOnMultipleChannels = $match; + + if (!$this->send_id_string_first) { + fputs($this->fsock, $this->identifier . "\r\n"); + } + + if (!$this->send_kex_first) { + $response = $this->get_binary_packet(); + + if (is_bool($response) || !strlen($response) || ord($response[0]) != NET_SSH2_MSG_KEXINIT) { + $this->bitmap = 0; + throw new \UnexpectedValueException('Expected SSH_MSG_KEXINIT'); + } + + $this->key_exchange($response); + } + + if ($this->send_kex_first) { + $this->key_exchange(); + } + + $this->bitmap |= self::MASK_CONNECTED; + + return true; + } + + /** + * Generates the SSH identifier + * + * You should overwrite this method in your own class if you want to use another identifier + * + * @return string + */ + private function generate_identifier() + { + $identifier = 'SSH-2.0-phpseclib_3.0'; + + $ext = []; + if (extension_loaded('sodium')) { + $ext[] = 'libsodium'; + } + + if (extension_loaded('openssl')) { + $ext[] = 'openssl'; + } elseif (extension_loaded('mcrypt')) { + $ext[] = 'mcrypt'; + } + + if (extension_loaded('gmp')) { + $ext[] = 'gmp'; + } elseif (extension_loaded('bcmath')) { + $ext[] = 'bcmath'; + } + + if (!empty($ext)) { + $identifier .= ' (' . implode(', ', $ext) . ')'; + } + + return $identifier; + } + + /** + * Key Exchange + * + * @return bool + * @param string|bool $kexinit_payload_server optional + * @throws \UnexpectedValueException on receipt of unexpected packets + * @throws \RuntimeException on other errors + * @throws \phpseclib3\Exception\NoSupportedAlgorithmsException when none of the algorithms phpseclib has loaded are compatible + */ + private function key_exchange($kexinit_payload_server = false) + { + $preferred = $this->preferred; + $send_kex = true; + + $kex_algorithms = isset($preferred['kex']) ? + $preferred['kex'] : + SSH2::getSupportedKEXAlgorithms(); + $server_host_key_algorithms = isset($preferred['hostkey']) ? + $preferred['hostkey'] : + SSH2::getSupportedHostKeyAlgorithms(); + $s2c_encryption_algorithms = isset($preferred['server_to_client']['crypt']) ? + $preferred['server_to_client']['crypt'] : + SSH2::getSupportedEncryptionAlgorithms(); + $c2s_encryption_algorithms = isset($preferred['client_to_server']['crypt']) ? + $preferred['client_to_server']['crypt'] : + SSH2::getSupportedEncryptionAlgorithms(); + $s2c_mac_algorithms = isset($preferred['server_to_client']['mac']) ? + $preferred['server_to_client']['mac'] : + SSH2::getSupportedMACAlgorithms(); + $c2s_mac_algorithms = isset($preferred['client_to_server']['mac']) ? + $preferred['client_to_server']['mac'] : + SSH2::getSupportedMACAlgorithms(); + $s2c_compression_algorithms = isset($preferred['server_to_client']['comp']) ? + $preferred['server_to_client']['comp'] : + SSH2::getSupportedCompressionAlgorithms(); + $c2s_compression_algorithms = isset($preferred['client_to_server']['comp']) ? + $preferred['client_to_server']['comp'] : + SSH2::getSupportedCompressionAlgorithms(); + + $kex_algorithms = array_merge($kex_algorithms, ['ext-info-c', 'kex-strict-c-v00@openssh.com']); + + // some SSH servers have buggy implementations of some of the above algorithms + switch (true) { + case $this->server_identifier == 'SSH-2.0-SSHD': + case substr($this->server_identifier, 0, 13) == 'SSH-2.0-DLINK': + if (!isset($preferred['server_to_client']['mac'])) { + $s2c_mac_algorithms = array_values(array_diff( + $s2c_mac_algorithms, + ['hmac-sha1-96', 'hmac-md5-96'] + )); + } + if (!isset($preferred['client_to_server']['mac'])) { + $c2s_mac_algorithms = array_values(array_diff( + $c2s_mac_algorithms, + ['hmac-sha1-96', 'hmac-md5-96'] + )); + } + break; + case substr($this->server_identifier, 0, 24) == 'SSH-2.0-TurboFTP_SERVER_': + if (!isset($preferred['server_to_client']['crypt'])) { + $s2c_encryption_algorithms = array_values(array_diff( + $s2c_encryption_algorithms, + ['aes128-gcm@openssh.com', 'aes256-gcm@openssh.com'] + )); + } + if (!isset($preferred['client_to_server']['crypt'])) { + $c2s_encryption_algorithms = array_values(array_diff( + $c2s_encryption_algorithms, + ['aes128-gcm@openssh.com', 'aes256-gcm@openssh.com'] + )); + } + } + + $client_cookie = Random::string(16); + + $kexinit_payload_client = pack('Ca*', NET_SSH2_MSG_KEXINIT, $client_cookie); + $kexinit_payload_client .= Strings::packSSH2( + 'L10bN', + $kex_algorithms, + $server_host_key_algorithms, + $c2s_encryption_algorithms, + $s2c_encryption_algorithms, + $c2s_mac_algorithms, + $s2c_mac_algorithms, + $c2s_compression_algorithms, + $s2c_compression_algorithms, + [], // language, client to server + [], // language, server to client + false, // first_kex_packet_follows + 0 // reserved for future extension + ); + + if ($kexinit_payload_server === false) { + $this->send_binary_packet($kexinit_payload_client); + + $this->extra_packets = 0; + $kexinit_payload_server = $this->get_binary_packet(); + + if ( + is_bool($kexinit_payload_server) + || !strlen($kexinit_payload_server) + || ord($kexinit_payload_server[0]) != NET_SSH2_MSG_KEXINIT + ) { + $this->disconnect_helper(NET_SSH2_DISCONNECT_PROTOCOL_ERROR); + throw new \UnexpectedValueException('Expected SSH_MSG_KEXINIT'); + } + + $send_kex = false; + } + + $response = $kexinit_payload_server; + Strings::shift($response, 1); // skip past the message number (it should be SSH_MSG_KEXINIT) + $server_cookie = Strings::shift($response, 16); + + list( + $this->kex_algorithms, + $this->server_host_key_algorithms, + $this->encryption_algorithms_client_to_server, + $this->encryption_algorithms_server_to_client, + $this->mac_algorithms_client_to_server, + $this->mac_algorithms_server_to_client, + $this->compression_algorithms_client_to_server, + $this->compression_algorithms_server_to_client, + $this->languages_client_to_server, + $this->languages_server_to_client, + $first_kex_packet_follows + ) = Strings::unpackSSH2('L10C', $response); + if (in_array('kex-strict-s-v00@openssh.com', $this->kex_algorithms)) { + if ($this->session_id === false && $this->extra_packets) { + throw new \UnexpectedValueException('Possible Terrapin Attack detected'); + } + } + + $this->supported_private_key_algorithms = $this->server_host_key_algorithms; + + if ($send_kex) { + $this->send_binary_packet($kexinit_payload_client); + } + + // we need to decide upon the symmetric encryption algorithms before we do the diffie-hellman key exchange + + // we don't initialize any crypto-objects, yet - we do that, later. for now, we need the lengths to make the + // diffie-hellman key exchange as fast as possible + $decrypt = self::array_intersect_first($s2c_encryption_algorithms, $this->encryption_algorithms_server_to_client); + $decryptKeyLength = $this->encryption_algorithm_to_key_size($decrypt); + if ($decryptKeyLength === null) { + $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + throw new NoSupportedAlgorithmsException('No compatible server to client encryption algorithms found'); + } + + $encrypt = self::array_intersect_first($c2s_encryption_algorithms, $this->encryption_algorithms_client_to_server); + $encryptKeyLength = $this->encryption_algorithm_to_key_size($encrypt); + if ($encryptKeyLength === null) { + $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + throw new NoSupportedAlgorithmsException('No compatible client to server encryption algorithms found'); + } + + // through diffie-hellman key exchange a symmetric key is obtained + $this->kex_algorithm = self::array_intersect_first($kex_algorithms, $this->kex_algorithms); + if ($this->kex_algorithm === false) { + $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + throw new NoSupportedAlgorithmsException('No compatible key exchange algorithms found'); + } + + $server_host_key_algorithm = self::array_intersect_first($server_host_key_algorithms, $this->server_host_key_algorithms); + if ($server_host_key_algorithm === false) { + $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + throw new NoSupportedAlgorithmsException('No compatible server host key algorithms found'); + } + + $mac_algorithm_out = self::array_intersect_first($c2s_mac_algorithms, $this->mac_algorithms_client_to_server); + if ($mac_algorithm_out === false) { + $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + throw new NoSupportedAlgorithmsException('No compatible client to server message authentication algorithms found'); + } + + $mac_algorithm_in = self::array_intersect_first($s2c_mac_algorithms, $this->mac_algorithms_server_to_client); + if ($mac_algorithm_in === false) { + $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + throw new NoSupportedAlgorithmsException('No compatible server to client message authentication algorithms found'); + } + + $compression_map = [ + 'none' => self::NET_SSH2_COMPRESSION_NONE, + 'zlib' => self::NET_SSH2_COMPRESSION_ZLIB, + 'zlib@openssh.com' => self::NET_SSH2_COMPRESSION_ZLIB_AT_OPENSSH + ]; + + $compression_algorithm_in = self::array_intersect_first($s2c_compression_algorithms, $this->compression_algorithms_server_to_client); + if ($compression_algorithm_in === false) { + $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + throw new NoSupportedAlgorithmsException('No compatible server to client compression algorithms found'); + } + $this->decompress = $compression_map[$compression_algorithm_in]; + + $compression_algorithm_out = self::array_intersect_first($c2s_compression_algorithms, $this->compression_algorithms_client_to_server); + if ($compression_algorithm_out === false) { + $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + throw new NoSupportedAlgorithmsException('No compatible client to server compression algorithms found'); + } + $this->compress = $compression_map[$compression_algorithm_out]; + + switch ($this->kex_algorithm) { + case 'diffie-hellman-group15-sha512': + case 'diffie-hellman-group16-sha512': + case 'diffie-hellman-group17-sha512': + case 'diffie-hellman-group18-sha512': + case 'ecdh-sha2-nistp521': + $kexHash = new Hash('sha512'); + break; + case 'ecdh-sha2-nistp384': + $kexHash = new Hash('sha384'); + break; + case 'diffie-hellman-group-exchange-sha256': + case 'diffie-hellman-group14-sha256': + case 'ecdh-sha2-nistp256': + case 'curve25519-sha256@libssh.org': + case 'curve25519-sha256': + $kexHash = new Hash('sha256'); + break; + default: + $kexHash = new Hash('sha1'); + } + + // Only relevant in diffie-hellman-group-exchange-sha{1,256}, otherwise empty. + + $exchange_hash_rfc4419 = ''; + + if (strpos($this->kex_algorithm, 'curve25519-sha256') === 0 || strpos($this->kex_algorithm, 'ecdh-sha2-nistp') === 0) { + $curve = strpos($this->kex_algorithm, 'curve25519-sha256') === 0 ? + 'Curve25519' : + substr($this->kex_algorithm, 10); + $ourPrivate = EC::createKey($curve); + $ourPublicBytes = $ourPrivate->getPublicKey()->getEncodedCoordinates(); + $clientKexInitMessage = 'NET_SSH2_MSG_KEX_ECDH_INIT'; + $serverKexReplyMessage = 'NET_SSH2_MSG_KEX_ECDH_REPLY'; + } else { + if (strpos($this->kex_algorithm, 'diffie-hellman-group-exchange') === 0) { + $dh_group_sizes_packed = pack( + 'NNN', + $this->kex_dh_group_size_min, + $this->kex_dh_group_size_preferred, + $this->kex_dh_group_size_max + ); + $packet = pack( + 'Ca*', + NET_SSH2_MSG_KEXDH_GEX_REQUEST, + $dh_group_sizes_packed + ); + $this->send_binary_packet($packet); + $this->updateLogHistory('UNKNOWN (34)', 'NET_SSH2_MSG_KEXDH_GEX_REQUEST'); + + $response = $this->get_binary_packet(); + + list($type, $primeBytes, $gBytes) = Strings::unpackSSH2('Css', $response); + if ($type != NET_SSH2_MSG_KEXDH_GEX_GROUP) { + $this->disconnect_helper(NET_SSH2_DISCONNECT_PROTOCOL_ERROR); + throw new \UnexpectedValueException('Expected SSH_MSG_KEX_DH_GEX_GROUP'); + } + $this->updateLogHistory('NET_SSH2_MSG_KEXDH_REPLY', 'NET_SSH2_MSG_KEXDH_GEX_GROUP'); + $prime = new BigInteger($primeBytes, -256); + $g = new BigInteger($gBytes, -256); + + $exchange_hash_rfc4419 = $dh_group_sizes_packed . Strings::packSSH2( + 'ss', + $primeBytes, + $gBytes + ); + + $params = DH::createParameters($prime, $g); + $clientKexInitMessage = 'NET_SSH2_MSG_KEXDH_GEX_INIT'; + $serverKexReplyMessage = 'NET_SSH2_MSG_KEXDH_GEX_REPLY'; + } else { + $params = DH::createParameters($this->kex_algorithm); + $clientKexInitMessage = 'NET_SSH2_MSG_KEXDH_INIT'; + $serverKexReplyMessage = 'NET_SSH2_MSG_KEXDH_REPLY'; + } + + $keyLength = min($kexHash->getLengthInBytes(), max($encryptKeyLength, $decryptKeyLength)); + + $ourPrivate = DH::createKey($params, 16 * $keyLength); // 2 * 8 * $keyLength + $ourPublic = $ourPrivate->getPublicKey()->toBigInteger(); + $ourPublicBytes = $ourPublic->toBytes(true); + } + + $data = pack('CNa*', constant($clientKexInitMessage), strlen($ourPublicBytes), $ourPublicBytes); + + $this->send_binary_packet($data); + + switch ($clientKexInitMessage) { + case 'NET_SSH2_MSG_KEX_ECDH_INIT': + $this->updateLogHistory('NET_SSH2_MSG_KEXDH_INIT', 'NET_SSH2_MSG_KEX_ECDH_INIT'); + break; + case 'NET_SSH2_MSG_KEXDH_GEX_INIT': + $this->updateLogHistory('UNKNOWN (32)', 'NET_SSH2_MSG_KEXDH_GEX_INIT'); + } + + $response = $this->get_binary_packet(); + + list( + $type, + $server_public_host_key, + $theirPublicBytes, + $this->signature + ) = Strings::unpackSSH2('Csss', $response); + + if ($type != constant($serverKexReplyMessage)) { + $this->disconnect_helper(NET_SSH2_DISCONNECT_PROTOCOL_ERROR); + throw new \UnexpectedValueException("Expected $serverKexReplyMessage"); + } + switch ($serverKexReplyMessage) { + case 'NET_SSH2_MSG_KEX_ECDH_REPLY': + $this->updateLogHistory('NET_SSH2_MSG_KEXDH_REPLY', 'NET_SSH2_MSG_KEX_ECDH_REPLY'); + break; + case 'NET_SSH2_MSG_KEXDH_GEX_REPLY': + $this->updateLogHistory('UNKNOWN (33)', 'NET_SSH2_MSG_KEXDH_GEX_REPLY'); + } + + $this->server_public_host_key = $server_public_host_key; + list($public_key_format) = Strings::unpackSSH2('s', $server_public_host_key); + if (strlen($this->signature) < 4) { + throw new \LengthException('The signature needs at least four bytes'); + } + $temp = unpack('Nlength', substr($this->signature, 0, 4)); + $this->signature_format = substr($this->signature, 4, $temp['length']); + + $keyBytes = DH::computeSecret($ourPrivate, $theirPublicBytes); + if (($keyBytes & "\xFF\x80") === "\x00\x00") { + $keyBytes = substr($keyBytes, 1); + } elseif (($keyBytes[0] & "\x80") === "\x80") { + $keyBytes = "\0$keyBytes"; + } + + $this->exchange_hash = Strings::packSSH2( + 's5', + $this->identifier, + $this->server_identifier, + $kexinit_payload_client, + $kexinit_payload_server, + $this->server_public_host_key + ); + $this->exchange_hash .= $exchange_hash_rfc4419; + $this->exchange_hash .= Strings::packSSH2( + 's3', + $ourPublicBytes, + $theirPublicBytes, + $keyBytes + ); + + $this->exchange_hash = $kexHash->hash($this->exchange_hash); + + if ($this->session_id === false) { + $this->session_id = $this->exchange_hash; + } + + switch ($server_host_key_algorithm) { + case 'rsa-sha2-256': + case 'rsa-sha2-512': + //case 'ssh-rsa': + $expected_key_format = 'ssh-rsa'; + break; + default: + $expected_key_format = $server_host_key_algorithm; + } + if ($public_key_format != $expected_key_format || $this->signature_format != $server_host_key_algorithm) { + switch (true) { + case $this->signature_format == $server_host_key_algorithm: + case $server_host_key_algorithm != 'rsa-sha2-256' && $server_host_key_algorithm != 'rsa-sha2-512': + case $this->signature_format != 'ssh-rsa': + $this->disconnect_helper(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE); + throw new \RuntimeException('Server Host Key Algorithm Mismatch (' . $this->signature_format . ' vs ' . $server_host_key_algorithm . ')'); + } + } + + $packet = pack('C', NET_SSH2_MSG_NEWKEYS); + $this->send_binary_packet($packet); + + $response = $this->get_binary_packet(); + + if ($response === false) { + $this->disconnect_helper(NET_SSH2_DISCONNECT_CONNECTION_LOST); + throw new ConnectionClosedException('Connection closed by server'); + } + + list($type) = Strings::unpackSSH2('C', $response); + if ($type != NET_SSH2_MSG_NEWKEYS) { + $this->disconnect_helper(NET_SSH2_DISCONNECT_PROTOCOL_ERROR); + throw new \UnexpectedValueException('Expected SSH_MSG_NEWKEYS'); + } + + if (in_array('kex-strict-s-v00@openssh.com', $this->kex_algorithms)) { + $this->get_seq_no = $this->send_seq_no = 0; + } + + $keyBytes = pack('Na*', strlen($keyBytes), $keyBytes); + + $this->encrypt = self::encryption_algorithm_to_crypt_instance($encrypt); + if ($this->encrypt) { + if (self::$crypto_engine) { + $this->encrypt->setPreferredEngine(self::$crypto_engine); + } + if ($this->encrypt->getBlockLengthInBytes()) { + $this->encrypt_block_size = $this->encrypt->getBlockLengthInBytes(); + } + $this->encrypt->disablePadding(); + + if ($this->encrypt->usesIV()) { + $iv = $kexHash->hash($keyBytes . $this->exchange_hash . 'A' . $this->session_id); + while ($this->encrypt_block_size > strlen($iv)) { + $iv .= $kexHash->hash($keyBytes . $this->exchange_hash . $iv); + } + $this->encrypt->setIV(substr($iv, 0, $this->encrypt_block_size)); + } + + switch ($encrypt) { + case 'aes128-gcm@openssh.com': + case 'aes256-gcm@openssh.com': + $nonce = $kexHash->hash($keyBytes . $this->exchange_hash . 'A' . $this->session_id); + $this->encryptFixedPart = substr($nonce, 0, 4); + $this->encryptInvocationCounter = substr($nonce, 4, 8); + // fall-through + case 'chacha20-poly1305@openssh.com': + break; + default: + $this->encrypt->enableContinuousBuffer(); + } + + $key = $kexHash->hash($keyBytes . $this->exchange_hash . 'C' . $this->session_id); + while ($encryptKeyLength > strlen($key)) { + $key .= $kexHash->hash($keyBytes . $this->exchange_hash . $key); + } + switch ($encrypt) { + case 'chacha20-poly1305@openssh.com': + $encryptKeyLength = 32; + $this->lengthEncrypt = self::encryption_algorithm_to_crypt_instance($encrypt); + $this->lengthEncrypt->setKey(substr($key, 32, 32)); + } + $this->encrypt->setKey(substr($key, 0, $encryptKeyLength)); + $this->encryptName = $encrypt; + } + + $this->decrypt = self::encryption_algorithm_to_crypt_instance($decrypt); + if ($this->decrypt) { + if (self::$crypto_engine) { + $this->decrypt->setPreferredEngine(self::$crypto_engine); + } + if ($this->decrypt->getBlockLengthInBytes()) { + $this->decrypt_block_size = $this->decrypt->getBlockLengthInBytes(); + } + $this->decrypt->disablePadding(); + + if ($this->decrypt->usesIV()) { + $iv = $kexHash->hash($keyBytes . $this->exchange_hash . 'B' . $this->session_id); + while ($this->decrypt_block_size > strlen($iv)) { + $iv .= $kexHash->hash($keyBytes . $this->exchange_hash . $iv); + } + $this->decrypt->setIV(substr($iv, 0, $this->decrypt_block_size)); + } + + switch ($decrypt) { + case 'aes128-gcm@openssh.com': + case 'aes256-gcm@openssh.com': + // see https://tools.ietf.org/html/rfc5647#section-7.1 + $nonce = $kexHash->hash($keyBytes . $this->exchange_hash . 'B' . $this->session_id); + $this->decryptFixedPart = substr($nonce, 0, 4); + $this->decryptInvocationCounter = substr($nonce, 4, 8); + // fall-through + case 'chacha20-poly1305@openssh.com': + break; + default: + $this->decrypt->enableContinuousBuffer(); + } + + $key = $kexHash->hash($keyBytes . $this->exchange_hash . 'D' . $this->session_id); + while ($decryptKeyLength > strlen($key)) { + $key .= $kexHash->hash($keyBytes . $this->exchange_hash . $key); + } + switch ($decrypt) { + case 'chacha20-poly1305@openssh.com': + $decryptKeyLength = 32; + $this->lengthDecrypt = self::encryption_algorithm_to_crypt_instance($decrypt); + $this->lengthDecrypt->setKey(substr($key, 32, 32)); + } + $this->decrypt->setKey(substr($key, 0, $decryptKeyLength)); + $this->decryptName = $decrypt; + } + + /* The "arcfour128" algorithm is the RC4 cipher, as described in + [SCHNEIER], using a 128-bit key. The first 1536 bytes of keystream + generated by the cipher MUST be discarded, and the first byte of the + first encrypted packet MUST be encrypted using the 1537th byte of + keystream. + + -- http://tools.ietf.org/html/rfc4345#section-4 */ + if ($encrypt == 'arcfour128' || $encrypt == 'arcfour256') { + $this->encrypt->encrypt(str_repeat("\0", 1536)); + } + if ($decrypt == 'arcfour128' || $decrypt == 'arcfour256') { + $this->decrypt->decrypt(str_repeat("\0", 1536)); + } + + if (!$this->encrypt->usesNonce()) { + list($this->hmac_create, $createKeyLength) = self::mac_algorithm_to_hash_instance($mac_algorithm_out); + } else { + $this->hmac_create = new \stdClass(); + $this->hmac_create_name = $mac_algorithm_out; + //$mac_algorithm_out = 'none'; + $createKeyLength = 0; + } + + if ($this->hmac_create instanceof Hash) { + $key = $kexHash->hash($keyBytes . $this->exchange_hash . 'E' . $this->session_id); + while ($createKeyLength > strlen($key)) { + $key .= $kexHash->hash($keyBytes . $this->exchange_hash . $key); + } + $this->hmac_create->setKey(substr($key, 0, $createKeyLength)); + $this->hmac_create_name = $mac_algorithm_out; + $this->hmac_create_etm = preg_match('#-etm@openssh\.com$#', $mac_algorithm_out); + } + + if (!$this->decrypt->usesNonce()) { + list($this->hmac_check, $checkKeyLength) = self::mac_algorithm_to_hash_instance($mac_algorithm_in); + $this->hmac_size = $this->hmac_check->getLengthInBytes(); + } else { + $this->hmac_check = new \stdClass(); + $this->hmac_check_name = $mac_algorithm_in; + //$mac_algorithm_in = 'none'; + $checkKeyLength = 0; + $this->hmac_size = 0; + } + + if ($this->hmac_check instanceof Hash) { + $key = $kexHash->hash($keyBytes . $this->exchange_hash . 'F' . $this->session_id); + while ($checkKeyLength > strlen($key)) { + $key .= $kexHash->hash($keyBytes . $this->exchange_hash . $key); + } + $this->hmac_check->setKey(substr($key, 0, $checkKeyLength)); + $this->hmac_check_name = $mac_algorithm_in; + $this->hmac_check_etm = preg_match('#-etm@openssh\.com$#', $mac_algorithm_in); + } + + $this->regenerate_compression_context = $this->regenerate_decompression_context = true; + + return true; + } + + /** + * Maps an encryption algorithm name to the number of key bytes. + * + * @param string $algorithm Name of the encryption algorithm + * @return int|null Number of bytes as an integer or null for unknown + */ + private function encryption_algorithm_to_key_size($algorithm) + { + if ($this->bad_key_size_fix && self::bad_algorithm_candidate($algorithm)) { + return 16; + } + + switch ($algorithm) { + case 'none': + return 0; + case 'aes128-gcm@openssh.com': + case 'aes128-cbc': + case 'aes128-ctr': + case 'arcfour': + case 'arcfour128': + case 'blowfish-cbc': + case 'blowfish-ctr': + case 'twofish128-cbc': + case 'twofish128-ctr': + return 16; + case '3des-cbc': + case '3des-ctr': + case 'aes192-cbc': + case 'aes192-ctr': + case 'twofish192-cbc': + case 'twofish192-ctr': + return 24; + case 'aes256-gcm@openssh.com': + case 'aes256-cbc': + case 'aes256-ctr': + case 'arcfour256': + case 'twofish-cbc': + case 'twofish256-cbc': + case 'twofish256-ctr': + return 32; + case 'chacha20-poly1305@openssh.com': + return 64; + } + return null; + } + + /** + * Maps an encryption algorithm name to an instance of a subclass of + * \phpseclib3\Crypt\Common\SymmetricKey. + * + * @param string $algorithm Name of the encryption algorithm + * @return SymmetricKey|null + */ + private static function encryption_algorithm_to_crypt_instance($algorithm) + { + switch ($algorithm) { + case '3des-cbc': + return new TripleDES('cbc'); + case '3des-ctr': + return new TripleDES('ctr'); + case 'aes256-cbc': + case 'aes192-cbc': + case 'aes128-cbc': + return new Rijndael('cbc'); + case 'aes256-ctr': + case 'aes192-ctr': + case 'aes128-ctr': + return new Rijndael('ctr'); + case 'blowfish-cbc': + return new Blowfish('cbc'); + case 'blowfish-ctr': + return new Blowfish('ctr'); + case 'twofish128-cbc': + case 'twofish192-cbc': + case 'twofish256-cbc': + case 'twofish-cbc': + return new Twofish('cbc'); + case 'twofish128-ctr': + case 'twofish192-ctr': + case 'twofish256-ctr': + return new Twofish('ctr'); + case 'arcfour': + case 'arcfour128': + case 'arcfour256': + return new RC4(); + case 'aes128-gcm@openssh.com': + case 'aes256-gcm@openssh.com': + return new Rijndael('gcm'); + case 'chacha20-poly1305@openssh.com': + return new ChaCha20(); + } + return null; + } + + /** + * Maps an encryption algorithm name to an instance of a subclass of + * \phpseclib3\Crypt\Hash. + * + * @param string $algorithm Name of the encryption algorithm + * @return array{Hash, int}|null + */ + private static function mac_algorithm_to_hash_instance($algorithm) + { + switch ($algorithm) { + case 'umac-64@openssh.com': + case 'umac-64-etm@openssh.com': + return [new Hash('umac-64'), 16]; + case 'umac-128@openssh.com': + case 'umac-128-etm@openssh.com': + return [new Hash('umac-128'), 16]; + case 'hmac-sha2-512': + case 'hmac-sha2-512-etm@openssh.com': + return [new Hash('sha512'), 64]; + case 'hmac-sha2-256': + case 'hmac-sha2-256-etm@openssh.com': + return [new Hash('sha256'), 32]; + case 'hmac-sha1': + case 'hmac-sha1-etm@openssh.com': + return [new Hash('sha1'), 20]; + case 'hmac-sha1-96': + return [new Hash('sha1-96'), 20]; + case 'hmac-md5': + return [new Hash('md5'), 16]; + case 'hmac-md5-96': + return [new Hash('md5-96'), 16]; + } + } + + /* + * Tests whether or not proposed algorithm has a potential for issues + * + * @link https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/ssh2-aesctr-openssh.html + * @link https://bugzilla.mindrot.org/show_bug.cgi?id=1291 + * @param string $algorithm Name of the encryption algorithm + * @return bool + */ + private static function bad_algorithm_candidate($algorithm) + { + switch ($algorithm) { + case 'arcfour256': + case 'aes192-ctr': + case 'aes256-ctr': + return true; + } + + return false; + } + + /** + * Login + * + * The $password parameter can be a plaintext password, a \phpseclib3\Crypt\RSA|EC|DSA object, a \phpseclib3\System\SSH\Agent object or an array + * + * @param string $username + * @param string|PrivateKey|array[]|Agent|null ...$args + * @return bool + * @see self::_login() + */ + public function login($username, ...$args) + { + if (!$this->retry_connect) { + $this->auth[] = func_get_args(); + } + + // try logging with 'none' as an authentication method first since that's what + // PuTTY does + if (substr($this->server_identifier, 0, 15) != 'SSH-2.0-CoreFTP' && $this->auth_methods_to_continue === null) { + if ($this->sublogin($username)) { + return true; + } + if (!count($args)) { + return false; + } + } + return $this->sublogin($username, ...$args); + } + + /** + * Login Helper + * + * @param string $username + * @param string|PrivateKey|array[]|Agent|null ...$args + * @return bool + * @see self::_login_helper() + */ + protected function sublogin($username, ...$args) + { + if (!($this->bitmap & self::MASK_CONSTRUCTOR)) { + $this->connect(); + } + + if (empty($args)) { + return $this->login_helper($username); + } + + foreach ($args as $arg) { + switch (true) { + case $arg instanceof PublicKey: + throw new \UnexpectedValueException('A PublicKey object was passed to the login method instead of a PrivateKey object'); + case $arg instanceof PrivateKey: + case $arg instanceof Agent: + case is_array($arg): + case Strings::is_stringable($arg): + break; + default: + throw new \UnexpectedValueException('$password needs to either be an instance of \phpseclib3\Crypt\Common\PrivateKey, \System\SSH\Agent, an array or a string'); + } + } + + while (count($args)) { + if (!$this->auth_methods_to_continue || !$this->smartMFA) { + $newargs = $args; + $args = []; + } else { + $newargs = []; + foreach ($this->auth_methods_to_continue as $method) { + switch ($method) { + case 'publickey': + foreach ($args as $key => $arg) { + if ($arg instanceof PrivateKey || $arg instanceof Agent) { + $newargs[] = $arg; + unset($args[$key]); + break; + } + } + break; + case 'keyboard-interactive': + $hasArray = $hasString = false; + foreach ($args as $arg) { + if ($hasArray || is_array($arg)) { + $hasArray = true; + break; + } + if ($hasString || Strings::is_stringable($arg)) { + $hasString = true; + break; + } + } + if ($hasArray && $hasString) { + foreach ($args as $key => $arg) { + if (is_array($arg)) { + $newargs[] = $arg; + break 2; + } + } + } + // fall-through + case 'password': + foreach ($args as $key => $arg) { + $newargs[] = $arg; + unset($args[$key]); + break; + } + } + } + } + + if (!count($newargs)) { + return false; + } + + foreach ($newargs as $arg) { + if ($this->login_helper($username, $arg)) { + return true; + } + } + } + return false; + } + + /** + * Login Helper + * + * {@internal It might be worthwhile, at some point, to protect against {@link http://tools.ietf.org/html/rfc4251#section-9.3.9 traffic analysis} + * by sending dummy SSH_MSG_IGNORE messages.} + * + * @param string $username + * @param string|AsymmetricKey|array[]|Agent|null ...$args + * @return bool + * @throws \UnexpectedValueException on receipt of unexpected packets + * @throws \RuntimeException on other errors + */ + private function login_helper($username, $password = null) + { + if (!($this->bitmap & self::MASK_CONNECTED)) { + return false; + } + + if (!($this->bitmap & self::MASK_LOGIN_REQ)) { + $packet = Strings::packSSH2('Cs', NET_SSH2_MSG_SERVICE_REQUEST, 'ssh-userauth'); + $this->send_binary_packet($packet); + + try { + $response = $this->get_binary_packet(); + } catch (\Exception $e) { + if ($this->retry_connect) { + $this->retry_connect = false; + $this->connect(); + return $this->login_helper($username, $password); + } + $this->disconnect_helper(NET_SSH2_DISCONNECT_CONNECTION_LOST); + throw $e; + } + + list($type) = Strings::unpackSSH2('C', $response); + + if ($type == NET_SSH2_MSG_EXT_INFO) { + list($nr_extensions) = Strings::unpackSSH2('N', $response); + for ($i = 0; $i < $nr_extensions; $i++) { + list($extension_name, $extension_value) = Strings::unpackSSH2('ss', $response); + if ($extension_name == 'server-sig-algs') { + $this->supported_private_key_algorithms = explode(',', $extension_value); + } + } + + $response = $this->get_binary_packet(); + list($type) = Strings::unpackSSH2('C', $response); + } + + list($service) = Strings::unpackSSH2('s', $response); + + if ($type != NET_SSH2_MSG_SERVICE_ACCEPT || $service != 'ssh-userauth') { + $this->disconnect_helper(NET_SSH2_DISCONNECT_PROTOCOL_ERROR); + throw new \UnexpectedValueException('Expected SSH_MSG_SERVICE_ACCEPT'); + } + $this->bitmap |= self::MASK_LOGIN_REQ; + } + + if (strlen($this->last_interactive_response)) { + return !Strings::is_stringable($password) && !is_array($password) ? false : $this->keyboard_interactive_process($password); + } + + if ($password instanceof PrivateKey) { + return $this->privatekey_login($username, $password); + } + + if ($password instanceof Agent) { + return $this->ssh_agent_login($username, $password); + } + + if (is_array($password)) { + if ($this->keyboard_interactive_login($username, $password)) { + $this->bitmap |= self::MASK_LOGIN; + return true; + } + return false; + } + + if (!isset($password)) { + $packet = Strings::packSSH2( + 'Cs3', + NET_SSH2_MSG_USERAUTH_REQUEST, + $username, + 'ssh-connection', + 'none' + ); + + $this->send_binary_packet($packet); + + $response = $this->get_binary_packet(); + + list($type) = Strings::unpackSSH2('C', $response); + switch ($type) { + case NET_SSH2_MSG_USERAUTH_SUCCESS: + $this->bitmap |= self::MASK_LOGIN; + return true; + case NET_SSH2_MSG_USERAUTH_FAILURE: + list($auth_methods) = Strings::unpackSSH2('L', $response); + $this->auth_methods_to_continue = $auth_methods; + // fall-through + default: + return false; + } + } + + $packet = Strings::packSSH2( + 'Cs3bs', + NET_SSH2_MSG_USERAUTH_REQUEST, + $username, + 'ssh-connection', + 'password', + false, + $password + ); + + // remove the username and password from the logged packet + if (!defined('NET_SSH2_LOGGING')) { + $logged = null; + } else { + $logged = Strings::packSSH2( + 'Cs3bs', + NET_SSH2_MSG_USERAUTH_REQUEST, + $username, + 'ssh-connection', + 'password', + false, + 'password' + ); + } + + $this->send_binary_packet($packet, $logged); + + $response = $this->get_binary_packet(); + if ($response === false) { + return false; + } + list($type) = Strings::unpackSSH2('C', $response); + switch ($type) { + case NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ: // in theory, the password can be changed + $this->updateLogHistory('UNKNOWN (60)', 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ'); + + list($message) = Strings::unpackSSH2('s', $response); + $this->errors[] = 'SSH_MSG_USERAUTH_PASSWD_CHANGEREQ: ' . $message; + + return $this->disconnect_helper(NET_SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER); + case NET_SSH2_MSG_USERAUTH_FAILURE: + // can we use keyboard-interactive authentication? if not then either the login is bad or the server employees + // multi-factor authentication + list($auth_methods, $partial_success) = Strings::unpackSSH2('Lb', $response); + $this->auth_methods_to_continue = $auth_methods; + if (!$partial_success && in_array('keyboard-interactive', $auth_methods)) { + if ($this->keyboard_interactive_login($username, $password)) { + $this->bitmap |= self::MASK_LOGIN; + return true; + } + return false; + } + return false; + case NET_SSH2_MSG_USERAUTH_SUCCESS: + $this->bitmap |= self::MASK_LOGIN; + return true; + } + + return false; + } + + /** + * Login via keyboard-interactive authentication + * + * See {@link http://tools.ietf.org/html/rfc4256 RFC4256} for details. This is not a full-featured keyboard-interactive authenticator. + * + * @param string $username + * @param string|array $password + * @return bool + */ + private function keyboard_interactive_login($username, $password) + { + $packet = Strings::packSSH2( + 'Cs5', + NET_SSH2_MSG_USERAUTH_REQUEST, + $username, + 'ssh-connection', + 'keyboard-interactive', + '', // language tag + '' // submethods + ); + $this->send_binary_packet($packet); + + return $this->keyboard_interactive_process($password); + } + + /** + * Handle the keyboard-interactive requests / responses. + * + * @param string|array ...$responses + * @return bool + * @throws \RuntimeException on connection error + */ + private function keyboard_interactive_process(...$responses) + { + if (strlen($this->last_interactive_response)) { + $response = $this->last_interactive_response; + } else { + $orig = $response = $this->get_binary_packet(); + } + + list($type) = Strings::unpackSSH2('C', $response); + switch ($type) { + case NET_SSH2_MSG_USERAUTH_INFO_REQUEST: + list( + , // name; may be empty + , // instruction; may be empty + , // language tag; may be empty + $num_prompts + ) = Strings::unpackSSH2('s3N', $response); + + for ($i = 0; $i < count($responses); $i++) { + if (is_array($responses[$i])) { + foreach ($responses[$i] as $key => $value) { + $this->keyboard_requests_responses[$key] = $value; + } + unset($responses[$i]); + } + } + $responses = array_values($responses); + + if (isset($this->keyboard_requests_responses)) { + for ($i = 0; $i < $num_prompts; $i++) { + list( + $prompt, // prompt - ie. "Password: "; must not be empty + // echo + ) = Strings::unpackSSH2('sC', $response); + foreach ($this->keyboard_requests_responses as $key => $value) { + if (substr($prompt, 0, strlen($key)) == $key) { + $responses[] = $value; + break; + } + } + } + } + + // see http://tools.ietf.org/html/rfc4256#section-3.2 + if (strlen($this->last_interactive_response)) { + $this->last_interactive_response = ''; + } else { + $this->updateLogHistory('UNKNOWN (60)', 'NET_SSH2_MSG_USERAUTH_INFO_REQUEST'); + } + + if (!count($responses) && $num_prompts) { + $this->last_interactive_response = $orig; + return false; + } + + /* + After obtaining the requested information from the user, the client + MUST respond with an SSH_MSG_USERAUTH_INFO_RESPONSE message. + */ + // see http://tools.ietf.org/html/rfc4256#section-3.4 + $packet = $logged = pack('CN', NET_SSH2_MSG_USERAUTH_INFO_RESPONSE, count($responses)); + for ($i = 0; $i < count($responses); $i++) { + $packet .= Strings::packSSH2('s', $responses[$i]); + $logged .= Strings::packSSH2('s', 'dummy-answer'); + } + + $this->send_binary_packet($packet, $logged); + + $this->updateLogHistory('UNKNOWN (61)', 'NET_SSH2_MSG_USERAUTH_INFO_RESPONSE'); + + /* + After receiving the response, the server MUST send either an + SSH_MSG_USERAUTH_SUCCESS, SSH_MSG_USERAUTH_FAILURE, or another + SSH_MSG_USERAUTH_INFO_REQUEST message. + */ + // maybe phpseclib should force close the connection after x request / responses? unless something like that is done + // there could be an infinite loop of request / responses. + return $this->keyboard_interactive_process(); + case NET_SSH2_MSG_USERAUTH_SUCCESS: + return true; + case NET_SSH2_MSG_USERAUTH_FAILURE: + list($auth_methods) = Strings::unpackSSH2('L', $response); + $this->auth_methods_to_continue = $auth_methods; + return false; + } + + return false; + } + + /** + * Login with an ssh-agent provided key + * + * @param string $username + * @param \phpseclib3\System\SSH\Agent $agent + * @return bool + */ + private function ssh_agent_login($username, Agent $agent) + { + $this->agent = $agent; + $keys = $agent->requestIdentities(); + foreach ($keys as $key) { + if ($this->privatekey_login($username, $key)) { + return true; + } + } + + return false; + } + + /** + * Login with an RSA private key + * + * {@internal It might be worthwhile, at some point, to protect against {@link http://tools.ietf.org/html/rfc4251#section-9.3.9 traffic analysis} + * by sending dummy SSH_MSG_IGNORE messages.} + * + * @param string $username + * @param \phpseclib3\Crypt\Common\PrivateKey $privatekey + * @return bool + * @throws \RuntimeException on connection error + */ + private function privatekey_login($username, PrivateKey $privatekey) + { + $publickey = $privatekey->getPublicKey(); + + if ($publickey instanceof RSA) { + $privatekey = $privatekey->withPadding(RSA::SIGNATURE_PKCS1); + $algos = ['rsa-sha2-256', 'rsa-sha2-512', 'ssh-rsa']; + if (isset($this->preferred['hostkey'])) { + $algos = array_intersect($algos, $this->preferred['hostkey']); + } + $algo = self::array_intersect_first($algos, $this->supported_private_key_algorithms); + switch ($algo) { + case 'rsa-sha2-512': + $hash = 'sha512'; + $signatureType = 'rsa-sha2-512'; + break; + case 'rsa-sha2-256': + $hash = 'sha256'; + $signatureType = 'rsa-sha2-256'; + break; + //case 'ssh-rsa': + default: + $hash = 'sha1'; + $signatureType = 'ssh-rsa'; + } + } elseif ($publickey instanceof EC) { + $privatekey = $privatekey->withSignatureFormat('SSH2'); + $curveName = $privatekey->getCurve(); + switch ($curveName) { + case 'Ed25519': + $hash = 'sha512'; + $signatureType = 'ssh-ed25519'; + break; + case 'secp256r1': // nistp256 + $hash = 'sha256'; + $signatureType = 'ecdsa-sha2-nistp256'; + break; + case 'secp384r1': // nistp384 + $hash = 'sha384'; + $signatureType = 'ecdsa-sha2-nistp384'; + break; + case 'secp521r1': // nistp521 + $hash = 'sha512'; + $signatureType = 'ecdsa-sha2-nistp521'; + break; + default: + if (is_array($curveName)) { + throw new UnsupportedCurveException('Specified Curves are not supported by SSH2'); + } + throw new UnsupportedCurveException('Named Curve of ' . $curveName . ' is not supported by phpseclib3\'s SSH2 implementation'); + } + } elseif ($publickey instanceof DSA) { + $privatekey = $privatekey->withSignatureFormat('SSH2'); + $hash = 'sha1'; + $signatureType = 'ssh-dss'; + } else { + throw new UnsupportedAlgorithmException('Please use either an RSA key, an EC one or a DSA key'); + } + + $publickeyStr = $publickey->toString('OpenSSH', ['binary' => true]); + + $part1 = Strings::packSSH2( + 'Csss', + NET_SSH2_MSG_USERAUTH_REQUEST, + $username, + 'ssh-connection', + 'publickey' + ); + $part2 = Strings::packSSH2('ss', $signatureType, $publickeyStr); + + $packet = $part1 . chr(0) . $part2; + $this->send_binary_packet($packet); + + $response = $this->get_binary_packet(); + + list($type) = Strings::unpackSSH2('C', $response); + switch ($type) { + case NET_SSH2_MSG_USERAUTH_FAILURE: + list($auth_methods) = Strings::unpackSSH2('L', $response); + if (in_array('publickey', $auth_methods) && substr($signatureType, 0, 9) == 'rsa-sha2-') { + $this->supported_private_key_algorithms = array_diff($this->supported_private_key_algorithms, ['rsa-sha2-256', 'rsa-sha2-512']); + return $this->privatekey_login($username, $privatekey); + } + $this->auth_methods_to_continue = $auth_methods; + $this->errors[] = 'SSH_MSG_USERAUTH_FAILURE'; + return false; + case NET_SSH2_MSG_USERAUTH_PK_OK: + // we'll just take it on faith that the public key blob and the public key algorithm name are as + // they should be + $this->updateLogHistory('UNKNOWN (60)', 'NET_SSH2_MSG_USERAUTH_PK_OK'); + break; + case NET_SSH2_MSG_USERAUTH_SUCCESS: + $this->bitmap |= self::MASK_LOGIN; + return true; + default: + $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); + throw new ConnectionClosedException('Unexpected response to publickey authentication pt 1'); + } + + $packet = $part1 . chr(1) . $part2; + $privatekey = $privatekey->withHash($hash); + $signature = $privatekey->sign(Strings::packSSH2('s', $this->session_id) . $packet); + if ($publickey instanceof RSA) { + $signature = Strings::packSSH2('ss', $signatureType, $signature); + } + $packet .= Strings::packSSH2('s', $signature); + + $this->send_binary_packet($packet); + + $response = $this->get_binary_packet(); + + list($type) = Strings::unpackSSH2('C', $response); + switch ($type) { + case NET_SSH2_MSG_USERAUTH_FAILURE: + // either the login is bad or the server employs multi-factor authentication + list($auth_methods) = Strings::unpackSSH2('L', $response); + $this->auth_methods_to_continue = $auth_methods; + return false; + case NET_SSH2_MSG_USERAUTH_SUCCESS: + $this->bitmap |= self::MASK_LOGIN; + return true; + } + + $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); + throw new ConnectionClosedException('Unexpected response to publickey authentication pt 2'); + } + + /** + * Return the currently configured timeout + * + * @return int + */ + public function getTimeout() + { + return $this->timeout; + } + + /** + * Set Timeout + * + * $ssh->exec('ping 127.0.0.1'); on a Linux host will never return and will run indefinitely. setTimeout() makes it so it'll timeout. + * Setting $timeout to false or 0 will mean there is no timeout. + * + * @param mixed $timeout + */ + public function setTimeout($timeout) + { + $this->timeout = $this->curTimeout = $timeout; + } + + /** + * Set Keep Alive + * + * Sends an SSH2_MSG_IGNORE message every x seconds, if x is a positive non-zero number. + * + * @param int $interval + */ + public function setKeepAlive($interval) + { + $this->keepAlive = $interval; + } + + /** + * Get the output from stdError + * + */ + public function getStdError() + { + return $this->stdErrorLog; + } + + /** + * Execute Command + * + * If $callback is set to false then \phpseclib3\Net\SSH2::get_channel_packet(self::CHANNEL_EXEC) will need to be called manually. + * In all likelihood, this is not a feature you want to be taking advantage of. + * + * @param string $command + * @return string|bool + * @psalm-return ($callback is callable ? bool : string|bool) + * @throws \RuntimeException on connection error + */ + public function exec($command, callable $callback = null) + { + $this->curTimeout = $this->timeout; + $this->is_timeout = false; + $this->stdErrorLog = ''; + + if (!$this->isAuthenticated()) { + return false; + } + + //if ($this->isPTYOpen()) { + // throw new \RuntimeException('If you want to run multiple exec()\'s you will need to disable (and re-enable if appropriate) a PTY for each one.'); + //} + + $this->openChannel(self::CHANNEL_EXEC); + + if ($this->request_pty === true) { + $terminal_modes = pack('C', NET_SSH2_TTY_OP_END); + $packet = Strings::packSSH2( + 'CNsCsN4s', + NET_SSH2_MSG_CHANNEL_REQUEST, + $this->server_channels[self::CHANNEL_EXEC], + 'pty-req', + 1, + $this->term, + $this->windowColumns, + $this->windowRows, + 0, + 0, + $terminal_modes + ); + + $this->send_binary_packet($packet); + + $this->channel_status[self::CHANNEL_EXEC] = NET_SSH2_MSG_CHANNEL_REQUEST; + if (!$this->get_channel_packet(self::CHANNEL_EXEC)) { + $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); + throw new \RuntimeException('Unable to request pseudo-terminal'); + } + } + + // sending a pty-req SSH_MSG_CHANNEL_REQUEST message is unnecessary and, in fact, in most cases, slows things + // down. the one place where it might be desirable is if you're doing something like \phpseclib3\Net\SSH2::exec('ping localhost &'). + // with a pty-req SSH_MSG_CHANNEL_REQUEST, exec() will return immediately and the ping process will then + // then immediately terminate. without such a request exec() will loop indefinitely. the ping process won't end but + // neither will your script. + + // although, in theory, the size of SSH_MSG_CHANNEL_REQUEST could exceed the maximum packet size established by + // SSH_MSG_CHANNEL_OPEN_CONFIRMATION, RFC4254#section-5.1 states that the "maximum packet size" refers to the + // "maximum size of an individual data packet". ie. SSH_MSG_CHANNEL_DATA. RFC4254#section-5.2 corroborates. + $packet = Strings::packSSH2( + 'CNsCs', + NET_SSH2_MSG_CHANNEL_REQUEST, + $this->server_channels[self::CHANNEL_EXEC], + 'exec', + 1, + $command + ); + $this->send_binary_packet($packet); + + $this->channel_status[self::CHANNEL_EXEC] = NET_SSH2_MSG_CHANNEL_REQUEST; + + if (!$this->get_channel_packet(self::CHANNEL_EXEC)) { + return false; + } + + $this->channel_status[self::CHANNEL_EXEC] = NET_SSH2_MSG_CHANNEL_DATA; + + if ($this->request_pty === true) { + $this->channel_id_last_interactive = self::CHANNEL_EXEC; + return true; + } + + $output = ''; + while (true) { + $temp = $this->get_channel_packet(self::CHANNEL_EXEC); + switch (true) { + case $temp === true: + return is_callable($callback) ? true : $output; + case $temp === false: + return false; + default: + if (is_callable($callback)) { + if ($callback($temp) === true) { + $this->close_channel(self::CHANNEL_EXEC); + return true; + } + } else { + $output .= $temp; + } + } + } + } + + /** + * How many channels are currently open? + * + * @return int + */ + public function getOpenChannelCount() + { + return $this->channelCount; + } + + /** + * Opens a channel + * + * @param string $channel + * @param bool $skip_extended + * @return bool + */ + protected function openChannel($channel, $skip_extended = false) + { + if (isset($this->channel_status[$channel]) && $this->channel_status[$channel] != NET_SSH2_MSG_CHANNEL_CLOSE) { + throw new \RuntimeException('Please close the channel (' . $channel . ') before trying to open it again'); + } + + $this->channelCount++; + + if ($this->channelCount > 1 && $this->errorOnMultipleChannels) { + throw new \RuntimeException("Ubuntu's OpenSSH from 5.8 to 6.9 doesn't work with multiple channels"); + } + + // RFC4254 defines the (client) window size as "bytes the other party can send before it must wait for the window to + // be adjusted". 0x7FFFFFFF is, at 2GB, the max size. technically, it should probably be decremented, but, + // honestly, if you're transferring more than 2GB, you probably shouldn't be using phpseclib, anyway. + // see http://tools.ietf.org/html/rfc4254#section-5.2 for more info + $this->window_size_server_to_client[$channel] = $this->window_size; + // 0x8000 is the maximum max packet size, per http://tools.ietf.org/html/rfc4253#section-6.1, although since PuTTy + // uses 0x4000, that's what will be used here, as well. + $packet_size = 0x4000; + + $packet = Strings::packSSH2( + 'CsN3', + NET_SSH2_MSG_CHANNEL_OPEN, + 'session', + $channel, + $this->window_size_server_to_client[$channel], + $packet_size + ); + + $this->send_binary_packet($packet); + + $this->channel_status[$channel] = NET_SSH2_MSG_CHANNEL_OPEN; + + return $this->get_channel_packet($channel, $skip_extended); + } + + /** + * Creates an interactive shell + * + * Returns bool(true) if the shell was opened. + * Returns bool(false) if the shell was already open. + * + * @see self::isShellOpen() + * @see self::read() + * @see self::write() + * @return bool + * @throws InsufficientSetupException if not authenticated + * @throws \UnexpectedValueException on receipt of unexpected packets + * @throws \RuntimeException on other errors + */ + public function openShell() + { + if (!$this->isAuthenticated()) { + throw new InsufficientSetupException('Operation disallowed prior to login()'); + } + + $this->openChannel(self::CHANNEL_SHELL); + + $terminal_modes = pack('C', NET_SSH2_TTY_OP_END); + $packet = Strings::packSSH2( + 'CNsbsN4s', + NET_SSH2_MSG_CHANNEL_REQUEST, + $this->server_channels[self::CHANNEL_SHELL], + 'pty-req', + true, // want reply + $this->term, + $this->windowColumns, + $this->windowRows, + 0, + 0, + $terminal_modes + ); + + $this->send_binary_packet($packet); + + $this->channel_status[self::CHANNEL_SHELL] = NET_SSH2_MSG_CHANNEL_REQUEST; + + if (!$this->get_channel_packet(self::CHANNEL_SHELL)) { + throw new \RuntimeException('Unable to request pty'); + } + + $packet = Strings::packSSH2( + 'CNsb', + NET_SSH2_MSG_CHANNEL_REQUEST, + $this->server_channels[self::CHANNEL_SHELL], + 'shell', + true // want reply + ); + $this->send_binary_packet($packet); + + $response = $this->get_channel_packet(self::CHANNEL_SHELL); + if ($response === false) { + throw new \RuntimeException('Unable to request shell'); + } + + $this->channel_status[self::CHANNEL_SHELL] = NET_SSH2_MSG_CHANNEL_DATA; + + $this->channel_id_last_interactive = self::CHANNEL_SHELL; + + $this->bitmap |= self::MASK_SHELL; + + return true; + } + + /** + * Return the channel to be used with read(), write(), and reset(), if none were specified + * @deprecated for lack of transparency in intended channel target, to be potentially replaced + * with method which guarantees open-ness of all yielded channels and throws + * error for multiple open channels + * @see self::read() + * @see self::write() + * @return int + */ + private function get_interactive_channel() + { + switch (true) { + case $this->is_channel_status_data(self::CHANNEL_SUBSYSTEM): + return self::CHANNEL_SUBSYSTEM; + case $this->is_channel_status_data(self::CHANNEL_EXEC): + return self::CHANNEL_EXEC; + default: + return self::CHANNEL_SHELL; + } + } + + /** + * Indicates the DATA status on the given channel + * + * @param int $channel The channel number to evaluate + * @return bool + */ + private function is_channel_status_data($channel) + { + return isset($this->channel_status[$channel]) && $this->channel_status[$channel] == NET_SSH2_MSG_CHANNEL_DATA; + } + + /** + * Return an available open channel + * + * @return int + */ + private function get_open_channel() + { + $channel = self::CHANNEL_EXEC; + do { + if (isset($this->channel_status[$channel]) && $this->channel_status[$channel] == NET_SSH2_MSG_CHANNEL_OPEN) { + return $channel; + } + } while ($channel++ < self::CHANNEL_SUBSYSTEM); + + return false; + } + + /** + * Request agent forwarding of remote server + * + * @return bool + */ + public function requestAgentForwarding() + { + $request_channel = $this->get_open_channel(); + if ($request_channel === false) { + return false; + } + + $packet = Strings::packSSH2( + 'CNsC', + NET_SSH2_MSG_CHANNEL_REQUEST, + $this->server_channels[$request_channel], + 'auth-agent-req@openssh.com', + 1 + ); + + $this->channel_status[$request_channel] = NET_SSH2_MSG_CHANNEL_REQUEST; + + $this->send_binary_packet($packet); + + if (!$this->get_channel_packet($request_channel)) { + return false; + } + + $this->channel_status[$request_channel] = NET_SSH2_MSG_CHANNEL_OPEN; + + return true; + } + + /** + * Returns the output of an interactive shell + * + * Returns when there's a match for $expect, which can take the form of a string literal or, + * if $mode == self::READ_REGEX, a regular expression. + * + * If not specifying a channel, an open interactive channel will be selected, or, if there are + * no open channels, an interactive shell will be created. If there are multiple open + * interactive channels, a legacy behavior will apply in which channel selection prioritizes + * an active subsystem, the exec pty, and, lastly, the shell. If using multiple interactive + * channels, callers are discouraged from relying on this legacy behavior and should specify + * the intended channel. + * + * @see self::write() + * @param string $expect + * @param int $mode One of the self::READ_* constants + * @param int|null $channel Channel id returned by self::getInteractiveChannelId() + * @return string|bool|null + * @throws \RuntimeException on connection error + * @throws InsufficientSetupException on unexpected channel status, possibly due to closure + */ + public function read($expect = '', $mode = self::READ_SIMPLE, $channel = null) + { + if (!$this->isAuthenticated()) { + throw new InsufficientSetupException('Operation disallowed prior to login()'); + } + + $this->curTimeout = $this->timeout; + $this->is_timeout = false; + + if ($channel === null) { + $channel = $this->get_interactive_channel(); + } + + if (!$this->is_channel_status_data($channel) && empty($this->channel_buffers[$channel])) { + if ($channel != self::CHANNEL_SHELL) { + throw new InsufficientSetupException('Data is not available on channel'); + } elseif (!$this->openShell()) { + throw new \RuntimeException('Unable to initiate an interactive shell session'); + } + } + + if ($mode == self::READ_NEXT) { + return $this->get_channel_packet($channel); + } + + $match = $expect; + while (true) { + if ($mode == self::READ_REGEX) { + preg_match($expect, substr($this->interactiveBuffer, -1024), $matches); + $match = isset($matches[0]) ? $matches[0] : ''; + } + $pos = strlen($match) ? strpos($this->interactiveBuffer, $match) : false; + if ($pos !== false) { + return Strings::shift($this->interactiveBuffer, $pos + strlen($match)); + } + $response = $this->get_channel_packet($channel); + if ($response === true) { + return Strings::shift($this->interactiveBuffer, strlen($this->interactiveBuffer)); + } + + $this->interactiveBuffer .= $response; + } + } + + /** + * Inputs a command into an interactive shell. + * + * If not specifying a channel, an open interactive channel will be selected, or, if there are + * no open channels, an interactive shell will be created. If there are multiple open + * interactive channels, a legacy behavior will apply in which channel selection prioritizes + * an active subsystem, the exec pty, and, lastly, the shell. If using multiple interactive + * channels, callers are discouraged from relying on this legacy behavior and should specify + * the intended channel. + * + * @see SSH2::read() + * @param string $cmd + * @param int|null $channel Channel id returned by self::getInteractiveChannelId() + * @return void + * @throws \RuntimeException on connection error + * @throws InsufficientSetupException on unexpected channel status, possibly due to closure + */ + public function write($cmd, $channel = null) + { + if (!$this->isAuthenticated()) { + throw new InsufficientSetupException('Operation disallowed prior to login()'); + } + + if ($channel === null) { + $channel = $this->get_interactive_channel(); + } + + if (!$this->is_channel_status_data($channel)) { + if ($channel != self::CHANNEL_SHELL) { + throw new InsufficientSetupException('Data is not available on channel'); + } elseif (!$this->openShell()) { + throw new \RuntimeException('Unable to initiate an interactive shell session'); + } + } + + $this->send_channel_packet($channel, $cmd); + } + + /** + * Start a subsystem. + * + * Right now only one subsystem at a time is supported. To support multiple subsystem's stopSubsystem() could accept + * a string that contained the name of the subsystem, but at that point, only one subsystem of each type could be opened. + * To support multiple subsystem's of the same name maybe it'd be best if startSubsystem() generated a new channel id and + * returns that and then that that was passed into stopSubsystem() but that'll be saved for a future date and implemented + * if there's sufficient demand for such a feature. + * + * @see self::stopSubsystem() + * @param string $subsystem + * @return bool + */ + public function startSubsystem($subsystem) + { + $this->openChannel(self::CHANNEL_SUBSYSTEM); + + $packet = Strings::packSSH2( + 'CNsCs', + NET_SSH2_MSG_CHANNEL_REQUEST, + $this->server_channels[self::CHANNEL_SUBSYSTEM], + 'subsystem', + 1, + $subsystem + ); + $this->send_binary_packet($packet); + + $this->channel_status[self::CHANNEL_SUBSYSTEM] = NET_SSH2_MSG_CHANNEL_REQUEST; + + if (!$this->get_channel_packet(self::CHANNEL_SUBSYSTEM)) { + return false; + } + + $this->channel_status[self::CHANNEL_SUBSYSTEM] = NET_SSH2_MSG_CHANNEL_DATA; + + $this->channel_id_last_interactive = self::CHANNEL_SUBSYSTEM; + + return true; + } + + /** + * Stops a subsystem. + * + * @see self::startSubsystem() + * @return bool + */ + public function stopSubsystem() + { + if ($this->isInteractiveChannelOpen(self::CHANNEL_SUBSYSTEM)) { + $this->close_channel(self::CHANNEL_SUBSYSTEM); + } + return true; + } + + /** + * Closes a channel + * + * If read() timed out you might want to just close the channel and have it auto-restart on the next read() call + * + * If not specifying a channel, an open interactive channel will be selected. If there are + * multiple open interactive channels, a legacy behavior will apply in which channel selection + * prioritizes an active subsystem, the exec pty, and, lastly, the shell. If using multiple + * interactive channels, callers are discouraged from relying on this legacy behavior and + * should specify the intended channel. + * + * @param int|null $channel Channel id returned by self::getInteractiveChannelId() + * @return void + */ + public function reset($channel = null) + { + if ($channel === null) { + $channel = $this->get_interactive_channel(); + } + if ($this->isInteractiveChannelOpen($channel)) { + $this->close_channel($channel); + } + } + + /** + * Is timeout? + * + * Did exec() or read() return because they timed out or because they encountered the end? + * + */ + public function isTimeout() + { + return $this->is_timeout; + } + + /** + * Disconnect + * + */ + public function disconnect() + { + $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); + if (isset($this->realtime_log_file) && is_resource($this->realtime_log_file)) { + fclose($this->realtime_log_file); + } + unset(self::$connections[$this->getResourceId()]); + } + + /** + * Destructor. + * + * Will be called, automatically, if you're supporting just PHP5. If you're supporting PHP4, you'll need to call + * disconnect(). + * + */ + public function __destruct() + { + $this->disconnect(); + } + + /** + * Is the connection still active? + * + * @return bool + */ + public function isConnected() + { + return ($this->bitmap & self::MASK_CONNECTED) && is_resource($this->fsock) && !feof($this->fsock); + } + + /** + * Have you successfully been logged in? + * + * @return bool + */ + public function isAuthenticated() + { + return (bool) ($this->bitmap & self::MASK_LOGIN); + } + + /** + * Is the interactive shell active? + * + * @return bool + */ + public function isShellOpen() + { + return $this->isInteractiveChannelOpen(self::CHANNEL_SHELL); + } + + /** + * Is the exec pty active? + * + * @return bool + */ + public function isPTYOpen() + { + return $this->isInteractiveChannelOpen(self::CHANNEL_EXEC); + } + + /** + * Is the given interactive channel active? + * + * @param int $channel Channel id returned by self::getInteractiveChannelId() + * @return bool + */ + public function isInteractiveChannelOpen($channel) + { + return $this->isAuthenticated() && $this->is_channel_status_data($channel); + } + + /** + * Returns a channel identifier, presently of the last interactive channel opened, regardless of current status. + * Returns 0 if no interactive channel has been opened. + * + * @see self::isInteractiveChannelOpen() + * @return int + */ + public function getInteractiveChannelId() + { + return $this->channel_id_last_interactive; + } + + /** + * Pings a server connection, or tries to reconnect if the connection has gone down + * + * Inspired by http://php.net/manual/en/mysqli.ping.php + * + * @return bool + */ + public function ping() + { + if (!$this->isAuthenticated()) { + if (!empty($this->auth)) { + return $this->reconnect(); + } + return false; + } + + try { + $this->openChannel(self::CHANNEL_KEEP_ALIVE); + } catch (\RuntimeException $e) { + return $this->reconnect(); + } + + $this->close_channel(self::CHANNEL_KEEP_ALIVE); + return true; + } + + /** + * In situ reconnect method + * + * @return boolean + */ + private function reconnect() + { + $this->reset_connection(NET_SSH2_DISCONNECT_CONNECTION_LOST); + $this->retry_connect = true; + $this->connect(); + foreach ($this->auth as $auth) { + $result = $this->login(...$auth); + } + return $result; + } + + /** + * Resets a connection for re-use + * + * @param int $reason + */ + protected function reset_connection($reason) + { + $this->disconnect_helper($reason); + $this->decrypt = $this->encrypt = false; + $this->decrypt_block_size = $this->encrypt_block_size = 8; + $this->hmac_check = $this->hmac_create = false; + $this->hmac_size = false; + $this->session_id = false; + $this->retry_connect = true; + $this->get_seq_no = $this->send_seq_no = 0; + $this->channel_status = []; + $this->channel_id_last_interactive = 0; + } + + /** + * Gets Binary Packets + * + * See '6. Binary Packet Protocol' of rfc4253 for more info. + * + * @see self::_send_binary_packet() + * @param bool $skip_channel_filter + * @return bool|string + */ + private function get_binary_packet($skip_channel_filter = false) + { + if ($skip_channel_filter) { + if (!is_resource($this->fsock)) { + throw new \InvalidArgumentException('fsock is not a resource.'); + } + $read = [$this->fsock]; + $write = $except = null; + + if (!$this->curTimeout) { + if ($this->keepAlive <= 0) { + static::stream_select($read, $write, $except, null); + } else { + if (!static::stream_select($read, $write, $except, $this->keepAlive)) { + $this->send_binary_packet(pack('CN', NET_SSH2_MSG_IGNORE, 0)); + return $this->get_binary_packet(true); + } + } + } else { + if ($this->curTimeout < 0) { + $this->is_timeout = true; + return true; + } + + $start = microtime(true); + + if ($this->keepAlive > 0 && $this->keepAlive < $this->curTimeout) { + if (!static::stream_select($read, $write, $except, $this->keepAlive)) { + $this->send_binary_packet(pack('CN', NET_SSH2_MSG_IGNORE, 0)); + $elapsed = microtime(true) - $start; + $this->curTimeout -= $elapsed; + return $this->get_binary_packet(true); + } + $elapsed = microtime(true) - $start; + $this->curTimeout -= $elapsed; + } + + $sec = (int) floor($this->curTimeout); + $usec = (int) (1000000 * ($this->curTimeout - $sec)); + + // this can return a "stream_select(): unable to select [4]: Interrupted system call" error + if (!static::stream_select($read, $write, $except, $sec, $usec)) { + $this->is_timeout = true; + return true; + } + $elapsed = microtime(true) - $start; + $this->curTimeout -= $elapsed; + } + } + + if (!is_resource($this->fsock) || feof($this->fsock)) { + $this->bitmap = 0; + $str = 'Connection closed (by server) prematurely'; + if (isset($elapsed)) { + $str .= ' ' . $elapsed . 's'; + } + throw new ConnectionClosedException($str); + } + + $start = microtime(true); + $raw = stream_get_contents($this->fsock, $this->decrypt_block_size); + + if (!strlen($raw)) { + $this->bitmap = 0; + throw new ConnectionClosedException('No data received from server'); + } + + if ($this->decrypt) { + switch ($this->decryptName) { + case 'aes128-gcm@openssh.com': + case 'aes256-gcm@openssh.com': + $this->decrypt->setNonce( + $this->decryptFixedPart . + $this->decryptInvocationCounter + ); + Strings::increment_str($this->decryptInvocationCounter); + $this->decrypt->setAAD($temp = Strings::shift($raw, 4)); + extract(unpack('Npacket_length', $temp)); + /** + * @var integer $packet_length + */ + + $raw .= $this->read_remaining_bytes($packet_length - $this->decrypt_block_size + 4); + $stop = microtime(true); + $tag = stream_get_contents($this->fsock, $this->decrypt_block_size); + $this->decrypt->setTag($tag); + $raw = $this->decrypt->decrypt($raw); + $raw = $temp . $raw; + $remaining_length = 0; + break; + case 'chacha20-poly1305@openssh.com': + // This should be impossible, but we are checking anyway to narrow the type for Psalm. + if (!($this->decrypt instanceof ChaCha20)) { + throw new \LogicException('$this->decrypt is not a ' . ChaCha20::class); + } + + $nonce = pack('N2', 0, $this->get_seq_no); + + $this->lengthDecrypt->setNonce($nonce); + $temp = $this->lengthDecrypt->decrypt($aad = Strings::shift($raw, 4)); + extract(unpack('Npacket_length', $temp)); + /** + * @var integer $packet_length + */ + + $raw .= $this->read_remaining_bytes($packet_length - $this->decrypt_block_size + 4); + $stop = microtime(true); + $tag = stream_get_contents($this->fsock, 16); + + $this->decrypt->setNonce($nonce); + $this->decrypt->setCounter(0); + // this is the same approach that's implemented in Salsa20::createPoly1305Key() + // but we don't want to use the same AEAD construction that RFC8439 describes + // for ChaCha20-Poly1305 so we won't rely on it (see Salsa20::poly1305()) + $this->decrypt->setPoly1305Key( + $this->decrypt->encrypt(str_repeat("\0", 32)) + ); + $this->decrypt->setAAD($aad); + $this->decrypt->setCounter(1); + $this->decrypt->setTag($tag); + $raw = $this->decrypt->decrypt($raw); + $raw = $temp . $raw; + $remaining_length = 0; + break; + default: + if (!$this->hmac_check instanceof Hash || !$this->hmac_check_etm) { + $raw = $this->decrypt->decrypt($raw); + break; + } + extract(unpack('Npacket_length', $temp = Strings::shift($raw, 4))); + /** + * @var integer $packet_length + */ + $raw .= $this->read_remaining_bytes($packet_length - $this->decrypt_block_size + 4); + $stop = microtime(true); + $encrypted = $temp . $raw; + $raw = $temp . $this->decrypt->decrypt($raw); + $remaining_length = 0; + } + } + + if (strlen($raw) < 5) { + $this->bitmap = 0; + throw new \RuntimeException('Plaintext is too short'); + } + extract(unpack('Npacket_length/Cpadding_length', Strings::shift($raw, 5))); + /** + * @var integer $packet_length + * @var integer $padding_length + */ + + if (!isset($remaining_length)) { + $remaining_length = $packet_length + 4 - $this->decrypt_block_size; + } + + $buffer = $this->read_remaining_bytes($remaining_length); + + if (!isset($stop)) { + $stop = microtime(true); + } + if (strlen($buffer)) { + $raw .= $this->decrypt ? $this->decrypt->decrypt($buffer) : $buffer; + } + + $payload = Strings::shift($raw, $packet_length - $padding_length - 1); + $padding = Strings::shift($raw, $padding_length); // should leave $raw empty + + if ($this->hmac_check instanceof Hash) { + $hmac = stream_get_contents($this->fsock, $this->hmac_size); + if ($hmac === false || strlen($hmac) != $this->hmac_size) { + $this->disconnect_helper(NET_SSH2_DISCONNECT_MAC_ERROR); + throw new \RuntimeException('Error reading socket'); + } + + $reconstructed = !$this->hmac_check_etm ? + pack('NCa*', $packet_length, $padding_length, $payload . $padding) : + $encrypted; + if (($this->hmac_check->getHash() & "\xFF\xFF\xFF\xFF") == 'umac') { + $this->hmac_check->setNonce("\0\0\0\0" . pack('N', $this->get_seq_no)); + if ($hmac != $this->hmac_check->hash($reconstructed)) { + $this->disconnect_helper(NET_SSH2_DISCONNECT_MAC_ERROR); + throw new \RuntimeException('Invalid UMAC'); + } + } else { + if ($hmac != $this->hmac_check->hash(pack('Na*', $this->get_seq_no, $reconstructed))) { + $this->disconnect_helper(NET_SSH2_DISCONNECT_MAC_ERROR); + throw new \RuntimeException('Invalid HMAC'); + } + } + } + + switch ($this->decompress) { + case self::NET_SSH2_COMPRESSION_ZLIB_AT_OPENSSH: + if (!$this->isAuthenticated()) { + break; + } + // fall-through + case self::NET_SSH2_COMPRESSION_ZLIB: + if ($this->regenerate_decompression_context) { + $this->regenerate_decompression_context = false; + + $cmf = ord($payload[0]); + $cm = $cmf & 0x0F; + if ($cm != 8) { // deflate + user_error("Only CM = 8 ('deflate') is supported ($cm)"); + } + $cinfo = ($cmf & 0xF0) >> 4; + if ($cinfo > 7) { + user_error("CINFO above 7 is not allowed ($cinfo)"); + } + $windowSize = 1 << ($cinfo + 8); + + $flg = ord($payload[1]); + //$fcheck = $flg && 0x0F; + if ((($cmf << 8) | $flg) % 31) { + user_error('fcheck failed'); + } + $fdict = boolval($flg & 0x20); + $flevel = ($flg & 0xC0) >> 6; + + $this->decompress_context = inflate_init(ZLIB_ENCODING_RAW, ['window' => $cinfo + 8]); + $payload = substr($payload, 2); + } + if ($this->decompress_context) { + $payload = inflate_add($this->decompress_context, $payload, ZLIB_PARTIAL_FLUSH); + } + } + + $this->get_seq_no++; + + if (defined('NET_SSH2_LOGGING')) { + $current = microtime(true); + $message_number = isset(self::$message_numbers[ord($payload[0])]) ? self::$message_numbers[ord($payload[0])] : 'UNKNOWN (' . ord($payload[0]) . ')'; + $message_number = '<- ' . $message_number . + ' (since last: ' . round($current - $this->last_packet, 4) . ', network: ' . round($stop - $start, 4) . 's)'; + $this->append_log($message_number, $payload); + $this->last_packet = $current; + } + + return $this->filter($payload, $skip_channel_filter); + } + + /** + * Read Remaining Bytes + * + * @see self::get_binary_packet() + * @param int $remaining_length + * @return string + */ + private function read_remaining_bytes($remaining_length) + { + if (!$remaining_length) { + return ''; + } + + $adjustLength = false; + if ($this->decrypt) { + switch (true) { + case $this->decryptName == 'aes128-gcm@openssh.com': + case $this->decryptName == 'aes256-gcm@openssh.com': + case $this->decryptName == 'chacha20-poly1305@openssh.com': + case $this->hmac_check instanceof Hash && $this->hmac_check_etm: + $remaining_length += $this->decrypt_block_size - 4; + $adjustLength = true; + } + } + + // quoting , + // "implementations SHOULD check that the packet length is reasonable" + // PuTTY uses 0x9000 as the actual max packet size and so to shall we + // don't do this when GCM mode is used since GCM mode doesn't encrypt the length + if ($remaining_length < -$this->decrypt_block_size || $remaining_length > 0x9000 || $remaining_length % $this->decrypt_block_size != 0) { + if (!$this->bad_key_size_fix && self::bad_algorithm_candidate($this->decrypt ? $this->decryptName : '') && !($this->bitmap & SSH2::MASK_LOGIN)) { + $this->bad_key_size_fix = true; + $this->reset_connection(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + return false; + } + throw new \RuntimeException('Invalid size'); + } + + if ($adjustLength) { + $remaining_length -= $this->decrypt_block_size - 4; + } + + $buffer = ''; + while ($remaining_length > 0) { + $temp = stream_get_contents($this->fsock, $remaining_length); + if ($temp === false || feof($this->fsock)) { + $this->disconnect_helper(NET_SSH2_DISCONNECT_CONNECTION_LOST); + throw new \RuntimeException('Error reading from socket'); + } + $buffer .= $temp; + $remaining_length -= strlen($temp); + } + + return $buffer; + } + + /** + * Filter Binary Packets + * + * Because some binary packets need to be ignored... + * + * @see self::_get_binary_packet() + * @param string $payload + * @param bool $skip_channel_filter + * @return string|bool + */ + private function filter($payload, $skip_channel_filter) + { + switch (ord($payload[0])) { + case NET_SSH2_MSG_DISCONNECT: + Strings::shift($payload, 1); + list($reason_code, $message) = Strings::unpackSSH2('Ns', $payload); + $this->errors[] = 'SSH_MSG_DISCONNECT: ' . self::$disconnect_reasons[$reason_code] . "\r\n$message"; + $this->bitmap = 0; + return false; + case NET_SSH2_MSG_IGNORE: + $this->extra_packets++; + $payload = $this->get_binary_packet($skip_channel_filter); + break; + case NET_SSH2_MSG_DEBUG: + $this->extra_packets++; + Strings::shift($payload, 2); // second byte is "always_display" + list($message) = Strings::unpackSSH2('s', $payload); + $this->errors[] = "SSH_MSG_DEBUG: $message"; + $payload = $this->get_binary_packet($skip_channel_filter); + break; + case NET_SSH2_MSG_UNIMPLEMENTED: + return false; + case NET_SSH2_MSG_KEXINIT: + // this is here for key re-exchanges after the initial key exchange + if ($this->session_id !== false) { + if (!$this->key_exchange($payload)) { + $this->bitmap = 0; + return false; + } + $payload = $this->get_binary_packet($skip_channel_filter); + } + } + + // see http://tools.ietf.org/html/rfc4252#section-5.4; only called when the encryption has been activated and when we haven't already logged in + if (($this->bitmap & self::MASK_CONNECTED) && !$this->isAuthenticated() && !is_bool($payload) && ord($payload[0]) == NET_SSH2_MSG_USERAUTH_BANNER) { + Strings::shift($payload, 1); + list($this->banner_message) = Strings::unpackSSH2('s', $payload); + $payload = $this->get_binary_packet(); + } + + // only called when we've already logged in + if (($this->bitmap & self::MASK_CONNECTED) && $this->isAuthenticated()) { + if (is_bool($payload)) { + return $payload; + } + + switch (ord($payload[0])) { + case NET_SSH2_MSG_CHANNEL_REQUEST: + if (strlen($payload) == 31) { + extract(unpack('cpacket_type/Nchannel/Nlength', $payload)); + if (substr($payload, 9, $length) == 'keepalive@openssh.com' && isset($this->server_channels[$channel])) { + if (ord(substr($payload, 9 + $length))) { // want reply + $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_SUCCESS, $this->server_channels[$channel])); + } + $payload = $this->get_binary_packet($skip_channel_filter); + } + } + break; + case NET_SSH2_MSG_CHANNEL_DATA: + case NET_SSH2_MSG_CHANNEL_EXTENDED_DATA: + case NET_SSH2_MSG_CHANNEL_CLOSE: + case NET_SSH2_MSG_CHANNEL_EOF: + if (!$skip_channel_filter && !empty($this->server_channels)) { + $this->binary_packet_buffer = $payload; + $this->get_channel_packet(true); + $payload = $this->get_binary_packet(); + } + break; + case NET_SSH2_MSG_GLOBAL_REQUEST: // see http://tools.ietf.org/html/rfc4254#section-4 + Strings::shift($payload, 1); + list($request_name) = Strings::unpackSSH2('s', $payload); + $this->errors[] = "SSH_MSG_GLOBAL_REQUEST: $request_name"; + + try { + $this->send_binary_packet(pack('C', NET_SSH2_MSG_REQUEST_FAILURE)); + } catch (\RuntimeException $e) { + return $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); + } + + $payload = $this->get_binary_packet($skip_channel_filter); + break; + case NET_SSH2_MSG_CHANNEL_OPEN: // see http://tools.ietf.org/html/rfc4254#section-5.1 + Strings::shift($payload, 1); + list($data, $server_channel) = Strings::unpackSSH2('sN', $payload); + switch ($data) { + case 'auth-agent': + case 'auth-agent@openssh.com': + if (isset($this->agent)) { + $new_channel = self::CHANNEL_AGENT_FORWARD; + + list( + $remote_window_size, + $remote_maximum_packet_size + ) = Strings::unpackSSH2('NN', $payload); + + $this->packet_size_client_to_server[$new_channel] = $remote_window_size; + $this->window_size_server_to_client[$new_channel] = $remote_maximum_packet_size; + $this->window_size_client_to_server[$new_channel] = $this->window_size; + + $packet_size = 0x4000; + + $packet = pack( + 'CN4', + NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION, + $server_channel, + $new_channel, + $packet_size, + $packet_size + ); + + $this->server_channels[$new_channel] = $server_channel; + $this->channel_status[$new_channel] = NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION; + $this->send_binary_packet($packet); + } + break; + default: + $packet = Strings::packSSH2( + 'CN2ss', + NET_SSH2_MSG_CHANNEL_OPEN_FAILURE, + $server_channel, + NET_SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED, + '', // description + '' // language tag + ); + + try { + $this->send_binary_packet($packet); + } catch (\RuntimeException $e) { + return $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); + } + } + + $payload = $this->get_binary_packet($skip_channel_filter); + break; + case NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST: + Strings::shift($payload, 1); + list($channel, $window_size) = Strings::unpackSSH2('NN', $payload); + + $this->window_size_client_to_server[$channel] += $window_size; + + $payload = ($this->bitmap & self::MASK_WINDOW_ADJUST) ? true : $this->get_binary_packet($skip_channel_filter); + } + } + + return $payload; + } + + /** + * Enable Quiet Mode + * + * Suppress stderr from output + * + */ + public function enableQuietMode() + { + $this->quiet_mode = true; + } + + /** + * Disable Quiet Mode + * + * Show stderr in output + * + */ + public function disableQuietMode() + { + $this->quiet_mode = false; + } + + /** + * Returns whether Quiet Mode is enabled or not + * + * @see self::enableQuietMode() + * @see self::disableQuietMode() + * @return bool + */ + public function isQuietModeEnabled() + { + return $this->quiet_mode; + } + + /** + * Enable request-pty when using exec() + * + */ + public function enablePTY() + { + $this->request_pty = true; + } + + /** + * Disable request-pty when using exec() + * + */ + public function disablePTY() + { + if ($this->isPTYOpen()) { + $this->close_channel(self::CHANNEL_EXEC); + } + $this->request_pty = false; + } + + /** + * Returns whether request-pty is enabled or not + * + * @see self::enablePTY() + * @see self::disablePTY() + * @return bool + */ + public function isPTYEnabled() + { + return $this->request_pty; + } + + /** + * Gets channel data + * + * Returns the data as a string. bool(true) is returned if: + * + * - the server closes the channel + * - if the connection times out + * - if the channel status is CHANNEL_OPEN and the response was CHANNEL_OPEN_CONFIRMATION + * - if the channel status is CHANNEL_REQUEST and the response was CHANNEL_SUCCESS + * - if the channel status is CHANNEL_CLOSE and the response was CHANNEL_CLOSE + * + * bool(false) is returned if: + * + * - if the channel status is CHANNEL_REQUEST and the response was CHANNEL_FAILURE + * + * @param int $client_channel + * @param bool $skip_extended + * @return mixed + * @throws \RuntimeException on connection error + */ + protected function get_channel_packet($client_channel, $skip_extended = false) + { + if (!empty($this->channel_buffers[$client_channel])) { + switch ($this->channel_status[$client_channel]) { + case NET_SSH2_MSG_CHANNEL_REQUEST: + foreach ($this->channel_buffers[$client_channel] as $i => $packet) { + switch (ord($packet[0])) { + case NET_SSH2_MSG_CHANNEL_SUCCESS: + case NET_SSH2_MSG_CHANNEL_FAILURE: + unset($this->channel_buffers[$client_channel][$i]); + return substr($packet, 1); + } + } + break; + default: + return substr(array_shift($this->channel_buffers[$client_channel]), 1); + } + } + + while (true) { + if ($this->binary_packet_buffer !== false) { + $response = $this->binary_packet_buffer; + $this->binary_packet_buffer = false; + } else { + $response = $this->get_binary_packet(true); + if ($response === true && $this->is_timeout) { + if ($client_channel == self::CHANNEL_EXEC && !$this->request_pty) { + $this->close_channel($client_channel); + } + return true; + } + if ($response === false) { + $this->disconnect_helper(NET_SSH2_DISCONNECT_CONNECTION_LOST); + throw new ConnectionClosedException('Connection closed by server'); + } + } + + if ($client_channel == -1 && $response === true) { + return true; + } + list($type, $channel) = Strings::unpackSSH2('CN', $response); + + // will not be setup yet on incoming channel open request + if (isset($channel) && isset($this->channel_status[$channel]) && isset($this->window_size_server_to_client[$channel])) { + $this->window_size_server_to_client[$channel] -= strlen($response); + + // resize the window, if appropriate + if ($this->window_size_server_to_client[$channel] < 0) { + // PuTTY does something more analogous to the following: + //if ($this->window_size_server_to_client[$channel] < 0x3FFFFFFF) { + $packet = pack('CNN', NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST, $this->server_channels[$channel], $this->window_resize); + $this->send_binary_packet($packet); + $this->window_size_server_to_client[$channel] += $this->window_resize; + } + + switch ($type) { + case NET_SSH2_MSG_CHANNEL_EXTENDED_DATA: + /* + if ($client_channel == self::CHANNEL_EXEC) { + $this->send_channel_packet($client_channel, chr(0)); + } + */ + // currently, there's only one possible value for $data_type_code: NET_SSH2_EXTENDED_DATA_STDERR + list($data_type_code, $data) = Strings::unpackSSH2('Ns', $response); + $this->stdErrorLog .= $data; + if ($skip_extended || $this->quiet_mode) { + continue 2; + } + if ($client_channel == $channel && $this->channel_status[$channel] == NET_SSH2_MSG_CHANNEL_DATA) { + return $data; + } + $this->channel_buffers[$channel][] = chr($type) . $data; + + continue 2; + case NET_SSH2_MSG_CHANNEL_REQUEST: + if ($this->channel_status[$channel] == NET_SSH2_MSG_CHANNEL_CLOSE) { + continue 2; + } + list($value) = Strings::unpackSSH2('s', $response); + switch ($value) { + case 'exit-signal': + list( + , // FALSE + $signal_name, + , // core dumped + $error_message + ) = Strings::unpackSSH2('bsbs', $response); + + $this->errors[] = "SSH_MSG_CHANNEL_REQUEST (exit-signal): $signal_name"; + if (strlen($error_message)) { + $this->errors[count($this->errors) - 1] .= "\r\n$error_message"; + } + + $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_EOF, $this->server_channels[$client_channel])); + $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$channel])); + + $this->channel_status[$channel] = NET_SSH2_MSG_CHANNEL_EOF; + + continue 3; + case 'exit-status': + list(, $this->exit_status) = Strings::unpackSSH2('CN', $response); + + // "The client MAY ignore these messages." + // -- http://tools.ietf.org/html/rfc4254#section-6.10 + + continue 3; + default: + // "Some systems may not implement signals, in which case they SHOULD ignore this message." + // -- http://tools.ietf.org/html/rfc4254#section-6.9 + continue 3; + } + } + + switch ($this->channel_status[$channel]) { + case NET_SSH2_MSG_CHANNEL_OPEN: + switch ($type) { + case NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION: + list( + $this->server_channels[$channel], + $window_size, + $this->packet_size_client_to_server[$channel] + ) = Strings::unpackSSH2('NNN', $response); + + if ($window_size < 0) { + $window_size &= 0x7FFFFFFF; + $window_size += 0x80000000; + } + $this->window_size_client_to_server[$channel] = $window_size; + $result = $client_channel == $channel ? true : $this->get_channel_packet($client_channel, $skip_extended); + $this->on_channel_open(); + return $result; + case NET_SSH2_MSG_CHANNEL_OPEN_FAILURE: + $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); + throw new \RuntimeException('Unable to open channel'); + default: + if ($client_channel == $channel) { + $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); + throw new \RuntimeException('Unexpected response to open request'); + } + return $this->get_channel_packet($client_channel, $skip_extended); + } + break; + case NET_SSH2_MSG_CHANNEL_REQUEST: + switch ($type) { + case NET_SSH2_MSG_CHANNEL_SUCCESS: + return true; + case NET_SSH2_MSG_CHANNEL_FAILURE: + return false; + case NET_SSH2_MSG_CHANNEL_DATA: + list($data) = Strings::unpackSSH2('s', $response); + $this->channel_buffers[$channel][] = chr($type) . $data; + return $this->get_channel_packet($client_channel, $skip_extended); + default: + $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); + throw new \RuntimeException('Unable to fulfill channel request'); + } + case NET_SSH2_MSG_CHANNEL_CLOSE: + if ($client_channel == $channel && $type == NET_SSH2_MSG_CHANNEL_CLOSE) { + return true; + } + return $this->get_channel_packet($client_channel, $skip_extended); + } + } + + // ie. $this->channel_status[$channel] == NET_SSH2_MSG_CHANNEL_DATA + + switch ($type) { + case NET_SSH2_MSG_CHANNEL_DATA: + /* + if ($channel == self::CHANNEL_EXEC) { + // SCP requires null packets, such as this, be sent. further, in the case of the ssh.com SSH server + // this actually seems to make things twice as fast. more to the point, the message right after + // SSH_MSG_CHANNEL_DATA (usually SSH_MSG_IGNORE) won't block for as long as it would have otherwise. + // in OpenSSH it slows things down but only by a couple thousandths of a second. + $this->send_channel_packet($channel, chr(0)); + } + */ + list($data) = Strings::unpackSSH2('s', $response); + + if ($channel == self::CHANNEL_AGENT_FORWARD) { + $agent_response = $this->agent->forwardData($data); + if (!is_bool($agent_response)) { + $this->send_channel_packet($channel, $agent_response); + } + break; + } + + if ($client_channel == $channel) { + return $data; + } + $this->channel_buffers[$channel][] = chr($type) . $data; + break; + case NET_SSH2_MSG_CHANNEL_CLOSE: + $this->curTimeout = 5; + + $this->close_channel_bitmap($channel); + + if ($this->channel_status[$channel] != NET_SSH2_MSG_CHANNEL_EOF) { + $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$channel])); + } + + $this->channel_status[$channel] = NET_SSH2_MSG_CHANNEL_CLOSE; + $this->channelCount--; + + if ($client_channel == $channel) { + return true; + } + // fall-through + case NET_SSH2_MSG_CHANNEL_EOF: + break; + default: + $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); + throw new \RuntimeException("Error reading channel data ($type)"); + } + } + } + + /** + * Sends Binary Packets + * + * See '6. Binary Packet Protocol' of rfc4253 for more info. + * + * @param string $data + * @param string $logged + * @see self::_get_binary_packet() + * @return void + */ + protected function send_binary_packet($data, $logged = null) + { + if (!is_resource($this->fsock) || feof($this->fsock)) { + $this->bitmap = 0; + throw new ConnectionClosedException('Connection closed prematurely'); + } + + if (!isset($logged)) { + $logged = $data; + } + + switch ($this->compress) { + case self::NET_SSH2_COMPRESSION_ZLIB_AT_OPENSSH: + if (!$this->isAuthenticated()) { + break; + } + // fall-through + case self::NET_SSH2_COMPRESSION_ZLIB: + if (!$this->regenerate_compression_context) { + $header = ''; + } else { + $this->regenerate_compression_context = false; + $this->compress_context = deflate_init(ZLIB_ENCODING_RAW, ['window' => 15]); + $header = "\x78\x9C"; + } + if ($this->compress_context) { + $data = $header . deflate_add($this->compress_context, $data, ZLIB_PARTIAL_FLUSH); + } + } + + // 4 (packet length) + 1 (padding length) + 4 (minimal padding amount) == 9 + $packet_length = strlen($data) + 9; + if ($this->encrypt && $this->encrypt->usesNonce()) { + $packet_length -= 4; + } + // round up to the nearest $this->encrypt_block_size + $packet_length += (($this->encrypt_block_size - 1) * $packet_length) % $this->encrypt_block_size; + // subtracting strlen($data) is obvious - subtracting 5 is necessary because of packet_length and padding_length + $padding_length = $packet_length - strlen($data) - 5; + switch (true) { + case $this->encrypt && $this->encrypt->usesNonce(): + case $this->hmac_create instanceof Hash && $this->hmac_create_etm: + $padding_length += 4; + $packet_length += 4; + } + + $padding = Random::string($padding_length); + + // we subtract 4 from packet_length because the packet_length field isn't supposed to include itself + $packet = pack('NCa*', $packet_length - 4, $padding_length, $data . $padding); + + $hmac = ''; + if ($this->hmac_create instanceof Hash && !$this->hmac_create_etm) { + if (($this->hmac_create->getHash() & "\xFF\xFF\xFF\xFF") == 'umac') { + $this->hmac_create->setNonce("\0\0\0\0" . pack('N', $this->send_seq_no)); + $hmac = $this->hmac_create->hash($packet); + } else { + $hmac = $this->hmac_create->hash(pack('Na*', $this->send_seq_no, $packet)); + } + } + + if ($this->encrypt) { + switch ($this->encryptName) { + case 'aes128-gcm@openssh.com': + case 'aes256-gcm@openssh.com': + $this->encrypt->setNonce( + $this->encryptFixedPart . + $this->encryptInvocationCounter + ); + Strings::increment_str($this->encryptInvocationCounter); + $this->encrypt->setAAD($temp = ($packet & "\xFF\xFF\xFF\xFF")); + $packet = $temp . $this->encrypt->encrypt(substr($packet, 4)); + break; + case 'chacha20-poly1305@openssh.com': + // This should be impossible, but we are checking anyway to narrow the type for Psalm. + if (!($this->encrypt instanceof ChaCha20)) { + throw new \LogicException('$this->encrypt is not a ' . ChaCha20::class); + } + + $nonce = pack('N2', 0, $this->send_seq_no); + + $this->encrypt->setNonce($nonce); + $this->lengthEncrypt->setNonce($nonce); + + $length = $this->lengthEncrypt->encrypt($packet & "\xFF\xFF\xFF\xFF"); + + $this->encrypt->setCounter(0); + // this is the same approach that's implemented in Salsa20::createPoly1305Key() + // but we don't want to use the same AEAD construction that RFC8439 describes + // for ChaCha20-Poly1305 so we won't rely on it (see Salsa20::poly1305()) + $this->encrypt->setPoly1305Key( + $this->encrypt->encrypt(str_repeat("\0", 32)) + ); + $this->encrypt->setAAD($length); + $this->encrypt->setCounter(1); + $packet = $length . $this->encrypt->encrypt(substr($packet, 4)); + break; + default: + $packet = $this->hmac_create instanceof Hash && $this->hmac_create_etm ? + ($packet & "\xFF\xFF\xFF\xFF") . $this->encrypt->encrypt(substr($packet, 4)) : + $this->encrypt->encrypt($packet); + } + } + + if ($this->hmac_create instanceof Hash && $this->hmac_create_etm) { + if (($this->hmac_create->getHash() & "\xFF\xFF\xFF\xFF") == 'umac') { + $this->hmac_create->setNonce("\0\0\0\0" . pack('N', $this->send_seq_no)); + $hmac = $this->hmac_create->hash($packet); + } else { + $hmac = $this->hmac_create->hash(pack('Na*', $this->send_seq_no, $packet)); + } + } + + $this->send_seq_no++; + + $packet .= $this->encrypt && $this->encrypt->usesNonce() ? $this->encrypt->getTag() : $hmac; + + $start = microtime(true); + $sent = @fputs($this->fsock, $packet); + $stop = microtime(true); + + if (defined('NET_SSH2_LOGGING')) { + $current = microtime(true); + $message_number = isset(self::$message_numbers[ord($logged[0])]) ? self::$message_numbers[ord($logged[0])] : 'UNKNOWN (' . ord($logged[0]) . ')'; + $message_number = '-> ' . $message_number . + ' (since last: ' . round($current - $this->last_packet, 4) . ', network: ' . round($stop - $start, 4) . 's)'; + $this->append_log($message_number, $logged); + $this->last_packet = $current; + } + + if (strlen($packet) != $sent) { + $this->bitmap = 0; + $message = $sent === false ? + 'Unable to write ' . strlen($packet) . ' bytes' : + "Only $sent of " . strlen($packet) . " bytes were sent"; + throw new \RuntimeException($message); + } + } + + /** + * Logs data packets + * + * Makes sure that only the last 1MB worth of packets will be logged + * + * @param string $message_number + * @param string $message + */ + private function append_log($message_number, $message) + { + $this->append_log_helper( + NET_SSH2_LOGGING, + $message_number, + $message, + $this->message_number_log, + $this->message_log, + $this->log_size, + $this->realtime_log_file, + $this->realtime_log_wrap, + $this->realtime_log_size + ); + } + + /** + * Logs data packet helper + * + * @param int $constant + * @param string $message_number + * @param string $message + * @param array &$message_number_log + * @param array &$message_log + * @param int &$log_size + * @param resource &$realtime_log_file + * @param bool &$realtime_log_wrap + * @param int &$realtime_log_size + */ + protected function append_log_helper($constant, $message_number, $message, array &$message_number_log, array &$message_log, &$log_size, &$realtime_log_file, &$realtime_log_wrap, &$realtime_log_size) + { + // remove the byte identifying the message type from all but the first two messages (ie. the identification strings) + if (strlen($message_number) > 2) { + Strings::shift($message); + } + + switch ($constant) { + // useful for benchmarks + case self::LOG_SIMPLE: + $message_number_log[] = $message_number; + break; + case self::LOG_SIMPLE_REALTIME: + echo $message_number; + echo PHP_SAPI == 'cli' ? "\r\n" : '
'; + @flush(); + @ob_flush(); + break; + // the most useful log for SSH2 + case self::LOG_COMPLEX: + $message_number_log[] = $message_number; + $log_size += strlen($message); + $message_log[] = $message; + while ($log_size > self::LOG_MAX_SIZE) { + $log_size -= strlen(array_shift($message_log)); + array_shift($message_number_log); + } + break; + // dump the output out realtime; packets may be interspersed with non packets, + // passwords won't be filtered out and select other packets may not be correctly + // identified + case self::LOG_REALTIME: + switch (PHP_SAPI) { + case 'cli': + $start = $stop = "\r\n"; + break; + default: + $start = '
';
+                        $stop = '
'; + } + echo $start . $this->format_log([$message], [$message_number]) . $stop; + @flush(); + @ob_flush(); + break; + // basically the same thing as self::LOG_REALTIME with the caveat that NET_SSH2_LOG_REALTIME_FILENAME + // needs to be defined and that the resultant log file will be capped out at self::LOG_MAX_SIZE. + // the earliest part of the log file is denoted by the first <<< START >>> and is not going to necessarily + // at the beginning of the file + case self::LOG_REALTIME_FILE: + if (!isset($realtime_log_file)) { + // PHP doesn't seem to like using constants in fopen() + $filename = NET_SSH2_LOG_REALTIME_FILENAME; + $fp = fopen($filename, 'w'); + $realtime_log_file = $fp; + } + if (!is_resource($realtime_log_file)) { + break; + } + $entry = $this->format_log([$message], [$message_number]); + if ($realtime_log_wrap) { + $temp = "<<< START >>>\r\n"; + $entry .= $temp; + fseek($realtime_log_file, ftell($realtime_log_file) - strlen($temp)); + } + $realtime_log_size += strlen($entry); + if ($realtime_log_size > self::LOG_MAX_SIZE) { + fseek($realtime_log_file, 0); + $realtime_log_size = strlen($entry); + $realtime_log_wrap = true; + } + fputs($realtime_log_file, $entry); + } + } + + /** + * Sends channel data + * + * Spans multiple SSH_MSG_CHANNEL_DATAs if appropriate + * + * @param int $client_channel + * @param string $data + * @return void + */ + protected function send_channel_packet($client_channel, $data) + { + while (strlen($data)) { + if (!$this->window_size_client_to_server[$client_channel]) { + $this->bitmap ^= self::MASK_WINDOW_ADJUST; + // using an invalid channel will let the buffers be built up for the valid channels + $this->get_channel_packet(-1); + $this->bitmap ^= self::MASK_WINDOW_ADJUST; + } + + /* The maximum amount of data allowed is determined by the maximum + packet size for the channel, and the current window size, whichever + is smaller. + -- http://tools.ietf.org/html/rfc4254#section-5.2 */ + $max_size = min( + $this->packet_size_client_to_server[$client_channel], + $this->window_size_client_to_server[$client_channel] + ); + + $temp = Strings::shift($data, $max_size); + $packet = Strings::packSSH2( + 'CNs', + NET_SSH2_MSG_CHANNEL_DATA, + $this->server_channels[$client_channel], + $temp + ); + $this->window_size_client_to_server[$client_channel] -= strlen($temp); + $this->send_binary_packet($packet); + } + } + + /** + * Closes and flushes a channel + * + * \phpseclib3\Net\SSH2 doesn't properly close most channels. For exec() channels are normally closed by the server + * and for SFTP channels are presumably closed when the client disconnects. This functions is intended + * for SCP more than anything. + * + * @param int $client_channel + * @param bool $want_reply + * @return void + */ + private function close_channel($client_channel, $want_reply = false) + { + // see http://tools.ietf.org/html/rfc4254#section-5.3 + + $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_EOF, $this->server_channels[$client_channel])); + + if (!$want_reply) { + $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$client_channel])); + } + + $this->channel_status[$client_channel] = NET_SSH2_MSG_CHANNEL_CLOSE; + $this->channelCount--; + + $this->curTimeout = 5; + + while (!is_bool($this->get_channel_packet($client_channel))) { + } + + if ($want_reply) { + $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$client_channel])); + } + + $this->close_channel_bitmap($client_channel); + } + + /** + * Maintains execution state bitmap in response to channel closure + * + * @param int $client_channel The channel number to maintain closure status of + * @return void + */ + private function close_channel_bitmap($client_channel) + { + switch ($client_channel) { + case self::CHANNEL_SHELL: + // Shell status has been maintained in the bitmap for backwards + // compatibility sake, but can be removed going forward + if ($this->bitmap & self::MASK_SHELL) { + $this->bitmap &= ~self::MASK_SHELL; + } + break; + } + } + + /** + * Disconnect + * + * @param int $reason + * @return false + */ + protected function disconnect_helper($reason) + { + if ($this->bitmap & self::MASK_CONNECTED) { + $data = Strings::packSSH2('CNss', NET_SSH2_MSG_DISCONNECT, $reason, '', ''); + try { + $this->send_binary_packet($data); + } catch (\Exception $e) { + } + } + + $this->bitmap = 0; + if (is_resource($this->fsock) && get_resource_type($this->fsock) === 'stream') { + fclose($this->fsock); + } + + return false; + } + + /** + * Define Array + * + * Takes any number of arrays whose indices are integers and whose values are strings and defines a bunch of + * named constants from it, using the value as the name of the constant and the index as the value of the constant. + * If any of the constants that would be defined already exists, none of the constants will be defined. + * + * @param mixed[] ...$args + * @access protected + */ + protected static function define_array(...$args) + { + foreach ($args as $arg) { + foreach ($arg as $key => $value) { + if (!defined($value)) { + define($value, $key); + } else { + break 2; + } + } + } + } + + /** + * Returns a log of the packets that have been sent and received. + * + * Returns a string if NET_SSH2_LOGGING == self::LOG_COMPLEX, an array if NET_SSH2_LOGGING == self::LOG_SIMPLE and false if !defined('NET_SSH2_LOGGING') + * + * @return array|false|string + */ + public function getLog() + { + if (!defined('NET_SSH2_LOGGING')) { + return false; + } + + switch (NET_SSH2_LOGGING) { + case self::LOG_SIMPLE: + return $this->message_number_log; + case self::LOG_COMPLEX: + $log = $this->format_log($this->message_log, $this->message_number_log); + return PHP_SAPI == 'cli' ? $log : '
' . $log . '
'; + default: + return false; + } + } + + /** + * Formats a log for printing + * + * @param array $message_log + * @param array $message_number_log + * @return string + */ + protected function format_log(array $message_log, array $message_number_log) + { + $output = ''; + for ($i = 0; $i < count($message_log); $i++) { + $output .= $message_number_log[$i] . "\r\n"; + $current_log = $message_log[$i]; + $j = 0; + do { + if (strlen($current_log)) { + $output .= str_pad(dechex($j), 7, '0', STR_PAD_LEFT) . '0 '; + } + $fragment = Strings::shift($current_log, $this->log_short_width); + $hex = substr(preg_replace_callback('#.#s', function ($matches) { + return $this->log_boundary . str_pad(dechex(ord($matches[0])), 2, '0', STR_PAD_LEFT); + }, $fragment), strlen($this->log_boundary)); + // replace non ASCII printable characters with dots + // http://en.wikipedia.org/wiki/ASCII#ASCII_printable_characters + // also replace < with a . since < messes up the output on web browsers + $raw = preg_replace('#[^\x20-\x7E]|<#', '.', $fragment); + $output .= str_pad($hex, $this->log_long_width - $this->log_short_width, ' ') . $raw . "\r\n"; + $j++; + } while (strlen($current_log)); + $output .= "\r\n"; + } + + return $output; + } + + /** + * Helper function for agent->on_channel_open() + * + * Used when channels are created to inform agent + * of said channel opening. Must be called after + * channel open confirmation received + * + */ + private function on_channel_open() + { + if (isset($this->agent)) { + $this->agent->registerChannelOpen($this); + } + } + + /** + * Returns the first value of the intersection of two arrays or false if + * the intersection is empty. The order is defined by the first parameter. + * + * @param array $array1 + * @param array $array2 + * @return mixed False if intersection is empty, else intersected value. + */ + private static function array_intersect_first(array $array1, array $array2) + { + foreach ($array1 as $value) { + if (in_array($value, $array2)) { + return $value; + } + } + return false; + } + + /** + * Returns all errors + * + * @return string[] + */ + public function getErrors() + { + return $this->errors; + } + + /** + * Returns the last error + * + * @return string + */ + public function getLastError() + { + $count = count($this->errors); + + if ($count > 0) { + return $this->errors[$count - 1]; + } + } + + /** + * Return the server identification. + * + * @return string|false + */ + public function getServerIdentification() + { + $this->connect(); + + return $this->server_identifier; + } + + /** + * Returns a list of algorithms the server supports + * + * @return array + */ + public function getServerAlgorithms() + { + $this->connect(); + + return [ + 'kex' => $this->kex_algorithms, + 'hostkey' => $this->server_host_key_algorithms, + 'client_to_server' => [ + 'crypt' => $this->encryption_algorithms_client_to_server, + 'mac' => $this->mac_algorithms_client_to_server, + 'comp' => $this->compression_algorithms_client_to_server, + 'lang' => $this->languages_client_to_server + ], + 'server_to_client' => [ + 'crypt' => $this->encryption_algorithms_server_to_client, + 'mac' => $this->mac_algorithms_server_to_client, + 'comp' => $this->compression_algorithms_server_to_client, + 'lang' => $this->languages_server_to_client + ] + ]; + } + + /** + * Returns a list of KEX algorithms that phpseclib supports + * + * @return array + */ + public static function getSupportedKEXAlgorithms() + { + $kex_algorithms = [ + // Elliptic Curve Diffie-Hellman Key Agreement (ECDH) using + // Curve25519. See doc/curve25519-sha256@libssh.org.txt in the + // libssh repository for more information. + 'curve25519-sha256', + 'curve25519-sha256@libssh.org', + + 'ecdh-sha2-nistp256', // RFC 5656 + 'ecdh-sha2-nistp384', // RFC 5656 + 'ecdh-sha2-nistp521', // RFC 5656 + + 'diffie-hellman-group-exchange-sha256',// RFC 4419 + 'diffie-hellman-group-exchange-sha1', // RFC 4419 + + // Diffie-Hellman Key Agreement (DH) using integer modulo prime + // groups. + 'diffie-hellman-group14-sha256', + 'diffie-hellman-group14-sha1', // REQUIRED + 'diffie-hellman-group15-sha512', + 'diffie-hellman-group16-sha512', + 'diffie-hellman-group17-sha512', + 'diffie-hellman-group18-sha512', + + 'diffie-hellman-group1-sha1', // REQUIRED + ]; + + return $kex_algorithms; + } + + /** + * Returns a list of host key algorithms that phpseclib supports + * + * @return array + */ + public static function getSupportedHostKeyAlgorithms() + { + return [ + 'ssh-ed25519', // https://tools.ietf.org/html/draft-ietf-curdle-ssh-ed25519-02 + 'ecdsa-sha2-nistp256', // RFC 5656 + 'ecdsa-sha2-nistp384', // RFC 5656 + 'ecdsa-sha2-nistp521', // RFC 5656 + 'rsa-sha2-256', // RFC 8332 + 'rsa-sha2-512', // RFC 8332 + 'ssh-rsa', // RECOMMENDED sign Raw RSA Key + 'ssh-dss' // REQUIRED sign Raw DSS Key + ]; + } + + /** + * Returns a list of symmetric key algorithms that phpseclib supports + * + * @return array + */ + public static function getSupportedEncryptionAlgorithms() + { + $algos = [ + // from : + 'aes128-gcm@openssh.com', + 'aes256-gcm@openssh.com', + + // from : + 'arcfour256', + 'arcfour128', + + //'arcfour', // OPTIONAL the ARCFOUR stream cipher with a 128-bit key + + // CTR modes from : + 'aes128-ctr', // RECOMMENDED AES (Rijndael) in SDCTR mode, with 128-bit key + 'aes192-ctr', // RECOMMENDED AES with 192-bit key + 'aes256-ctr', // RECOMMENDED AES with 256-bit key + + // from : + // one of the big benefits of chacha20-poly1305 is speed. the problem is... + // libsodium doesn't generate the poly1305 keys in the way ssh does and openssl's PHP bindings don't even + // seem to support poly1305 currently. so even if libsodium or openssl are being used for the chacha20 + // part, pure-PHP has to be used for the poly1305 part and that's gonna cause a big slow down. + // speed-wise it winds up being faster to use AES (when openssl or mcrypt are available) and some HMAC + // (which is always gonna be super fast to compute thanks to the hash extension, which + // "is bundled and compiled into PHP by default") + 'chacha20-poly1305@openssh.com', + + 'twofish128-ctr', // OPTIONAL Twofish in SDCTR mode, with 128-bit key + 'twofish192-ctr', // OPTIONAL Twofish with 192-bit key + 'twofish256-ctr', // OPTIONAL Twofish with 256-bit key + + 'aes128-cbc', // RECOMMENDED AES with a 128-bit key + 'aes192-cbc', // OPTIONAL AES with a 192-bit key + 'aes256-cbc', // OPTIONAL AES in CBC mode, with a 256-bit key + + 'twofish128-cbc', // OPTIONAL Twofish with a 128-bit key + 'twofish192-cbc', // OPTIONAL Twofish with a 192-bit key + 'twofish256-cbc', + 'twofish-cbc', // OPTIONAL alias for "twofish256-cbc" + // (this is being retained for historical reasons) + + 'blowfish-ctr', // OPTIONAL Blowfish in SDCTR mode + + 'blowfish-cbc', // OPTIONAL Blowfish in CBC mode + + '3des-ctr', // RECOMMENDED Three-key 3DES in SDCTR mode + + '3des-cbc', // REQUIRED three-key 3DES in CBC mode + + //'none' // OPTIONAL no encryption; NOT RECOMMENDED + ]; + + if (self::$crypto_engine) { + $engines = [self::$crypto_engine]; + } else { + $engines = [ + 'libsodium', + 'OpenSSL (GCM)', + 'OpenSSL', + 'mcrypt', + 'Eval', + 'PHP' + ]; + } + + $ciphers = []; + + foreach ($engines as $engine) { + foreach ($algos as $algo) { + $obj = self::encryption_algorithm_to_crypt_instance($algo); + if ($obj instanceof Rijndael) { + $obj->setKeyLength(preg_replace('#[^\d]#', '', $algo)); + } + switch ($algo) { + case 'chacha20-poly1305@openssh.com': + case 'arcfour128': + case 'arcfour256': + if ($engine != 'Eval') { + continue 2; + } + break; + case 'aes128-gcm@openssh.com': + case 'aes256-gcm@openssh.com': + if ($engine == 'OpenSSL') { + continue 2; + } + $obj->setNonce('dummydummydu'); + } + if ($obj->isValidEngine($engine)) { + $algos = array_diff($algos, [$algo]); + $ciphers[] = $algo; + } + } + } + + return $ciphers; + } + + /** + * Returns a list of MAC algorithms that phpseclib supports + * + * @return array + */ + public static function getSupportedMACAlgorithms() + { + return [ + 'hmac-sha2-256-etm@openssh.com', + 'hmac-sha2-512-etm@openssh.com', + 'umac-64-etm@openssh.com', + 'umac-128-etm@openssh.com', + 'hmac-sha1-etm@openssh.com', + + // from : + 'hmac-sha2-256',// RECOMMENDED HMAC-SHA256 (digest length = key length = 32) + 'hmac-sha2-512',// OPTIONAL HMAC-SHA512 (digest length = key length = 64) + + // from : + 'umac-64@openssh.com', + 'umac-128@openssh.com', + + 'hmac-sha1-96', // RECOMMENDED first 96 bits of HMAC-SHA1 (digest length = 12, key length = 20) + 'hmac-sha1', // REQUIRED HMAC-SHA1 (digest length = key length = 20) + 'hmac-md5-96', // OPTIONAL first 96 bits of HMAC-MD5 (digest length = 12, key length = 16) + 'hmac-md5', // OPTIONAL HMAC-MD5 (digest length = key length = 16) + //'none' // OPTIONAL no MAC; NOT RECOMMENDED + ]; + } + + /** + * Returns a list of compression algorithms that phpseclib supports + * + * @return array + */ + public static function getSupportedCompressionAlgorithms() + { + $algos = ['none']; // REQUIRED no compression + if (function_exists('deflate_init')) { + $algos[] = 'zlib@openssh.com'; // https://datatracker.ietf.org/doc/html/draft-miller-secsh-compression-delayed + $algos[] = 'zlib'; + } + return $algos; + } + + /** + * Return list of negotiated algorithms + * + * Uses the same format as https://www.php.net/ssh2-methods-negotiated + * + * @return array + */ + public function getAlgorithmsNegotiated() + { + $this->connect(); + + $compression_map = [ + self::NET_SSH2_COMPRESSION_NONE => 'none', + self::NET_SSH2_COMPRESSION_ZLIB => 'zlib', + self::NET_SSH2_COMPRESSION_ZLIB_AT_OPENSSH => 'zlib@openssh.com' + ]; + + return [ + 'kex' => $this->kex_algorithm, + 'hostkey' => $this->signature_format, + 'client_to_server' => [ + 'crypt' => $this->encryptName, + 'mac' => $this->hmac_create_name, + 'comp' => $compression_map[$this->compress], + ], + 'server_to_client' => [ + 'crypt' => $this->decryptName, + 'mac' => $this->hmac_check_name, + 'comp' => $compression_map[$this->decompress], + ] + ]; + } + + /** + * Force multiple channels (even if phpseclib has decided to disable them) + */ + public function forceMultipleChannels() + { + $this->errorOnMultipleChannels = false; + } + + /** + * Allows you to set the terminal + * + * @param string $term + */ + public function setTerminal($term) + { + $this->term = $term; + } + + /** + * Accepts an associative array with up to four parameters as described at + * + * + * @param array $methods + */ + public function setPreferredAlgorithms(array $methods) + { + $preferred = $methods; + + if (isset($preferred['kex'])) { + $preferred['kex'] = array_intersect( + $preferred['kex'], + static::getSupportedKEXAlgorithms() + ); + } + + if (isset($preferred['hostkey'])) { + $preferred['hostkey'] = array_intersect( + $preferred['hostkey'], + static::getSupportedHostKeyAlgorithms() + ); + } + + $keys = ['client_to_server', 'server_to_client']; + foreach ($keys as $key) { + if (isset($preferred[$key])) { + $a = &$preferred[$key]; + if (isset($a['crypt'])) { + $a['crypt'] = array_intersect( + $a['crypt'], + static::getSupportedEncryptionAlgorithms() + ); + } + if (isset($a['comp'])) { + $a['comp'] = array_intersect( + $a['comp'], + static::getSupportedCompressionAlgorithms() + ); + } + if (isset($a['mac'])) { + $a['mac'] = array_intersect( + $a['mac'], + static::getSupportedMACAlgorithms() + ); + } + } + } + + $keys = [ + 'kex', + 'hostkey', + 'client_to_server/crypt', + 'client_to_server/comp', + 'client_to_server/mac', + 'server_to_client/crypt', + 'server_to_client/comp', + 'server_to_client/mac', + ]; + foreach ($keys as $key) { + $p = $preferred; + $m = $methods; + + $subkeys = explode('/', $key); + foreach ($subkeys as $subkey) { + if (!isset($p[$subkey])) { + continue 2; + } + $p = $p[$subkey]; + $m = $m[$subkey]; + } + + if (count($p) != count($m)) { + $diff = array_diff($m, $p); + $msg = count($diff) == 1 ? + ' is not a supported algorithm' : + ' are not supported algorithms'; + throw new UnsupportedAlgorithmException(implode(', ', $diff) . $msg); + } + } + + $this->preferred = $preferred; + } + + /** + * Returns the banner message. + * + * Quoting from the RFC, "in some jurisdictions, sending a warning message before + * authentication may be relevant for getting legal protection." + * + * @return string + */ + public function getBannerMessage() + { + return $this->banner_message; + } + + /** + * Returns the server public host key. + * + * Caching this the first time you connect to a server and checking the result on subsequent connections + * is recommended. Returns false if the server signature is not signed correctly with the public host key. + * + * @return string|false + * @throws \RuntimeException on badly formatted keys + * @throws \phpseclib3\Exception\NoSupportedAlgorithmsException when the key isn't in a supported format + */ + public function getServerPublicHostKey() + { + if (!($this->bitmap & self::MASK_CONSTRUCTOR)) { + $this->connect(); + } + + $signature = $this->signature; + $server_public_host_key = base64_encode($this->server_public_host_key); + + if ($this->signature_validated) { + return $this->bitmap ? + $this->signature_format . ' ' . $server_public_host_key : + false; + } + + $this->signature_validated = true; + + switch ($this->signature_format) { + case 'ssh-ed25519': + case 'ecdsa-sha2-nistp256': + case 'ecdsa-sha2-nistp384': + case 'ecdsa-sha2-nistp521': + $key = EC::loadFormat('OpenSSH', $server_public_host_key) + ->withSignatureFormat('SSH2'); + switch ($this->signature_format) { + case 'ssh-ed25519': + $hash = 'sha512'; + break; + case 'ecdsa-sha2-nistp256': + $hash = 'sha256'; + break; + case 'ecdsa-sha2-nistp384': + $hash = 'sha384'; + break; + case 'ecdsa-sha2-nistp521': + $hash = 'sha512'; + } + $key = $key->withHash($hash); + break; + case 'ssh-dss': + $key = DSA::loadFormat('OpenSSH', $server_public_host_key) + ->withSignatureFormat('SSH2') + ->withHash('sha1'); + break; + case 'ssh-rsa': + case 'rsa-sha2-256': + case 'rsa-sha2-512': + // could be ssh-rsa, rsa-sha2-256, rsa-sha2-512 + // we don't check here because we already checked in key_exchange + // some signatures have the type embedded within the message and some don't + list(, $signature) = Strings::unpackSSH2('ss', $signature); + + $key = RSA::loadFormat('OpenSSH', $server_public_host_key) + ->withPadding(RSA::SIGNATURE_PKCS1); + switch ($this->signature_format) { + case 'rsa-sha2-512': + $hash = 'sha512'; + break; + case 'rsa-sha2-256': + $hash = 'sha256'; + break; + //case 'ssh-rsa': + default: + $hash = 'sha1'; + } + $key = $key->withHash($hash); + break; + default: + $this->disconnect_helper(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE); + throw new NoSupportedAlgorithmsException('Unsupported signature format'); + } + + if (!$key->verify($this->exchange_hash, $signature)) { + return $this->disconnect_helper(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE); + }; + + return $this->signature_format . ' ' . $server_public_host_key; + } + + /** + * Returns the exit status of an SSH command or false. + * + * @return false|int + */ + public function getExitStatus() + { + if (is_null($this->exit_status)) { + return false; + } + return $this->exit_status; + } + + /** + * Returns the number of columns for the terminal window size. + * + * @return int + */ + public function getWindowColumns() + { + return $this->windowColumns; + } + + /** + * Returns the number of rows for the terminal window size. + * + * @return int + */ + public function getWindowRows() + { + return $this->windowRows; + } + + /** + * Sets the number of columns for the terminal window size. + * + * @param int $value + */ + public function setWindowColumns($value) + { + $this->windowColumns = $value; + } + + /** + * Sets the number of rows for the terminal window size. + * + * @param int $value + */ + public function setWindowRows($value) + { + $this->windowRows = $value; + } + + /** + * Sets the number of columns and rows for the terminal window size. + * + * @param int $columns + * @param int $rows + */ + public function setWindowSize($columns = 80, $rows = 24) + { + $this->windowColumns = $columns; + $this->windowRows = $rows; + } + + /** + * To String Magic Method + * + * @return string + */ + #[\ReturnTypeWillChange] + public function __toString() + { + return $this->getResourceId(); + } + + /** + * Get Resource ID + * + * We use {} because that symbols should not be in URL according to + * {@link http://tools.ietf.org/html/rfc3986#section-2 RFC}. + * It will safe us from any conflicts, because otherwise regexp will + * match all alphanumeric domains. + * + * @return string + */ + public function getResourceId() + { + return '{' . spl_object_hash($this) . '}'; + } + + /** + * Return existing connection + * + * @param string $id + * + * @return bool|SSH2 will return false if no such connection + */ + public static function getConnectionByResourceId($id) + { + if (isset(self::$connections[$id])) { + return self::$connections[$id] instanceof \WeakReference ? self::$connections[$id]->get() : self::$connections[$id]; + } + return false; + } + + /** + * Return all excising connections + * + * @return array + */ + public static function getConnections() + { + if (!class_exists('WeakReference')) { + /** @var array */ + return self::$connections; + } + $temp = []; + foreach (self::$connections as $key => $ref) { + $temp[$key] = $ref->get(); + } + return $temp; + } + + /* + * Update packet types in log history + * + * @param string $old + * @param string $new + */ + private function updateLogHistory($old, $new) + { + if (defined('NET_SSH2_LOGGING') && NET_SSH2_LOGGING == self::LOG_COMPLEX) { + $this->message_number_log[count($this->message_number_log) - 1] = str_replace( + $old, + $new, + $this->message_number_log[count($this->message_number_log) - 1] + ); + } + } + + /** + * Return the list of authentication methods that may productively continue authentication. + * + * @see https://tools.ietf.org/html/rfc4252#section-5.1 + * @return array|null + */ + public function getAuthMethodsToContinue() + { + return $this->auth_methods_to_continue; + } + + /** + * Enables "smart" multi-factor authentication (MFA) + */ + public function enableSmartMFA() + { + $this->smartMFA = true; + } + + /** + * Disables "smart" multi-factor authentication (MFA) + */ + public function disableSmartMFA() + { + $this->smartMFA = false; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Agent.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Agent.php new file mode 100644 index 0000000..26ca322 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Agent.php @@ -0,0 +1,286 @@ + + * login('username', $agent)) { + * exit('Login Failed'); + * } + * + * echo $ssh->exec('pwd'); + * echo $ssh->exec('ls -la'); + * ?> + * + * + * @author Jim Wigginton + * @copyright 2014 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\System\SSH; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\PublicKeyLoader; +use phpseclib3\Crypt\RSA; +use phpseclib3\Exception\BadConfigurationException; +use phpseclib3\Net\SSH2; +use phpseclib3\System\SSH\Agent\Identity; + +/** + * Pure-PHP ssh-agent client identity factory + * + * requestIdentities() method pumps out \phpseclib3\System\SSH\Agent\Identity objects + * + * @author Jim Wigginton + */ +class Agent +{ + use Common\Traits\ReadBytes; + + // Message numbers + + // to request SSH1 keys you have to use SSH_AGENTC_REQUEST_RSA_IDENTITIES (1) + const SSH_AGENTC_REQUEST_IDENTITIES = 11; + // this is the SSH2 response; the SSH1 response is SSH_AGENT_RSA_IDENTITIES_ANSWER (2). + const SSH_AGENT_IDENTITIES_ANSWER = 12; + // the SSH1 request is SSH_AGENTC_RSA_CHALLENGE (3) + const SSH_AGENTC_SIGN_REQUEST = 13; + // the SSH1 response is SSH_AGENT_RSA_RESPONSE (4) + const SSH_AGENT_SIGN_RESPONSE = 14; + + // Agent forwarding status + + // no forwarding requested and not active + const FORWARD_NONE = 0; + // request agent forwarding when opportune + const FORWARD_REQUEST = 1; + // forwarding has been request and is active + const FORWARD_ACTIVE = 2; + + /** + * Unused + */ + const SSH_AGENT_FAILURE = 5; + + /** + * Socket Resource + * + * @var resource + */ + private $fsock; + + /** + * Agent forwarding status + * + * @var int + */ + private $forward_status = self::FORWARD_NONE; + + /** + * Buffer for accumulating forwarded authentication + * agent data arriving on SSH data channel destined + * for agent unix socket + * + * @var string + */ + private $socket_buffer = ''; + + /** + * Tracking the number of bytes we are expecting + * to arrive for the agent socket on the SSH data + * channel + * + * @var int + */ + private $expected_bytes = 0; + + /** + * Default Constructor + * + * @return \phpseclib3\System\SSH\Agent + * @throws \phpseclib3\Exception\BadConfigurationException if SSH_AUTH_SOCK cannot be found + * @throws \RuntimeException on connection errors + */ + public function __construct($address = null) + { + if (!$address) { + switch (true) { + case isset($_SERVER['SSH_AUTH_SOCK']): + $address = $_SERVER['SSH_AUTH_SOCK']; + break; + case isset($_ENV['SSH_AUTH_SOCK']): + $address = $_ENV['SSH_AUTH_SOCK']; + break; + default: + throw new BadConfigurationException('SSH_AUTH_SOCK not found'); + } + } + + if (in_array('unix', stream_get_transports())) { + $this->fsock = fsockopen('unix://' . $address, 0, $errno, $errstr); + if (!$this->fsock) { + throw new \RuntimeException("Unable to connect to ssh-agent (Error $errno: $errstr)"); + } + } else { + if (substr($address, 0, 9) != '\\\\.\\pipe\\' || strpos(substr($address, 9), '\\') !== false) { + throw new \RuntimeException('Address is not formatted as a named pipe should be'); + } + + $this->fsock = fopen($address, 'r+b'); + if (!$this->fsock) { + throw new \RuntimeException('Unable to open address'); + } + } + } + + /** + * Request Identities + * + * See "2.5.2 Requesting a list of protocol 2 keys" + * Returns an array containing zero or more \phpseclib3\System\SSH\Agent\Identity objects + * + * @return array + * @throws \RuntimeException on receipt of unexpected packets + */ + public function requestIdentities() + { + if (!$this->fsock) { + return []; + } + + $packet = pack('NC', 1, self::SSH_AGENTC_REQUEST_IDENTITIES); + if (strlen($packet) != fputs($this->fsock, $packet)) { + throw new \RuntimeException('Connection closed while requesting identities'); + } + + $length = current(unpack('N', $this->readBytes(4))); + $packet = $this->readBytes($length); + + list($type, $keyCount) = Strings::unpackSSH2('CN', $packet); + if ($type != self::SSH_AGENT_IDENTITIES_ANSWER) { + throw new \RuntimeException('Unable to request identities'); + } + + $identities = []; + for ($i = 0; $i < $keyCount; $i++) { + list($key_blob, $comment) = Strings::unpackSSH2('ss', $packet); + $temp = $key_blob; + list($key_type) = Strings::unpackSSH2('s', $temp); + switch ($key_type) { + case 'ssh-rsa': + case 'ssh-dss': + case 'ssh-ed25519': + case 'ecdsa-sha2-nistp256': + case 'ecdsa-sha2-nistp384': + case 'ecdsa-sha2-nistp521': + $key = PublicKeyLoader::load($key_type . ' ' . base64_encode($key_blob)); + } + // resources are passed by reference by default + if (isset($key)) { + $identity = (new Identity($this->fsock)) + ->withPublicKey($key) + ->withPublicKeyBlob($key_blob); + $identities[] = $identity; + unset($key); + } + } + + return $identities; + } + + /** + * Signal that agent forwarding should + * be requested when a channel is opened + * + * @return void + */ + public function startSSHForwarding() + { + if ($this->forward_status == self::FORWARD_NONE) { + $this->forward_status = self::FORWARD_REQUEST; + } + } + + /** + * Request agent forwarding of remote server + * + * @param \phpseclib3\Net\SSH2 $ssh + * @return bool + */ + private function request_forwarding(SSH2 $ssh) + { + if (!$ssh->requestAgentForwarding()) { + return false; + } + + $this->forward_status = self::FORWARD_ACTIVE; + + return true; + } + + /** + * On successful channel open + * + * This method is called upon successful channel + * open to give the SSH Agent an opportunity + * to take further action. i.e. request agent forwarding + * + * @param \phpseclib3\Net\SSH2 $ssh + */ + public function registerChannelOpen(SSH2 $ssh) + { + if ($this->forward_status == self::FORWARD_REQUEST) { + $this->request_forwarding($ssh); + } + } + + /** + * Forward data to SSH Agent and return data reply + * + * @param string $data + * @return string Data from SSH Agent + * @throws \RuntimeException on connection errors + */ + public function forwardData($data) + { + if ($this->expected_bytes > 0) { + $this->socket_buffer .= $data; + $this->expected_bytes -= strlen($data); + } else { + $agent_data_bytes = current(unpack('N', $data)); + $current_data_bytes = strlen($data); + $this->socket_buffer = $data; + if ($current_data_bytes != $agent_data_bytes + 4) { + $this->expected_bytes = ($agent_data_bytes + 4) - $current_data_bytes; + return false; + } + } + + if (strlen($this->socket_buffer) != fwrite($this->fsock, $this->socket_buffer)) { + throw new \RuntimeException('Connection closed attempting to forward data to SSH agent'); + } + + $this->socket_buffer = ''; + $this->expected_bytes = 0; + + $agent_reply_bytes = current(unpack('N', $this->readBytes(4))); + + $agent_reply_data = $this->readBytes($agent_reply_bytes); + $agent_reply_data = current(unpack('a*', $agent_reply_data)); + + return pack('Na*', $agent_reply_bytes, $agent_reply_data); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Agent/Identity.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Agent/Identity.php new file mode 100644 index 0000000..653e8ea --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Agent/Identity.php @@ -0,0 +1,320 @@ + + * @copyright 2009 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\System\SSH\Agent; + +use phpseclib3\Common\Functions\Strings; +use phpseclib3\Crypt\Common\PrivateKey; +use phpseclib3\Crypt\Common\PublicKey; +use phpseclib3\Crypt\DSA; +use phpseclib3\Crypt\EC; +use phpseclib3\Crypt\RSA; +use phpseclib3\Exception\UnsupportedAlgorithmException; +use phpseclib3\System\SSH\Agent; +use phpseclib3\System\SSH\Common\Traits\ReadBytes; + +/** + * Pure-PHP ssh-agent client identity object + * + * Instantiation should only be performed by \phpseclib3\System\SSH\Agent class. + * This could be thought of as implementing an interface that phpseclib3\Crypt\RSA + * implements. ie. maybe a Net_SSH_Auth_PublicKey interface or something. + * The methods in this interface would be getPublicKey and sign since those are the + * methods phpseclib looks for to perform public key authentication. + * + * @author Jim Wigginton + * @internal + */ +class Identity implements PrivateKey +{ + use ReadBytes; + + // Signature Flags + // See https://tools.ietf.org/html/draft-miller-ssh-agent-00#section-5.3 + const SSH_AGENT_RSA2_256 = 2; + const SSH_AGENT_RSA2_512 = 4; + + /** + * Key Object + * + * @var PublicKey + * @see self::getPublicKey() + */ + private $key; + + /** + * Key Blob + * + * @var string + * @see self::sign() + */ + private $key_blob; + + /** + * Socket Resource + * + * @var resource + * @see self::sign() + */ + private $fsock; + + /** + * Signature flags + * + * @var int + * @see self::sign() + * @see self::setHash() + */ + private $flags = 0; + + /** + * Curve Aliases + * + * @var array + */ + private static $curveAliases = [ + 'secp256r1' => 'nistp256', + 'secp384r1' => 'nistp384', + 'secp521r1' => 'nistp521', + 'Ed25519' => 'Ed25519' + ]; + + /** + * Default Constructor. + * + * @param resource $fsock + */ + public function __construct($fsock) + { + $this->fsock = $fsock; + } + + /** + * Set Public Key + * + * Called by \phpseclib3\System\SSH\Agent::requestIdentities() + * + * @param \phpseclib3\Crypt\Common\PublicKey $key + */ + public function withPublicKey(PublicKey $key) + { + if ($key instanceof EC) { + if (is_array($key->getCurve()) || !isset(self::$curveAliases[$key->getCurve()])) { + throw new UnsupportedAlgorithmException('The only supported curves are nistp256, nistp384, nistp512 and Ed25519'); + } + } + + $new = clone $this; + $new->key = $key; + return $new; + } + + /** + * Set Public Key + * + * Called by \phpseclib3\System\SSH\Agent::requestIdentities(). The key blob could be extracted from $this->key + * but this saves a small amount of computation. + * + * @param string $key_blob + */ + public function withPublicKeyBlob($key_blob) + { + $new = clone $this; + $new->key_blob = $key_blob; + return $new; + } + + /** + * Get Public Key + * + * Wrapper for $this->key->getPublicKey() + * + * @param string $type optional + * @return mixed + */ + public function getPublicKey($type = 'PKCS8') + { + return $this->key; + } + + /** + * Sets the hash + * + * @param string $hash + */ + public function withHash($hash) + { + $new = clone $this; + + $hash = strtolower($hash); + + if ($this->key instanceof RSA) { + $new->flags = 0; + switch ($hash) { + case 'sha1': + break; + case 'sha256': + $new->flags = self::SSH_AGENT_RSA2_256; + break; + case 'sha512': + $new->flags = self::SSH_AGENT_RSA2_512; + break; + default: + throw new UnsupportedAlgorithmException('The only supported hashes for RSA are sha1, sha256 and sha512'); + } + } + if ($this->key instanceof EC) { + switch ($this->key->getCurve()) { + case 'secp256r1': + $expectedHash = 'sha256'; + break; + case 'secp384r1': + $expectedHash = 'sha384'; + break; + //case 'secp521r1': + //case 'Ed25519': + default: + $expectedHash = 'sha512'; + } + if ($hash != $expectedHash) { + throw new UnsupportedAlgorithmException('The only supported hash for ' . self::$curveAliases[$this->key->getCurve()] . ' is ' . $expectedHash); + } + } + if ($this->key instanceof DSA) { + if ($hash != 'sha1') { + throw new UnsupportedAlgorithmException('The only supported hash for DSA is sha1'); + } + } + return $new; + } + + /** + * Sets the padding + * + * Only PKCS1 padding is supported + * + * @param string $padding + */ + public function withPadding($padding) + { + if (!$this->key instanceof RSA) { + throw new UnsupportedAlgorithmException('Only RSA keys support padding'); + } + if ($padding != RSA::SIGNATURE_PKCS1 && $padding != RSA::SIGNATURE_RELAXED_PKCS1) { + throw new UnsupportedAlgorithmException('ssh-agent can only create PKCS1 signatures'); + } + return $this; + } + + /** + * Determines the signature padding mode + * + * Valid values are: ASN1, SSH2, Raw + * + * @param string $format + */ + public function withSignatureFormat($format) + { + if ($this->key instanceof RSA) { + throw new UnsupportedAlgorithmException('Only DSA and EC keys support signature format setting'); + } + if ($format != 'SSH2') { + throw new UnsupportedAlgorithmException('Only SSH2-formatted signatures are currently supported'); + } + + return $this; + } + + /** + * Returns the curve + * + * Returns a string if it's a named curve, an array if not + * + * @return string|array + */ + public function getCurve() + { + if (!$this->key instanceof EC) { + throw new UnsupportedAlgorithmException('Only EC keys have curves'); + } + + return $this->key->getCurve(); + } + + /** + * Create a signature + * + * See "2.6.2 Protocol 2 private key signature request" + * + * @param string $message + * @return string + * @throws \RuntimeException on connection errors + * @throws \phpseclib3\Exception\UnsupportedAlgorithmException if the algorithm is unsupported + */ + public function sign($message) + { + // the last parameter (currently 0) is for flags and ssh-agent only defines one flag (for ssh-dss): SSH_AGENT_OLD_SIGNATURE + $packet = Strings::packSSH2( + 'CssN', + Agent::SSH_AGENTC_SIGN_REQUEST, + $this->key_blob, + $message, + $this->flags + ); + $packet = Strings::packSSH2('s', $packet); + if (strlen($packet) != fputs($this->fsock, $packet)) { + throw new \RuntimeException('Connection closed during signing'); + } + + $length = current(unpack('N', $this->readBytes(4))); + $packet = $this->readBytes($length); + + list($type, $signature_blob) = Strings::unpackSSH2('Cs', $packet); + if ($type != Agent::SSH_AGENT_SIGN_RESPONSE) { + throw new \RuntimeException('Unable to retrieve signature'); + } + + if (!$this->key instanceof RSA) { + return $signature_blob; + } + + list($type, $signature_blob) = Strings::unpackSSH2('ss', $signature_blob); + + return $signature_blob; + } + + /** + * Returns the private key + * + * @param string $type + * @param array $options optional + * @return string + */ + public function toString($type, array $options = []) + { + throw new \RuntimeException('ssh-agent does not provide a mechanism to get the private key'); + } + + /** + * Sets the password + * + * @param string|bool $password + * @return never + */ + public function withPassword($password = false) + { + throw new \RuntimeException('ssh-agent does not provide a mechanism to get the private key'); + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Common/Traits/ReadBytes.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Common/Traits/ReadBytes.php new file mode 100644 index 0000000..6fd032b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Common/Traits/ReadBytes.php @@ -0,0 +1,37 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib3\System\SSH\Common\Traits; + +/** + * ReadBytes trait + * + * @author Jim Wigginton + */ +trait ReadBytes +{ + /** + * Read data + * + * @param int $length + * @throws \RuntimeException on connection errors + */ + public function readBytes($length) + { + $temp = fread($this->fsock, $length); + if (strlen($temp) != $length) { + throw new \RuntimeException("Expected $length bytes; got " . strlen($temp)); + } + return $temp; + } +} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/bootstrap.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/bootstrap.php new file mode 100644 index 0000000..517106c --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/bootstrap.php @@ -0,0 +1,22 @@ +=7.2 +- gmp +- mbstring + +## Installation + +This library is available on +[Packagist](https://packagist.org/packages/sop/asn1). + +```sh +composer require sop/asn1 +``` + +## Usage + +The general idea is that each ASN.1 type has its corresponding PHP class, +that knows the details of encoding and decoding the specific type. + +To decode DER data, use `fromDER` static method of the expected type. +To encode object to DER, use `toDER` instance method. + +Many methods return an `UnspecifiedType` object, that works as an intermediate +wrapper with accessor methods ensuring type safety. + +All objects are immutable and method chaining is promoted for the fluency +of the API. Exception shall be thrown on errors. + +## [Code Examples](https://github.com/sop/asn1/tree/master/examples) + +Here are some simple usage examples. Namespaces are omitted for brevity. + +### [Encode](https://github.com/sop/asn1/blob/master/examples/encode.php) + +Encode a sequence containing a UTF-8 string, an integer +and an explicitly tagged object identifier, conforming to the following +ASN.1 specification: + +```asn.1 +Example ::= SEQUENCE { + greeting UTF8String, + answer INTEGER, + type [1] EXPLICIT OBJECT IDENTIFIER +} +``` + +```php +$seq = new Sequence( + new UTF8String('Hello'), + new Integer(42), + new ExplicitlyTaggedType( + 1, new ObjectIdentifier('1.3.6.1.3')) +); +$der = $seq->toDER(); +``` + +### [Decode](https://github.com/sop/asn1/blob/master/examples/decode.php) + +Decode DER encoding from above. + +```php +$seq = UnspecifiedType::fromDER($der)->asSequence(); +$greeting = $seq->at(0)->asUTF8String()->string(); +$answer = $seq->at(1)->asInteger()->intNumber(); +$type = $seq->at(2)->asTagged()->asExplicit()->asObjectIdentifier()->oid(); +``` + +### Real-World Examples + +See the following for more practical real-world usage examples. + +- EC Private Key + - [Decode](https://github.com/sop/crypto-types/blob/a27fa76d5f5e8c4596cb65a7be9d02a08421ba1e/lib/CryptoTypes/Asymmetric/EC/ECPrivateKey.php#L72) + - [Encode](https://github.com/sop/crypto-types/blob/a27fa76d5f5e8c4596cb65a7be9d02a08421ba1e/lib/CryptoTypes/Asymmetric/EC/ECPrivateKey.php#L206) +- X.501 Attribute + - [Decode](https://github.com/sop/x501/blob/c6bdb04673d5c04b9d49f83020e75b8ba7a20064/lib/X501/ASN1/Attribute.php#L55) + - [Encode](https://github.com/sop/x501/blob/c6bdb04673d5c04b9d49f83020e75b8ba7a20064/lib/X501/ASN1/Attribute.php#L114) +- X.509 Certificate (`TBSCertificate` sequence) + - [Decode](https://github.com/sop/x509/blob/f762c743b6930af4f45ef857ccc9f6199980a92e/lib/X509/Certificate/TBSCertificate.php#L130) + - [Encode](https://github.com/sop/x509/blob/f762c743b6930af4f45ef857ccc9f6199980a92e/lib/X509/Certificate/TBSCertificate.php#L576) + +## ASN.1 References + +- [ITU-T X.690 07/2002](https://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf) +- [ITU-T X.690 08/2015](https://www.itu.int/rec/T-REC-X.690-201508-I/en) +- Hosted by [OSS Nokalva](http://www.oss.com/asn1/resources/books-whitepapers-pubs/asn1-books.html) + - [ASN.1 — Communication Between Heterogeneous Systems by Olivier Dubuisson](http://www.oss.com/asn1/resources/books-whitepapers-pubs/dubuisson-asn1-book.PDF) + - [ASN.1 Complete by Professor John Larmouth](http://www.oss.com/asn1/resources/books-whitepapers-pubs/larmouth-asn1-book.pdf) + +## License + +This project is licensed under the MIT License. diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/composer.json b/utilities/signing_and_verification/php/vendor/sop/asn1/composer.json new file mode 100644 index 0000000..630511d --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/composer.json @@ -0,0 +1,34 @@ +{ + "name": "sop/asn1", + "description": "A PHP library for X.690 ASN.1 DER encoding and decoding.", + "homepage": "https://github.com/sop/asn1", + "license": "MIT", + "type": "library", + "keywords": [ + "asn1", + "asn.1", + "x690", + "x.690", + "der" + ], + "authors": [ + { + "name": "Joni Eskelinen", + "email": "jonieske@gmail.com", + "role": "Developer" + } + ], + "require": { + "php": ">=7.2", + "ext-gmp": "*", + "ext-mbstring": "*" + }, + "require-dev": { + "phpunit/phpunit": "^8.1" + }, + "autoload": { + "psr-4": { + "Sop\\ASN1\\": "lib/ASN1/" + } + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Component/Identifier.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Component/Identifier.php new file mode 100644 index 0000000..42d512f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Component/Identifier.php @@ -0,0 +1,290 @@ + 'UNIVERSAL', + self::CLASS_APPLICATION => 'APPLICATION', + self::CLASS_CONTEXT_SPECIFIC => 'CONTEXT SPECIFIC', + self::CLASS_PRIVATE => 'PRIVATE', + ]; + + // P/C enumerations + const PRIMITIVE = 0b0; + const CONSTRUCTED = 0b1; + + /** + * Type class. + * + * @var int + */ + private $_class; + + /** + * Primitive or Constructed. + * + * @var int + */ + private $_pc; + + /** + * Content type tag. + * + * @var BigInt + */ + private $_tag; + + /** + * Constructor. + * + * @param int $class Type class + * @param int $pc Primitive / Constructed + * @param \GMP|int|string $tag Type tag number + */ + public function __construct(int $class, int $pc, $tag) + { + $this->_class = 0b11 & $class; + $this->_pc = 0b1 & $pc; + $this->_tag = new BigInt($tag); + } + + /** + * Decode identifier component from DER data. + * + * @param string $data DER encoded data + * @param null|int $offset Reference to the variable that contains offset + * into the data where to start parsing. + * Variable is updated to the offset next to the + * parsed identifier. If null, start from offset 0. + * + * @throws DecodeException If decoding fails + * + * @return self + */ + public static function fromDER(string $data, int &$offset = null): Identifier + { + $idx = $offset ?? 0; + $datalen = strlen($data); + if ($idx >= $datalen) { + throw new DecodeException('Invalid offset.'); + } + $byte = ord($data[$idx++]); + // bits 8 and 7 (class) + // 0 = universal, 1 = application, 2 = context-specific, 3 = private + $class = (0b11000000 & $byte) >> 6; + // bit 6 (0 = primitive / 1 = constructed) + $pc = (0b00100000 & $byte) >> 5; + // bits 5 to 1 (tag number) + $tag = (0b00011111 & $byte); + // long-form identifier + if (0x1f === $tag) { + $tag = self::_decodeLongFormTag($data, $idx); + } + if (isset($offset)) { + $offset = $idx; + } + return new self($class, $pc, $tag); + } + + /** + * {@inheritdoc} + */ + public function toDER(): string + { + $bytes = []; + $byte = $this->_class << 6 | $this->_pc << 5; + $tag = $this->_tag->gmpObj(); + if ($tag < 0x1f) { + $bytes[] = $byte | $tag; + } + // long-form identifier + else { + $bytes[] = $byte | 0x1f; + $octets = []; + for (; $tag > 0; $tag >>= 7) { + array_push($octets, gmp_intval(0x80 | ($tag & 0x7f))); + } + // last octet has bit 8 set to zero + $octets[0] &= 0x7f; + foreach (array_reverse($octets) as $octet) { + $bytes[] = $octet; + } + } + return pack('C*', ...$bytes); + } + + /** + * Get class of the type. + */ + public function typeClass(): int + { + return $this->_class; + } + + /** + * Get P/C. + */ + public function pc(): int + { + return $this->_pc; + } + + /** + * Get the tag number. + * + * @return string Base 10 integer string + */ + public function tag(): string + { + return $this->_tag->base10(); + } + + /** + * Get the tag as an integer. + */ + public function intTag(): int + { + return $this->_tag->intVal(); + } + + /** + * Check whether type is of an universal class. + */ + public function isUniversal(): bool + { + return self::CLASS_UNIVERSAL === $this->_class; + } + + /** + * Check whether type is of an application class. + */ + public function isApplication(): bool + { + return self::CLASS_APPLICATION === $this->_class; + } + + /** + * Check whether type is of a context specific class. + */ + public function isContextSpecific(): bool + { + return self::CLASS_CONTEXT_SPECIFIC === $this->_class; + } + + /** + * Check whether type is of a private class. + */ + public function isPrivate(): bool + { + return self::CLASS_PRIVATE === $this->_class; + } + + /** + * Check whether content is primitive type. + */ + public function isPrimitive(): bool + { + return self::PRIMITIVE === $this->_pc; + } + + /** + * Check hether content is constructed type. + */ + public function isConstructed(): bool + { + return self::CONSTRUCTED === $this->_pc; + } + + /** + * Get self with given type class. + * + * @param int $class One of `CLASS_*` enumerations + * + * @return self + */ + public function withClass(int $class): Identifier + { + $obj = clone $this; + $obj->_class = 0b11 & $class; + return $obj; + } + + /** + * Get self with given type tag. + * + * @param \GMP|int|string $tag Tag number + * + * @return self + */ + public function withTag($tag): Identifier + { + $obj = clone $this; + $obj->_tag = new BigInt($tag); + return $obj; + } + + /** + * Get human readable name of the type class. + */ + public static function classToName(int $class): string + { + if (!array_key_exists($class, self::MAP_CLASS_TO_NAME)) { + return "CLASS {$class}"; + } + return self::MAP_CLASS_TO_NAME[$class]; + } + + /** + * Parse long form tag. + * + * @param string $data DER data + * @param int $offset Reference to the variable containing offset to data + * + * @throws DecodeException If decoding fails + * + * @return \GMP Tag number + */ + private static function _decodeLongFormTag(string $data, int &$offset): \GMP + { + $datalen = strlen($data); + $tag = gmp_init(0, 10); + while (true) { + if ($offset >= $datalen) { + throw new DecodeException( + 'Unexpected end of data while decoding long form identifier.'); + } + $byte = ord($data[$offset++]); + $tag <<= 7; + $tag |= 0x7f & $byte; + // last byte has bit 8 set to zero + if (!(0x80 & $byte)) { + break; + } + } + return $tag; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Component/Length.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Component/Length.php new file mode 100644 index 0000000..27216e8 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Component/Length.php @@ -0,0 +1,225 @@ +_length = new BigInt($length); + $this->_indefinite = $indefinite; + } + + /** + * Decode length component from DER data. + * + * @param string $data DER encoded data + * @param null|int $offset Reference to the variable that contains offset + * into the data where to start parsing. + * Variable is updated to the offset next to the + * parsed length component. If null, start from offset 0. + * + * @throws DecodeException If decoding fails + */ + public static function fromDER(string $data, int &$offset = null): self + { + $idx = $offset ?? 0; + $datalen = strlen($data); + if ($idx >= $datalen) { + throw new DecodeException( + 'Unexpected end of data while decoding length.'); + } + $indefinite = false; + $byte = ord($data[$idx++]); + // bits 7 to 1 + $length = (0x7f & $byte); + // long form + if (0x80 & $byte) { + if (!$length) { + $indefinite = true; + } else { + if ($idx + $length > $datalen) { + throw new DecodeException( + 'Unexpected end of data while decoding long form length.'); + } + $length = self::_decodeLongFormLength($length, $data, $idx); + } + } + if (isset($offset)) { + $offset = $idx; + } + return new self($length, $indefinite); + } + + /** + * Decode length from DER. + * + * Throws an exception if length doesn't match with expected or if data + * doesn't contain enough bytes. + * + * Requirement of definite length is relaxed contrary to the specification + * (sect. 10.1). + * + * @see self::fromDER + * + * @param string $data DER data + * @param int $offset Reference to the offset variable + * @param null|int $expected Expected length, null to bypass checking + * + * @throws DecodeException If decoding or expectation fails + */ + public static function expectFromDER(string $data, int &$offset, + int $expected = null): self + { + $idx = $offset; + $length = self::fromDER($data, $idx); + // if certain length was expected + if (isset($expected)) { + if ($length->isIndefinite()) { + throw new DecodeException( + sprintf('Expected length %d, got indefinite.', $expected)); + } + if ($expected !== $length->intLength()) { + throw new DecodeException( + sprintf('Expected length %d, got %d.', $expected, + $length->intLength())); + } + } + // check that enough data is available + if (!$length->isIndefinite() + && strlen($data) < $idx + $length->intLength()) { + throw new DecodeException( + sprintf('Length %d overflows data, %d bytes left.', + $length->intLength(), strlen($data) - $idx)); + } + $offset = $idx; + return $length; + } + + /** + * {@inheritdoc} + * + * @throws \DomainException If length is too large to encode + */ + public function toDER(): string + { + $bytes = []; + if ($this->_indefinite) { + $bytes[] = 0x80; + } else { + $num = $this->_length->gmpObj(); + // long form + if ($num > 127) { + $octets = []; + for (; $num > 0; $num >>= 8) { + $octets[] = gmp_intval(0xff & $num); + } + $count = count($octets); + // first octet must not be 0xff + if ($count >= 127) { + throw new \DomainException('Too many length octets.'); + } + $bytes[] = 0x80 | $count; + foreach (array_reverse($octets) as $octet) { + $bytes[] = $octet; + } + } + // short form + else { + $bytes[] = gmp_intval($num); + } + } + return pack('C*', ...$bytes); + } + + /** + * Get the length. + * + * @throws \LogicException If length is indefinite + * + * @return string Length as an integer string + */ + public function length(): string + { + if ($this->_indefinite) { + throw new \LogicException('Length is indefinite.'); + } + return $this->_length->base10(); + } + + /** + * Get the length as an integer. + * + * @throws \LogicException If length is indefinite + * @throws \RuntimeException If length overflows integer size + */ + public function intLength(): int + { + if ($this->_indefinite) { + throw new \LogicException('Length is indefinite.'); + } + return $this->_length->intVal(); + } + + /** + * Whether length is indefinite. + */ + public function isIndefinite(): bool + { + return $this->_indefinite; + } + + /** + * Decode long form length. + * + * @param int $length Number of octets + * @param string $data Data + * @param int $offset reference to the variable containing offset to the data + * + * @throws DecodeException If decoding fails + */ + private static function _decodeLongFormLength(int $length, string $data, + int &$offset): \GMP + { + // first octet must not be 0xff (spec 8.1.3.5c) + if (127 === $length) { + throw new DecodeException('Invalid number of length octets.'); + } + $num = gmp_init(0, 10); + while (--$length >= 0) { + $byte = ord($data[$offset++]); + $num <<= 8; + $num |= $byte; + } + return $num; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/DERData.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/DERData.php new file mode 100644 index 0000000..055de94 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/DERData.php @@ -0,0 +1,89 @@ +_identifier = Identifier::fromDER($data, $this->_contentOffset); + // check that length encoding is valid + Length::expectFromDER($data, $this->_contentOffset); + $this->_der = $data; + $this->_typeTag = $this->_identifier->intTag(); + } + + /** + * {@inheritdoc} + */ + public function typeClass(): int + { + return $this->_identifier->typeClass(); + } + + /** + * {@inheritdoc} + */ + public function isConstructed(): bool + { + return $this->_identifier->isConstructed(); + } + + /** + * {@inheritdoc} + */ + public function toDER(): string + { + return $this->_der; + } + + /** + * {@inheritdoc} + */ + protected function _encodedContentDER(): string + { + // if there's no content payload + if (strlen($this->_der) === $this->_contentOffset) { + return ''; + } + return substr($this->_der, $this->_contentOffset); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Element.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Element.php new file mode 100644 index 0000000..864fe36 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Element.php @@ -0,0 +1,465 @@ + Primitive\EOC::class, + self::TYPE_BOOLEAN => Primitive\Boolean::class, + self::TYPE_INTEGER => Primitive\Integer::class, + self::TYPE_BIT_STRING => Primitive\BitString::class, + self::TYPE_OCTET_STRING => Primitive\OctetString::class, + self::TYPE_NULL => Primitive\NullType::class, + self::TYPE_OBJECT_IDENTIFIER => Primitive\ObjectIdentifier::class, + self::TYPE_OBJECT_DESCRIPTOR => Primitive\ObjectDescriptor::class, + self::TYPE_REAL => Primitive\Real::class, + self::TYPE_ENUMERATED => Primitive\Enumerated::class, + self::TYPE_UTF8_STRING => Primitive\UTF8String::class, + self::TYPE_RELATIVE_OID => Primitive\RelativeOID::class, + self::TYPE_SEQUENCE => Constructed\Sequence::class, + self::TYPE_SET => Constructed\Set::class, + self::TYPE_NUMERIC_STRING => Primitive\NumericString::class, + self::TYPE_PRINTABLE_STRING => Primitive\PrintableString::class, + self::TYPE_T61_STRING => Primitive\T61String::class, + self::TYPE_VIDEOTEX_STRING => Primitive\VideotexString::class, + self::TYPE_IA5_STRING => Primitive\IA5String::class, + self::TYPE_UTC_TIME => Primitive\UTCTime::class, + self::TYPE_GENERALIZED_TIME => Primitive\GeneralizedTime::class, + self::TYPE_GRAPHIC_STRING => Primitive\GraphicString::class, + self::TYPE_VISIBLE_STRING => Primitive\VisibleString::class, + self::TYPE_GENERAL_STRING => Primitive\GeneralString::class, + self::TYPE_UNIVERSAL_STRING => Primitive\UniversalString::class, + self::TYPE_CHARACTER_STRING => Primitive\CharacterString::class, + self::TYPE_BMP_STRING => Primitive\BMPString::class, + ]; + + /** + * Pseudotype for all string types. + * + * May be used as an expectation parameter. + * + * @var int + */ + const TYPE_STRING = -1; + + /** + * Pseudotype for all time types. + * + * May be used as an expectation parameter. + * + * @var int + */ + const TYPE_TIME = -2; + + /** + * Pseudotype for constructed strings. + * + * May be used as an expectation parameter. + * + * @var int + */ + const TYPE_CONSTRUCTED_STRING = -3; + + /** + * Mapping from universal type tag to human readable name. + * + * @internal + * + * @var array + */ + const MAP_TYPE_TO_NAME = [ + self::TYPE_EOC => 'EOC', + self::TYPE_BOOLEAN => 'BOOLEAN', + self::TYPE_INTEGER => 'INTEGER', + self::TYPE_BIT_STRING => 'BIT STRING', + self::TYPE_OCTET_STRING => 'OCTET STRING', + self::TYPE_NULL => 'NULL', + self::TYPE_OBJECT_IDENTIFIER => 'OBJECT IDENTIFIER', + self::TYPE_OBJECT_DESCRIPTOR => 'ObjectDescriptor', + self::TYPE_EXTERNAL => 'EXTERNAL', + self::TYPE_REAL => 'REAL', + self::TYPE_ENUMERATED => 'ENUMERATED', + self::TYPE_EMBEDDED_PDV => 'EMBEDDED PDV', + self::TYPE_UTF8_STRING => 'UTF8String', + self::TYPE_RELATIVE_OID => 'RELATIVE-OID', + self::TYPE_SEQUENCE => 'SEQUENCE', + self::TYPE_SET => 'SET', + self::TYPE_NUMERIC_STRING => 'NumericString', + self::TYPE_PRINTABLE_STRING => 'PrintableString', + self::TYPE_T61_STRING => 'T61String', + self::TYPE_VIDEOTEX_STRING => 'VideotexString', + self::TYPE_IA5_STRING => 'IA5String', + self::TYPE_UTC_TIME => 'UTCTime', + self::TYPE_GENERALIZED_TIME => 'GeneralizedTime', + self::TYPE_GRAPHIC_STRING => 'GraphicString', + self::TYPE_VISIBLE_STRING => 'VisibleString', + self::TYPE_GENERAL_STRING => 'GeneralString', + self::TYPE_UNIVERSAL_STRING => 'UniversalString', + self::TYPE_CHARACTER_STRING => 'CHARACTER STRING', + self::TYPE_BMP_STRING => 'BMPString', + self::TYPE_STRING => 'Any String', + self::TYPE_TIME => 'Any Time', + self::TYPE_CONSTRUCTED_STRING => 'Constructed String', + ]; + + /** + * Element's type tag. + * + * @var int + */ + protected $_typeTag; + + /** + * Whether type shall be encoded with indefinite length. + * + * @var bool + */ + protected $_indefiniteLength = false; + + /** + * {@inheritdoc} + */ + abstract public function typeClass(): int; + + /** + * {@inheritdoc} + */ + abstract public function isConstructed(): bool; + + /** + * Decode element from DER data. + * + * @param string $data DER encoded data + * @param null|int $offset Reference to the variable that contains offset + * into the data where to start parsing. + * Variable is updated to the offset next to the + * parsed element. If null, start from offset 0. + * + * @throws DecodeException If decoding fails + * @throws \UnexpectedValueException If called in the context of an expected + * type, but decoding yields another type + */ + public static function fromDER(string $data, int &$offset = null): ElementBase + { + $idx = $offset ?? 0; + // decode identifier + $identifier = Identifier::fromDER($data, $idx); + // determine class that implements type specific decoding + $cls = self::_determineImplClass($identifier); + // decode remaining element + $element = $cls::_decodeFromDER($identifier, $data, $idx); + // if called in the context of a concrete class, check + // that decoded type matches the type of a calling class + $called_class = get_called_class(); + if (self::class !== $called_class) { + if (!$element instanceof $called_class) { + throw new \UnexpectedValueException( + sprintf('%s expected, got %s.', $called_class, get_class($element))); + } + } + // update offset for the caller + if (isset($offset)) { + $offset = $idx; + } + return $element; + } + + /** + * {@inheritdoc} + */ + public function toDER(): string + { + $identifier = new Identifier($this->typeClass(), + $this->isConstructed() ? Identifier::CONSTRUCTED : Identifier::PRIMITIVE, + $this->_typeTag); + $content = $this->_encodedContentDER(); + if ($this->_indefiniteLength) { + $length = new Length(0, true); + $eoc = new Primitive\EOC(); + return $identifier->toDER() . $length->toDER() . $content . $eoc->toDER(); + } + $length = new Length(strlen($content)); + return $identifier->toDER() . $length->toDER() . $content; + } + + /** + * {@inheritdoc} + */ + public function tag(): int + { + return $this->_typeTag; + } + + /** + * {@inheritdoc} + */ + public function isType(int $tag): bool + { + // if element is context specific + if (Identifier::CLASS_CONTEXT_SPECIFIC === $this->typeClass()) { + return false; + } + // negative tags identify an abstract pseudotype + if ($tag < 0) { + return $this->_isPseudoType($tag); + } + return $this->_isConcreteType($tag); + } + + /** + * {@inheritdoc} + */ + public function expectType(int $tag): ElementBase + { + if (!$this->isType($tag)) { + throw new \UnexpectedValueException( + sprintf('%s expected, got %s.', self::tagToName($tag), + $this->_typeDescriptorString())); + } + return $this; + } + + /** + * {@inheritdoc} + */ + public function isTagged(): bool + { + return $this instanceof TaggedType; + } + + /** + * {@inheritdoc} + */ + public function expectTagged(?int $tag = null): TaggedType + { + if (!$this->isTagged()) { + throw new \UnexpectedValueException( + sprintf('Context specific element expected, got %s.', + Identifier::classToName($this->typeClass()))); + } + if (isset($tag) && $this->tag() !== $tag) { + throw new \UnexpectedValueException( + sprintf('Tag %d expected, got %d.', $tag, $this->tag())); + } + return $this; + } + + /** + * Whether element has indefinite length. + */ + public function hasIndefiniteLength(): bool + { + return $this->_indefiniteLength; + } + + /** + * Get self with indefinite length encoding set. + * + * @param bool $indefinite True for indefinite length, false for definite length + */ + public function withIndefiniteLength(bool $indefinite = true): self + { + $obj = clone $this; + $obj->_indefiniteLength = $indefinite; + return $obj; + } + + /** + * {@inheritdoc} + */ + final public function asElement(): Element + { + return $this; + } + + /** + * Get element decorated with `UnspecifiedType` object. + */ + public function asUnspecified(): UnspecifiedType + { + return new UnspecifiedType($this); + } + + /** + * Get human readable name for an universal tag. + */ + public static function tagToName(int $tag): string + { + if (!array_key_exists($tag, self::MAP_TYPE_TO_NAME)) { + return "TAG {$tag}"; + } + return self::MAP_TYPE_TO_NAME[$tag]; + } + + /** + * Get the content encoded in DER. + * + * Returns the DER encoded content without identifier and length header octets. + */ + abstract protected function _encodedContentDER(): string; + + /** + * Decode type-specific element from DER. + * + * @param Identifier $identifier Pre-parsed identifier + * @param string $data DER data + * @param int $offset Offset in data to the next byte after identifier + * + * @throws DecodeException If decoding fails + */ + protected static function _decodeFromDER(Identifier $identifier, + string $data, int &$offset): ElementBase + { + throw new \BadMethodCallException( + __METHOD__ . ' must be implemented in derived class.'); + } + + /** + * Determine the class that implements the type. + * + * @return string Class name + */ + protected static function _determineImplClass(Identifier $identifier): string + { + switch ($identifier->typeClass()) { + case Identifier::CLASS_UNIVERSAL: + $cls = self::_determineUniversalImplClass($identifier->intTag()); + // constructed strings may be present in BER + if ($identifier->isConstructed() + && is_subclass_of($cls, StringType::class)) { + $cls = ConstructedString::class; + } + return $cls; + case Identifier::CLASS_CONTEXT_SPECIFIC: + return ContextSpecificType::class; + case Identifier::CLASS_APPLICATION: + return ApplicationType::class; + case Identifier::CLASS_PRIVATE: + return PrivateType::class; + } + throw new \UnexpectedValueException(sprintf('%s %d not implemented.', + Identifier::classToName($identifier->typeClass()), $identifier->tag())); + } + + /** + * Determine the class that implements an universal type of the given tag. + * + * @throws \UnexpectedValueException + * + * @return string Class name + */ + protected static function _determineUniversalImplClass(int $tag): string + { + if (!array_key_exists($tag, self::MAP_TAG_TO_CLASS)) { + throw new \UnexpectedValueException( + "Universal tag {$tag} not implemented."); + } + return self::MAP_TAG_TO_CLASS[$tag]; + } + + /** + * Get textual description of the type for debugging purposes. + */ + protected function _typeDescriptorString(): string + { + if (Identifier::CLASS_UNIVERSAL === $this->typeClass()) { + return self::tagToName($this->_typeTag); + } + return sprintf('%s TAG %d', Identifier::classToName($this->typeClass()), + $this->_typeTag); + } + + /** + * Check whether the element is a concrete type of a given tag. + */ + private function _isConcreteType(int $tag): bool + { + // if tag doesn't match + if ($this->tag() !== $tag) { + return false; + } + // if type is universal check that instance is of a correct class + if (Identifier::CLASS_UNIVERSAL === $this->typeClass()) { + $cls = self::_determineUniversalImplClass($tag); + if (!$this instanceof $cls) { + return false; + } + } + return true; + } + + /** + * Check whether the element is a pseudotype. + */ + private function _isPseudoType(int $tag): bool + { + switch ($tag) { + case self::TYPE_STRING: + return $this instanceof StringType; + case self::TYPE_TIME: + return $this instanceof TimeType; + case self::TYPE_CONSTRUCTED_STRING: + return $this instanceof ConstructedString; + } + return false; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Exception/DecodeException.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Exception/DecodeException.php new file mode 100644 index 0000000..6d53b44 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Exception/DecodeException.php @@ -0,0 +1,12 @@ +_validateString($string)) { + throw new \InvalidArgumentException( + sprintf('Not a valid %s string.', self::tagToName($this->_typeTag))); + } + $this->_string = $string; + } + + /** + * {@inheritdoc} + */ + public function __toString(): string + { + return $this->string(); + } + + /** + * Get the string value. + */ + public function string(): string + { + return $this->_string; + } + + /** + * Check whether string is valid for the concrete type. + */ + protected function _validateString(string $string): bool + { + // Override in derived classes + return true; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/BaseTime.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/BaseTime.php new file mode 100644 index 0000000..3723926 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/BaseTime.php @@ -0,0 +1,107 @@ +_dateTime = $dt; + } + + /** + * {@inheritdoc} + */ + public function __toString(): string + { + return $this->string(); + } + + /** + * Initialize from datetime string. + * + * @see http://php.net/manual/en/datetime.formats.php + * + * @param string $time Time string + * @param null|string $tz timezone, if null use default + * + * @throws \RuntimeException + */ + public static function fromString(string $time, ?string $tz = null): self + { + try { + if (!isset($tz)) { + $tz = date_default_timezone_get(); + } + return new static( + new \DateTimeImmutable($time, self::_createTimeZone($tz))); + } catch (\Exception $e) { + throw new \RuntimeException( + 'Failed to create DateTime: ' . + self::_getLastDateTimeImmutableErrorsStr(), 0, $e); + } + } + + /** + * Get the date and time. + */ + public function dateTime(): \DateTimeImmutable + { + return $this->_dateTime; + } + + /** + * Get the date and time as a type specific string. + */ + public function string(): string + { + return $this->_encodedContentDER(); + } + + /** + * Create `DateTimeZone` object from string. + * + * @throws \UnexpectedValueException If timezone is invalid + */ + protected static function _createTimeZone(string $tz): \DateTimeZone + { + try { + return new \DateTimeZone($tz); + } catch (\Exception $e) { + throw new \UnexpectedValueException('Invalid timezone.', 0, $e); + } + } + + /** + * Get last error caused by `DateTimeImmutable`. + */ + protected static function _getLastDateTimeImmutableErrorsStr(): string + { + $errors = \DateTimeImmutable::getLastErrors()['errors']; + return implode(', ', $errors); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Constructed/ConstructedString.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Constructed/ConstructedString.php new file mode 100644 index 0000000..d45dc4d --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Constructed/ConstructedString.php @@ -0,0 +1,131 @@ +string(); + } + + /** + * Create from a list of string type elements. + * + * All strings must have the same type. + * + * @param StringType ...$elements + * + * @throws \LogicException + */ + public static function create(StringType ...$elements): self + { + if (!count($elements)) { + throw new \LogicException('No elements, unable to determine type tag.'); + } + $tag = $elements[0]->tag(); + foreach ($elements as $el) { + if ($el->tag() !== $tag) { + throw new \LogicException( + 'All elements in constructed string must have the same type.'); + } + } + return self::createWithTag($tag, ...$elements); + } + + /** + * Create from strings with a given type tag. + * + * Does not perform any validation on types. + * + * @param int $tag Type tag for the constructed string element + * @param StringType ...$elements Any number of elements + * + * @return self + */ + public static function createWithTag(int $tag, StringType ...$elements) + { + $el = new self(...$elements); + $el->_typeTag = $tag; + return $el; + } + + /** + * Get a list of strings in this structure. + * + * @return string[] + */ + public function strings(): array + { + return array_map(function (StringType $el) { + return $el->string(); + }, $this->_elements); + } + + /** + * Get the contained strings concatenated together. + * + * NOTE: It's unclear how bit strings with unused bits should be concatenated. + */ + public function string(): string + { + return implode('', $this->strings()); + } + + /** + * {@inheritdoc} + * + * @return self + */ + protected static function _decodeFromDER(Identifier $identifier, + string $data, int &$offset): ElementBase + { + /** @var ConstructedString $type */ + $type = forward_static_call_array([parent::class, __FUNCTION__], + [$identifier, $data, &$offset]); + $type->_typeTag = $identifier->intTag(); + return $type; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Constructed/Sequence.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Constructed/Sequence.php new file mode 100644 index 0000000..52f0b86 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Constructed/Sequence.php @@ -0,0 +1,25 @@ +_typeTag = self::TYPE_SEQUENCE; + parent::__construct(...$elements); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Constructed/Set.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Constructed/Set.php new file mode 100644 index 0000000..ce54442 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Constructed/Set.php @@ -0,0 +1,63 @@ +_typeTag = self::TYPE_SET; + parent::__construct(...$elements); + } + + /** + * Sort by canonical ascending order. + * + * Used for DER encoding of *SET* type. + */ + public function sortedSet(): self + { + $obj = clone $this; + usort($obj->_elements, + function (Element $a, Element $b) { + if ($a->typeClass() !== $b->typeClass()) { + return $a->typeClass() < $b->typeClass() ? -1 : 1; + } + if ($a->tag() === $b->tag()) { + return 0; + } + return $a->tag() < $b->tag() ? -1 : 1; + }); + return $obj; + } + + /** + * Sort by encoding ascending order. + * + * Used for DER encoding of *SET OF* type. + */ + public function sortedSetOf(): self + { + $obj = clone $this; + usort($obj->_elements, + function (Element $a, Element $b) { + $a_der = $a->toDER(); + $b_der = $b->toDER(); + return strcmp($a_der, $b_der); + }); + return $obj; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/BMPString.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/BMPString.php new file mode 100644 index 0000000..eb9e20d --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/BMPString.php @@ -0,0 +1,40 @@ +_typeTag = self::TYPE_BMP_STRING; + parent::__construct($string); + } + + /** + * {@inheritdoc} + */ + protected function _validateString(string $string): bool + { + // UCS-2 has fixed with of 2 octets (16 bits) + if (0 !== strlen($string) % 2) { + return false; + } + return true; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/BitString.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/BitString.php new file mode 100644 index 0000000..c8be9cc --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/BitString.php @@ -0,0 +1,201 @@ +_typeTag = self::TYPE_BIT_STRING; + parent::__construct($string); + $this->_unusedBits = $unused_bits; + } + + /** + * Get the number of bits in the string. + */ + public function numBits(): int + { + return strlen($this->_string) * 8 - $this->_unusedBits; + } + + /** + * Get the number of unused bits in the last octet of the string. + */ + public function unusedBits(): int + { + return $this->_unusedBits; + } + + /** + * Test whether bit is set. + * + * @param int $idx Bit index. Most significant bit of the first octet is index 0. + */ + public function testBit(int $idx): bool + { + // octet index + $oi = (int) floor($idx / 8); + // if octet is outside range + if ($oi < 0 || $oi >= strlen($this->_string)) { + throw new \OutOfBoundsException('Index is out of bounds.'); + } + // bit index + $bi = $idx % 8; + // if tested bit is last octet's unused bit + if ($oi === strlen($this->_string) - 1) { + if ($bi >= 8 - $this->_unusedBits) { + throw new \OutOfBoundsException('Index refers to an unused bit.'); + } + } + $byte = $this->_string[$oi]; + // index 0 is the most significant bit in byte + $mask = 0x01 << (7 - $bi); + return (ord($byte) & $mask) > 0; + } + + /** + * Get range of bits. + * + * @param int $start Index of first bit + * @param int $length Number of bits in range + * + * @throws \OutOfBoundsException + * + * @return string Integer of $length bits + */ + public function range(int $start, int $length): string + { + if (!$length) { + return '0'; + } + if ($start + $length > $this->numBits()) { + throw new \OutOfBoundsException('Not enough bits.'); + } + $bits = gmp_init(0); + $idx = $start; + $end = $start + $length; + while (true) { + $bit = $this->testBit($idx) ? 1 : 0; + $bits |= $bit; + if (++$idx >= $end) { + break; + } + $bits <<= 1; + } + return gmp_strval($bits, 10); + } + + /** + * Get a copy of the bit string with trailing zeroes removed. + */ + public function withoutTrailingZeroes(): self + { + // if bit string was empty + if (!strlen($this->_string)) { + return new self(''); + } + $bits = $this->_string; + // count number of empty trailing octets + $unused_octets = 0; + for ($idx = strlen($bits) - 1; $idx >= 0; --$idx, ++$unused_octets) { + if ("\x0" !== $bits[$idx]) { + break; + } + } + // strip trailing octets + if ($unused_octets) { + $bits = substr($bits, 0, -$unused_octets); + } + // if bit string was full of zeroes + if (!strlen($bits)) { + return new self(''); + } + // count number of trailing zeroes in the last octet + $unused_bits = 0; + $byte = ord($bits[strlen($bits) - 1]); + while (!($byte & 0x01)) { + ++$unused_bits; + $byte >>= 1; + } + return new self($bits, $unused_bits); + } + + /** + * {@inheritdoc} + */ + protected function _encodedContentDER(): string + { + $der = chr($this->_unusedBits); + $der .= $this->_string; + if ($this->_unusedBits) { + $octet = $der[strlen($der) - 1]; + // set unused bits to zero + $octet &= chr(0xff & ~((1 << $this->_unusedBits) - 1)); + $der[strlen($der) - 1] = $octet; + } + return $der; + } + + /** + * {@inheritdoc} + */ + protected static function _decodeFromDER(Identifier $identifier, + string $data, int &$offset): ElementBase + { + $idx = $offset; + $length = Length::expectFromDER($data, $idx); + if ($length->intLength() < 1) { + throw new DecodeException('Bit string length must be at least 1.'); + } + $unused_bits = ord($data[$idx++]); + if ($unused_bits > 7) { + throw new DecodeException( + 'Unused bits in a bit string must be less than 8.'); + } + $str_len = $length->intLength() - 1; + if ($str_len) { + $str = substr($data, $idx, $str_len); + if ($unused_bits) { + $mask = (1 << $unused_bits) - 1; + if (ord($str[strlen($str) - 1]) & $mask) { + throw new DecodeException( + 'DER encoded bit string must have zero padding.'); + } + } + } else { + $str = ''; + } + $offset = $idx + $str_len; + return new self($str, $unused_bits); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Boolean.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Boolean.php new file mode 100644 index 0000000..4c2f020 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Boolean.php @@ -0,0 +1,73 @@ +_typeTag = self::TYPE_BOOLEAN; + $this->_bool = $bool; + } + + /** + * Get the value. + */ + public function value(): bool + { + return $this->_bool; + } + + /** + * {@inheritdoc} + */ + protected function _encodedContentDER(): string + { + return $this->_bool ? chr(0xff) : chr(0); + } + + /** + * {@inheritdoc} + */ + protected static function _decodeFromDER(Identifier $identifier, + string $data, int &$offset): ElementBase + { + $idx = $offset; + Length::expectFromDER($data, $idx, 1); + $byte = ord($data[$idx++]); + if (0 !== $byte) { + if (0xff !== $byte) { + throw new DecodeException( + 'DER encoded boolean true must have all bits set to 1.'); + } + } + $offset = $idx; + return new self(0 !== $byte); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/CharacterString.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/CharacterString.php new file mode 100644 index 0000000..cf9476e --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/CharacterString.php @@ -0,0 +1,25 @@ +_typeTag = self::TYPE_CHARACTER_STRING; + parent::__construct($string); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/EOC.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/EOC.php new file mode 100644 index 0000000..394ed7f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/EOC.php @@ -0,0 +1,54 @@ +_typeTag = self::TYPE_EOC; + } + + /** + * {@inheritdoc} + */ + protected function _encodedContentDER(): string + { + return ''; + } + + /** + * {@inheritdoc} + */ + protected static function _decodeFromDER(Identifier $identifier, + string $data, int &$offset): ElementBase + { + $idx = $offset; + if (!$identifier->isPrimitive()) { + throw new DecodeException('EOC value must be primitive.'); + } + // EOC type has always zero length + Length::expectFromDER($data, $idx, 0); + $offset = $idx; + return new self(); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Enumerated.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Enumerated.php new file mode 100644 index 0000000..98f467b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Enumerated.php @@ -0,0 +1,22 @@ +_typeTag = self::TYPE_ENUMERATED; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/GeneralString.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/GeneralString.php new file mode 100644 index 0000000..a781a49 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/GeneralString.php @@ -0,0 +1,34 @@ +_typeTag = self::TYPE_GENERAL_STRING; + parent::__construct($string); + } + + /** + * {@inheritdoc} + */ + protected function _validateString(string $string): bool + { + // allow everything + return true; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/GeneralizedTime.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/GeneralizedTime.php new file mode 100644 index 0000000..9cfba85 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/GeneralizedTime.php @@ -0,0 +1,125 @@ +_typeTag = self::TYPE_GENERALIZED_TIME; + parent::__construct($dt); + } + + /** + * Clear cached variables on clone. + */ + public function __clone() + { + $this->_formatted = null; + } + + /** + * {@inheritdoc} + */ + protected function _encodedContentDER(): string + { + if (!isset($this->_formatted)) { + $dt = $this->_dateTime->setTimezone( + self::_createTimeZone(self::TZ_UTC)); + $this->_formatted = $dt->format('YmdHis'); + // if fractions were used + $frac = $dt->format('u'); + if (0 !== intval($frac)) { + $frac = rtrim($frac, '0'); + $this->_formatted .= ".{$frac}"; + } + // timezone + $this->_formatted .= 'Z'; + } + return $this->_formatted; + } + + /** + * {@inheritdoc} + */ + protected static function _decodeFromDER(Identifier $identifier, + string $data, int &$offset): ElementBase + { + $idx = $offset; + $length = Length::expectFromDER($data, $idx)->intLength(); + $str = substr($data, $idx, $length); + $idx += $length; + /** @var string[] $match */ + if (!preg_match(self::REGEX, $str, $match)) { + throw new DecodeException('Invalid GeneralizedTime format.'); + } + [, $year, $month, $day, $hour, $minute, $second] = $match; + // if fractions match, there's at least one digit + if (isset($match[7])) { + $frac = $match[7]; + // DER restricts trailing zeroes in fractional seconds component + if ('0' === $frac[strlen($frac) - 1]) { + throw new DecodeException( + 'Fractional seconds must omit trailing zeroes.'); + } + $frac = $frac; + } else { + $frac = '0'; + } + $time = $year . $month . $day . $hour . $minute . $second . '.' . $frac . + self::TZ_UTC; + $dt = \DateTimeImmutable::createFromFormat('!YmdHis.uT', $time, + self::_createTimeZone(self::TZ_UTC)); + if (!$dt) { + throw new DecodeException( + 'Failed to decode GeneralizedTime: ' . + self::_getLastDateTimeImmutableErrorsStr()); + } + $offset = $idx; + return new self($dt); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/GraphicString.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/GraphicString.php new file mode 100644 index 0000000..0fa2480 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/GraphicString.php @@ -0,0 +1,34 @@ +_typeTag = self::TYPE_GRAPHIC_STRING; + parent::__construct($string); + } + + /** + * {@inheritdoc} + */ + protected function _validateString(string $string): bool + { + // allow everything + return true; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/IA5String.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/IA5String.php new file mode 100644 index 0000000..4dd29ed --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/IA5String.php @@ -0,0 +1,33 @@ +_typeTag = self::TYPE_IA5_STRING; + parent::__construct($string); + } + + /** + * {@inheritdoc} + */ + protected function _validateString(string $string): bool + { + return 0 == preg_match('/[^\x00-\x7f]/', $string); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Integer.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Integer.php new file mode 100644 index 0000000..ed77b22 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Integer.php @@ -0,0 +1,105 @@ +_typeTag = self::TYPE_INTEGER; + if (!self::_validateNumber($number)) { + $var = is_scalar($number) ? strval($number) : gettype($number); + throw new \InvalidArgumentException("'{$var}' is not a valid number."); + } + $this->_number = new BigInt($number); + } + + /** + * Get the number as a base 10. + * + * @return string Integer as a string + */ + public function number(): string + { + return $this->_number->base10(); + } + + /** + * Get the number as an integer type. + */ + public function intNumber(): int + { + return $this->_number->intVal(); + } + + /** + * {@inheritdoc} + */ + protected function _encodedContentDER(): string + { + return $this->_number->signedOctets(); + } + + /** + * {@inheritdoc} + */ + protected static function _decodeFromDER(Identifier $identifier, + string $data, int &$offset): ElementBase + { + $idx = $offset; + $length = Length::expectFromDER($data, $idx)->intLength(); + $bytes = substr($data, $idx, $length); + $idx += $length; + $num = BigInt::fromSignedOctets($bytes)->gmpObj(); + $offset = $idx; + // late static binding since enumerated extends integer type + return new static($num); + } + + /** + * Test that number is valid for this context. + * + * @param mixed $num + */ + private static function _validateNumber($num): bool + { + if (is_int($num)) { + return true; + } + if (is_string($num) && preg_match('/-?\d+/', $num)) { + return true; + } + if ($num instanceof \GMP) { + return true; + } + return false; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/NullType.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/NullType.php new file mode 100644 index 0000000..fa3e86b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/NullType.php @@ -0,0 +1,54 @@ +_typeTag = self::TYPE_NULL; + } + + /** + * {@inheritdoc} + */ + protected function _encodedContentDER(): string + { + return ''; + } + + /** + * {@inheritdoc} + */ + protected static function _decodeFromDER(Identifier $identifier, + string $data, int &$offset): ElementBase + { + $idx = $offset; + if (!$identifier->isPrimitive()) { + throw new DecodeException('Null value must be primitive.'); + } + // null type has always zero length + Length::expectFromDER($data, $idx, 0); + $offset = $idx; + return new self(); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/NumericString.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/NumericString.php new file mode 100644 index 0000000..5a2454d --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/NumericString.php @@ -0,0 +1,33 @@ +_typeTag = self::TYPE_NUMERIC_STRING; + parent::__construct($string); + } + + /** + * {@inheritdoc} + */ + protected function _validateString(string $string): bool + { + return 0 == preg_match('/[^0-9 ]/', $string); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/ObjectDescriptor.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/ObjectDescriptor.php new file mode 100644 index 0000000..c40bdc1 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/ObjectDescriptor.php @@ -0,0 +1,33 @@ +_string = $descriptor; + $this->_typeTag = self::TYPE_OBJECT_DESCRIPTOR; + } + + /** + * Get the object descriptor. + */ + public function descriptor(): string + { + return $this->_string; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/ObjectIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/ObjectIdentifier.php new file mode 100644 index 0000000..f8cc9d8 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/ObjectIdentifier.php @@ -0,0 +1,207 @@ +_oid = $oid; + $this->_subids = self::_explodeDottedOID($oid); + // if OID is non-empty + if (count($this->_subids) > 0) { + // check that at least two nodes are set + if (count($this->_subids) < 2) { + throw new \UnexpectedValueException( + 'OID must have at least two nodes.'); + } + // check that root arc is in 0..2 range + if ($this->_subids[0] > 2) { + throw new \UnexpectedValueException( + 'Root arc must be in range of 0..2.'); + } + // if root arc is 0 or 1, second node must be in 0..39 range + if ($this->_subids[0] < 2 && $this->_subids[1] >= 40) { + throw new \UnexpectedValueException( + 'Second node must be in 0..39 range for root arcs 0 and 1.'); + } + } + $this->_typeTag = self::TYPE_OBJECT_IDENTIFIER; + } + + /** + * Get OID in dotted format. + */ + public function oid(): string + { + return $this->_oid; + } + + /** + * {@inheritdoc} + */ + protected function _encodedContentDER(): string + { + $subids = $this->_subids; + // encode first two subids to one according to spec section 8.19.4 + if (count($subids) >= 2) { + $num = ($subids[0] * 40) + $subids[1]; + array_splice($subids, 0, 2, [$num]); + } + return self::_encodeSubIDs(...$subids); + } + + /** + * {@inheritdoc} + */ + protected static function _decodeFromDER(Identifier $identifier, + string $data, int &$offset): ElementBase + { + $idx = $offset; + $len = Length::expectFromDER($data, $idx)->intLength(); + $subids = self::_decodeSubIDs(substr($data, $idx, $len)); + $idx += $len; + // decode first subidentifier according to spec section 8.19.4 + if (isset($subids[0])) { + if ($subids[0] < 80) { + [$x, $y] = gmp_div_qr($subids[0], '40'); + } else { + $x = gmp_init(2, 10); + $y = $subids[0] - 80; + } + array_splice($subids, 0, 1, [$x, $y]); + } + $offset = $idx; + return new self(self::_implodeSubIDs(...$subids)); + } + + /** + * Explode dotted OID to an array of sub ID's. + * + * @param string $oid OID in dotted format + * + * @return \GMP[] Array of GMP numbers + */ + protected static function _explodeDottedOID(string $oid): array + { + $subids = []; + if (strlen($oid)) { + foreach (explode('.', $oid) as $subid) { + $n = @gmp_init($subid, 10); + if (false === $n) { + throw new \UnexpectedValueException( + "'{$subid}' is not a number."); + } + $subids[] = $n; + } + } + return $subids; + } + + /** + * Implode an array of sub IDs to dotted OID format. + * + * @param \GMP ...$subids + */ + protected static function _implodeSubIDs(\GMP ...$subids): string + { + return implode('.', + array_map(function ($num) { + return gmp_strval($num, 10); + }, $subids)); + } + + /** + * Encode sub ID's to DER. + * + * @param \GMP ...$subids + */ + protected static function _encodeSubIDs(\GMP ...$subids): string + { + $data = ''; + foreach ($subids as $subid) { + // if number fits to one base 128 byte + if ($subid < 128) { + $data .= chr(intval($subid)); + } else { // encode to multiple bytes + $bytes = []; + do { + array_unshift($bytes, 0x7f & gmp_intval($subid)); + $subid >>= 7; + } while ($subid > 0); + // all bytes except last must have bit 8 set to one + foreach (array_splice($bytes, 0, -1) as $byte) { + $data .= chr(0x80 | $byte); + } + $data .= chr(reset($bytes)); + } + } + return $data; + } + + /** + * Decode sub ID's from DER data. + * + * @throws DecodeException + * + * @return \GMP[] Array of GMP numbers + */ + protected static function _decodeSubIDs(string $data): array + { + $subids = []; + $idx = 0; + $end = strlen($data); + while ($idx < $end) { + $num = gmp_init('0', 10); + while (true) { + if ($idx >= $end) { + throw new DecodeException('Unexpected end of data.'); + } + $byte = ord($data[$idx++]); + $num |= $byte & 0x7f; + // bit 8 of the last octet is zero + if (!($byte & 0x80)) { + break; + } + $num <<= 7; + } + $subids[] = $num; + } + return $subids; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/OctetString.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/OctetString.php new file mode 100644 index 0000000..547d040 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/OctetString.php @@ -0,0 +1,25 @@ +_typeTag = self::TYPE_OCTET_STRING; + parent::__construct($string); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/PrintableString.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/PrintableString.php new file mode 100644 index 0000000..0b17d22 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/PrintableString.php @@ -0,0 +1,34 @@ +_typeTag = self::TYPE_PRINTABLE_STRING; + parent::__construct($string); + } + + /** + * {@inheritdoc} + */ + protected function _validateString(string $string): bool + { + $chars = preg_quote(" '()+,-./:=?]", '/'); + return 0 == preg_match('/[^A-Za-z0-9' . $chars . ']/', $string); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Real.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Real.php new file mode 100644 index 0000000..3efd67f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Real.php @@ -0,0 +1,698 @@ +[+\-])?' . // sign + '(?\d+)' . // integer + '$/'; + + /** + * Regex pattern to parse NR2 form number. + * + * @var string + */ + const NR2_REGEX = '/^\s*' . + '(?[+\-])?' . // sign + '(?(?:\d+[\.,]\d*)|(?:\d*[\.,]\d+))' . // decimal number + '$/'; + + /** + * Regex pattern to parse NR3 form number. + * + * @var string + */ + const NR3_REGEX = '/^\s*' . + '(?[+\-])?' . // mantissa sign + '(?(?:\d+[\.,]\d*)|(?:\d*[\.,]\d+))' . // mantissa + '[Ee](?[+\-])?' . // exponent sign + '(?\d+)' . // exponent + '$/'; + + /** + * Regex pattern to parse PHP exponent number format. + * + * @see http://php.net/manual/en/language.types.float.php + * + * @var string + */ + const PHP_EXPONENT_DNUM = '/^' . + '(?[+\-])?' . // sign + '(?' . + '\d+' . // LNUM + '|' . + '(?:\d*\.\d+|\d+\.\d*)' . // DNUM + ')[eE]' . + '(?[+\-])?(?\d+)' . // exponent + '$/'; + + /** + * Exponent when value is positive or negative infinite. + * + * @var int + */ + const INF_EXPONENT = 2047; + + /** + * Exponent bias for IEEE 754 double precision float. + * + * @var int + */ + const EXP_BIAS = -1023; + + /** + * Signed integer mantissa. + * + * @var BigInt + */ + private $_mantissa; + + /** + * Signed integer exponent. + * + * @var BigInt + */ + private $_exponent; + + /** + * Abstract value base. + * + * Must be 2 or 10. + * + * @var int + */ + private $_base; + + /** + * Whether to encode strictly in DER. + * + * @var bool + */ + private $_strictDer; + + /** + * Number as a native float. + * + * @internal Lazily initialized + * + * @var null|float + */ + private $_float; + + /** + * Constructor. + * + * @param \GMP|int|string $mantissa Integer mantissa + * @param \GMP|int|string $exponent Integer exponent + * @param int $base Base, 2 or 10 + */ + public function __construct($mantissa, $exponent, int $base = 10) + { + if (10 !== $base && 2 !== $base) { + throw new \UnexpectedValueException('Base must be 2 or 10.'); + } + $this->_typeTag = self::TYPE_REAL; + $this->_strictDer = true; + $this->_mantissa = new BigInt($mantissa); + $this->_exponent = new BigInt($exponent); + $this->_base = $base; + } + + /** + * {@inheritdoc} + */ + public function __toString(): string + { + return sprintf('%g', $this->floatVal()); + } + + /** + * Create base 2 real number from float. + */ + public static function fromFloat(float $number): self + { + if (is_infinite($number)) { + return self::_fromInfinite($number); + } + if (is_nan($number)) { + throw new \UnexpectedValueException('NaN values not supported.'); + } + [$m, $e] = self::_parse754Double(pack('E', $number)); + return new self($m, $e, 2); + } + + /** + * Create base 10 real number from string. + * + * @param string $number Real number in base-10 textual form + */ + public static function fromString(string $number): self + { + [$m, $e] = self::_parseString($number); + return new self($m, $e, 10); + } + + /** + * Get self with strict DER flag set or unset. + * + * @param bool $strict whether to encode strictly in DER + */ + public function withStrictDER(bool $strict): self + { + $obj = clone $this; + $obj->_strictDer = $strict; + return $obj; + } + + /** + * Get the mantissa. + */ + public function mantissa(): BigInt + { + return $this->_mantissa; + } + + /** + * Get the exponent. + */ + public function exponent(): BigInt + { + return $this->_exponent; + } + + /** + * Get the base. + */ + public function base(): int + { + return $this->_base; + } + + /** + * Get number as a float. + */ + public function floatVal(): float + { + if (!isset($this->_float)) { + $m = $this->_mantissa->intVal(); + $e = $this->_exponent->intVal(); + $this->_float = (float) ($m * pow($this->_base, $e)); + } + return $this->_float; + } + + /** + * Get number as a NR3 form string conforming to DER rules. + */ + public function nr3Val(): string + { + // convert to base 10 + if (2 === $this->_base) { + [$m, $e] = self::_parseString(sprintf('%15E', $this->floatVal())); + } else { + $m = $this->_mantissa->gmpObj(); + $e = $this->_exponent->gmpObj(); + } + // shift trailing zeroes from the mantissa to the exponent + // (X.690 07-2002, section 11.3.2.4) + while (0 != $m && 0 == $m % 10) { + $m /= 10; + ++$e; + } + // if exponent is zero, it must be prefixed with a "+" sign + // (X.690 07-2002, section 11.3.2.6) + if (0 == $e) { + $es = '+'; + } else { + $es = $e < 0 ? '-' : ''; + } + return sprintf('%s.E%s%s', gmp_strval($m), $es, gmp_strval(gmp_abs($e))); + } + + /** + * {@inheritdoc} + */ + protected function _encodedContentDER(): string + { + if (self::INF_EXPONENT == $this->_exponent->gmpObj()) { + return $this->_encodeSpecial(); + } + // if the real value is the value zero, there shall be no contents + // octets in the encoding. (X.690 07-2002, section 8.5.2) + if (0 == $this->_mantissa->gmpObj()) { + return ''; + } + if (10 === $this->_base) { + return $this->_encodeDecimal(); + } + return $this->_encodeBinary(); + } + + /** + * Encode in binary format. + */ + protected function _encodeBinary(): string + { + [$base, $sign, $m, $e] = $this->_prepareBinaryEncoding(); + $zero = gmp_init(0, 10); + $byte = 0x80; + if ($sign < 0) { + $byte |= 0x40; + } + // normalization: mantissa must be 0 or odd + if (2 === $base) { + // while last bit is zero + while ($m > 0 && 0 === gmp_cmp($m & 0x01, $zero)) { + $m >>= 1; + ++$e; + } + } elseif (8 === $base) { + $byte |= 0x10; + // while last 3 bits are zero + while ($m > 0 && 0 === gmp_cmp($m & 0x07, $zero)) { + $m >>= 3; + ++$e; + } + } else { // base === 16 + $byte |= 0x20; + // while last 4 bits are zero + while ($m > 0 && 0 === gmp_cmp($m & 0x0f, $zero)) { + $m >>= 4; + ++$e; + } + } + // scale factor + $scale = 0; + while ($m > 0 && 0 === gmp_cmp($m & 0x01, $zero)) { + $m >>= 1; + ++$scale; + } + $byte |= ($scale & 0x03) << 2; + // encode exponent + $exp_bytes = (new BigInt($e))->signedOctets(); + $exp_len = strlen($exp_bytes); + if ($exp_len > 0xff) { + throw new \RangeException('Exponent encoding is too long.'); + } + if ($exp_len <= 3) { + $byte |= ($exp_len - 1) & 0x03; + $bytes = chr($byte); + } else { + $byte |= 0x03; + $bytes = chr($byte) . chr($exp_len); + } + $bytes .= $exp_bytes; + // encode mantissa + $bytes .= (new BigInt($m))->unsignedOctets(); + return $bytes; + } + + /** + * Encode in decimal format. + */ + protected function _encodeDecimal(): string + { + // encode in NR3 decimal encoding + return chr(0x03) . $this->nr3Val(); + } + + /** + * Encode special value. + */ + protected function _encodeSpecial(): string + { + switch ($this->_mantissa->intVal()) { + // positive infitinity + case 1: + return chr(0x40); + // negative infinity + case -1: + return chr(0x41); + } + throw new \LogicException('Invalid special value.'); + } + + /** + * {@inheritdoc} + */ + protected static function _decodeFromDER(Identifier $identifier, + string $data, int &$offset): ElementBase + { + $idx = $offset; + $length = Length::expectFromDER($data, $idx)->intLength(); + // if length is zero, value is zero (spec 8.5.2) + if (!$length) { + $obj = new self(0, 0, 10); + } else { + $bytes = substr($data, $idx, $length); + $byte = ord($bytes[0]); + if (0x80 & $byte) { // bit 8 = 1 + $obj = self::_decodeBinaryEncoding($bytes); + } elseif (0x00 === $byte >> 6) { // bit 8 = 0, bit 7 = 0 + $obj = self::_decodeDecimalEncoding($bytes); + } else { // bit 8 = 0, bit 7 = 1 + $obj = self::_decodeSpecialRealValue($bytes); + } + } + $offset = $idx + $length; + return $obj; + } + + /** + * Decode binary encoding. + */ + protected static function _decodeBinaryEncoding(string $data) + { + $byte = ord($data[0]); + // bit 7 is set if mantissa is negative + $neg = (bool) (0x40 & $byte); + // encoding base in bits 6 and 5 + switch (($byte >> 4) & 0x03) { + case 0b00: + $base = 2; + break; + case 0b01: + $base = 8; + break; + case 0b10: + $base = 16; + break; + default: + throw new DecodeException( + 'Reserved REAL binary encoding base not supported.'); + } + // scaling factor in bits 4 and 3 + $scale = ($byte >> 2) & 0x03; + $idx = 1; + // content length in bits 2 and 1 + $len = ($byte & 0x03) + 1; + // if both bits are set, the next octet encodes the length + if ($len > 3) { + if (strlen($data) < 2) { + throw new DecodeException( + 'Unexpected end of data while decoding REAL exponent length.'); + } + $len = ord($data[1]); + $idx = 2; + } + if (strlen($data) < $idx + $len) { + throw new DecodeException( + 'Unexpected end of data while decoding REAL exponent.'); + } + // decode exponent + $octets = substr($data, $idx, $len); + $exp = BigInt::fromSignedOctets($octets)->gmpObj(); + if (8 === $base) { + $exp *= 3; + } elseif (16 === $base) { + $exp *= 4; + } + if (strlen($data) <= $idx + $len) { + throw new DecodeException( + 'Unexpected end of data while decoding REAL mantissa.'); + } + // decode mantissa + $octets = substr($data, $idx + $len); + $n = BigInt::fromUnsignedOctets($octets)->gmpObj(); + $n *= 2 ** $scale; + if ($neg) { + $n = gmp_neg($n); + } + return new self($n, $exp, 2); + } + + /** + * Decode decimal encoding. + * + * @throws \RuntimeException + */ + protected static function _decodeDecimalEncoding(string $data): self + { + $nr = ord($data[0]) & 0x3f; + if (!in_array($nr, [1, 2, 3])) { + throw new DecodeException('Unsupported decimal encoding form.'); + } + $str = substr($data, 1); + return self::fromString($str); + } + + /** + * Decode special encoding. + */ + protected static function _decodeSpecialRealValue(string $data): self + { + if (1 !== strlen($data)) { + throw new DecodeException( + 'SpecialRealValue must have one content octet.'); + } + $byte = ord($data[0]); + if (0x40 === $byte) { // positive infinity + return self::_fromInfinite(INF); + } + if (0x41 === $byte) { // negative infinity + return self::_fromInfinite(-INF); + } + throw new DecodeException('Invalid SpecialRealValue encoding.'); + } + + /** + * Prepare value for binary encoding. + * + * @return array (int) base, (int) sign, (\GMP) mantissa and (\GMP) exponent + */ + protected function _prepareBinaryEncoding(): array + { + $base = 2; + $m = $this->_mantissa->gmpObj(); + $ms = gmp_sign($m); + $m = gmp_abs($m); + $e = $this->_exponent->gmpObj(); + $es = gmp_sign($e); + $e = gmp_abs($e); + // DER uses only base 2 binary encoding + if (!$this->_strictDer) { + if (0 == $e % 4) { + $base = 16; + $e = gmp_div_q($e, 4); + } elseif (0 == $e % 3) { + $base = 8; + $e = gmp_div_q($e, 3); + } + } + return [$base, $ms, $m, $e * $es]; + } + + /** + * Initialize from INF or -INF. + */ + private static function _fromInfinite(float $inf): self + { + return new self($inf === -INF ? -1 : 1, self::INF_EXPONENT, 2); + } + + /** + * Parse IEEE 754 big endian formatted double precision float to base 2 + * mantissa and exponent. + * + * @param string $octets 64 bits + * + * @return \GMP[] Tuple of mantissa and exponent + */ + private static function _parse754Double(string $octets): array + { + $n = gmp_import($octets, 1, GMP_MSW_FIRST | GMP_BIG_ENDIAN); + // sign bit + $neg = gmp_testbit($n, 63); + // 11 bits of biased exponent + $exp = (gmp_and($n, '0x7ff0000000000000') >> 52) + self::EXP_BIAS; + // 52 bits of mantissa + $man = gmp_and($n, '0xfffffffffffff'); + // zero, ASN.1 doesn't differentiate -0 from +0 + if (self::EXP_BIAS == $exp && 0 == $man) { + return [gmp_init(0, 10), gmp_init(0, 10)]; + } + // denormalized value, shift binary point + if (self::EXP_BIAS == $exp) { + ++$exp; + } + // normalized value, insert implicit leading one before the binary point + else { + gmp_setbit($man, 52); + } + // find the last fraction bit that is set + $last = gmp_scan1($man, 0); + $bits_for_fraction = 52 - $last; + // adjust mantissa and exponent so that we have integer values + $man >>= $last; + $exp -= $bits_for_fraction; + // negate mantissa if number was negative + if ($neg) { + $man = gmp_neg($man); + } + return [$man, $exp]; + } + + /** + * Parse textual REAL number to base 10 mantissa and exponent. + * + * @param string $str Number + * + * @return \GMP[] Tuple of mantissa and exponent + */ + private static function _parseString(string $str): array + { + // PHP exponent format + if (preg_match(self::PHP_EXPONENT_DNUM, $str, $match)) { + [$m, $e] = self::_parsePHPExponentMatch($match); + } + // NR3 format + elseif (preg_match(self::NR3_REGEX, $str, $match)) { + [$m, $e] = self::_parseNR3Match($match); + } + // NR2 format + elseif (preg_match(self::NR2_REGEX, $str, $match)) { + [$m, $e] = self::_parseNR2Match($match); + } + // NR1 format + elseif (preg_match(self::NR1_REGEX, $str, $match)) { + [$m, $e] = self::_parseNR1Match($match); + } + // invalid number + else { + throw new \UnexpectedValueException( + "{$str} could not be parsed to REAL."); + } + // normalize so that mantsissa has no trailing zeroes + while (0 != $m && 0 == $m % 10) { + $m /= 10; + ++$e; + } + return [$m, $e]; + } + + /** + * Parse PHP form float to base 10 mantissa and exponent. + * + * @param array $match Regexp match + * + * @return \GMP[] Tuple of mantissa and exponent + */ + private static function _parsePHPExponentMatch(array $match): array + { + // mantissa sign + $ms = '-' === $match['ms'] ? -1 : 1; + $m_parts = explode('.', $match['m']); + // integer part of the mantissa + $int = ltrim($m_parts[0], '0'); + // exponent sign + $es = '-' === $match['es'] ? -1 : 1; + // signed exponent + $e = gmp_init($match['e'], 10) * $es; + // if mantissa had fractional part + if (2 === count($m_parts)) { + $frac = rtrim($m_parts[1], '0'); + $e -= strlen($frac); + $int .= $frac; + } + $m = gmp_init($int, 10) * $ms; + return [$m, $e]; + } + + /** + * Parse NR3 form number to base 10 mantissa and exponent. + * + * @param array $match Regexp match + * + * @return \GMP[] Tuple of mantissa and exponent + */ + private static function _parseNR3Match(array $match): array + { + // mantissa sign + $ms = '-' === $match['ms'] ? -1 : 1; + // explode mantissa to integer and fraction parts + [$int, $frac] = explode('.', str_replace(',', '.', $match['m'])); + $int = ltrim($int, '0'); + $frac = rtrim($frac, '0'); + // exponent sign + $es = '-' === $match['es'] ? -1 : 1; + // signed exponent + $e = gmp_init($match['e'], 10) * $es; + // shift exponent by the number of base 10 fractions + $e -= strlen($frac); + // insert fractions to integer part and produce signed mantissa + $int .= $frac; + if ('' === $int) { + $int = '0'; + } + $m = gmp_init($int, 10) * $ms; + return [$m, $e]; + } + + /** + * Parse NR2 form number to base 10 mantissa and exponent. + * + * @param array $match Regexp match + * + * @return \GMP[] Tuple of mantissa and exponent + */ + private static function _parseNR2Match(array $match): array + { + $sign = '-' === $match['s'] ? -1 : 1; + // explode decimal number to integer and fraction parts + [$int, $frac] = explode('.', str_replace(',', '.', $match['d'])); + $int = ltrim($int, '0'); + $frac = rtrim($frac, '0'); + // shift exponent by the number of base 10 fractions + $e = gmp_init(0, 10); + $e -= strlen($frac); + // insert fractions to integer part and produce signed mantissa + $int .= $frac; + if ('' === $int) { + $int = '0'; + } + $m = gmp_init($int, 10) * $sign; + return [$m, $e]; + } + + /** + * Parse NR1 form number to base 10 mantissa and exponent. + * + * @param array $match Regexp match + * + * @return \GMP[] Tuple of mantissa and exponent + */ + private static function _parseNR1Match(array $match): array + { + $sign = '-' === $match['s'] ? -1 : 1; + $int = ltrim($match['i'], '0'); + if ('' === $int) { + $int = '0'; + } + $m = gmp_init($int, 10) * $sign; + return [$m, gmp_init(0, 10)]; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/RelativeOID.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/RelativeOID.php new file mode 100644 index 0000000..b497527 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/RelativeOID.php @@ -0,0 +1,48 @@ +_oid = $oid; + $this->_subids = self::_explodeDottedOID($oid); + $this->_typeTag = self::TYPE_RELATIVE_OID; + } + + /** + * {@inheritdoc} + */ + protected function _encodedContentDER(): string + { + return self::_encodeSubIDs(...$this->_subids); + } + + /** + * {@inheritdoc} + */ + protected static function _decodeFromDER(Identifier $identifier, + string $data, int &$offset): ElementBase + { + $idx = $offset; + $len = Length::expectFromDER($data, $idx)->intLength(); + $subids = self::_decodeSubIDs(substr($data, $idx, $len)); + $offset = $idx + $len; + return new self(self::_implodeSubIDs(...$subids)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/T61String.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/T61String.php new file mode 100644 index 0000000..c2bcfbc --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/T61String.php @@ -0,0 +1,35 @@ +_typeTag = self::TYPE_T61_STRING; + parent::__construct($string); + } + + /** + * {@inheritdoc} + */ + protected function _validateString(string $string): bool + { + // allow everything since there's literally + // thousands of allowed characters (16 bit composed characters) + return true; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/UTCTime.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/UTCTime.php new file mode 100644 index 0000000..6d07d0d --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/UTCTime.php @@ -0,0 +1,83 @@ +_typeTag = self::TYPE_UTC_TIME; + parent::__construct($dt); + } + + /** + * {@inheritdoc} + */ + protected function _encodedContentDER(): string + { + $dt = $this->_dateTime->setTimezone(self::_createTimeZone(self::TZ_UTC)); + return $dt->format('ymdHis\\Z'); + } + + /** + * {@inheritdoc} + */ + protected static function _decodeFromDER(Identifier $identifier, + string $data, int &$offset): ElementBase + { + $idx = $offset; + $length = Length::expectFromDER($data, $idx)->intLength(); + $str = substr($data, $idx, $length); + $idx += $length; + /** @var string[] $match */ + if (!preg_match(self::REGEX, $str, $match)) { + throw new DecodeException('Invalid UTCTime format.'); + } + [, $year, $month, $day, $hour, $minute, $second] = $match; + $time = $year . $month . $day . $hour . $minute . $second . self::TZ_UTC; + $dt = \DateTimeImmutable::createFromFormat('!ymdHisT', $time, + self::_createTimeZone(self::TZ_UTC)); + if (!$dt) { + throw new DecodeException('Failed to decode UTCTime: ' . + self::_getLastDateTimeImmutableErrorsStr()); + } + $offset = $idx; + return new self($dt); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/UTF8String.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/UTF8String.php new file mode 100644 index 0000000..9cb9aa2 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/UTF8String.php @@ -0,0 +1,35 @@ +_typeTag = self::TYPE_UTF8_STRING; + parent::__construct($string); + } + + /** + * {@inheritdoc} + */ + protected function _validateString(string $string): bool + { + return mb_check_encoding($string, 'UTF-8'); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/UniversalString.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/UniversalString.php new file mode 100644 index 0000000..f0a6c23 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/UniversalString.php @@ -0,0 +1,39 @@ +_typeTag = self::TYPE_UNIVERSAL_STRING; + parent::__construct($string); + } + + /** + * {@inheritdoc} + */ + protected function _validateString(string $string): bool + { + // UCS-4 has fixed with of 4 octets (32 bits) + if (0 !== strlen($string) % 4) { + return false; + } + return true; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/VideotexString.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/VideotexString.php new file mode 100644 index 0000000..d9a6721 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/VideotexString.php @@ -0,0 +1,34 @@ +_typeTag = self::TYPE_VIDEOTEX_STRING; + parent::__construct($string); + } + + /** + * {@inheritdoc} + */ + protected function _validateString(string $string): bool + { + // allow everything + return true; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/VisibleString.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/VisibleString.php new file mode 100644 index 0000000..659317b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/VisibleString.php @@ -0,0 +1,33 @@ +_typeTag = self::TYPE_VISIBLE_STRING; + parent::__construct($string); + } + + /** + * {@inheritdoc} + */ + protected function _validateString(string $string): bool + { + return 0 == preg_match('/[^\x20-\x7e]/', $string); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/PrimitiveString.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/PrimitiveString.php new file mode 100644 index 0000000..5fef105 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/PrimitiveString.php @@ -0,0 +1,53 @@ +_string; + } + + /** + * {@inheritdoc} + */ + protected static function _decodeFromDER(Identifier $identifier, + string $data, int &$offset): ElementBase + { + $idx = $offset; + if (!$identifier->isPrimitive()) { + throw new DecodeException('DER encoded string must be primitive.'); + } + $length = Length::expectFromDER($data, $idx)->intLength(); + $str = $length ? substr($data, $idx, $length) : ''; + // substr should never return false, since length is + // checked by Length::expectFromDER. + assert(is_string($str), new DecodeException('substr')); + $offset = $idx + $length; + try { + return new static($str); + } catch (\InvalidArgumentException $e) { + throw new DecodeException($e->getMessage(), 0, $e); + } + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/PrimitiveType.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/PrimitiveType.php new file mode 100644 index 0000000..c645e3f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/PrimitiveType.php @@ -0,0 +1,19 @@ +_elements = array_map( + function (ElementBase $el) { + return $el->asElement(); + }, $elements); + } + + /** + * Clone magic method. + */ + public function __clone() + { + // clear cache-variables + $this->_taggedMap = null; + $this->_unspecifiedTypes = null; + } + + /** + * {@inheritdoc} + */ + public function isConstructed(): bool + { + return true; + } + + /** + * Explode DER structure to DER encoded components that it contains. + * + * @throws DecodeException + * + * @return string[] + */ + public static function explodeDER(string $data): array + { + $offset = 0; + $identifier = Identifier::fromDER($data, $offset); + if (!$identifier->isConstructed()) { + throw new DecodeException('Element is not constructed.'); + } + $length = Length::expectFromDER($data, $offset); + if ($length->isIndefinite()) { + throw new DecodeException( + 'Explode not implemented for indefinite length encoding.'); + } + $end = $offset + $length->intLength(); + $parts = []; + while ($offset < $end) { + // start of the element + $idx = $offset; + // skip identifier + Identifier::fromDER($data, $offset); + // decode element length + $length = Length::expectFromDER($data, $offset)->intLength(); + // extract der encoding of the element + $parts[] = substr($data, $idx, $offset - $idx + $length); + // update offset over content + $offset += $length; + } + return $parts; + } + + /** + * Get self with an element at the given index replaced by another. + * + * @param int $idx Element index + * @param Element $el New element to insert into the structure + * + * @throws \OutOfBoundsException + */ + public function withReplaced(int $idx, Element $el): self + { + if (!isset($this->_elements[$idx])) { + throw new \OutOfBoundsException( + "Structure doesn't have element at index {$idx}."); + } + $obj = clone $this; + $obj->_elements[$idx] = $el; + return $obj; + } + + /** + * Get self with an element inserted before the given index. + * + * @param int $idx Element index + * @param Element $el New element to insert into the structure + * + * @throws \OutOfBoundsException + */ + public function withInserted(int $idx, Element $el): self + { + if (count($this->_elements) < $idx || $idx < 0) { + throw new \OutOfBoundsException("Index {$idx} is out of bounds."); + } + $obj = clone $this; + array_splice($obj->_elements, $idx, 0, [$el]); + return $obj; + } + + /** + * Get self with an element appended to the end. + * + * @param Element $el Element to insert into the structure + */ + public function withAppended(Element $el): self + { + $obj = clone $this; + array_push($obj->_elements, $el); + return $obj; + } + + /** + * Get self with an element prepended in the beginning. + * + * @param Element $el Element to insert into the structure + */ + public function withPrepended(Element $el): self + { + $obj = clone $this; + array_unshift($obj->_elements, $el); + return $obj; + } + + /** + * Get self with an element at the given index removed. + * + * @param int $idx Element index + * + * @throws \OutOfBoundsException + */ + public function withoutElement(int $idx): self + { + if (!isset($this->_elements[$idx])) { + throw new \OutOfBoundsException( + "Structure doesn't have element at index {$idx}."); + } + $obj = clone $this; + array_splice($obj->_elements, $idx, 1); + return $obj; + } + + /** + * Get elements in the structure. + * + * @return UnspecifiedType[] + */ + public function elements(): array + { + if (!isset($this->_unspecifiedTypes)) { + $this->_unspecifiedTypes = array_map( + function (Element $el) { + return new UnspecifiedType($el); + }, $this->_elements); + } + return $this->_unspecifiedTypes; + } + + /** + * Check whether the structure has an element at the given index, optionally + * satisfying given tag expectation. + * + * @param int $idx Index 0..n + * @param null|int $expectedTag Optional type tag expectation + */ + public function has(int $idx, ?int $expectedTag = null): bool + { + if (!isset($this->_elements[$idx])) { + return false; + } + if (isset($expectedTag)) { + if (!$this->_elements[$idx]->isType($expectedTag)) { + return false; + } + } + return true; + } + + /** + * Get the element at the given index, optionally checking that the element + * has a given tag. + * + * @param int $idx Index 0..n + * + * @throws \OutOfBoundsException If element doesn't exists + * @throws \UnexpectedValueException If expectation fails + */ + public function at(int $idx): UnspecifiedType + { + if (!isset($this->_elements[$idx])) { + throw new \OutOfBoundsException( + "Structure doesn't have an element at index {$idx}."); + } + return new UnspecifiedType($this->_elements[$idx]); + } + + /** + * Check whether the structure contains a context specific element with a + * given tag. + * + * @param int $tag Tag number + */ + public function hasTagged(int $tag): bool + { + // lazily build lookup map + if (!isset($this->_taggedMap)) { + $this->_taggedMap = []; + foreach ($this->_elements as $element) { + if ($element->isTagged()) { + $this->_taggedMap[$element->tag()] = $element; + } + } + } + return isset($this->_taggedMap[$tag]); + } + + /** + * Get a context specific element tagged with a given tag. + * + * @throws \LogicException If tag doesn't exists + */ + public function getTagged(int $tag): TaggedType + { + if (!$this->hasTagged($tag)) { + throw new \LogicException("No tagged element for tag {$tag}."); + } + return $this->_taggedMap[$tag]; + } + + /** + * @see \Countable::count() + */ + public function count(): int + { + return count($this->_elements); + } + + /** + * Get an iterator for the `UnspecifiedElement` objects. + * + * @see \IteratorAggregate::getIterator() + */ + public function getIterator(): \ArrayIterator + { + return new \ArrayIterator($this->elements()); + } + + /** + * {@inheritdoc} + */ + protected function _encodedContentDER(): string + { + $data = ''; + foreach ($this->_elements as $element) { + $data .= $element->toDER(); + } + return $data; + } + + /** + * {@inheritdoc} + * + * @return self + */ + protected static function _decodeFromDER(Identifier $identifier, + string $data, int &$offset): ElementBase + { + if (!$identifier->isConstructed()) { + throw new DecodeException( + 'Structured element must have constructed bit set.'); + } + $idx = $offset; + $length = Length::expectFromDER($data, $idx); + if ($length->isIndefinite()) { + $type = self::_decodeIndefiniteLength($data, $idx); + } else { + $type = self::_decodeDefiniteLength($data, $idx, + $length->intLength()); + } + $offset = $idx; + return $type; + } + + /** + * Decode elements for a definite length. + * + * @param string $data DER data + * @param int $offset Offset to data + * @param int $length Number of bytes to decode + * + * @throws DecodeException + */ + private static function _decodeDefiniteLength(string $data, int &$offset, + int $length): ElementBase + { + $idx = $offset; + $end = $idx + $length; + $elements = []; + while ($idx < $end) { + $elements[] = Element::fromDER($data, $idx); + // check that element didn't overflow length + if ($idx > $end) { + throw new DecodeException("Structure's content overflows length."); + } + } + $offset = $idx; + // return instance by static late binding + return new static(...$elements); + } + + /** + * Decode elements for an indefinite length. + * + * @param string $data DER data + * @param int $offset Offset to data + * + * @throws DecodeException + */ + private static function _decodeIndefiniteLength(string $data, int &$offset): ElementBase + { + $idx = $offset; + $elements = []; + $end = strlen($data); + while (true) { + if ($idx >= $end) { + throw new DecodeException( + 'Unexpected end of data while decoding indefinite length structure.'); + } + $el = Element::fromDER($data, $idx); + if ($el->isType(self::TYPE_EOC)) { + break; + } + $elements[] = $el; + } + $offset = $idx; + $type = new static(...$elements); + $type->_indefiniteLength = true; + return $type; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ApplicationType.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ApplicationType.php new file mode 100644 index 0000000..9821e6e --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ApplicationType.php @@ -0,0 +1,12 @@ +_identifier = $identifier; + $this->_data = $data; + $this->_offset = $offset; + $this->_valueOffset = $value_offset; + $this->_valueLength = $value_length; + $this->_indefiniteLength = $indefinite_length; + $this->_typeTag = $identifier->intTag(); + } + + /** + * {@inheritdoc} + */ + public function typeClass(): int + { + return $this->_identifier->typeClass(); + } + + /** + * {@inheritdoc} + */ + public function isConstructed(): bool + { + return $this->_identifier->isConstructed(); + } + + /** + * {@inheritdoc} + */ + public function implicit(int $tag, int $class = Identifier::CLASS_UNIVERSAL): UnspecifiedType + { + $identifier = $this->_identifier->withClass($class)->withTag($tag); + $cls = self::_determineImplClass($identifier); + $idx = $this->_offset; + /** @var \Sop\ASN1\Feature\ElementBase $element */ + $element = $cls::_decodeFromDER($identifier, $this->_data, $idx); + return $element->asUnspecified(); + } + + /** + * {@inheritdoc} + */ + public function explicit(): UnspecifiedType + { + $idx = $this->_valueOffset; + return Element::fromDER($this->_data, $idx)->asUnspecified(); + } + + /** + * {@inheritdoc} + */ + protected static function _decodeFromDER(Identifier $identifier, + string $data, int &$offset): ElementBase + { + $idx = $offset; + $length = Length::expectFromDER($data, $idx); + // offset to inner value + $value_offset = $idx; + if ($length->isIndefinite()) { + if ($identifier->isPrimitive()) { + throw new DecodeException( + 'Primitive type with indefinite length is not supported.'); + } + while (!Element::fromDER($data, $idx)->isType(self::TYPE_EOC)); + // EOC consists of two octets. + $value_length = $idx - $value_offset - 2; + } else { + $value_length = $length->intLength(); + $idx += $value_length; + } + // late static binding since ApplicationType and PrivateType extend this class + $type = new static($identifier, $data, $offset, $value_offset, + $value_length, $length->isIndefinite()); + $offset = $idx; + return $type; + } + + /** + * {@inheritdoc} + */ + protected function _encodedContentDER(): string + { + return substr($this->_data, $this->_valueOffset, $this->_valueLength); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ExplicitTagging.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ExplicitTagging.php new file mode 100644 index 0000000..be5a300 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ExplicitTagging.php @@ -0,0 +1,19 @@ +_typeTag = $tag; + $this->_element = $element; + $this->_class = $class; + } + + /** + * {@inheritdoc} + */ + public function isConstructed(): bool + { + return true; + } + + /** + * {@inheritdoc} + */ + public function explicit(): UnspecifiedType + { + return $this->_element->asUnspecified(); + } + + /** + * {@inheritdoc} + */ + protected function _encodedContentDER(): string + { + // get the full encoding of the wrapped element + return $this->_element->toDER(); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ImplicitTagging.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ImplicitTagging.php new file mode 100644 index 0000000..ca2d5ed --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ImplicitTagging.php @@ -0,0 +1,25 @@ +_typeTag = $tag; + $this->_element = $element; + $this->_class = $class; + } + + /** + * {@inheritdoc} + */ + public function isConstructed(): bool + { + // depends on the underlying type + return $this->_element->isConstructed(); + } + + /** + * {@inheritdoc} + */ + public function implicit( + int $tag, int $class = Identifier::CLASS_UNIVERSAL): UnspecifiedType + { + $this->_element->expectType($tag); + if ($this->_element->typeClass() !== $class) { + throw new \UnexpectedValueException( + sprintf('Type class %s expected, got %s.', + Identifier::classToName($class), + Identifier::classToName($this->_element->typeClass()))); + } + return $this->_element->asUnspecified(); + } + + /** + * {@inheritdoc} + */ + protected function _encodedContentDER(): string + { + // get only the content of the wrapped element. + return $this->_element->_encodedContentDER(); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/PrivateType.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/PrivateType.php new file mode 100644 index 0000000..6ab626b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/PrivateType.php @@ -0,0 +1,12 @@ +_class; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/TaggedType.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/TaggedType.php new file mode 100644 index 0000000..80ae37c --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/TaggedType.php @@ -0,0 +1,84 @@ +expectTagged($expectedTag); + } + return $el; + } + + /** + * Get the wrapped inner element employing explicit tagging. + * + * @param null|int $expectedTag Optional outer tag expectation + * + * @throws \UnexpectedValueException If expectation fails + */ + public function asExplicit(?int $expectedTag = null): UnspecifiedType + { + return $this->expectExplicit($expectedTag)->explicit(); + } + + /** + * Check whether element supports implicit tagging. + * + * @param null|int $expectedTag Optional outer tag expectation + * + * @throws \UnexpectedValueException If expectation fails + */ + public function expectImplicit(?int $expectedTag = null): ImplicitTagging + { + $el = $this; + if (!$el instanceof ImplicitTagging) { + throw new \UnexpectedValueException( + "Element doesn't implement implicit tagging."); + } + if (isset($expectedTag)) { + $el->expectTagged($expectedTag); + } + return $el; + } + + /** + * Get the wrapped inner element employing implicit tagging. + * + * @param int $tag Type tag of the inner element + * @param null|int $expectedTag Optional outer tag expectation + * @param int $expectedClass Optional inner type class expectation + * + * @throws \UnexpectedValueException If expectation fails + */ + public function asImplicit(int $tag, ?int $expectedTag = null, + int $expectedClass = Identifier::CLASS_UNIVERSAL): UnspecifiedType + { + return $this->expectImplicit($expectedTag)->implicit($tag, + $expectedClass); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/TimeType.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/TimeType.php new file mode 100644 index 0000000..cef1a49 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/TimeType.php @@ -0,0 +1,16 @@ +_element = $el; + } + + /** + * Initialize from DER data. + * + * @param string $data DER encoded data + */ + public static function fromDER(string $data): self + { + return Element::fromDER($data)->asUnspecified(); + } + + /** + * Initialize from `ElementBase` interface. + */ + public static function fromElementBase(ElementBase $el): self + { + // if element is already wrapped + if ($el instanceof self) { + return $el; + } + return new self($el->asElement()); + } + + /** + * Get the wrapped element as a context specific tagged type. + * + * @throws \UnexpectedValueException If the element is not tagged + */ + public function asTagged(): TaggedType + { + if (!$this->_element instanceof TaggedType) { + throw new \UnexpectedValueException( + 'Tagged element expected, got ' . $this->_typeDescriptorString()); + } + return $this->_element; + } + + /** + * Get the wrapped element as an application specific type. + * + * @throws \UnexpectedValueException If element is not application specific + * + * @return \Sop\ASN1\Type\Tagged\ApplicationType + */ + public function asApplication(): Tagged\ApplicationType + { + if (!$this->_element instanceof Tagged\ApplicationType) { + throw new \UnexpectedValueException( + 'Application type expected, got ' . $this->_typeDescriptorString()); + } + return $this->_element; + } + + /** + * Get the wrapped element as a private tagged type. + * + * @throws \UnexpectedValueException If element is not using private tagging + * + * @return \Sop\ASN1\Type\Tagged\PrivateType + */ + public function asPrivate(): Tagged\PrivateType + { + if (!$this->_element instanceof Tagged\PrivateType) { + throw new \UnexpectedValueException( + 'Private type expected, got ' . $this->_typeDescriptorString()); + } + return $this->_element; + } + + /** + * Get the wrapped element as a boolean type. + * + * @throws \UnexpectedValueException If the element is not a boolean + * + * @return \Sop\ASN1\Type\Primitive\Boolean + */ + public function asBoolean(): Primitive\Boolean + { + if (!$this->_element instanceof Primitive\Boolean) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_BOOLEAN)); + } + return $this->_element; + } + + /** + * Get the wrapped element as an integer type. + * + * @throws \UnexpectedValueException If the element is not an integer + * + * @return \Sop\ASN1\Type\Primitive\Integer + */ + public function asInteger(): Primitive\Integer + { + if (!$this->_element instanceof Primitive\Integer) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_INTEGER)); + } + return $this->_element; + } + + /** + * Get the wrapped element as a bit string type. + * + * @throws \UnexpectedValueException If the element is not a bit string + * + * @return \Sop\ASN1\Type\Primitive\BitString + */ + public function asBitString(): Primitive\BitString + { + if (!$this->_element instanceof Primitive\BitString) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_BIT_STRING)); + } + return $this->_element; + } + + /** + * Get the wrapped element as an octet string type. + * + * @throws \UnexpectedValueException If the element is not an octet string + * + * @return \Sop\ASN1\Type\Primitive\OctetString + */ + public function asOctetString(): Primitive\OctetString + { + if (!$this->_element instanceof Primitive\OctetString) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_OCTET_STRING)); + } + return $this->_element; + } + + /** + * Get the wrapped element as a null type. + * + * @throws \UnexpectedValueException If the element is not a null + * + * @return \Sop\ASN1\Type\Primitive\NullType + */ + public function asNull(): Primitive\NullType + { + if (!$this->_element instanceof Primitive\NullType) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_NULL)); + } + return $this->_element; + } + + /** + * Get the wrapped element as an object identifier type. + * + * @throws \UnexpectedValueException If the element is not an object identifier + * + * @return \Sop\ASN1\Type\Primitive\ObjectIdentifier + */ + public function asObjectIdentifier(): Primitive\ObjectIdentifier + { + if (!$this->_element instanceof Primitive\ObjectIdentifier) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_OBJECT_IDENTIFIER)); + } + return $this->_element; + } + + /** + * Get the wrapped element as an object descriptor type. + * + * @throws \UnexpectedValueException If the element is not an object descriptor + * + * @return \Sop\ASN1\Type\Primitive\ObjectDescriptor + */ + public function asObjectDescriptor(): Primitive\ObjectDescriptor + { + if (!$this->_element instanceof Primitive\ObjectDescriptor) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_OBJECT_DESCRIPTOR)); + } + return $this->_element; + } + + /** + * Get the wrapped element as a real type. + * + * @throws \UnexpectedValueException If the element is not a real + * + * @return \Sop\ASN1\Type\Primitive\Real + */ + public function asReal(): Primitive\Real + { + if (!$this->_element instanceof Primitive\Real) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_REAL)); + } + return $this->_element; + } + + /** + * Get the wrapped element as an enumerated type. + * + * @throws \UnexpectedValueException If the element is not an enumerated + * + * @return \Sop\ASN1\Type\Primitive\Enumerated + */ + public function asEnumerated(): Primitive\Enumerated + { + if (!$this->_element instanceof Primitive\Enumerated) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_ENUMERATED)); + } + return $this->_element; + } + + /** + * Get the wrapped element as a UTF8 string type. + * + * @throws \UnexpectedValueException If the element is not a UTF8 string + * + * @return \Sop\ASN1\Type\Primitive\UTF8String + */ + public function asUTF8String(): Primitive\UTF8String + { + if (!$this->_element instanceof Primitive\UTF8String) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_UTF8_STRING)); + } + return $this->_element; + } + + /** + * Get the wrapped element as a relative OID type. + * + * @throws \UnexpectedValueException If the element is not a relative OID + * + * @return \Sop\ASN1\Type\Primitive\RelativeOID + */ + public function asRelativeOID(): Primitive\RelativeOID + { + if (!$this->_element instanceof Primitive\RelativeOID) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_RELATIVE_OID)); + } + return $this->_element; + } + + /** + * Get the wrapped element as a sequence type. + * + * @throws \UnexpectedValueException If the element is not a sequence + * + * @return \Sop\ASN1\Type\Constructed\Sequence + */ + public function asSequence(): Constructed\Sequence + { + if (!$this->_element instanceof Constructed\Sequence) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_SEQUENCE)); + } + return $this->_element; + } + + /** + * Get the wrapped element as a set type. + * + * @throws \UnexpectedValueException If the element is not a set + * + * @return \Sop\ASN1\Type\Constructed\Set + */ + public function asSet(): Constructed\Set + { + if (!$this->_element instanceof Constructed\Set) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_SET)); + } + return $this->_element; + } + + /** + * Get the wrapped element as a numeric string type. + * + * @throws \UnexpectedValueException If the element is not a numeric string + * + * @return \Sop\ASN1\Type\Primitive\NumericString + */ + public function asNumericString(): Primitive\NumericString + { + if (!$this->_element instanceof Primitive\NumericString) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_NUMERIC_STRING)); + } + return $this->_element; + } + + /** + * Get the wrapped element as a printable string type. + * + * @throws \UnexpectedValueException If the element is not a printable string + * + * @return \Sop\ASN1\Type\Primitive\PrintableString + */ + public function asPrintableString(): Primitive\PrintableString + { + if (!$this->_element instanceof Primitive\PrintableString) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_PRINTABLE_STRING)); + } + return $this->_element; + } + + /** + * Get the wrapped element as a T61 string type. + * + * @throws \UnexpectedValueException If the element is not a T61 string + * + * @return \Sop\ASN1\Type\Primitive\T61String + */ + public function asT61String(): Primitive\T61String + { + if (!$this->_element instanceof Primitive\T61String) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_T61_STRING)); + } + return $this->_element; + } + + /** + * Get the wrapped element as a videotex string type. + * + * @throws \UnexpectedValueException If the element is not a videotex string + * + * @return \Sop\ASN1\Type\Primitive\VideotexString + */ + public function asVideotexString(): Primitive\VideotexString + { + if (!$this->_element instanceof Primitive\VideotexString) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_VIDEOTEX_STRING)); + } + return $this->_element; + } + + /** + * Get the wrapped element as a IA5 string type. + * + * @throws \UnexpectedValueException If the element is not a IA5 string + * + * @return \Sop\ASN1\Type\Primitive\IA5String + */ + public function asIA5String(): Primitive\IA5String + { + if (!$this->_element instanceof Primitive\IA5String) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_IA5_STRING)); + } + return $this->_element; + } + + /** + * Get the wrapped element as an UTC time type. + * + * @throws \UnexpectedValueException If the element is not a UTC time + * + * @return \Sop\ASN1\Type\Primitive\UTCTime + */ + public function asUTCTime(): Primitive\UTCTime + { + if (!$this->_element instanceof Primitive\UTCTime) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_UTC_TIME)); + } + return $this->_element; + } + + /** + * Get the wrapped element as a generalized time type. + * + * @throws \UnexpectedValueException If the element is not a generalized time + * + * @return \Sop\ASN1\Type\Primitive\GeneralizedTime + */ + public function asGeneralizedTime(): Primitive\GeneralizedTime + { + if (!$this->_element instanceof Primitive\GeneralizedTime) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_GENERALIZED_TIME)); + } + return $this->_element; + } + + /** + * Get the wrapped element as a graphic string type. + * + * @throws \UnexpectedValueException If the element is not a graphic string + * + * @return \Sop\ASN1\Type\Primitive\GraphicString + */ + public function asGraphicString(): Primitive\GraphicString + { + if (!$this->_element instanceof Primitive\GraphicString) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_GRAPHIC_STRING)); + } + return $this->_element; + } + + /** + * Get the wrapped element as a visible string type. + * + * @throws \UnexpectedValueException If the element is not a visible string + * + * @return \Sop\ASN1\Type\Primitive\VisibleString + */ + public function asVisibleString(): Primitive\VisibleString + { + if (!$this->_element instanceof Primitive\VisibleString) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_VISIBLE_STRING)); + } + return $this->_element; + } + + /** + * Get the wrapped element as a general string type. + * + * @throws \UnexpectedValueException If the element is not general string + * + * @return \Sop\ASN1\Type\Primitive\GeneralString + */ + public function asGeneralString(): Primitive\GeneralString + { + if (!$this->_element instanceof Primitive\GeneralString) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_GENERAL_STRING)); + } + return $this->_element; + } + + /** + * Get the wrapped element as a universal string type. + * + * @throws \UnexpectedValueException If the element is not a universal string + * + * @return \Sop\ASN1\Type\Primitive\UniversalString + */ + public function asUniversalString(): Primitive\UniversalString + { + if (!$this->_element instanceof Primitive\UniversalString) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_UNIVERSAL_STRING)); + } + return $this->_element; + } + + /** + * Get the wrapped element as a character string type. + * + * @throws \UnexpectedValueException If the element is not a character string + * + * @return \Sop\ASN1\Type\Primitive\CharacterString + */ + public function asCharacterString(): Primitive\CharacterString + { + if (!$this->_element instanceof Primitive\CharacterString) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_CHARACTER_STRING)); + } + return $this->_element; + } + + /** + * Get the wrapped element as a BMP string type. + * + * @throws \UnexpectedValueException If the element is not a bmp string + * + * @return \Sop\ASN1\Type\Primitive\BMPString + */ + public function asBMPString(): Primitive\BMPString + { + if (!$this->_element instanceof Primitive\BMPString) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_BMP_STRING)); + } + return $this->_element; + } + + /** + * Get the wrapped element as a constructed string type. + * + * @throws \UnexpectedValueException If the element is not a constructed string + * + * @return \Sop\ASN1\Type\Constructed\ConstructedString + */ + public function asConstructedString(): Constructed\ConstructedString + { + if (!$this->_element instanceof Constructed\ConstructedString) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_CONSTRUCTED_STRING)); + } + return $this->_element; + } + + /** + * Get the wrapped element as any string type. + * + * @throws \UnexpectedValueException If the element is not a string type + */ + public function asString(): StringType + { + if (!$this->_element instanceof StringType) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_STRING)); + } + return $this->_element; + } + + /** + * Get the wrapped element as any time type. + * + * @throws \UnexpectedValueException If the element is not a time type + */ + public function asTime(): TimeType + { + if (!$this->_element instanceof TimeType) { + throw new \UnexpectedValueException( + $this->_generateExceptionMessage(Element::TYPE_TIME)); + } + return $this->_element; + } + + /** + * {@inheritdoc} + */ + public function asElement(): Element + { + return $this->_element; + } + + /** + * {@inheritdoc} + */ + public function asUnspecified(): UnspecifiedType + { + return $this; + } + + /** + * {@inheritdoc} + */ + public function toDER(): string + { + return $this->_element->toDER(); + } + + /** + * {@inheritdoc} + */ + public function typeClass(): int + { + return $this->_element->typeClass(); + } + + /** + * {@inheritdoc} + */ + public function tag(): int + { + return $this->_element->tag(); + } + + /** + * {@inheritdoc} + */ + public function isConstructed(): bool + { + return $this->_element->isConstructed(); + } + + /** + * {@inheritdoc} + */ + public function isType(int $tag): bool + { + return $this->_element->isType($tag); + } + + /** + * {@inheritdoc} + */ + public function isTagged(): bool + { + return $this->_element->isTagged(); + } + + /** + * {@inheritdoc} + * + * Consider using any of the `as*` accessor methods instead. + */ + public function expectType(int $tag): ElementBase + { + return $this->_element->expectType($tag); + } + + /** + * {@inheritdoc} + * + * Consider using `asTagged()` method instead and chaining + * with `TaggedType::asExplicit()` or `TaggedType::asImplicit()`. + */ + public function expectTagged(?int $tag = null): TaggedType + { + return $this->_element->expectTagged($tag); + } + + /** + * Generate message for exceptions thrown by `as*` methods. + * + * @param int $tag Type tag of the expected element + */ + private function _generateExceptionMessage(int $tag): string + { + return sprintf('%s expected, got %s.', Element::tagToName($tag), + $this->_typeDescriptorString()); + } + + /** + * Get textual description of the wrapped element for debugging purposes. + */ + private function _typeDescriptorString(): string + { + $type_cls = $this->_element->typeClass(); + $tag = $this->_element->tag(); + $str = $this->_element->isConstructed() ? 'constructed ' : 'primitive '; + if (Identifier::CLASS_UNIVERSAL === $type_cls) { + $str .= Element::tagToName($tag); + } else { + $str .= Identifier::classToName($type_cls) . " TAG {$tag}"; + } + return $str; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Util/BigInt.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Util/BigInt.php new file mode 100644 index 0000000..28e5ccd --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Util/BigInt.php @@ -0,0 +1,218 @@ +_gmp = $num; + } + + public function __toString(): string + { + return $this->base10(); + } + + /** + * Initialize from an arbitrary length of octets as an unsigned integer. + */ + public static function fromUnsignedOctets(string $octets): self + { + if (!strlen($octets)) { + throw new \InvalidArgumentException('Empty octets.'); + } + return new self(gmp_import($octets, 1, GMP_MSW_FIRST | GMP_BIG_ENDIAN)); + } + + /** + * Initialize from an arbitrary length of octets as an signed integer + * having two's complement encoding. + */ + public static function fromSignedOctets(string $octets): self + { + if (!strlen($octets)) { + throw new \InvalidArgumentException('Empty octets.'); + } + $neg = ord($octets[0]) & 0x80; + // negative, apply inversion of two's complement + if ($neg) { + $octets = ~$octets; + } + $num = gmp_import($octets, 1, GMP_MSW_FIRST | GMP_BIG_ENDIAN); + // negative, apply addition of two's complement and produce negative result + if ($neg) { + $num = gmp_neg($num + 1); + } + return new self($num); + } + + /** + * Get the number as a base 10 integer string. + */ + public function base10(): string + { + if (!isset($this->_num)) { + $this->_num = gmp_strval($this->_gmp, 10); + } + return $this->_num; + } + + /** + * Get the number as an integer. + * + * @throws \RuntimeException If number overflows integer size + */ + public function intVal(): int + { + if (!isset($this->_intNum)) { + if (gmp_cmp($this->_gmp, $this->_intMaxGmp()) > 0) { + throw new \RuntimeException('Integer overflow.'); + } + if (gmp_cmp($this->_gmp, $this->_intMinGmp()) < 0) { + throw new \RuntimeException('Integer underflow.'); + } + $this->_intNum = gmp_intval($this->_gmp); + } + return $this->_intNum; + } + + /** + * Get the number as a `GMP` object. + * + * @throws \RuntimeException if number is not a valid integer + */ + public function gmpObj(): \GMP + { + return clone $this->_gmp; + } + + /** + * Get the number as an unsigned integer encoded in binary. + */ + public function unsignedOctets(): string + { + return gmp_export($this->_gmp, 1, GMP_MSW_FIRST | GMP_BIG_ENDIAN); + } + + /** + * Get the number as a signed integer encoded in two's complement binary. + */ + public function signedOctets(): string + { + switch (gmp_sign($this->_gmp)) { + case 1: + return $this->_signedPositiveOctets(); + case -1: + return $this->_signedNegativeOctets(); + } + // zero + return chr(0); + } + + /** + * Encode positive integer in two's complement binary. + */ + private function _signedPositiveOctets(): string + { + $bin = gmp_export($this->_gmp, 1, GMP_MSW_FIRST | GMP_BIG_ENDIAN); + // if first bit is 1, prepend full zero byte to represent positive two's complement + if (ord($bin[0]) & 0x80) { + $bin = chr(0x00) . $bin; + } + return $bin; + } + + /** + * Encode negative integer in two's complement binary. + */ + private function _signedNegativeOctets(): string + { + $num = gmp_abs($this->_gmp); + // compute number of bytes required + $width = 1; + if ($num > 128) { + $tmp = $num; + do { + ++$width; + $tmp >>= 8; + } while ($tmp > 128); + } + // compute two's complement 2^n - x + $num = gmp_pow('2', 8 * $width) - $num; + $bin = gmp_export($num, 1, GMP_MSW_FIRST | GMP_BIG_ENDIAN); + // if first bit is 0, prepend full inverted byte to represent negative two's complement + if (!(ord($bin[0]) & 0x80)) { + $bin = chr(0xff) . $bin; + } + return $bin; + } + + /** + * Get the maximum integer value. + */ + private function _intMaxGmp(): \GMP + { + static $gmp; + if (!isset($gmp)) { + $gmp = gmp_init(PHP_INT_MAX, 10); + } + return $gmp; + } + + /** + * Get the minimum integer value. + */ + private function _intMinGmp(): \GMP + { + static $gmp; + if (!isset($gmp)) { + $gmp = gmp_init(PHP_INT_MIN, 10); + } + return $gmp; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Util/Flags.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Util/Flags.php new file mode 100644 index 0000000..60c2b0f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Util/Flags.php @@ -0,0 +1,144 @@ +_flags = ''; + } else { + // calculate number of unused bits in last octet + $last_octet_bits = $width % 8; + $unused_bits = $last_octet_bits ? 8 - $last_octet_bits : 0; + $num = gmp_init($flags); + // mask bits outside bitfield width + $mask = gmp_sub(gmp_init(1) << $width, 1); + $num &= $mask; + // shift towards MSB if needed + $data = gmp_export($num << $unused_bits, 1, + GMP_MSW_FIRST | GMP_BIG_ENDIAN); + $octets = unpack('C*', $data); + assert(is_array($octets), new \RuntimeException('unpack() failed')); + $bits = count($octets) * 8; + // pad with zeroes + while ($bits < $width) { + array_unshift($octets, 0); + $bits += 8; + } + $this->_flags = pack('C*', ...$octets); + } + $this->_width = $width; + } + + /** + * Initialize from `BitString`. + */ + public static function fromBitString(BitString $bs, int $width): self + { + $num_bits = $bs->numBits(); + $num = gmp_import($bs->string(), 1, GMP_MSW_FIRST | GMP_BIG_ENDIAN); + $num >>= $bs->unusedBits(); + if ($num_bits < $width) { + $num <<= ($width - $num_bits); + } + return new self(gmp_strval($num, 10), $width); + } + + /** + * Check whether a bit at given index is set. + * + * Index 0 is the leftmost bit. + * + * @throws \OutOfBoundsException + */ + public function test(int $idx): bool + { + if ($idx >= $this->_width) { + throw new \OutOfBoundsException('Index is out of bounds.'); + } + // octet index + $oi = (int) floor($idx / 8); + $byte = $this->_flags[$oi]; + // bit index + $bi = $idx % 8; + // index 0 is the most significant bit in byte + $mask = 0x01 << (7 - $bi); + return (ord($byte) & $mask) > 0; + } + + /** + * Get flags as an octet string. + * + * Zeroes are appended to the last octet if width is not divisible by 8. + */ + public function string(): string + { + return $this->_flags; + } + + /** + * Get flags as a base 10 integer. + * + * @return string Integer as a string + */ + public function number(): string + { + $num = gmp_import($this->_flags, 1, GMP_MSW_FIRST | GMP_BIG_ENDIAN); + $last_octet_bits = $this->_width % 8; + $unused_bits = $last_octet_bits ? 8 - $last_octet_bits : 0; + $num >>= $unused_bits; + return gmp_strval($num, 10); + } + + /** + * Get flags as an integer. + */ + public function intNumber(): int + { + $num = new BigInt($this->number()); + return $num->intVal(); + } + + /** + * Get flags as a `BitString` object. + * + * Unused bits are set accordingly. Trailing zeroes are not stripped. + */ + public function bitString(): BitString + { + $last_octet_bits = $this->_width % 8; + $unused_bits = $last_octet_bits ? 8 - $last_octet_bits : 0; + return new BitString($this->_flags, $unused_bits); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/LICENSE b/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/LICENSE new file mode 100644 index 0000000..146b5cf --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2016-2019 Joni Eskelinen + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. \ No newline at end of file diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/README.md b/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/README.md new file mode 100644 index 0000000..38770b1 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/README.md @@ -0,0 +1,24 @@ +# CryptoEncoding + +[![Build Status](https://travis-ci.org/sop/crypto-encoding.svg?branch=master)](https://travis-ci.org/sop/crypto-encoding) +[![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/sop/crypto-encoding/badges/quality-score.png?b=master)](https://scrutinizer-ci.com/g/sop/crypto-encoding/?branch=master) +[![Coverage Status](https://coveralls.io/repos/github/sop/crypto-encoding/badge.svg?branch=master)](https://coveralls.io/github/sop/crypto-encoding?branch=master) +[![License](https://poser.pugx.org/sop/crypto-encoding/license)](https://github.com/sop/crypto-encoding/blob/master/LICENSE) + +A PHP implementation of [RFC 7468](https://tools.ietf.org/html/rfc7468) +textual encodings of cryptographic structures _(PEM)_. + +## Requirements + +- PHP >=7.2 + +## Installation + +This library is available on +[Packagist](https://packagist.org/packages/sop/crypto-encoding). + + composer require sop/crypto-encoding + +## License + +This project is licensed under the MIT License. diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/composer.json b/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/composer.json new file mode 100644 index 0000000..d1764e1 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/composer.json @@ -0,0 +1,31 @@ +{ + "name": "sop/crypto-encoding", + "description": "A PHP implementation of textual encodings of cryptographic structures.", + "homepage": "https://github.com/sop/crypto-encoding", + "license": "MIT", + "type": "library", + "keywords": [ + "pem", + "public key", + "private key", + "certificate" + ], + "authors": [ + { + "name": "Joni Eskelinen", + "email": "jonieske@gmail.com", + "role": "Developer" + } + ], + "require": { + "php": ">=7.2" + }, + "require-dev": { + "phpunit/phpunit": "^8.1" + }, + "autoload": { + "psr-4": { + "Sop\\CryptoEncoding\\": "lib/CryptoEncoding/" + } + } +} \ No newline at end of file diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/lib/CryptoEncoding/PEM.php b/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/lib/CryptoEncoding/PEM.php new file mode 100644 index 0000000..d55b858 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/lib/CryptoEncoding/PEM.php @@ -0,0 +1,145 @@ +_type = $type; + $this->_data = $data; + } + + /** + * @return string + */ + public function __toString(): string + { + return $this->string(); + } + + /** + * Initialize from a PEM-formatted string. + * + * @param string $str + * + * @throws \UnexpectedValueException If string is not valid PEM + * + * @return self + */ + public static function fromString(string $str): self + { + if (!preg_match(self::PEM_REGEX, $str, $match)) { + throw new \UnexpectedValueException('Not a PEM formatted string.'); + } + $payload = preg_replace('/\s+/', '', $match[2]); + $data = base64_decode($payload, true); + if (false === $data) { + throw new \UnexpectedValueException('Failed to decode PEM data.'); + } + return new self($match[1], $data); + } + + /** + * Initialize from a file. + * + * @param string $filename Path to file + * + * @throws \RuntimeException If file reading fails + * + * @return self + */ + public static function fromFile(string $filename): self + { + if (!is_readable($filename) || + false === ($str = file_get_contents($filename))) { + throw new \RuntimeException("Failed to read {$filename}."); + } + return self::fromString($str); + } + + /** + * Get content type. + * + * @return string + */ + public function type(): string + { + return $this->_type; + } + + /** + * Get payload. + * + * @return string + */ + public function data(): string + { + return $this->_data; + } + + /** + * Encode to PEM string. + * + * @return string + */ + public function string(): string + { + return "-----BEGIN {$this->_type}-----\n" . + trim(chunk_split(base64_encode($this->_data), 64, "\n")) . "\n" . + "-----END {$this->_type}-----"; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/lib/CryptoEncoding/PEMBundle.php b/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/lib/CryptoEncoding/PEMBundle.php new file mode 100644 index 0000000..54c528d --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/lib/CryptoEncoding/PEMBundle.php @@ -0,0 +1,173 @@ +_pems = $pems; + } + + /** + * @return string + */ + public function __toString(): string + { + return $this->string(); + } + + /** + * Initialize from a string. + * + * @param string $str + * + * @throws \UnexpectedValueException + * + * @return self + */ + public static function fromString(string $str): self + { + if (!preg_match_all(PEM::PEM_REGEX, $str, $matches, PREG_SET_ORDER)) { + throw new \UnexpectedValueException('No PEM blocks.'); + } + $pems = array_map( + function ($match) { + $payload = preg_replace('/\s+/', '', $match[2]); + $data = base64_decode($payload, true); + if (false === $data) { + throw new \UnexpectedValueException( + 'Failed to decode PEM data.'); + } + return new PEM($match[1], $data); + }, $matches); + return new self(...$pems); + } + + /** + * Initialize from a file. + * + * @param string $filename + * + * @throws \RuntimeException If file reading fails + * + * @return self + */ + public static function fromFile(string $filename): self + { + if (!is_readable($filename) || + false === ($str = file_get_contents($filename))) { + throw new \RuntimeException("Failed to read {$filename}."); + } + return self::fromString($str); + } + + /** + * Get self with PEM objects appended. + * + * @param PEM ...$pems + * + * @return self + */ + public function withPEMs(PEM ...$pems): self + { + $obj = clone $this; + $obj->_pems = array_merge($obj->_pems, $pems); + return $obj; + } + + /** + * Get all PEMs in a bundle. + * + * @return PEM[] + */ + public function all(): array + { + return $this->_pems; + } + + /** + * Get the first PEM in a bundle. + * + * @throws \LogicException If bundle contains no PEM objects + * + * @return PEM + */ + public function first(): PEM + { + if (!count($this->_pems)) { + throw new \LogicException('No PEMs.'); + } + return $this->_pems[0]; + } + + /** + * Get the last PEM in a bundle. + * + * @throws \LogicException If bundle contains no PEM objects + * + * @return PEM + */ + public function last(): PEM + { + if (!count($this->_pems)) { + throw new \LogicException('No PEMs.'); + } + return $this->_pems[count($this->_pems) - 1]; + } + + /** + * @see \Countable::count() + * + * @return int + */ + public function count(): int + { + return count($this->_pems); + } + + /** + * Get iterator for PEMs. + * + * @see \IteratorAggregate::getIterator() + * + * @return \ArrayIterator + */ + public function getIterator(): \ArrayIterator + { + return new \ArrayIterator($this->_pems); + } + + /** + * Encode bundle to a string of contiguous PEM blocks. + * + * @return string + */ + public function string(): string + { + return implode("\n", + array_map( + function (PEM $pem) { + return $pem->string(); + }, $this->_pems)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/LICENSE b/utilities/signing_and_verification/php/vendor/sop/crypto-types/LICENSE new file mode 100644 index 0000000..0453e40 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2016-2021 Joni Eskelinen + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. \ No newline at end of file diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/README.md b/utilities/signing_and_verification/php/vendor/sop/crypto-types/README.md new file mode 100644 index 0000000..bbdccd4 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/README.md @@ -0,0 +1,42 @@ +# CryptoTypes + +[![Build Status](https://travis-ci.com/sop/crypto-types.svg?branch=master)](https://travis-ci.com/sop/crypto-types) +[![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/sop/crypto-types/badges/quality-score.png?b=master)](https://scrutinizer-ci.com/g/sop/crypto-types/?branch=master) +[![Coverage Status](https://coveralls.io/repos/github/sop/crypto-types/badge.svg?branch=master)](https://coveralls.io/github/sop/crypto-types?branch=master) +[![License](https://poser.pugx.org/sop/crypto-types/license)](https://github.com/sop/crypto-types/blob/master/LICENSE) + +A PHP library of various ASN.1 types for cryptographic applications. + +## Requirements + +- PHP >=7.2 +- gmp +- [sop/asn1](https://github.com/sop/asn1) +- [sop/crypto-encoding](https://github.com/sop/crypto-encoding) +- [sop/x501](https://github.com/sop/x501) + +## Features + +- Asymmetric keys + - [`RSAPrivateKey`](https://tools.ietf.org/html/rfc2437#section-11.1.2), + [`RSAPublicKey`](https://tools.ietf.org/html/rfc2437#section-11.1.1) + - [`ECPrivateKey`](https://tools.ietf.org/html/rfc5915#section-3), + [`ECPublicKey`](https://tools.ietf.org/html/rfc5480#section-2.2) + - [`PrivateKeyInfo`](https://tools.ietf.org/html/rfc5208#section-5) + ([PKCS #8](https://tools.ietf.org/html/rfc5208)) + - [`SubjectPublicKeyInfo`](https://tools.ietf.org/html/rfc5280#section-4.1) + ([X.509](https://tools.ietf.org/html/rfc5280)) +- [RSA](https://tools.ietf.org/html/rfc2313#section-10) and + [EC](https://tools.ietf.org/html/rfc3278#section-8.2) signature types +- Various `AlgorithmIdentifier` types and their OID's + +## Installation + +This library is available on +[Packagist](https://packagist.org/packages/sop/crypto-types). + + composer require sop/crypto-types + +## License + +This project is licensed under the MIT License. diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/composer.json b/utilities/signing_and_verification/php/vendor/sop/crypto-types/composer.json new file mode 100644 index 0000000..d8ba537 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/composer.json @@ -0,0 +1,39 @@ +{ + "name": "sop/crypto-types", + "description": "A PHP library of various ASN.1 types for cryptographic applications.", + "homepage": "https://github.com/sop/crypto-types", + "license": "MIT", + "type": "library", + "keywords": [ + "cryptography", + "asn1", + "algorithm identifier", + "rsa", + "ec", + "public key", + "private key", + "signature" + ], + "authors": [ + { + "name": "Joni Eskelinen", + "email": "jonieske@gmail.com", + "role": "Developer" + } + ], + "require": { + "php": ">=7.2", + "ext-gmp": "*", + "sop/asn1": "^4.0.0", + "sop/crypto-encoding": "^0.3.0", + "sop/x501": "0.6.1" + }, + "require-dev": { + "phpunit/phpunit": "^8.1" + }, + "autoload": { + "psr-4": { + "Sop\\CryptoTypes\\": "lib/CryptoTypes/" + } + } +} \ No newline at end of file diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/AlgorithmIdentifier.php new file mode 100644 index 0000000..239940f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/AlgorithmIdentifier.php @@ -0,0 +1,116 @@ +parse($seq); + } + + /** + * {@inheritdoc} + */ + public function oid(): string + { + return $this->_oid; + } + + /** + * {@inheritdoc} + */ + public function toASN1(): Sequence + { + $elements = [new ObjectIdentifier($this->_oid)]; + $params = $this->_paramsASN1(); + if (isset($params)) { + $elements[] = $params; + } + return new Sequence(...$elements); + } + + /** + * Get algorithm identifier parameters as ASN.1. + * + * If type allows parameters to be omitted, return null. + */ + abstract protected function _paramsASN1(): ?Element; +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/AlgorithmIdentifierFactory.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/AlgorithmIdentifierFactory.php new file mode 100644 index 0000000..3dc182c --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/AlgorithmIdentifierFactory.php @@ -0,0 +1,119 @@ + Asymmetric\RSAEncryptionAlgorithmIdentifier::class, + AlgorithmIdentifier::OID_EC_PUBLIC_KEY => Asymmetric\ECPublicKeyAlgorithmIdentifier::class, + AlgorithmIdentifier::OID_X25519 => Asymmetric\X25519AlgorithmIdentifier::class, + AlgorithmIdentifier::OID_X448 => Asymmetric\X448AlgorithmIdentifier::class, + AlgorithmIdentifier::OID_ED25519 => Asymmetric\Ed25519AlgorithmIdentifier::class, + AlgorithmIdentifier::OID_ED448 => Asymmetric\Ed448AlgorithmIdentifier::class, + AlgorithmIdentifier::OID_DES_CBC => Cipher\DESCBCAlgorithmIdentifier::class, + AlgorithmIdentifier::OID_DES_EDE3_CBC => Cipher\DESEDE3CBCAlgorithmIdentifier::class, + AlgorithmIdentifier::OID_RC2_CBC => Cipher\RC2CBCAlgorithmIdentifier::class, + AlgorithmIdentifier::OID_AES_128_CBC => Cipher\AES128CBCAlgorithmIdentifier::class, + AlgorithmIdentifier::OID_AES_192_CBC => Cipher\AES192CBCAlgorithmIdentifier::class, + AlgorithmIdentifier::OID_AES_256_CBC => Cipher\AES256CBCAlgorithmIdentifier::class, + AlgorithmIdentifier::OID_HMAC_WITH_SHA1 => Hash\HMACWithSHA1AlgorithmIdentifier::class, + AlgorithmIdentifier::OID_HMAC_WITH_SHA224 => Hash\HMACWithSHA224AlgorithmIdentifier::class, + AlgorithmIdentifier::OID_HMAC_WITH_SHA256 => Hash\HMACWithSHA256AlgorithmIdentifier::class, + AlgorithmIdentifier::OID_HMAC_WITH_SHA384 => Hash\HMACWithSHA384AlgorithmIdentifier::class, + AlgorithmIdentifier::OID_HMAC_WITH_SHA512 => Hash\HMACWithSHA512AlgorithmIdentifier::class, + AlgorithmIdentifier::OID_MD5 => Hash\MD5AlgorithmIdentifier::class, + AlgorithmIdentifier::OID_SHA1 => Hash\SHA1AlgorithmIdentifier::class, + AlgorithmIdentifier::OID_SHA224 => Hash\SHA224AlgorithmIdentifier::class, + AlgorithmIdentifier::OID_SHA256 => Hash\SHA256AlgorithmIdentifier::class, + AlgorithmIdentifier::OID_SHA384 => Hash\SHA384AlgorithmIdentifier::class, + AlgorithmIdentifier::OID_SHA512 => Hash\SHA512AlgorithmIdentifier::class, + AlgorithmIdentifier::OID_MD2_WITH_RSA_ENCRYPTION => Signature\MD2WithRSAEncryptionAlgorithmIdentifier::class, + AlgorithmIdentifier::OID_MD4_WITH_RSA_ENCRYPTION => Signature\MD4WithRSAEncryptionAlgorithmIdentifier::class, + AlgorithmIdentifier::OID_MD5_WITH_RSA_ENCRYPTION => Signature\MD5WithRSAEncryptionAlgorithmIdentifier::class, + AlgorithmIdentifier::OID_SHA1_WITH_RSA_ENCRYPTION => Signature\SHA1WithRSAEncryptionAlgorithmIdentifier::class, + AlgorithmIdentifier::OID_SHA224_WITH_RSA_ENCRYPTION => Signature\SHA224WithRSAEncryptionAlgorithmIdentifier::class, + AlgorithmIdentifier::OID_SHA256_WITH_RSA_ENCRYPTION => Signature\SHA256WithRSAEncryptionAlgorithmIdentifier::class, + AlgorithmIdentifier::OID_SHA384_WITH_RSA_ENCRYPTION => Signature\SHA384WithRSAEncryptionAlgorithmIdentifier::class, + AlgorithmIdentifier::OID_SHA512_WITH_RSA_ENCRYPTION => Signature\SHA512WithRSAEncryptionAlgorithmIdentifier::class, + AlgorithmIdentifier::OID_ECDSA_WITH_SHA1 => Signature\ECDSAWithSHA1AlgorithmIdentifier::class, + AlgorithmIdentifier::OID_ECDSA_WITH_SHA224 => Signature\ECDSAWithSHA224AlgorithmIdentifier::class, + AlgorithmIdentifier::OID_ECDSA_WITH_SHA256 => Signature\ECDSAWithSHA256AlgorithmIdentifier::class, + AlgorithmIdentifier::OID_ECDSA_WITH_SHA384 => Signature\ECDSAWithSHA384AlgorithmIdentifier::class, + AlgorithmIdentifier::OID_ECDSA_WITH_SHA512 => Signature\ECDSAWithSHA512AlgorithmIdentifier::class, + ]; + + /** + * Additional algorithm identifier providers. + * + * @var AlgorithmIdentifierProvider[] + */ + private $_additionalProviders; + + /** + * Constructor. + * + * @param AlgorithmIdentifierProvider ...$providers Additional providers + */ + public function __construct(AlgorithmIdentifierProvider ...$providers) + { + $this->_additionalProviders = $providers; + } + + /** + * Get the name of a class that implements algorithm identifier for given + * OID. + * + * @param string $oid Object identifier in dotted format + * + * @return null|string Fully qualified class name or null if not supported + */ + public function getClass(string $oid): ?string + { + // if OID is provided by this factory + if (array_key_exists($oid, self::MAP_OID_TO_CLASS)) { + return self::MAP_OID_TO_CLASS[$oid]; + } + // try additional providers + foreach ($this->_additionalProviders as $provider) { + if ($provider->supportsOID($oid)) { + return $provider->getClassByOID($oid); + } + } + return null; + } + + /** + * Parse AlgorithmIdentifier from an ASN.1 sequence. + */ + public function parse(Sequence $seq): AlgorithmIdentifier + { + $oid = $seq->at(0)->asObjectIdentifier()->oid(); + $params = $seq->has(1) ? $seq->at(1) : null; + /** @var SpecificAlgorithmIdentifier $cls */ + $cls = $this->getClass($oid); + if ($cls) { + return $cls::fromASN1Params($params); + } + // fallback to generic algorithm identifier + return new GenericAlgorithmIdentifier($oid, $params); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/AlgorithmIdentifierProvider.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/AlgorithmIdentifierProvider.php new file mode 100644 index 0000000..5041677 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/AlgorithmIdentifierProvider.php @@ -0,0 +1,35 @@ + 192, + self::CURVE_PRIME192V2 => 192, + self::CURVE_PRIME192V3 => 192, + self::CURVE_PRIME239V1 => 239, + self::CURVE_PRIME239V2 => 239, + self::CURVE_PRIME239V3 => 239, + self::CURVE_PRIME256V1 => 256, + self::CURVE_SECP112R1 => 112, + self::CURVE_SECP112R2 => 112, + self::CURVE_SECP128R1 => 128, + self::CURVE_SECP128R2 => 128, + self::CURVE_SECP160K1 => 160, + self::CURVE_SECP160R1 => 160, + self::CURVE_SECP160R2 => 160, + self::CURVE_SECP192K1 => 192, + self::CURVE_SECP224K1 => 224, + self::CURVE_SECP224R1 => 224, + self::CURVE_SECP256K1 => 256, + self::CURVE_SECP384R1 => 384, + self::CURVE_SECP521R1 => 521, + ]; + + /** + * OID of the named curve. + * + * @var string + */ + protected $_namedCurve; + + /** + * Constructor. + * + * @param string $named_curve Curve identifier + */ + public function __construct(string $named_curve) + { + $this->_oid = self::OID_EC_PUBLIC_KEY; + $this->_namedCurve = $named_curve; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'ecPublicKey'; + } + + /** + * {@inheritdoc} + * + * @return self + */ + public static function fromASN1Params( + ?UnspecifiedType $params = null): SpecificAlgorithmIdentifier + { + if (!isset($params)) { + throw new \UnexpectedValueException('No parameters.'); + } + $named_curve = $params->asObjectIdentifier()->oid(); + return new self($named_curve); + } + + /** + * Get OID of the named curve. + */ + public function namedCurve(): string + { + return $this->_namedCurve; + } + + /** + * {@inheritdoc} + * + * @return ObjectIdentifier + */ + protected function _paramsASN1(): ?Element + { + return new ObjectIdentifier($this->_namedCurve); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/Ed25519AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/Ed25519AlgorithmIdentifier.php new file mode 100644 index 0000000..b0fbe31 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/Ed25519AlgorithmIdentifier.php @@ -0,0 +1,44 @@ +_oid = self::OID_ED25519; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'id-Ed25519'; + } + + /** + * {@inheritdoc} + */ + public function supportsKeyAlgorithm(AlgorithmIdentifier $algo): bool + { + return self::OID_ED25519 === $algo->oid(); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/Ed448AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/Ed448AlgorithmIdentifier.php new file mode 100644 index 0000000..3b6b270 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/Ed448AlgorithmIdentifier.php @@ -0,0 +1,44 @@ +_oid = self::OID_ED448; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'id-Ed448'; + } + + /** + * {@inheritdoc} + */ + public function supportsKeyAlgorithm(AlgorithmIdentifier $algo): bool + { + return self::OID_ED448 === $algo->oid(); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/RFC8410EdAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/RFC8410EdAlgorithmIdentifier.php new file mode 100644 index 0000000..e1a6188 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/RFC8410EdAlgorithmIdentifier.php @@ -0,0 +1,59 @@ +_oid = self::OID_RSA_ENCRYPTION; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'rsaEncryption'; + } + + /** + * {@inheritdoc} + * + * @return self + */ + public static function fromASN1Params( + ?UnspecifiedType $params = null): SpecificAlgorithmIdentifier + { + if (!isset($params)) { + throw new \UnexpectedValueException('No parameters.'); + } + $params->asNull(); + return new self(); + } + + /** + * {@inheritdoc} + * + * @return NullType + */ + protected function _paramsASN1(): ?Element + { + return new NullType(); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/X25519AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/X25519AlgorithmIdentifier.php new file mode 100644 index 0000000..f20005a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/X25519AlgorithmIdentifier.php @@ -0,0 +1,29 @@ +_oid = self::OID_X25519; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'id-X25519'; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/X448AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/X448AlgorithmIdentifier.php new file mode 100644 index 0000000..86635b5 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/X448AlgorithmIdentifier.php @@ -0,0 +1,29 @@ +_oid = self::OID_X448; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'id-X448'; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AES128CBCAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AES128CBCAlgorithmIdentifier.php new file mode 100644 index 0000000..6e043cf --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AES128CBCAlgorithmIdentifier.php @@ -0,0 +1,42 @@ +_oid = self::OID_AES_128_CBC; + parent::__construct($iv); + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'aes128-CBC'; + } + + /** + * {@inheritdoc} + */ + public function keySize(): int + { + return 16; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AES192CBCAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AES192CBCAlgorithmIdentifier.php new file mode 100644 index 0000000..e228f13 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AES192CBCAlgorithmIdentifier.php @@ -0,0 +1,42 @@ +_oid = self::OID_AES_192_CBC; + parent::__construct($iv); + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'aes192-CBC'; + } + + /** + * {@inheritdoc} + */ + public function keySize(): int + { + return 24; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AES256CBCAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AES256CBCAlgorithmIdentifier.php new file mode 100644 index 0000000..e076d09 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AES256CBCAlgorithmIdentifier.php @@ -0,0 +1,42 @@ +_oid = self::OID_AES_256_CBC; + parent::__construct($iv); + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'aes256-CBC'; + } + + /** + * {@inheritdoc} + */ + public function keySize(): int + { + return 32; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AESCBCAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AESCBCAlgorithmIdentifier.php new file mode 100644 index 0000000..44fcb66 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AESCBCAlgorithmIdentifier.php @@ -0,0 +1,82 @@ +_checkIVSize($iv); + $this->_initializationVector = $iv; + } + + /** + * {@inheritdoc} + * + * @return self + */ + public static function fromASN1Params( + ?UnspecifiedType $params = null): SpecificAlgorithmIdentifier + { + if (!isset($params)) { + throw new \UnexpectedValueException('No parameters.'); + } + $iv = $params->asOctetString()->string(); + return new static($iv); + } + + /** + * {@inheritdoc} + */ + public function blockSize(): int + { + return 16; + } + + /** + * {@inheritdoc} + */ + public function ivSize(): int + { + return 16; + } + + /** + * {@inheritdoc} + * + * @return OctetString + */ + protected function _paramsASN1(): ?Element + { + if (!isset($this->_initializationVector)) { + throw new \LogicException('IV not set.'); + } + return new OctetString($this->_initializationVector); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/BlockCipherAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/BlockCipherAlgorithmIdentifier.php new file mode 100644 index 0000000..49f0f30 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/BlockCipherAlgorithmIdentifier.php @@ -0,0 +1,16 @@ +_initializationVector; + } + + /** + * Get copy of the object with given initialization vector. + * + * @param null|string $iv Initialization vector or null to remove + * + * @throws \UnexpectedValueException If initialization vector size is invalid + */ + public function withInitializationVector(?string $iv): self + { + $this->_checkIVSize($iv); + $obj = clone $this; + $obj->_initializationVector = $iv; + return $obj; + } + + /** + * Check that initialization vector size is valid for the cipher. + * + * @throws \UnexpectedValueException + */ + protected function _checkIVSize(?string $iv): void + { + if (null !== $iv && strlen($iv) !== $this->ivSize()) { + throw new \UnexpectedValueException('Invalid IV size.'); + } + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/DESCBCAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/DESCBCAlgorithmIdentifier.php new file mode 100644 index 0000000..e3bd9c2 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/DESCBCAlgorithmIdentifier.php @@ -0,0 +1,98 @@ +_checkIVSize($iv); + $this->_oid = self::OID_DES_CBC; + $this->_initializationVector = $iv; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'desCBC'; + } + + /** + * {@inheritdoc} + * + * @return self + */ + public static function fromASN1Params( + ?UnspecifiedType $params = null): SpecificAlgorithmIdentifier + { + if (!isset($params)) { + throw new \UnexpectedValueException('No parameters.'); + } + $iv = $params->asOctetString()->string(); + return new self($iv); + } + + /** + * {@inheritdoc} + */ + public function blockSize(): int + { + return 8; + } + + /** + * {@inheritdoc} + */ + public function keySize(): int + { + return 8; + } + + /** + * {@inheritdoc} + */ + public function ivSize(): int + { + return 8; + } + + /** + * {@inheritdoc} + * + * @return OctetString + */ + protected function _paramsASN1(): ?Element + { + if (!isset($this->_initializationVector)) { + throw new \LogicException('IV not set.'); + } + return new OctetString($this->_initializationVector); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/DESEDE3CBCAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/DESEDE3CBCAlgorithmIdentifier.php new file mode 100644 index 0000000..79121d6 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/DESEDE3CBCAlgorithmIdentifier.php @@ -0,0 +1,99 @@ +_checkIVSize($iv); + $this->_oid = self::OID_DES_EDE3_CBC; + $this->_initializationVector = $iv; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'des-EDE3-CBC'; + } + + /** + * {@inheritdoc} + * + * @return self + */ + public static function fromASN1Params( + ?UnspecifiedType $params = null): SpecificAlgorithmIdentifier + { + if (!isset($params)) { + throw new \UnexpectedValueException('No parameters.'); + } + $iv = $params->asOctetString()->string(); + return new self($iv); + } + + /** + * {@inheritdoc} + */ + public function blockSize(): int + { + return 8; + } + + /** + * {@inheritdoc} + */ + public function keySize(): int + { + return 24; + } + + /** + * {@inheritdoc} + */ + public function ivSize(): int + { + return 8; + } + + /** + * {@inheritdoc} + * + * @return OctetString + */ + protected function _paramsASN1(): ?Element + { + if (!isset($this->_initializationVector)) { + throw new \LogicException('IV not set.'); + } + return new OctetString($this->_initializationVector); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/RC2CBCAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/RC2CBCAlgorithmIdentifier.php new file mode 100644 index 0000000..52154a7 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/RC2CBCAlgorithmIdentifier.php @@ -0,0 +1,215 @@ + version + */ + private const EKB_TABLE = [ + 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, + 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0, + 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, + 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a, + 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, + 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36, + 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, + 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c, + 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, + 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60, + 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, + 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa, + 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, + 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e, + 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, + 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf, + 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, + 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6, + 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, + 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3, + 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, + 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c, + 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, + 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2, + 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, + 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5, + 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, + 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5, + 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, + 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f, + 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, + 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab + ]; + + /** + * Effective key bits. + * + * @var int + */ + protected $_effectiveKeyBits; + + /** + * Constructor. + * + * @param int $key_bits Number of effective key bits + * @param null|string $iv Initialization vector + */ + public function __construct(int $key_bits = 64, ?string $iv = null) + { + $this->_checkIVSize($iv); + $this->_oid = self::OID_RC2_CBC; + $this->_effectiveKeyBits = $key_bits; + $this->_initializationVector = $iv; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'rc2-cbc'; + } + + /** + * {@inheritdoc} + * + * @return self + */ + public static function fromASN1Params( + ?UnspecifiedType $params = null): SpecificAlgorithmIdentifier + { + if (!isset($params)) { + throw new \UnexpectedValueException('No parameters.'); + } + $key_bits = 32; + // rfc2268 a choice containing only IV + if ($params->isType(Element::TYPE_OCTET_STRING)) { + $iv = $params->asOctetString()->string(); + } else { + $seq = $params->asSequence(); + $idx = 0; + // version is optional in rfc2898 + if ($seq->has($idx, Element::TYPE_INTEGER)) { + $version = $seq->at($idx++)->asInteger()->intNumber(); + $key_bits = self::_versionToEKB($version); + } + // IV is present in all variants + $iv = $seq->at($idx)->asOctetString()->string(); + } + return new self($key_bits, $iv); + } + + /** + * Get number of effective key bits. + */ + public function effectiveKeyBits(): int + { + return $this->_effectiveKeyBits; + } + + /** + * {@inheritdoc} + */ + public function blockSize(): int + { + return 8; + } + + /** + * {@inheritdoc} + */ + public function keySize(): int + { + return (int) round($this->_effectiveKeyBits / 8); + } + + /** + * {@inheritdoc} + */ + public function ivSize(): int + { + return 8; + } + + /** + * {@inheritdoc} + * + * @return Sequence + */ + protected function _paramsASN1(): ?Element + { + if ($this->_effectiveKeyBits >= 256) { + $version = $this->_effectiveKeyBits; + } else { + $version = self::EKB_TABLE[$this->_effectiveKeyBits]; + } + if (!isset($this->_initializationVector)) { + throw new \LogicException('IV not set.'); + } + return new Sequence(new Integer($version), + new OctetString($this->_initializationVector)); + } + + /** + * Translate version number to number of effective key bits. + */ + private static function _versionToEKB(int $version): int + { + static $lut; + if ($version > 255) { + return $version; + } + if (!isset($lut)) { + $lut = array_flip(self::EKB_TABLE); + } + return $lut[$version]; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Feature/AlgorithmIdentifierType.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Feature/AlgorithmIdentifierType.php new file mode 100644 index 0000000..5f03e5b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Feature/AlgorithmIdentifierType.php @@ -0,0 +1,30 @@ +_oid = $oid; + $this->_params = $params; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return $this->_oid; + } + + /** + * Get parameters. + */ + public function parameters(): ?UnspecifiedType + { + return $this->_params; + } + + /** + * {@inheritdoc} + */ + protected function _paramsASN1(): ?Element + { + return $this->_params ? $this->_params->asElement() : null; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA1AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA1AlgorithmIdentifier.php new file mode 100644 index 0000000..93e59b6 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA1AlgorithmIdentifier.php @@ -0,0 +1,66 @@ +_oid = self::OID_HMAC_WITH_SHA1; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'hmacWithSHA1'; + } + + /** + * {@inheritdoc} + * + * @return self + */ + public static function fromASN1Params( + ?UnspecifiedType $params = null): SpecificAlgorithmIdentifier + { + if (isset($params)) { + throw new \UnexpectedValueException('Parameters must be omitted.'); + } + return new self(); + } + + /** + * {@inheritdoc} + */ + protected function _paramsASN1(): ?Element + { + return null; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA224AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA224AlgorithmIdentifier.php new file mode 100644 index 0000000..766da40 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA224AlgorithmIdentifier.php @@ -0,0 +1,29 @@ +_oid = self::OID_HMAC_WITH_SHA224; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'hmacWithSHA224'; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA256AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA256AlgorithmIdentifier.php new file mode 100644 index 0000000..ecec77f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA256AlgorithmIdentifier.php @@ -0,0 +1,29 @@ +_oid = self::OID_HMAC_WITH_SHA256; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'hmacWithSHA256'; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA384AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA384AlgorithmIdentifier.php new file mode 100644 index 0000000..1867ac2 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA384AlgorithmIdentifier.php @@ -0,0 +1,29 @@ +_oid = self::OID_HMAC_WITH_SHA384; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'hmacWithSHA384'; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA512AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA512AlgorithmIdentifier.php new file mode 100644 index 0000000..25f720e --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA512AlgorithmIdentifier.php @@ -0,0 +1,29 @@ +_oid = self::OID_HMAC_WITH_SHA512; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'hmacWithSHA512'; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/MD5AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/MD5AlgorithmIdentifier.php new file mode 100644 index 0000000..b592de3 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/MD5AlgorithmIdentifier.php @@ -0,0 +1,85 @@ +_oid = self::OID_MD5; + $this->_params = new NullType(); + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'md5'; + } + + /** + * {@inheritdoc} + * + * @return self + */ + public static function fromASN1Params( + ?UnspecifiedType $params = null): SpecificAlgorithmIdentifier + { + $obj = new static(); + // if parameters field is present, it must be null type + if (isset($params)) { + $obj->_params = $params->asNull(); + } + return $obj; + } + + /** + * {@inheritdoc} + * + * @return null|NullType + */ + protected function _paramsASN1(): ?Element + { + return $this->_params; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/RFC4231HMACAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/RFC4231HMACAlgorithmIdentifier.php new file mode 100644 index 0000000..3a7f0bb --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/RFC4231HMACAlgorithmIdentifier.php @@ -0,0 +1,56 @@ +_params = $params->asNull(); + } + return $obj; + } + + /** + * {@inheritdoc} + * + * @return null|NullType + */ + protected function _paramsASN1(): ?Element + { + return $this->_params; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA1AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA1AlgorithmIdentifier.php new file mode 100644 index 0000000..60ce36b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA1AlgorithmIdentifier.php @@ -0,0 +1,81 @@ +_oid = self::OID_SHA1; + $this->_params = null; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'sha1'; + } + + /** + * {@inheritdoc} + * + * @return self + */ + public static function fromASN1Params( + ?UnspecifiedType $params = null): SpecificAlgorithmIdentifier + { + $obj = new static(); + // if parameters field is present, it must be null type + if (isset($params)) { + $obj->_params = $params->asNull(); + } + return $obj; + } + + /** + * {@inheritdoc} + * + * @return null|NullType + */ + protected function _paramsASN1(): ?Element + { + return $this->_params; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA224AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA224AlgorithmIdentifier.php new file mode 100644 index 0000000..daf566f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA224AlgorithmIdentifier.php @@ -0,0 +1,33 @@ +_oid = self::OID_SHA224; + parent::__construct(); + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'sha224'; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA256AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA256AlgorithmIdentifier.php new file mode 100644 index 0000000..22677b8 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA256AlgorithmIdentifier.php @@ -0,0 +1,32 @@ +_oid = self::OID_SHA256; + parent::__construct(); + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'sha256'; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA2AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA2AlgorithmIdentifier.php new file mode 100644 index 0000000..ed68edd --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA2AlgorithmIdentifier.php @@ -0,0 +1,71 @@ +_params = null; + } + + /** + * {@inheritdoc} + * + * @return self + */ + public static function fromASN1Params( + ?UnspecifiedType $params = null): SpecificAlgorithmIdentifier + { + $obj = new static(); + // if parameters field is present, it must be null type + if (isset($params)) { + $obj->_params = $params->asNull(); + } + return $obj; + } + + /** + * {@inheritdoc} + * + * @return null|NullType + */ + protected function _paramsASN1(): ?Element + { + return $this->_params; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA384AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA384AlgorithmIdentifier.php new file mode 100644 index 0000000..846adad --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA384AlgorithmIdentifier.php @@ -0,0 +1,32 @@ +_oid = self::OID_SHA384; + parent::__construct(); + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'sha384'; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA512AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA512AlgorithmIdentifier.php new file mode 100644 index 0000000..a38a24c --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA512AlgorithmIdentifier.php @@ -0,0 +1,32 @@ +_oid = self::OID_SHA512; + parent::__construct(); + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'sha512'; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA1AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA1AlgorithmIdentifier.php new file mode 100644 index 0000000..509c332 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA1AlgorithmIdentifier.php @@ -0,0 +1,29 @@ +_oid = self::OID_ECDSA_WITH_SHA1; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'ecdsa-with-SHA1'; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA224AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA224AlgorithmIdentifier.php new file mode 100644 index 0000000..00c38cb --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA224AlgorithmIdentifier.php @@ -0,0 +1,29 @@ +_oid = self::OID_ECDSA_WITH_SHA224; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'ecdsa-with-SHA224'; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA256AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA256AlgorithmIdentifier.php new file mode 100644 index 0000000..0ecef8b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA256AlgorithmIdentifier.php @@ -0,0 +1,29 @@ +_oid = self::OID_ECDSA_WITH_SHA256; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'ecdsa-with-SHA256'; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA384AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA384AlgorithmIdentifier.php new file mode 100644 index 0000000..9b57697 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA384AlgorithmIdentifier.php @@ -0,0 +1,29 @@ +_oid = self::OID_ECDSA_WITH_SHA384; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'ecdsa-with-SHA384'; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA512AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA512AlgorithmIdentifier.php new file mode 100644 index 0000000..4c2c2f5 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA512AlgorithmIdentifier.php @@ -0,0 +1,29 @@ +_oid = self::OID_ECDSA_WITH_SHA512; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'ecdsa-with-SHA512'; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECSignatureAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECSignatureAlgorithmIdentifier.php new file mode 100644 index 0000000..1fd0b09 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECSignatureAlgorithmIdentifier.php @@ -0,0 +1,59 @@ +oid(); + } + + /** + * {@inheritdoc} + */ + protected function _paramsASN1(): ?Element + { + return null; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/MD2WithRSAEncryptionAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/MD2WithRSAEncryptionAlgorithmIdentifier.php new file mode 100644 index 0000000..ec7cb4a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/MD2WithRSAEncryptionAlgorithmIdentifier.php @@ -0,0 +1,29 @@ +_oid = self::OID_MD2_WITH_RSA_ENCRYPTION; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'md2WithRSAEncryption'; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/MD4WithRSAEncryptionAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/MD4WithRSAEncryptionAlgorithmIdentifier.php new file mode 100644 index 0000000..5a3e7e2 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/MD4WithRSAEncryptionAlgorithmIdentifier.php @@ -0,0 +1,29 @@ +_oid = self::OID_MD4_WITH_RSA_ENCRYPTION; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'md4withRSAEncryption'; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/MD5WithRSAEncryptionAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/MD5WithRSAEncryptionAlgorithmIdentifier.php new file mode 100644 index 0000000..e50eeda --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/MD5WithRSAEncryptionAlgorithmIdentifier.php @@ -0,0 +1,29 @@ +_oid = self::OID_MD5_WITH_RSA_ENCRYPTION; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'md5WithRSAEncryption'; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/RFC3279RSASignatureAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/RFC3279RSASignatureAlgorithmIdentifier.php new file mode 100644 index 0000000..a2de151 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/RFC3279RSASignatureAlgorithmIdentifier.php @@ -0,0 +1,51 @@ +asNull(); + return new static(); + } + + /** + * {@inheritdoc} + * + * @return NullType + */ + protected function _paramsASN1(): ?Element + { + return new NullType(); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/RFC4055RSASignatureAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/RFC4055RSASignatureAlgorithmIdentifier.php new file mode 100644 index 0000000..001f744 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/RFC4055RSASignatureAlgorithmIdentifier.php @@ -0,0 +1,65 @@ +_params = new NullType(); + } + + /** + * {@inheritdoc} + * + * @return self + */ + public static function fromASN1Params( + ?UnspecifiedType $params = null): SpecificAlgorithmIdentifier + { + $obj = new static(); + // store parameters so re-encoding doesn't change + if (isset($params)) { + $obj->_params = $params->asElement(); + } + return $obj; + } + + /** + * {@inheritdoc} + */ + protected function _paramsASN1(): ?Element + { + return $this->_params; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/RSASignatureAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/RSASignatureAlgorithmIdentifier.php new file mode 100644 index 0000000..074f6a1 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/RSASignatureAlgorithmIdentifier.php @@ -0,0 +1,23 @@ +oid(); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA1WithRSAEncryptionAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA1WithRSAEncryptionAlgorithmIdentifier.php new file mode 100644 index 0000000..49dca5c --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA1WithRSAEncryptionAlgorithmIdentifier.php @@ -0,0 +1,29 @@ +_oid = self::OID_SHA1_WITH_RSA_ENCRYPTION; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'sha1-with-rsa-signature'; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA224WithRSAEncryptionAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA224WithRSAEncryptionAlgorithmIdentifier.php new file mode 100644 index 0000000..38db332 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA224WithRSAEncryptionAlgorithmIdentifier.php @@ -0,0 +1,30 @@ +_oid = self::OID_SHA224_WITH_RSA_ENCRYPTION; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'sha224WithRSAEncryption'; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA256WithRSAEncryptionAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA256WithRSAEncryptionAlgorithmIdentifier.php new file mode 100644 index 0000000..88fbf3c --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA256WithRSAEncryptionAlgorithmIdentifier.php @@ -0,0 +1,30 @@ +_oid = self::OID_SHA256_WITH_RSA_ENCRYPTION; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'sha256WithRSAEncryption'; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA384WithRSAEncryptionAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA384WithRSAEncryptionAlgorithmIdentifier.php new file mode 100644 index 0000000..84f18d7 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA384WithRSAEncryptionAlgorithmIdentifier.php @@ -0,0 +1,30 @@ +_oid = self::OID_SHA384_WITH_RSA_ENCRYPTION; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'sha384WithRSAEncryption'; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA512WithRSAEncryptionAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA512WithRSAEncryptionAlgorithmIdentifier.php new file mode 100644 index 0000000..e4c1eba --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA512WithRSAEncryptionAlgorithmIdentifier.php @@ -0,0 +1,30 @@ +_oid = self::OID_SHA512_WITH_RSA_ENCRYPTION; + } + + /** + * {@inheritdoc} + */ + public function name(): string + { + return 'sha512WithRSAEncryption'; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SignatureAlgorithmIdentifierFactory.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SignatureAlgorithmIdentifierFactory.php new file mode 100644 index 0000000..8c63ff4 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SignatureAlgorithmIdentifierFactory.php @@ -0,0 +1,105 @@ + AlgorithmIdentifier::OID_MD5_WITH_RSA_ENCRYPTION, + AlgorithmIdentifier::OID_SHA1 => AlgorithmIdentifier::OID_SHA1_WITH_RSA_ENCRYPTION, + AlgorithmIdentifier::OID_SHA224 => AlgorithmIdentifier::OID_SHA224_WITH_RSA_ENCRYPTION, + AlgorithmIdentifier::OID_SHA256 => AlgorithmIdentifier::OID_SHA256_WITH_RSA_ENCRYPTION, + AlgorithmIdentifier::OID_SHA384 => AlgorithmIdentifier::OID_SHA384_WITH_RSA_ENCRYPTION, + AlgorithmIdentifier::OID_SHA512 => AlgorithmIdentifier::OID_SHA512_WITH_RSA_ENCRYPTION, + ]; + + /** + * Mapping of hash algorithm OID's to EC signature algorithm OID's. + * + * @internal + * + * @var array + */ + public const MAP_EC_OID = [ + AlgorithmIdentifier::OID_SHA1 => AlgorithmIdentifier::OID_ECDSA_WITH_SHA1, + AlgorithmIdentifier::OID_SHA224 => AlgorithmIdentifier::OID_ECDSA_WITH_SHA224, + AlgorithmIdentifier::OID_SHA256 => AlgorithmIdentifier::OID_ECDSA_WITH_SHA256, + AlgorithmIdentifier::OID_SHA384 => AlgorithmIdentifier::OID_ECDSA_WITH_SHA384, + AlgorithmIdentifier::OID_SHA512 => AlgorithmIdentifier::OID_ECDSA_WITH_SHA512, + ]; + + /** + * Get signature algorithm identifier of given asymmetric cryptographic type + * utilizing given hash algorithm. + * + * @param AsymmetricCryptoAlgorithmIdentifier $crypto_algo Cryptographic algorithm identifier, eg. RSA or EC + * @param HashAlgorithmIdentifier $hash_algo Hash algorithm identifier + * + * @throws \UnexpectedValueException + */ + public static function algoForAsymmetricCrypto( + AsymmetricCryptoAlgorithmIdentifier $crypto_algo, + HashAlgorithmIdentifier $hash_algo): SignatureAlgorithmIdentifier + { + switch ($crypto_algo->oid()) { + case AlgorithmIdentifier::OID_RSA_ENCRYPTION: + $oid = self::_oidForRSA($hash_algo); + break; + case AlgorithmIdentifier::OID_EC_PUBLIC_KEY: + $oid = self::_oidForEC($hash_algo); + break; + default: + throw new \UnexpectedValueException( + sprintf('Crypto algorithm %s not supported.', + $crypto_algo->name())); + } + $cls = (new AlgorithmIdentifierFactory())->getClass($oid); + return new $cls(); + } + + /** + * Get RSA signature algorithm OID for the given hash algorithm identifier. + * + * @throws \UnexpectedValueException + */ + private static function _oidForRSA(HashAlgorithmIdentifier $hash_algo): string + { + if (!array_key_exists($hash_algo->oid(), self::MAP_RSA_OID)) { + throw new \UnexpectedValueException( + sprintf('No RSA signature algorithm for %s.', $hash_algo->name())); + } + return self::MAP_RSA_OID[$hash_algo->oid()]; + } + + /** + * Get EC signature algorithm OID for the given hash algorithm identifier. + * + * @throws \UnexpectedValueException + */ + private static function _oidForEC(HashAlgorithmIdentifier $hash_algo): string + { + if (!array_key_exists($hash_algo->oid(), self::MAP_EC_OID)) { + throw new \UnexpectedValueException( + sprintf('No EC signature algorithm for %s.', $hash_algo->name())); + } + return self::MAP_EC_OID[$hash_algo->oid()]; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/SpecificAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/SpecificAlgorithmIdentifier.php new file mode 100644 index 0000000..f5d1320 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/SpecificAlgorithmIdentifier.php @@ -0,0 +1,30 @@ +string(); + if ($bs->unusedBits()) { + // @todo pad string + throw new \RuntimeException('Unaligned bitstrings to supported'); + } + return new OctetString($str); + } + + /** + * Perform Octet-String-to-Bit-String Conversion. + * + * Defined in SEC 1 section 2.3.2. + */ + public static function octetStringToBitString(OctetString $os): BitString + { + return new BitString($os->string()); + } + + /** + * Perform Integer-to-Octet-String Conversion. + * + * Defined in SEC 1 section 2.3.7. + * + * @param int $num + * @param null|int $mlen Optional desired output length + * + * @throws \UnexpectedValueException + */ + public static function integerToOctetString(Integer $num, ?int $mlen = null): OctetString + { + $gmp = gmp_init($num->number(), 10); + $str = gmp_export($gmp, 1, GMP_MSW_FIRST | GMP_BIG_ENDIAN); + if (null !== $mlen) { + $len = strlen($str); + if ($len > $mlen) { + throw new \RangeException('Number is too large.'); + } + // pad with zeroes + if ($len < $mlen) { + $str = str_repeat("\0", $mlen - $len) . $str; + } + } + return new OctetString($str); + } + + /** + * Perform Octet-String-to-Integer Conversion. + * + * Defined in SEC 1 section 2.3.8. + * + * @return int + */ + public static function octetStringToInteger(OctetString $os): Integer + { + $num = gmp_import($os->string(), 1, GMP_MSW_FIRST | GMP_BIG_ENDIAN); + assert($num instanceof \GMP, new \RuntimeException('gmp_import() failed.')); + return new Integer(gmp_strval($num, 10)); + } + + /** + * Convert a base-10 number to octets. + * + * This is a convenicence method for integer <-> octet string conversion + * without the need for external ASN.1 dependencies. + * + * @param int|string $num Number in base-10 + * @param null|int $mlen Optional desired output length + */ + public static function numberToOctets($num, ?int $mlen = null): string + { + return self::integerToOctetString(new Integer($num), $mlen)->string(); + } + + /** + * Convert octets to a base-10 number. + * + * This is a convenicence method for integer <-> octet string conversion + * without the need for external ASN.1 dependencies. + * + * @return string Number in base-10 + */ + public static function octetsToNumber(string $str): string + { + return self::octetStringToInteger(new OctetString($str))->number(); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/EC/ECPrivateKey.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/EC/ECPrivateKey.php new file mode 100644 index 0000000..1649ae0 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/EC/ECPrivateKey.php @@ -0,0 +1,223 @@ +_privateKey = $private_key; + $this->_namedCurve = $named_curve; + $this->_publicKey = $public_key; + } + + /** + * Initialize from ASN.1. + * + * @throws \UnexpectedValueException + * + * @return self + */ + public static function fromASN1(Sequence $seq): ECPrivateKey + { + $version = $seq->at(0)->asInteger()->intNumber(); + if (1 !== $version) { + throw new \UnexpectedValueException('Version must be 1.'); + } + $private_key = $seq->at(1)->asOctetString()->string(); + $named_curve = null; + if ($seq->hasTagged(0)) { + $params = $seq->getTagged(0)->asExplicit(); + $named_curve = $params->asObjectIdentifier()->oid(); + } + $public_key = null; + if ($seq->hasTagged(1)) { + $public_key = $seq->getTagged(1)->asExplicit() + ->asBitString()->string(); + } + return new self($private_key, $named_curve, $public_key); + } + + /** + * Initialize from DER data. + * + * @return self + */ + public static function fromDER(string $data): ECPrivateKey + { + return self::fromASN1(UnspecifiedType::fromDER($data)->asSequence()); + } + + /** + * @see PrivateKey::fromPEM() + * + * @throws \UnexpectedValueException + * + * @return self + */ + public static function fromPEM(PEM $pem): ECPrivateKey + { + $pk = parent::fromPEM($pem); + if (!($pk instanceof self)) { + throw new \UnexpectedValueException('Not an EC private key.'); + } + return $pk; + } + + /** + * Get the EC private key value. + * + * @return string Octets of the private key + */ + public function privateKeyOctets(): string + { + return $this->_privateKey; + } + + /** + * Whether named curve is present. + */ + public function hasNamedCurve(): bool + { + return isset($this->_namedCurve); + } + + /** + * Get named curve OID. + * + * @throws \LogicException + */ + public function namedCurve(): string + { + if (!$this->hasNamedCurve()) { + throw new \LogicException('namedCurve not set.'); + } + return $this->_namedCurve; + } + + /** + * Get self with named curve. + * + * @param null|string $named_curve Named curve OID + * + * @return self + */ + public function withNamedCurve(?string $named_curve): ECPrivateKey + { + $obj = clone $this; + $obj->_namedCurve = $named_curve; + return $obj; + } + + /** + * {@inheritdoc} + */ + public function algorithmIdentifier(): AlgorithmIdentifierType + { + return new ECPublicKeyAlgorithmIdentifier($this->namedCurve()); + } + + /** + * Whether public key is present. + */ + public function hasPublicKey(): bool + { + return isset($this->_publicKey); + } + + /** + * {@inheritdoc} + * + * @return ECPublicKey + */ + public function publicKey(): PublicKey + { + if (!$this->hasPublicKey()) { + throw new \LogicException('publicKey not set.'); + } + return new ECPublicKey($this->_publicKey, $this->namedCurve()); + } + + /** + * Generate ASN.1 structure. + */ + public function toASN1(): Sequence + { + $elements = [new Integer(1), new OctetString($this->_privateKey)]; + if (isset($this->_namedCurve)) { + $elements[] = new ExplicitlyTaggedType(0, + new ObjectIdentifier($this->_namedCurve)); + } + if (isset($this->_publicKey)) { + $elements[] = new ExplicitlyTaggedType(1, + new BitString($this->_publicKey)); + } + return new Sequence(...$elements); + } + + /** + * {@inheritdoc} + */ + public function toDER(): string + { + return $this->toASN1()->toDER(); + } + + /** + * {@inheritdoc} + */ + public function toPEM(): PEM + { + return new PEM(PEM::TYPE_EC_PRIVATE_KEY, $this->toDER()); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/EC/ECPublicKey.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/EC/ECPublicKey.php new file mode 100644 index 0000000..f8b0e93 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/EC/ECPublicKey.php @@ -0,0 +1,222 @@ +_ecPoint = $ec_point; + $this->_namedCurve = $named_curve; + } + + /** + * Initialize from curve point coordinates. + * + * @param int|string $x X coordinate as a base10 number + * @param int|string $y Y coordinate as a base10 number + * @param null|string $named_curve Named curve OID + * @param null|int $bits Size of *p* in bits + * + * @return self + */ + public static function fromCoordinates($x, $y, + ?string $named_curve = null, ?int $bits = null): ECPublicKey + { + // if bitsize is not explicitly set, check from supported curves + if (!isset($bits) && isset($named_curve)) { + $bits = self::_curveSize($named_curve); + } + $mlen = null; + if (isset($bits)) { + $mlen = (int) ceil($bits / 8); + } + $x_os = ECConversion::integerToOctetString(new Integer($x), $mlen)->string(); + $y_os = ECConversion::integerToOctetString(new Integer($y), $mlen)->string(); + $ec_point = "\x4{$x_os}{$y_os}"; + return new self($ec_point, $named_curve); + } + + /** + * @see PublicKey::fromPEM() + * + * @throws \UnexpectedValueException + * + * @return self + */ + public static function fromPEM(PEM $pem): ECPublicKey + { + if (PEM::TYPE_PUBLIC_KEY !== $pem->type()) { + throw new \UnexpectedValueException('Not a public key.'); + } + $pki = PublicKeyInfo::fromDER($pem->data()); + $algo = $pki->algorithmIdentifier(); + if (AlgorithmIdentifier::OID_EC_PUBLIC_KEY !== $algo->oid() + || !($algo instanceof ECPublicKeyAlgorithmIdentifier)) { + throw new \UnexpectedValueException('Not an elliptic curve key.'); + } + // ECPoint is directly mapped into public key data + return new self($pki->publicKeyData()->string(), $algo->namedCurve()); + } + + /** + * Get ECPoint value. + */ + public function ECPoint(): string + { + return $this->_ecPoint; + } + + /** + * Get curve point coordinates. + * + * @return string[] Tuple of X and Y coordinates as base-10 numbers + */ + public function curvePoint(): array + { + return array_map( + function ($str) { + return ECConversion::octetsToNumber($str); + }, $this->curvePointOctets()); + } + + /** + * Get curve point coordinates in octet string representation. + * + * @return string[] tuple of X and Y field elements as a string + */ + public function curvePointOctets(): array + { + if ($this->isCompressed()) { + throw new \RuntimeException('EC point compression not supported.'); + } + $str = substr($this->_ecPoint, 1); + [$x, $y] = str_split($str, (int) floor(strlen($str) / 2)); + return [$x, $y]; + } + + /** + * Whether ECPoint is in compressed form. + */ + public function isCompressed(): bool + { + $c = ord($this->_ecPoint[0]); + return 4 !== $c; + } + + /** + * Whether named curve is present. + */ + public function hasNamedCurve(): bool + { + return isset($this->_namedCurve); + } + + /** + * Get named curve OID. + * + * @throws \LogicException + */ + public function namedCurve(): string + { + if (!$this->hasNamedCurve()) { + throw new \LogicException('namedCurve not set.'); + } + return $this->_namedCurve; + } + + /** + * {@inheritdoc} + */ + public function algorithmIdentifier(): AlgorithmIdentifierType + { + return new ECPublicKeyAlgorithmIdentifier($this->namedCurve()); + } + + /** + * Generate ASN.1 element. + */ + public function toASN1(): OctetString + { + return new OctetString($this->_ecPoint); + } + + /** + * {@inheritdoc} + */ + public function toDER(): string + { + return $this->toASN1()->toDER(); + } + + /** + * {@inheritdoc} + * + * @see https://tools.ietf.org/html/rfc5480#section-2.2 + */ + public function subjectPublicKey(): BitString + { + // ECPoint is directly mapped to subjectPublicKey + return new BitString($this->_ecPoint); + } + + /** + * Get the curve size *p* in bits. + * + * @param string $oid Curve OID + */ + private static function _curveSize(string $oid): ?int + { + if (!array_key_exists($oid, ECPublicKeyAlgorithmIdentifier::MAP_CURVE_TO_SIZE)) { + return null; + } + return ECPublicKeyAlgorithmIdentifier::MAP_CURVE_TO_SIZE[$oid]; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/OneAsymmetricKey.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/OneAsymmetricKey.php new file mode 100644 index 0000000..5e7099e --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/OneAsymmetricKey.php @@ -0,0 +1,359 @@ +_version = self::VERSION_2; + $this->_algo = $algo; + $this->_privateKeyData = $key; + $this->_attributes = $attributes; + $this->_publicKeyData = $public_key; + } + + /** + * Initialize from ASN.1. + * + * @throws \UnexpectedValueException + */ + public static function fromASN1(Sequence $seq): self + { + $version = $seq->at(0)->asInteger()->intNumber(); + if (!in_array($version, [self::VERSION_1, self::VERSION_2])) { + throw new \UnexpectedValueException( + "Version {$version} not supported."); + } + $algo = AlgorithmIdentifier::fromASN1($seq->at(1)->asSequence()); + $key = $seq->at(2)->asOctetString()->string(); + $attribs = null; + if ($seq->hasTagged(0)) { + $attribs = OneAsymmetricKeyAttributes::fromASN1($seq->getTagged(0) + ->asImplicit(Element::TYPE_SET)->asSet()); + } + $pubkey = null; + if ($seq->hasTagged(1)) { + $pubkey = $seq->getTagged(1) + ->asImplicit(Element::TYPE_BIT_STRING)->asBitString(); + } + $obj = new static($algo, $key, $attribs, $pubkey); + $obj->_version = $version; + return $obj; + } + + /** + * Initialize from DER data. + */ + public static function fromDER(string $data): self + { + return self::fromASN1(UnspecifiedType::fromDER($data)->asSequence()); + } + + /** + * Initialize from a `PrivateKey`. + * + * Note that `OneAsymmetricKey` <-> `PrivateKey` conversions may not be + * bidirectional with all key types, since `OneAsymmetricKey` may include + * attributes as well the public key that are not conveyed in a specific + * `PrivateKey` object. + */ + public static function fromPrivateKey(PrivateKey $private_key): self + { + return new static( + $private_key->algorithmIdentifier(), + $private_key->privateKeyData() + ); + } + + /** + * Initialize from PEM. + * + * @throws \UnexpectedValueException If PEM type is not supported + */ + public static function fromPEM(PEM $pem): self + { + switch ($pem->type()) { + case PEM::TYPE_PRIVATE_KEY: + return self::fromDER($pem->data()); + case PEM::TYPE_RSA_PRIVATE_KEY: + return self::fromPrivateKey( + RSA\RSAPrivateKey::fromDER($pem->data())); + case PEM::TYPE_EC_PRIVATE_KEY: + return self::fromPrivateKey( + EC\ECPrivateKey::fromDER($pem->data())); + } + throw new \UnexpectedValueException('Invalid PEM type.'); + } + + /** + * Get self with version set. + */ + public function withVersion(int $version): self + { + $obj = clone $this; + $obj->_version = $version; + return $obj; + } + + /** + * Get version number. + */ + public function version(): int + { + return $this->_version; + } + + /** + * Get algorithm identifier. + */ + public function algorithmIdentifier(): AlgorithmIdentifierType + { + return $this->_algo; + } + + /** + * Get private key data. + */ + public function privateKeyData(): string + { + return $this->_privateKeyData; + } + + /** + * Get private key. + * + * @throws \RuntimeException + */ + public function privateKey(): PrivateKey + { + $algo = $this->algorithmIdentifier(); + switch ($algo->oid()) { + // RSA + case AlgorithmIdentifier::OID_RSA_ENCRYPTION: + return RSA\RSAPrivateKey::fromDER($this->_privateKeyData); + // elliptic curve + case AlgorithmIdentifier::OID_EC_PUBLIC_KEY: + $pk = EC\ECPrivateKey::fromDER($this->_privateKeyData); + // NOTE: OpenSSL strips named curve from ECPrivateKey structure + // when serializing into PrivateKeyInfo. However RFC 5915 dictates + // that parameters (NamedCurve) must always be included. + // If private key doesn't encode named curve, assign from parameters. + if (!$pk->hasNamedCurve()) { + if (!$algo instanceof ECPublicKeyAlgorithmIdentifier) { + throw new \UnexpectedValueException('Not an EC algorithm.'); + } + $pk = $pk->withNamedCurve($algo->namedCurve()); + } + return $pk; + // Ed25519 + case AlgorithmIdentifier::OID_ED25519: + $pubkey = $this->_publicKeyData ? + $this->_publicKeyData->string() : null; + // RFC 8410 defines `CurvePrivateKey ::= OCTET STRING` that + // is encoded into private key data. So Ed25519 private key + // is doubly wrapped into octet string encodings. + return RFC8410\Curve25519\Ed25519PrivateKey::fromOctetString( + OctetString::fromDER($this->_privateKeyData), $pubkey) + ->withVersion($this->_version) + ->withAttributes($this->_attributes); + // X25519 + case AlgorithmIdentifier::OID_X25519: + $pubkey = $this->_publicKeyData ? + $this->_publicKeyData->string() : null; + return RFC8410\Curve25519\X25519PrivateKey::fromOctetString( + OctetString::fromDER($this->_privateKeyData), $pubkey) + ->withVersion($this->_version) + ->withAttributes($this->_attributes); + // Ed448 + case AlgorithmIdentifier::OID_ED448: + $pubkey = $this->_publicKeyData ? + $this->_publicKeyData->string() : null; + return RFC8410\Curve448\Ed448PrivateKey::fromOctetString( + OctetString::fromDER($this->_privateKeyData), $pubkey) + ->withVersion($this->_version) + ->withAttributes($this->_attributes); + // X448 + case AlgorithmIdentifier::OID_X448: + $pubkey = $this->_publicKeyData ? + $this->_publicKeyData->string() : null; + return RFC8410\Curve448\X448PrivateKey::fromOctetString( + OctetString::fromDER($this->_privateKeyData), $pubkey) + ->withVersion($this->_version) + ->withAttributes($this->_attributes); + } + throw new \RuntimeException( + 'Private key ' . $algo->name() . ' not supported.'); + } + + /** + * Get public key info corresponding to the private key. + */ + public function publicKeyInfo(): PublicKeyInfo + { + // if public key is explicitly defined + if ($this->hasPublicKeyData()) { + return new PublicKeyInfo($this->_algo, $this->_publicKeyData); + } + // else derive from private key + return $this->privateKey()->publicKey()->publicKeyInfo(); + } + + /** + * Whether attributes are present. + */ + public function hasAttributes(): bool + { + return isset($this->_attributes); + } + + /** + * Get attributes. + * + * @throws \LogicException If attributes are not present + */ + public function attributes(): OneAsymmetricKeyAttributes + { + if (!$this->hasAttributes()) { + throw new \LogicException('Attributes not set.'); + } + return $this->_attributes; + } + + /** + * Whether explicit public key data is present. + */ + public function hasPublicKeyData(): bool + { + return isset($this->_publicKeyData); + } + + /** + * Get the explicit public key data. + * + * @return \LogicException If public key is not present + */ + public function publicKeyData(): BitString + { + if (!$this->hasPublicKeyData()) { + throw new \LogicException('No explicit public key.'); + } + return $this->_publicKeyData; + } + + /** + * Generate ASN.1 structure. + */ + public function toASN1(): Sequence + { + $elements = [ + new Integer($this->_version), + $this->_algo->toASN1(), + new OctetString($this->_privateKeyData) + ]; + if ($this->_attributes) { + $elements[] = new ImplicitlyTaggedType(0, + $this->_attributes->toASN1()); + } + if ($this->_publicKeyData) { + $elements[] = new ImplicitlyTaggedType(1, $this->_publicKeyData); + } + return new Sequence(...$elements); + } + + /** + * Generate DER encoding. + */ + public function toDER(): string + { + return $this->toASN1()->toDER(); + } + + /** + * Generate PEM. + */ + public function toPEM(): PEM + { + return new PEM(PEM::TYPE_PRIVATE_KEY, $this->toDER()); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PrivateKey.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PrivateKey.php new file mode 100644 index 0000000..c3b4bea --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PrivateKey.php @@ -0,0 +1,74 @@ +toDER(); + } + + /** + * Get the private key as a PrivateKeyInfo type. + */ + public function privateKeyInfo(): PrivateKeyInfo + { + return PrivateKeyInfo::fromPrivateKey($this); + } + + /** + * Initialize private key from PEM. + * + * @throws \UnexpectedValueException + * + * @return PrivateKey + */ + public static function fromPEM(PEM $pem) + { + switch ($pem->type()) { + case PEM::TYPE_RSA_PRIVATE_KEY: + return RSA\RSAPrivateKey::fromDER($pem->data()); + case PEM::TYPE_EC_PRIVATE_KEY: + return EC\ECPrivateKey::fromDER($pem->data()); + case PEM::TYPE_PRIVATE_KEY: + return PrivateKeyInfo::fromDER($pem->data())->privateKey(); + } + throw new \UnexpectedValueException( + 'PEM type ' . $pem->type() . ' is not a valid private key.'); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PrivateKeyInfo.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PrivateKeyInfo.php new file mode 100644 index 0000000..f1a946e --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PrivateKeyInfo.php @@ -0,0 +1,33 @@ +_version = parent::VERSION_1; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PublicKey.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PublicKey.php new file mode 100644 index 0000000..8b7e581 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PublicKey.php @@ -0,0 +1,60 @@ +toDER()); + } + + /** + * Get the public key as a PublicKeyInfo type. + */ + public function publicKeyInfo(): PublicKeyInfo + { + return PublicKeyInfo::fromPublicKey($this); + } + + /** + * Initialize public key from PEM. + * + * @throws \UnexpectedValueException + * + * @return PublicKey + */ + public static function fromPEM(PEM $pem) + { + switch ($pem->type()) { + case PEM::TYPE_RSA_PUBLIC_KEY: + return RSA\RSAPublicKey::fromDER($pem->data()); + case PEM::TYPE_PUBLIC_KEY: + return PublicKeyInfo::fromPEM($pem)->publicKey(); + } + throw new \UnexpectedValueException( + 'PEM type ' . $pem->type() . ' is not a valid public key.'); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PublicKeyInfo.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PublicKeyInfo.php new file mode 100644 index 0000000..176b57b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PublicKeyInfo.php @@ -0,0 +1,197 @@ +_algo = $algo; + $this->_publicKey = $key; + } + + /** + * Initialize from ASN.1. + */ + public static function fromASN1(Sequence $seq): self + { + $algo = AlgorithmIdentifier::fromASN1($seq->at(0)->asSequence()); + $key = $seq->at(1)->asBitString(); + return new self($algo, $key); + } + + /** + * Initialize from a PublicKey. + */ + public static function fromPublicKey(PublicKey $key): self + { + return new self($key->algorithmIdentifier(), $key->subjectPublicKey()); + } + + /** + * Initialize from PEM. + * + * @throws \UnexpectedValueException + */ + public static function fromPEM(PEM $pem): self + { + switch ($pem->type()) { + case PEM::TYPE_PUBLIC_KEY: + return self::fromDER($pem->data()); + case PEM::TYPE_RSA_PUBLIC_KEY: + return RSA\RSAPublicKey::fromDER($pem->data())->publicKeyInfo(); + } + throw new \UnexpectedValueException('Invalid PEM type.'); + } + + /** + * Initialize from DER data. + */ + public static function fromDER(string $data): self + { + return self::fromASN1(UnspecifiedType::fromDER($data)->asSequence()); + } + + /** + * Get algorithm identifier. + */ + public function algorithmIdentifier(): AlgorithmIdentifierType + { + return $this->_algo; + } + + /** + * Get public key data. + */ + public function publicKeyData(): BitString + { + return $this->_publicKey; + } + + /** + * Get public key. + * + * @throws \RuntimeException + */ + public function publicKey(): PublicKey + { + $algo = $this->algorithmIdentifier(); + switch ($algo->oid()) { + // RSA + case AlgorithmIdentifier::OID_RSA_ENCRYPTION: + return RSA\RSAPublicKey::fromDER($this->_publicKey->string()); + // Elliptic Curve + case AlgorithmIdentifier::OID_EC_PUBLIC_KEY: + if (!$algo instanceof ECPublicKeyAlgorithmIdentifier) { + throw new \UnexpectedValueException('Not an EC algorithm.'); + } + // ECPoint is directly mapped into public key data + return new EC\ECPublicKey($this->_publicKey->string(), + $algo->namedCurve()); + // Ed25519 + case AlgorithmIdentifier::OID_ED25519: + return new RFC8410\Curve25519\Ed25519PublicKey( + $this->_publicKey->string()); + // X25519 + case AlgorithmIdentifier::OID_X25519: + return new RFC8410\Curve25519\X25519PublicKey( + $this->_publicKey->string()); + // Ed448 + case AlgorithmIdentifier::OID_ED448: + return new RFC8410\Curve448\Ed448PublicKey( + $this->_publicKey->string()); + // X448 + case AlgorithmIdentifier::OID_X448: + return new RFC8410\Curve448\X448PublicKey( + $this->_publicKey->string()); + } + throw new \RuntimeException( + 'Public key ' . $algo->name() . ' not supported.'); + } + + /** + * Get key identifier using method 1 as described by RFC 5280. + * + * @see https://tools.ietf.org/html/rfc5280#section-4.2.1.2 + * + * @return string 20 bytes (160 bits) long identifier + */ + public function keyIdentifier(): string + { + return sha1($this->_publicKey->string(), true); + } + + /** + * Get key identifier using method 2 as described by RFC 5280. + * + * @see https://tools.ietf.org/html/rfc5280#section-4.2.1.2 + * + * @return string 8 bytes (64 bits) long identifier + */ + public function keyIdentifier64(): string + { + $id = substr($this->keyIdentifier(), -8); + $c = (ord($id[0]) & 0x0f) | 0x40; + $id[0] = chr($c); + return $id; + } + + /** + * Generate ASN.1 structure. + */ + public function toASN1(): Sequence + { + return new Sequence($this->_algo->toASN1(), $this->_publicKey); + } + + /** + * Generate DER encoding. + */ + public function toDER(): string + { + return $this->toASN1()->toDER(); + } + + /** + * Generate PEM. + */ + public function toPEM(): PEM + { + return new PEM(PEM::TYPE_PUBLIC_KEY, $this->toDER()); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/Curve25519PrivateKey.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/Curve25519PrivateKey.php new file mode 100644 index 0000000..5e11fdf --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/Curve25519PrivateKey.php @@ -0,0 +1,34 @@ +hasPublicKey()) { + throw new \LogicException('Public key not set.'); + } + return new Ed25519PublicKey($this->_publicKeyData); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/Ed25519PublicKey.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/Ed25519PublicKey.php new file mode 100644 index 0000000..f111459 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/Ed25519PublicKey.php @@ -0,0 +1,24 @@ +hasPublicKey()) { + throw new \LogicException('Public key not set.'); + } + return new X25519PublicKey($this->_publicKeyData); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/X25519PublicKey.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/X25519PublicKey.php new file mode 100644 index 0000000..b9abd45 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/X25519PublicKey.php @@ -0,0 +1,24 @@ +hasPublicKey()) { + throw new \LogicException('Public key not set.'); + } + return new Ed448PublicKey($this->_publicKeyData); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve448/Ed448PublicKey.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve448/Ed448PublicKey.php new file mode 100644 index 0000000..aa499ae --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve448/Ed448PublicKey.php @@ -0,0 +1,39 @@ +hasPublicKey()) { + throw new \LogicException('Public key not set.'); + } + return new X448PublicKey($this->_publicKeyData); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve448/X448PublicKey.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve448/X448PublicKey.php new file mode 100644 index 0000000..7af5227 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve448/X448PublicKey.php @@ -0,0 +1,39 @@ +_privateKeyData = $private_key; + $this->_publicKeyData = $public_key; + $this->_version = OneAsymmetricKey::VERSION_2; + $this->_attributes = null; + } + + /** + * Initialize from `CurvePrivateKey` OctetString. + * + * @param OctetString $str Private key data wrapped into OctetString + * @param null|string $public_key Optional public key data + */ + public static function fromOctetString(OctetString $str, + ?string $public_key = null): self + { + return new static($str->string(), $public_key); + } + + /** + * Get self with version number. + */ + public function withVersion(int $version): self + { + $obj = clone $this; + $obj->_version = $version; + return $obj; + } + + /** + * Get self with attributes. + */ + public function withAttributes(?OneAsymmetricKeyAttributes $attribs): self + { + $obj = clone $this; + $obj->_attributes = $attribs; + return $obj; + } + + /** + * {@inheritdoc} + */ + public function privateKeyData(): string + { + return $this->_privateKeyData; + } + + /** + * Whether public key is set. + */ + public function hasPublicKey(): bool + { + return isset($this->_publicKeyData); + } + + /** + * Generate ASN.1 structure. + */ + public function toASN1(): OctetString + { + return new OctetString($this->_privateKeyData); + } + + /** + * {@inheritdoc} + */ + public function toDER(): string + { + return $this->toASN1()->toDER(); + } + + /** + * {@inheritdoc} + */ + public function toPEM(): PEM + { + $pub = $this->_publicKeyData ? + new BitString($this->_publicKeyData) : null; + $pki = new OneAsymmetricKey($this->algorithmIdentifier(), + $this->toDER(), $this->_attributes, $pub); + return $pki->withVersion($this->_version)->toPEM(); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/RFC8410PublicKey.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/RFC8410PublicKey.php new file mode 100644 index 0000000..6a18542 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/RFC8410PublicKey.php @@ -0,0 +1,52 @@ +_publicKey = $public_key; + } + + /** + * {@inheritdoc} + */ + public function toDER(): string + { + throw new \LogicException("RFC 8410 public key doesn't have a DER encoding."); + } + + /** + * {@inheritdoc} + */ + public function subjectPublicKey(): BitString + { + return new BitString($this->_publicKey); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RSA/RSAPrivateKey.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RSA/RSAPrivateKey.php new file mode 100644 index 0000000..15bf587 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RSA/RSAPrivateKey.php @@ -0,0 +1,286 @@ +_modulus = strval($n); + $this->_publicExponent = strval($e); + $this->_privateExponent = strval($d); + $this->_prime1 = strval($p); + $this->_prime2 = strval($q); + $this->_exponent1 = strval($dp); + $this->_exponent2 = strval($dq); + $this->_coefficient = strval($qi); + } + + /** + * Initialize from ASN.1. + * + * @throws \UnexpectedValueException + * + * @return self + */ + public static function fromASN1(Sequence $seq): RSAPrivateKey + { + $version = $seq->at(0)->asInteger()->intNumber(); + if (0 !== $version) { + throw new \UnexpectedValueException('Version must be 0.'); + } + // helper function get integer from given index + $get_int = function ($idx) use ($seq) { + return $seq->at($idx)->asInteger()->number(); + }; + $n = $get_int(1); + $e = $get_int(2); + $d = $get_int(3); + $p = $get_int(4); + $q = $get_int(5); + $dp = $get_int(6); + $dq = $get_int(7); + $qi = $get_int(8); + return new self($n, $e, $d, $p, $q, $dp, $dq, $qi); + } + + /** + * Initialize from DER data. + * + * @return self + */ + public static function fromDER(string $data): RSAPrivateKey + { + return self::fromASN1(UnspecifiedType::fromDER($data)->asSequence()); + } + + /** + * @see PrivateKey::fromPEM() + * + * @throws \UnexpectedValueException + * + * @return self + */ + public static function fromPEM(PEM $pem): RSAPrivateKey + { + $pk = parent::fromPEM($pem); + if (!($pk instanceof self)) { + throw new \UnexpectedValueException('Not an RSA private key.'); + } + return $pk; + } + + /** + * Get modulus. + * + * @return string Base 10 integer + */ + public function modulus(): string + { + return $this->_modulus; + } + + /** + * Get public exponent. + * + * @return string Base 10 integer + */ + public function publicExponent(): string + { + return $this->_publicExponent; + } + + /** + * Get private exponent. + * + * @return string Base 10 integer + */ + public function privateExponent(): string + { + return $this->_privateExponent; + } + + /** + * Get first prime factor. + * + * @return string Base 10 integer + */ + public function prime1(): string + { + return $this->_prime1; + } + + /** + * Get second prime factor. + * + * @return string Base 10 integer + */ + public function prime2(): string + { + return $this->_prime2; + } + + /** + * Get first factor exponent. + * + * @return string Base 10 integer + */ + public function exponent1(): string + { + return $this->_exponent1; + } + + /** + * Get second factor exponent. + * + * @return string Base 10 integer + */ + public function exponent2(): string + { + return $this->_exponent2; + } + + /** + * Get CRT coefficient of the second factor. + * + * @return string Base 10 integer + */ + public function coefficient(): string + { + return $this->_coefficient; + } + + /** + * {@inheritdoc} + */ + public function algorithmIdentifier(): AlgorithmIdentifierType + { + return new RSAEncryptionAlgorithmIdentifier(); + } + + /** + * {@inheritdoc} + * + * @return RSAPublicKey + */ + public function publicKey(): PublicKey + { + return new RSAPublicKey($this->_modulus, $this->_publicExponent); + } + + /** + * Generate ASN.1 structure. + */ + public function toASN1(): Sequence + { + return new Sequence(new Integer(0), + new Integer($this->_modulus), + new Integer($this->_publicExponent), + new Integer($this->_privateExponent), + new Integer($this->_prime1), + new Integer($this->_prime2), + new Integer($this->_exponent1), + new Integer($this->_exponent2), + new Integer($this->_coefficient)); + } + + /** + * {@inheritdoc} + */ + public function toDER(): string + { + return $this->toASN1()->toDER(); + } + + /** + * {@inheritdoc} + */ + public function toPEM(): PEM + { + return new PEM(PEM::TYPE_RSA_PRIVATE_KEY, $this->toDER()); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RSA/RSAPublicKey.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RSA/RSAPublicKey.php new file mode 100644 index 0000000..b4e55d4 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RSA/RSAPublicKey.php @@ -0,0 +1,147 @@ +_modulus = strval($n); + $this->_publicExponent = strval($e); + } + + /** + * Initialize from ASN.1. + * + * @return self + */ + public static function fromASN1(Sequence $seq): RSAPublicKey + { + $n = $seq->at(0)->asInteger()->number(); + $e = $seq->at(1)->asInteger()->number(); + return new self($n, $e); + } + + /** + * Initialize from DER data. + * + * @return self + */ + public static function fromDER(string $data): RSAPublicKey + { + return self::fromASN1(UnspecifiedType::fromDER($data)->asSequence()); + } + + /** + * @see PublicKey::fromPEM() + * + * @throws \UnexpectedValueException + * + * @return self + */ + public static function fromPEM(PEM $pem): RSAPublicKey + { + switch ($pem->type()) { + case PEM::TYPE_RSA_PUBLIC_KEY: + return self::fromDER($pem->data()); + case PEM::TYPE_PUBLIC_KEY: + $pki = PublicKeyInfo::fromDER($pem->data()); + if (AlgorithmIdentifier::OID_RSA_ENCRYPTION !== + $pki->algorithmIdentifier()->oid()) { + throw new \UnexpectedValueException('Not an RSA public key.'); + } + return self::fromDER($pki->publicKeyData()->string()); + } + throw new \UnexpectedValueException('Invalid PEM type ' . $pem->type()); + } + + /** + * Get modulus. + * + * @return string Base 10 integer + */ + public function modulus(): string + { + return $this->_modulus; + } + + /** + * Get public exponent. + * + * @return string Base 10 integer + */ + public function publicExponent(): string + { + return $this->_publicExponent; + } + + /** + * {@inheritdoc} + */ + public function algorithmIdentifier(): AlgorithmIdentifierType + { + return new RSAEncryptionAlgorithmIdentifier(); + } + + /** + * Generate ASN.1 structure. + */ + public function toASN1(): Sequence + { + return new Sequence(new Integer($this->_modulus), + new Integer($this->_publicExponent)); + } + + /** + * {@inheritdoc} + */ + public function toDER(): string + { + return $this->toASN1()->toDER(); + } + + /** + * Generate PEM. + */ + public function toPEM(): PEM + { + return new PEM(PEM::TYPE_RSA_PUBLIC_KEY, $this->toDER()); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/ECSignature.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/ECSignature.php new file mode 100644 index 0000000..808f8e6 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/ECSignature.php @@ -0,0 +1,108 @@ +_r = strval($r); + $this->_s = strval($s); + } + + /** + * Initialize from ASN.1. + */ + public static function fromASN1(Sequence $seq): self + { + $r = $seq->at(0)->asInteger()->number(); + $s = $seq->at(1)->asInteger()->number(); + return new self($r, $s); + } + + /** + * Initialize from DER. + */ + public static function fromDER(string $data): self + { + return self::fromASN1(UnspecifiedType::fromDER($data)->asSequence()); + } + + /** + * Get the r-value. + * + * @return string Base 10 integer string + */ + public function r(): string + { + return $this->_r; + } + + /** + * Get the s-value. + * + * @return string Base 10 integer string + */ + public function s(): string + { + return $this->_s; + } + + /** + * Generate ASN.1 structure. + */ + public function toASN1(): Sequence + { + return new Sequence(new Integer($this->_r), new Integer($this->_s)); + } + + /** + * Get DER encoding of the signature. + */ + public function toDER(): string + { + return $this->toASN1()->toDER(); + } + + /** + * {@inheritdoc} + */ + public function bitString(): BitString + { + return new BitString($this->toDER()); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/Ed25519Signature.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/Ed25519Signature.php new file mode 100644 index 0000000..4d50108 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/Ed25519Signature.php @@ -0,0 +1,44 @@ +_signature = $signature; + } + + /** + * {@inheritdoc} + */ + public function bitString(): BitString + { + return new BitString($this->_signature); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/Ed448Signature.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/Ed448Signature.php new file mode 100644 index 0000000..9090a38 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/Ed448Signature.php @@ -0,0 +1,44 @@ +_signature = $signature; + } + + /** + * {@inheritdoc} + */ + public function bitString(): BitString + { + return new BitString($this->_signature); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/GenericSignature.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/GenericSignature.php new file mode 100644 index 0000000..4e6635a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/GenericSignature.php @@ -0,0 +1,56 @@ +_signature = $signature; + $this->_signatureAlgorithm = $algo; + } + + /** + * Get the signature algorithm. + */ + public function signatureAlgorithm(): AlgorithmIdentifierType + { + return $this->_signatureAlgorithm; + } + + /** + * {@inheritdoc} + */ + public function bitString(): BitString + { + return $this->_signature; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/RSASignature.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/RSASignature.php new file mode 100644 index 0000000..cf3710d --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/RSASignature.php @@ -0,0 +1,58 @@ +_signature = strval($signature); + return $obj; + } + + /** + * {@inheritdoc} + */ + public function bitString(): BitString + { + return new BitString($this->_signature); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/Signature.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/Signature.php new file mode 100644 index 0000000..75ad8c0 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/Signature.php @@ -0,0 +1,49 @@ +=7.2 +- intl +- mbstring +- [sop/asn1](https://github.com/sop/asn1) + +## Installation + +This library is available on +[Packagist](https://packagist.org/packages/sop/x501). + + composer require sop/x501 + +## License + +This project is licensed under the MIT License. diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/composer.json b/utilities/signing_and_verification/php/vendor/sop/x501/composer.json new file mode 100644 index 0000000..0901490 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/composer.json @@ -0,0 +1,38 @@ +{ + "name": "sop/x501", + "description": "A PHP library for X.501 ASN.1 types, X.520 attributes and DN parsing.", + "homepage": "https://github.com/sop/x501", + "license": "MIT", + "type": "library", + "keywords": [ + "x501", + "x.501", + "x520", + "x.520", + "ldap", + "dn", + "rdn", + "attribute" + ], + "authors": [ + { + "name": "Joni Eskelinen", + "email": "jonieske@gmail.com", + "role": "Developer" + } + ], + "require": { + "php": ">=7.2", + "ext-intl": "*", + "ext-mbstring": "*", + "sop/asn1": "^4.0.0" + }, + "require-dev": { + "phpunit/phpunit": "^8.1" + }, + "autoload": { + "psr-4": { + "Sop\\X501\\": "lib/X501/" + } + } +} \ No newline at end of file diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Attribute.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Attribute.php new file mode 100644 index 0000000..9b3c08a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Attribute.php @@ -0,0 +1,176 @@ +oid() !== $type->oid()) { + throw new \LogicException('Attribute OID mismatch.'); + } + } + $this->_type = $type; + $this->_values = $values; + } + + /** + * Initialize from ASN.1. + * + * @param Sequence $seq + * + * @return self + */ + public static function fromASN1(Sequence $seq): self + { + $type = AttributeType::fromASN1($seq->at(0)->asObjectIdentifier()); + $values = array_map( + function (UnspecifiedType $el) use ($type) { + return AttributeValue::fromASN1ByOID($type->oid(), $el); + }, $seq->at(1)->asSet()->elements()); + return new self($type, ...$values); + } + + /** + * Convenience method to initialize from attribute values. + * + * @param AttributeValue ...$values One or more values + * + * @throws \LogicException + * + * @return self + */ + public static function fromAttributeValues(AttributeValue ...$values): self + { + // we need at least one value to determine OID + if (!count($values)) { + throw new \LogicException('No values.'); + } + $oid = reset($values)->oid(); + return new self(new AttributeType($oid), ...$values); + } + + /** + * Get first value of the attribute. + * + * @throws \LogicException + * + * @return AttributeValue + */ + public function first(): AttributeValue + { + if (!count($this->_values)) { + throw new \LogicException('Attribute contains no values.'); + } + return $this->_values[0]; + } + + /** + * Get all values. + * + * @return AttributeValue[] + */ + public function values(): array + { + return $this->_values; + } + + /** + * Generate ASN.1 structure. + * + * @return Sequence + */ + public function toASN1(): Sequence + { + $values = array_map( + function (AttributeValue $value) { + return $value->toASN1(); + }, $this->_values); + $valueset = new Set(...$values); + return new Sequence($this->_type->toASN1(), $valueset->sortedSetOf()); + } + + /** + * Cast attribute values to another AttributeValue class. + * + * This method is generally used to cast UnknownAttributeValue values + * to specific objects when class is declared outside this package. + * + * The new class must be derived from AttributeValue and have the same OID + * as current attribute values. + * + * @param string $cls AttributeValue class name + * + * @throws \LogicException + * + * @return self + */ + public function castValues(string $cls): self + { + // check that target class derives from AttributeValue + if (!is_subclass_of($cls, AttributeValue::class)) { + throw new \LogicException(sprintf( + '%s must be derived from %s.', $cls, AttributeValue::class)); + } + $values = array_map( + function (AttributeValue $value) use ($cls) { + /** @var AttributeValue $cls Class name as a string */ + $value = $cls::fromSelf($value); + if ($value->oid() !== $this->oid()) { + throw new \LogicException('Attribute OID mismatch.'); + } + return $value; + }, $this->_values); + return self::fromAttributeValues(...$values); + } + + /** + * @see \Countable::count() + * + * @return int + */ + public function count(): int + { + return count($this->_values); + } + + /** + * @see \IteratorAggregate::getIterator() + * + * @return \ArrayIterator + */ + public function getIterator(): \ArrayIterator + { + return new \ArrayIterator($this->_values); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeType.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeType.php new file mode 100644 index 0000000..c9c58d4 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeType.php @@ -0,0 +1,457 @@ + Element::TYPE_PRINTABLE_STRING, + self::OID_COUNTRY_NAME => Element::TYPE_PRINTABLE_STRING, + self::OID_SERIAL_NUMBER => Element::TYPE_PRINTABLE_STRING, + ]; + + /** + * OID to attribute names mapping. + * + * First name is the primary name. If there's more than one name, others may + * be used as an alias. + * + * Generated using ldap-attribs.py. + * + * @internal + * + * @var array + */ + const MAP_OID_TO_NAME = [ + '0.9.2342.19200300.100.1.1' => ['uid', 'userid'], + '0.9.2342.19200300.100.1.2' => ['textEncodedORAddress'], + '0.9.2342.19200300.100.1.3' => ['mail', 'rfc822Mailbox'], + '0.9.2342.19200300.100.1.4' => ['info'], + '0.9.2342.19200300.100.1.5' => ['drink', 'favouriteDrink'], + '0.9.2342.19200300.100.1.6' => ['roomNumber'], + '0.9.2342.19200300.100.1.7' => ['photo'], + '0.9.2342.19200300.100.1.8' => ['userClass'], + '0.9.2342.19200300.100.1.9' => ['host'], + '0.9.2342.19200300.100.1.10' => ['manager'], + '0.9.2342.19200300.100.1.11' => ['documentIdentifier'], + '0.9.2342.19200300.100.1.12' => ['documentTitle'], + '0.9.2342.19200300.100.1.13' => ['documentVersion'], + '0.9.2342.19200300.100.1.14' => ['documentAuthor'], + '0.9.2342.19200300.100.1.15' => ['documentLocation'], + '0.9.2342.19200300.100.1.20' => ['homePhone', 'homeTelephoneNumber'], + '0.9.2342.19200300.100.1.21' => ['secretary'], + '0.9.2342.19200300.100.1.22' => ['otherMailbox'], + '0.9.2342.19200300.100.1.25' => ['dc', 'domainComponent'], + '0.9.2342.19200300.100.1.26' => ['aRecord'], + '0.9.2342.19200300.100.1.27' => ['mDRecord'], + '0.9.2342.19200300.100.1.28' => ['mXRecord'], + '0.9.2342.19200300.100.1.29' => ['nSRecord'], + '0.9.2342.19200300.100.1.30' => ['sOARecord'], + '0.9.2342.19200300.100.1.31' => ['cNAMERecord'], + '0.9.2342.19200300.100.1.37' => ['associatedDomain'], + '0.9.2342.19200300.100.1.38' => ['associatedName'], + '0.9.2342.19200300.100.1.39' => ['homePostalAddress'], + '0.9.2342.19200300.100.1.40' => ['personalTitle'], + '0.9.2342.19200300.100.1.41' => ['mobile', 'mobileTelephoneNumber'], + '0.9.2342.19200300.100.1.42' => ['pager', 'pagerTelephoneNumber'], + '0.9.2342.19200300.100.1.43' => ['co', 'friendlyCountryName'], + '0.9.2342.19200300.100.1.44' => ['uniqueIdentifier'], + '0.9.2342.19200300.100.1.45' => ['organizationalStatus'], + '0.9.2342.19200300.100.1.46' => ['janetMailbox'], + '0.9.2342.19200300.100.1.47' => ['mailPreferenceOption'], + '0.9.2342.19200300.100.1.48' => ['buildingName'], + '0.9.2342.19200300.100.1.49' => ['dSAQuality'], + '0.9.2342.19200300.100.1.50' => ['singleLevelQuality'], + '0.9.2342.19200300.100.1.51' => ['subtreeMinimumQuality'], + '0.9.2342.19200300.100.1.52' => ['subtreeMaximumQuality'], + '0.9.2342.19200300.100.1.53' => ['personalSignature'], + '0.9.2342.19200300.100.1.54' => ['dITRedirect'], + '0.9.2342.19200300.100.1.55' => ['audio'], + '0.9.2342.19200300.100.1.56' => ['documentPublisher'], + '0.9.2342.19200300.100.1.60' => ['jpegPhoto'], + '1.2.840.113549.1.9.1' => ['email', 'emailAddress', 'pkcs9email'], + '1.2.840.113556.1.2.102' => ['memberOf'], + '1.3.6.1.1.1.1.0' => ['uidNumber'], + '1.3.6.1.1.1.1.1' => ['gidNumber'], + '1.3.6.1.1.1.1.2' => ['gecos'], + '1.3.6.1.1.1.1.3' => ['homeDirectory'], + '1.3.6.1.1.1.1.4' => ['loginShell'], + '1.3.6.1.1.1.1.5' => ['shadowLastChange'], + '1.3.6.1.1.1.1.6' => ['shadowMin'], + '1.3.6.1.1.1.1.7' => ['shadowMax'], + '1.3.6.1.1.1.1.8' => ['shadowWarning'], + '1.3.6.1.1.1.1.9' => ['shadowInactive'], + '1.3.6.1.1.1.1.10' => ['shadowExpire'], + '1.3.6.1.1.1.1.11' => ['shadowFlag'], + '1.3.6.1.1.1.1.12' => ['memberUid'], + '1.3.6.1.1.1.1.13' => ['memberNisNetgroup'], + '1.3.6.1.1.1.1.14' => ['nisNetgroupTriple'], + '1.3.6.1.1.1.1.15' => ['ipServicePort'], + '1.3.6.1.1.1.1.16' => ['ipServiceProtocol'], + '1.3.6.1.1.1.1.17' => ['ipProtocolNumber'], + '1.3.6.1.1.1.1.18' => ['oncRpcNumber'], + '1.3.6.1.1.1.1.19' => ['ipHostNumber'], + '1.3.6.1.1.1.1.20' => ['ipNetworkNumber'], + '1.3.6.1.1.1.1.21' => ['ipNetmaskNumber'], + '1.3.6.1.1.1.1.22' => ['macAddress'], + '1.3.6.1.1.1.1.23' => ['bootParameter'], + '1.3.6.1.1.1.1.24' => ['bootFile'], + '1.3.6.1.1.1.1.26' => ['nisMapName'], + '1.3.6.1.1.1.1.27' => ['nisMapEntry'], + '1.3.6.1.1.4' => ['vendorName'], + '1.3.6.1.1.5' => ['vendorVersion'], + '1.3.6.1.1.16.4' => ['entryUUID'], + '1.3.6.1.1.20' => ['entryDN'], + '2.5.4.0' => ['objectClass'], + '2.5.4.1' => ['aliasedObjectName', 'aliasedEntryName'], + '2.5.4.2' => ['knowledgeInformation'], + '2.5.4.3' => ['cn', 'commonName'], + '2.5.4.4' => ['sn', 'surname'], + '2.5.4.5' => ['serialNumber'], + '2.5.4.6' => ['c', 'countryName'], + '2.5.4.7' => ['l', 'localityName'], + '2.5.4.8' => ['st', 'stateOrProvinceName'], + '2.5.4.9' => ['street', 'streetAddress'], + '2.5.4.10' => ['o', 'organizationName'], + '2.5.4.11' => ['ou', 'organizationalUnitName'], + '2.5.4.12' => ['title'], + '2.5.4.13' => ['description'], + '2.5.4.14' => ['searchGuide'], + '2.5.4.15' => ['businessCategory'], + '2.5.4.16' => ['postalAddress'], + '2.5.4.17' => ['postalCode'], + '2.5.4.18' => ['postOfficeBox'], + '2.5.4.19' => ['physicalDeliveryOfficeName'], + '2.5.4.20' => ['telephoneNumber'], + '2.5.4.21' => ['telexNumber'], + '2.5.4.22' => ['teletexTerminalIdentifier'], + '2.5.4.23' => ['facsimileTelephoneNumber', 'fax'], + '2.5.4.24' => ['x121Address'], + '2.5.4.25' => ['internationaliSDNNumber'], + '2.5.4.26' => ['registeredAddress'], + '2.5.4.27' => ['destinationIndicator'], + '2.5.4.28' => ['preferredDeliveryMethod'], + '2.5.4.29' => ['presentationAddress'], + '2.5.4.30' => ['supportedApplicationContext'], + '2.5.4.31' => ['member'], + '2.5.4.32' => ['owner'], + '2.5.4.33' => ['roleOccupant'], + '2.5.4.34' => ['seeAlso'], + '2.5.4.35' => ['userPassword'], + '2.5.4.36' => ['userCertificate'], + '2.5.4.37' => ['cACertificate'], + '2.5.4.38' => ['authorityRevocationList'], + '2.5.4.39' => ['certificateRevocationList'], + '2.5.4.40' => ['crossCertificatePair'], + '2.5.4.41' => ['name'], + '2.5.4.42' => ['givenName', 'gn'], + '2.5.4.43' => ['initials'], + '2.5.4.44' => ['generationQualifier'], + '2.5.4.45' => ['x500UniqueIdentifier'], + '2.5.4.46' => ['dnQualifier'], + '2.5.4.47' => ['enhancedSearchGuide'], + '2.5.4.48' => ['protocolInformation'], + '2.5.4.49' => ['distinguishedName'], + '2.5.4.50' => ['uniqueMember'], + '2.5.4.51' => ['houseIdentifier'], + '2.5.4.52' => ['supportedAlgorithms'], + '2.5.4.53' => ['deltaRevocationList'], + '2.5.4.54' => ['dmdName'], + '2.5.4.65' => ['pseudonym'], + '2.5.18.1' => ['createTimestamp'], + '2.5.18.2' => ['modifyTimestamp'], + '2.5.18.3' => ['creatorsName'], + '2.5.18.4' => ['modifiersName'], + '2.5.18.5' => ['administrativeRole'], + '2.5.18.6' => ['subtreeSpecification'], + '2.5.18.9' => ['hasSubordinates'], + '2.5.18.10' => ['subschemaSubentry'], + '2.5.21.1' => ['dITStructureRules'], + '2.5.21.2' => ['dITContentRules'], + '2.5.21.4' => ['matchingRules'], + '2.5.21.5' => ['attributeTypes'], + '2.5.21.6' => ['objectClasses'], + '2.5.21.7' => ['nameForms'], + '2.5.21.8' => ['matchingRuleUse'], + '2.5.21.9' => ['structuralObjectClass'], + '2.16.840.1.113730.3.1.1' => ['carLicense'], + '2.16.840.1.113730.3.1.2' => ['departmentNumber'], + '2.16.840.1.113730.3.1.3' => ['employeeNumber'], + '2.16.840.1.113730.3.1.4' => ['employeeType'], + '2.16.840.1.113730.3.1.34' => ['ref'], + '2.16.840.1.113730.3.1.39' => ['preferredLanguage'], + '2.16.840.1.113730.3.1.40' => ['userSMIMECertificate'], + '2.16.840.1.113730.3.1.216' => ['userPKCS12'], + '2.16.840.1.113730.3.1.241' => ['displayName'], + ]; + + /** + * OID of the attribute. + * + * @var string + */ + protected $_oid; + + /** + * Constructor. + * + * @param string $oid OID in dotted format + */ + public function __construct(string $oid) + { + $this->_oid = $oid; + } + + /** + * Initialize from ASN.1. + * + * @param ObjectIdentifier $oi + * + * @return self + */ + public static function fromASN1(ObjectIdentifier $oi): self + { + return new self($oi->oid()); + } + + /** + * Initialize from attribute name. + * + * @param string $name + * + * @return self + */ + public static function fromName(string $name): self + { + $oid = self::attrNameToOID($name); + return new self($oid); + } + + /** + * Get OID of the attribute. + * + * @return string OID in dotted format + */ + public function oid(): string + { + return $this->_oid; + } + + /** + * Get name of the attribute. + * + * @return string + */ + public function typeName(): string + { + if (array_key_exists($this->_oid, self::MAP_OID_TO_NAME)) { + return self::MAP_OID_TO_NAME[$this->_oid][0]; + } + return $this->_oid; + } + + /** + * Generate ASN.1 element. + * + * @return ObjectIdentifier + */ + public function toASN1(): ObjectIdentifier + { + return new ObjectIdentifier($this->_oid); + } + + /** + * Convert attribute name to OID. + * + * @param string $name Primary attribute name or an alias + * + * @throws \OutOfBoundsException + * + * @return string OID in dotted format + */ + public static function attrNameToOID(string $name): string + { + // if already in OID form + if (preg_match('/^[0-9]+(?:\.[0-9]+)*$/', $name)) { + return $name; + } + $map = self::_oidReverseMap(); + $k = strtolower($name); + if (!isset($map[$k])) { + throw new \OutOfBoundsException("No OID for {$name}."); + } + return $map[$k]; + } + + /** + * Get ASN.1 string for given attribute type. + * + * @param string $oid Attribute OID + * @param string $str String + * + * @throws \LogicException + * + * @return StringType + */ + public static function asn1StringForType(string $oid, string $str): StringType + { + if (!array_key_exists($oid, self::MAP_ATTR_TO_STR_TYPE)) { + return new UTF8String($str); + } + switch (self::MAP_ATTR_TO_STR_TYPE[$oid]) { + case Element::TYPE_PRINTABLE_STRING: + return new PrintableString($str); + // @codeCoverageIgnoreStart + default: + // only reachable during development + throw new \LogicException(); + } + // @codeCoverageIgnoreEnd + } + + /** + * Get name to OID lookup map. + * + * @return array + */ + private static function _oidReverseMap(): array + { + static $map; + if (!isset($map)) { + $map = []; + // for each attribute type + foreach (self::MAP_OID_TO_NAME as $oid => $names) { + // for primary name and aliases + foreach ($names as $name) { + $map[strtolower($name)] = $oid; + } + } + } + return $map; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeTypeAndValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeTypeAndValue.php new file mode 100644 index 0000000..6806d4a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeTypeAndValue.php @@ -0,0 +1,128 @@ +_type = $type; + $this->_value = $value; + } + + /** + * @return string + */ + public function __toString() + { + return $this->toString(); + } + + /** + * Initialize from ASN.1. + * + * @param Sequence $seq + * + * @return self + */ + public static function fromASN1(Sequence $seq): self + { + $type = AttributeType::fromASN1($seq->at(0)->asObjectIdentifier()); + $value = AttributeValue::fromASN1ByOID($type->oid(), $seq->at(1)); + return new self($type, $value); + } + + /** + * Convenience method to initialize from attribute value. + * + * @param AttributeValue $value Attribute value + * + * @return self + */ + public static function fromAttributeValue(AttributeValue $value): self + { + return new self(new AttributeType($value->oid()), $value); + } + + /** + * Get attribute value. + * + * @return AttributeValue + */ + public function value(): AttributeValue + { + return $this->_value; + } + + /** + * Generate ASN.1 structure. + * + * @return Sequence + */ + public function toASN1(): Sequence + { + return new Sequence($this->_type->toASN1(), $this->_value->toASN1()); + } + + /** + * Get attributeTypeAndValue string conforming to RFC 2253. + * + * @see https://tools.ietf.org/html/rfc2253#section-2.3 + * + * @return string + */ + public function toString(): string + { + return $this->_type->typeName() . '=' . $this->_value->rfc2253String(); + } + + /** + * Check whether attribute is semantically equal to other. + * + * @param AttributeTypeAndValue $other Object to compare to + * + * @return bool + */ + public function equals(AttributeTypeAndValue $other): bool + { + // check that attribute types match + if ($this->oid() !== $other->oid()) { + return false; + } + $matcher = $this->_value->equalityMatchingRule(); + $result = $matcher->compare($this->_value->stringValue(), + $other->_value->stringValue()); + // match + if ($result) { + return true; + } + // no match or Undefined + return false; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/AttributeValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/AttributeValue.php new file mode 100644 index 0000000..89f061d --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/AttributeValue.php @@ -0,0 +1,174 @@ + CommonNameValue::class, + AttributeType::OID_SURNAME => SurnameValue::class, + AttributeType::OID_SERIAL_NUMBER => SerialNumberValue::class, + AttributeType::OID_COUNTRY_NAME => CountryNameValue::class, + AttributeType::OID_LOCALITY_NAME => LocalityNameValue::class, + AttributeType::OID_STATE_OR_PROVINCE_NAME => StateOrProvinceNameValue::class, + AttributeType::OID_ORGANIZATION_NAME => OrganizationNameValue::class, + AttributeType::OID_ORGANIZATIONAL_UNIT_NAME => OrganizationalUnitNameValue::class, + AttributeType::OID_TITLE => TitleValue::class, + AttributeType::OID_DESCRIPTION => DescriptionValue::class, + AttributeType::OID_NAME => NameValue::class, + AttributeType::OID_GIVEN_NAME => GivenNameValue::class, + AttributeType::OID_PSEUDONYM => PseudonymValue::class, + ]; + + /** + * OID of the attribute type. + * + * @var string + */ + protected $_oid; + + /** + * Get attribute value as an UTF-8 encoded string. + * + * @return string + */ + public function __toString() + { + return $this->_transcodedString(); + } + + /** + * Generate ASN.1 element. + * + * @return Element + */ + abstract public function toASN1(): Element; + + /** + * Get attribute value as a string. + * + * @return string + */ + abstract public function stringValue(): string; + + /** + * Get matching rule for equality comparison. + * + * @return MatchingRule + */ + abstract public function equalityMatchingRule(): MatchingRule; + + /** + * Get attribute value as a string conforming to RFC 2253. + * + * @see https://tools.ietf.org/html/rfc2253#section-2.4 + * + * @return string + */ + abstract public function rfc2253String(): string; + + /** + * Initialize from ASN.1. + * + * @param UnspecifiedType $el + * + * @return self + */ + public static function fromASN1(UnspecifiedType $el): AttributeValue + { + throw new \BadMethodCallException( + 'ASN.1 parsing must be implemented in a concrete class.'); + } + + /** + * Initialize from ASN.1 with given OID hint. + * + * @param string $oid Attribute's OID + * @param UnspecifiedType $el + * + * @return self + */ + public static function fromASN1ByOID(string $oid, UnspecifiedType $el): self + { + if (!array_key_exists($oid, self::MAP_OID_TO_CLASS)) { + return new UnknownAttributeValue($oid, $el->asElement()); + } + $cls = self::MAP_OID_TO_CLASS[$oid]; + return $cls::fromASN1($el); + } + + /** + * Initialize from another AttributeValue. + * + * This method is generally used to cast UnknownAttributeValue to + * specific object when class is declared outside this package. + * + * @param self $obj Instance of AttributeValue + * + * @return self + */ + public static function fromSelf(self $obj): self + { + return static::fromASN1($obj->toASN1()->asUnspecified()); + } + + /** + * Get attribute type's OID. + * + * @return string + */ + public function oid(): string + { + return $this->_oid; + } + + /** + * Get Attribute object with this as a single value. + * + * @return Attribute + */ + public function toAttribute(): Attribute + { + return Attribute::fromAttributeValues($this); + } + + /** + * Get AttributeTypeAndValue object with this as a value. + * + * @return AttributeTypeAndValue + */ + public function toAttributeTypeAndValue(): AttributeTypeAndValue + { + return AttributeTypeAndValue::fromAttributeValue($this); + } + + /** + * Get attribute value as an UTF-8 string conforming to RFC 4518. + * + * @see https://tools.ietf.org/html/rfc4518#section-2.1 + * + * @return string + */ + abstract protected function _transcodedString(): string; +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/CommonNameValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/CommonNameValue.php new file mode 100644 index 0000000..924aa52 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/CommonNameValue.php @@ -0,0 +1,29 @@ +_oid = AttributeType::OID_COMMON_NAME; + parent::__construct($value, $string_tag); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/CountryNameValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/CountryNameValue.php new file mode 100644 index 0000000..4d4f3b1 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/CountryNameValue.php @@ -0,0 +1,27 @@ +_oid = AttributeType::OID_COUNTRY_NAME; + parent::__construct($value); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/DescriptionValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/DescriptionValue.php new file mode 100644 index 0000000..025b19e --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/DescriptionValue.php @@ -0,0 +1,29 @@ +_oid = AttributeType::OID_DESCRIPTION; + parent::__construct($value, $string_tag); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/Feature/DirectoryString.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/Feature/DirectoryString.php new file mode 100644 index 0000000..1d26453 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/Feature/DirectoryString.php @@ -0,0 +1,179 @@ + T61String::class, + self::PRINTABLE => PrintableString::class, + self::UNIVERSAL => UniversalString::class, + self::UTF8 => UTF8String::class, + self::BMP => BMPString::class, + ]; + + /** + * ASN.1 type tag for the chosen syntax. + * + * @var int + */ + protected $_stringTag; + + /** + * String value. + * + * @var string + */ + protected $_string; + + /** + * Constructor. + * + * @param string $value String value + * @param int $string_tag Syntax choice + */ + public function __construct(string $value, int $string_tag) + { + $this->_string = $value; + $this->_stringTag = $string_tag; + } + + /** + * {@inheritdoc} + * + * @return self + */ + public static function fromASN1(UnspecifiedType $el): AttributeValue + { + $tag = $el->tag(); + self::_tagToASN1Class($tag); + return new static($el->asString()->string(), $tag); + } + + /** + * {@inheritdoc} + */ + public function toASN1(): Element + { + $cls = self::_tagToASN1Class($this->_stringTag); + return new $cls($this->_string); + } + + /** + * {@inheritdoc} + */ + public function stringValue(): string + { + return $this->_string; + } + + /** + * {@inheritdoc} + */ + public function equalityMatchingRule(): MatchingRule + { + return new CaseIgnoreMatch($this->_stringTag); + } + + /** + * {@inheritdoc} + */ + public function rfc2253String(): string + { + // TeletexString is encoded as binary + if (self::TELETEX === $this->_stringTag) { + return $this->_transcodedString(); + } + return DNParser::escapeString($this->_transcodedString()); + } + + /** + * {@inheritdoc} + */ + protected function _transcodedString(): string + { + $step = new TranscodeStep($this->_stringTag); + return $step->apply($this->_string); + } + + /** + * Get ASN.1 class name for given DirectoryString type tag. + * + * @param int $tag + * + * @throws \UnexpectedValueException + * + * @return string + */ + private static function _tagToASN1Class(int $tag): string + { + if (!array_key_exists($tag, self::MAP_TAG_TO_CLASS)) { + throw new \UnexpectedValueException( + 'Type ' . Element::tagToName($tag) . + ' is not valid DirectoryString.'); + } + return self::MAP_TAG_TO_CLASS[$tag]; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/Feature/PrintableStringValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/Feature/PrintableStringValue.php new file mode 100644 index 0000000..f9c3e69 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/Feature/PrintableStringValue.php @@ -0,0 +1,88 @@ +_string = $value; + } + + /** + * {@inheritdoc} + * + * @return self + */ + public static function fromASN1(UnspecifiedType $el): AttributeValue + { + return new static($el->asPrintableString()->string()); + } + + /** + * {@inheritdoc} + */ + public function toASN1(): Element + { + return new PrintableString($this->_string); + } + + /** + * {@inheritdoc} + */ + public function stringValue(): string + { + return $this->_string; + } + + /** + * {@inheritdoc} + */ + public function equalityMatchingRule(): MatchingRule + { + // default to caseIgnoreMatch + return new CaseIgnoreMatch(Element::TYPE_PRINTABLE_STRING); + } + + /** + * {@inheritdoc} + */ + public function rfc2253String(): string + { + return DNParser::escapeString($this->_transcodedString()); + } + + /** + * {@inheritdoc} + */ + protected function _transcodedString(): string + { + // PrintableString maps directly to UTF-8 + return $this->_string; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/GivenNameValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/GivenNameValue.php new file mode 100644 index 0000000..593f3b6 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/GivenNameValue.php @@ -0,0 +1,29 @@ +_oid = AttributeType::OID_GIVEN_NAME; + parent::__construct($value, $string_tag); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/LocalityNameValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/LocalityNameValue.php new file mode 100644 index 0000000..a316b7c --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/LocalityNameValue.php @@ -0,0 +1,29 @@ +_oid = AttributeType::OID_LOCALITY_NAME; + parent::__construct($value, $string_tag); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/NameValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/NameValue.php new file mode 100644 index 0000000..de6792d --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/NameValue.php @@ -0,0 +1,29 @@ +_oid = AttributeType::OID_NAME; + parent::__construct($value, $string_tag); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/OrganizationNameValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/OrganizationNameValue.php new file mode 100644 index 0000000..71fd859 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/OrganizationNameValue.php @@ -0,0 +1,29 @@ +_oid = AttributeType::OID_ORGANIZATION_NAME; + parent::__construct($value, $string_tag); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/OrganizationalUnitNameValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/OrganizationalUnitNameValue.php new file mode 100644 index 0000000..a8743d5 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/OrganizationalUnitNameValue.php @@ -0,0 +1,29 @@ +_oid = AttributeType::OID_ORGANIZATIONAL_UNIT_NAME; + parent::__construct($value, $string_tag); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/PseudonymValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/PseudonymValue.php new file mode 100644 index 0000000..674befb --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/PseudonymValue.php @@ -0,0 +1,29 @@ +_oid = AttributeType::OID_PSEUDONYM; + parent::__construct($value, $string_tag); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/SerialNumberValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/SerialNumberValue.php new file mode 100644 index 0000000..8ff3d65 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/SerialNumberValue.php @@ -0,0 +1,27 @@ +_oid = AttributeType::OID_SERIAL_NUMBER; + parent::__construct($value); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/StateOrProvinceNameValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/StateOrProvinceNameValue.php new file mode 100644 index 0000000..7759013 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/StateOrProvinceNameValue.php @@ -0,0 +1,29 @@ +_oid = AttributeType::OID_STATE_OR_PROVINCE_NAME; + parent::__construct($value, $string_tag); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/SurnameValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/SurnameValue.php new file mode 100644 index 0000000..17b3eac --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/SurnameValue.php @@ -0,0 +1,29 @@ +_oid = AttributeType::OID_SURNAME; + parent::__construct($value, $string_tag); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/TitleValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/TitleValue.php new file mode 100644 index 0000000..9467035 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/TitleValue.php @@ -0,0 +1,29 @@ +_oid = AttributeType::OID_TITLE; + parent::__construct($value, $string_tag); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/UnknownAttributeValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/UnknownAttributeValue.php new file mode 100644 index 0000000..c8d0e49 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/UnknownAttributeValue.php @@ -0,0 +1,75 @@ +_oid = $oid; + $this->_element = $el; + } + + /** + * {@inheritdoc} + */ + public function toASN1(): Element + { + return $this->_element; + } + + /** + * {@inheritdoc} + */ + public function stringValue(): string + { + // return DER encoding as a hexstring + return '#' . bin2hex($this->_element->toDER()); + } + + /** + * {@inheritdoc} + */ + public function equalityMatchingRule(): MatchingRule + { + return new BinaryMatch(); + } + + /** + * {@inheritdoc} + */ + public function rfc2253String(): string + { + return $this->stringValue(); + } + + /** + * {@inheritdoc} + */ + protected function _transcodedString(): string + { + return $this->stringValue(); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Collection/AttributeCollection.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Collection/AttributeCollection.php new file mode 100644 index 0000000..14114e6 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Collection/AttributeCollection.php @@ -0,0 +1,221 @@ +_attributes = $attribs; + } + + /** + * Initialize from attribute values. + * + * @param AttributeValue ...$values List of attribute values + * + * @return static + */ + public static function fromAttributeValues(AttributeValue ...$values): self + { + return new static(...array_map( + function (AttributeValue $value) { + return $value->toAttribute(); + }, $values)); + } + + /** + * Check whether attribute is present. + * + * @param string $name OID or attribute name + * + * @return bool + */ + public function has(string $name): bool + { + return null !== $this->_findFirst($name); + } + + /** + * Get first attribute by OID or attribute name. + * + * @param string $name OID or attribute name + * + * @throws \UnexpectedValueException if attribute is not present + * + * @return Attribute + */ + public function firstOf(string $name): Attribute + { + $attr = $this->_findFirst($name); + if (!$attr) { + throw new \UnexpectedValueException("No {$name} attribute."); + } + return $attr; + } + + /** + * Get all attributes of given name. + * + * @param string $name OID or attribute name + * + * @return Attribute[] + */ + public function allOf(string $name): array + { + $oid = AttributeType::attrNameToOID($name); + return array_values( + array_filter($this->_attributes, + function (Attribute $attr) use ($oid) { + return $attr->oid() === $oid; + })); + } + + /** + * Get all attributes. + * + * @return Attribute[] + */ + public function all(): array + { + return $this->_attributes; + } + + /** + * Get self with additional attributes added. + * + * @param Attribute ...$attribs List of attributes to add + * + * @return self + */ + public function withAdditional(Attribute ...$attribs): self + { + $obj = clone $this; + foreach ($attribs as $attr) { + $obj->_attributes[] = $attr; + } + return $obj; + } + + /** + * Get self with single unique attribute added. + * + * All previous attributes of the same type are removed. + * + * @param Attribute $attr Attribute to add + * + * @return self + */ + public function withUnique(Attribute $attr): self + { + $attribs = array_values( + array_filter($this->_attributes, + function (Attribute $a) use ($attr) { + return $a->oid() !== $attr->oid(); + })); + $attribs[] = $attr; + $obj = clone $this; + $obj->_attributes = $attribs; + return $obj; + } + + /** + * Get number of attributes. + * + * @see \Countable::count() + * + * @return int + */ + public function count(): int + { + return count($this->_attributes); + } + + /** + * Get iterator for attributes. + * + * @see \IteratorAggregate::getIterator() + * + * @return \ArrayIterator|Attribute[] + */ + public function getIterator(): \ArrayIterator + { + return new \ArrayIterator($this->_attributes); + } + + /** + * Find first attribute of given name or OID. + * + * @param string $name OID or attribute name + * + * @return null|Attribute + */ + protected function _findFirst(string $name): ?Attribute + { + $oid = AttributeType::attrNameToOID($name); + foreach ($this->_attributes as $attr) { + if ($attr->oid() === $oid) { + return $attr; + } + } + return null; + } + + /** + * Initialize from ASN.1 constructed element. + * + * @param Structure $struct ASN.1 structure + * + * @return static + */ + protected static function _fromASN1Structure(Structure $struct): self + { + return new static(...array_map( + function (UnspecifiedType $el) { + return static::_castAttributeValues( + Attribute::fromASN1($el->asSequence())); + }, $struct->elements())); + } + + /** + * Cast Attribute's AttributeValues to implementation specific objects. + * + * Overridden in derived classes. + * + * @param Attribute $attribute Attribute to cast + * + * @return Attribute + */ + protected static function _castAttributeValues(Attribute $attribute): Attribute + { + // pass through by default + return $attribute; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Collection/SequenceOfAttributes.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Collection/SequenceOfAttributes.php new file mode 100644 index 0000000..9da1419 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Collection/SequenceOfAttributes.php @@ -0,0 +1,44 @@ +toASN1(); + }, $this->_attributes)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Collection/SetOfAttributes.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Collection/SetOfAttributes.php new file mode 100644 index 0000000..e38506c --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Collection/SetOfAttributes.php @@ -0,0 +1,45 @@ +toASN1(); + }, $this->_attributes)); + return $set->sortedSetOf(); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Feature/TypedAttribute.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Feature/TypedAttribute.php new file mode 100644 index 0000000..36c020d --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Feature/TypedAttribute.php @@ -0,0 +1,40 @@ +_type; + } + + /** + * Get OID of the attribute. + * + * @return string + */ + public function oid(): string + { + return $this->_type->oid(); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Name.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Name.php new file mode 100644 index 0000000..f527c2a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Name.php @@ -0,0 +1,227 @@ +_rdns = $rdns; + } + + /** + * @return string + */ + public function __toString() + { + return $this->toString(); + } + + /** + * Initialize from ASN.1. + * + * @param Sequence $seq + * + * @return self + */ + public static function fromASN1(Sequence $seq): self + { + $rdns = array_map( + function (UnspecifiedType $el) { + return RDN::fromASN1($el->asSet()); + }, $seq->elements()); + return new self(...$rdns); + } + + /** + * Initialize from distinguished name string. + * + * @see https://tools.ietf.org/html/rfc1779 + * + * @param string $str + * + * @return self + */ + public static function fromString(string $str): self + { + $rdns = []; + foreach (DNParser::parseString($str) as $nameComponent) { + $attribs = []; + foreach ($nameComponent as [$name, $val]) { + $type = AttributeType::fromName($name); + // hexstrings are parsed to ASN.1 elements + if ($val instanceof Element) { + $el = $val; + } else { + $el = AttributeType::asn1StringForType($type->oid(), $val); + } + $value = AttributeValue::fromASN1ByOID($type->oid(), + $el->asUnspecified()); + $attribs[] = new AttributeTypeAndValue($type, $value); + } + $rdns[] = new RDN(...$attribs); + } + return new self(...$rdns); + } + + /** + * Generate ASN.1 structure. + * + * @return Sequence + */ + public function toASN1(): Sequence + { + $elements = array_map( + function (RDN $rdn) { + return $rdn->toASN1(); + }, $this->_rdns); + return new Sequence(...$elements); + } + + /** + * Get distinguised name string conforming to RFC 2253. + * + * @see https://tools.ietf.org/html/rfc2253#section-2.1 + * + * @return string + */ + public function toString(): string + { + $parts = array_map( + function (RDN $rdn) { + return $rdn->toString(); + }, array_reverse($this->_rdns)); + return implode(',', $parts); + } + + /** + * Whether name is semantically equal to other. + * + * Comparison conforms to RFC 4518 string preparation algorithm. + * + * @see https://tools.ietf.org/html/rfc4518 + * + * @param Name $other Object to compare to + * + * @return bool + */ + public function equals(Name $other): bool + { + // if RDN count doesn't match + if (count($this) !== count($other)) { + return false; + } + for ($i = count($this) - 1; $i >= 0; --$i) { + $rdn1 = $this->_rdns[$i]; + $rdn2 = $other->_rdns[$i]; + if (!$rdn1->equals($rdn2)) { + return false; + } + } + return true; + } + + /** + * Get all RDN objects. + * + * @return RDN[] + */ + public function all(): array + { + return $this->_rdns; + } + + /** + * Get the first AttributeValue of given type. + * + * Relative name components shall be traversed in encoding order, which is + * reversed in regards to the string representation. + * Multi-valued RDN with multiple attributes of the requested type is + * ambiguous and shall throw an exception. + * + * @param string $name Attribute OID or name + * + * @throws \RuntimeException If attribute cannot be resolved + * + * @return AttributeValue + */ + public function firstValueOf(string $name): AttributeValue + { + $oid = AttributeType::attrNameToOID($name); + foreach ($this->_rdns as $rdn) { + $tvs = $rdn->allOf($oid); + if (count($tvs) > 1) { + throw new \RangeException("RDN with multiple {$name} attributes."); + } + if (1 === count($tvs)) { + return $tvs[0]->value(); + } + } + throw new \RangeException("Attribute {$name} not found."); + } + + /** + * @see \Countable::count() + * + * @return int + */ + public function count(): int + { + return count($this->_rdns); + } + + /** + * Get the number of attributes of given type. + * + * @param string $name Attribute OID or name + * + * @return int + */ + public function countOfType(string $name): int + { + $oid = AttributeType::attrNameToOID($name); + return (int) array_sum( + array_map( + function (RDN $rdn) use ($oid): int { + return count($rdn->allOf($oid)); + }, $this->_rdns)); + } + + /** + * @see \IteratorAggregate::getIterator() + * + * @return \ArrayIterator + */ + public function getIterator(): \ArrayIterator + { + return new \ArrayIterator($this->_rdns); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/RDN.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/RDN.php new file mode 100644 index 0000000..2a8b099 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/RDN.php @@ -0,0 +1,187 @@ +_attribs = $attribs; + } + + /** + * @return string + */ + public function __toString() + { + return $this->toString(); + } + + /** + * Convenience method to initialize RDN from AttributeValue objects. + * + * @param AttributeValue ...$values One or more attributes + * + * @return self + */ + public static function fromAttributeValues(AttributeValue ...$values): self + { + $attribs = array_map( + function (AttributeValue $value) { + return new AttributeTypeAndValue( + new AttributeType($value->oid()), $value); + }, $values); + return new self(...$attribs); + } + + /** + * Initialize from ASN.1. + * + * @param Set $set + * + * @return self + */ + public static function fromASN1(Set $set): self + { + $attribs = array_map( + function (UnspecifiedType $el) { + return AttributeTypeAndValue::fromASN1($el->asSequence()); + }, $set->elements()); + return new self(...$attribs); + } + + /** + * Generate ASN.1 structure. + * + * @return Set + */ + public function toASN1(): Set + { + $elements = array_map( + function (AttributeTypeAndValue $tv) { + return $tv->toASN1(); + }, $this->_attribs); + $set = new Set(...$elements); + return $set->sortedSetOf(); + } + + /** + * Get name-component string conforming to RFC 2253. + * + * @see https://tools.ietf.org/html/rfc2253#section-2.2 + * + * @return string + */ + public function toString(): string + { + $parts = array_map( + function (AttributeTypeAndValue $tv) { + return $tv->toString(); + }, $this->_attribs); + return implode('+', $parts); + } + + /** + * Check whether RDN is semantically equal to other. + * + * @param RDN $other Object to compare to + * + * @return bool + */ + public function equals(RDN $other): bool + { + // if attribute count doesn't match + if (count($this) !== count($other)) { + return false; + } + $attribs1 = $this->_attribs; + $attribs2 = $other->_attribs; + // if there's multiple attributes, sort using SET OF rules + if (count($attribs1) > 1) { + $attribs1 = self::fromASN1($this->toASN1())->_attribs; + $attribs2 = self::fromASN1($other->toASN1())->_attribs; + } + for ($i = count($attribs1) - 1; $i >= 0; --$i) { + $tv1 = $attribs1[$i]; + $tv2 = $attribs2[$i]; + if (!$tv1->equals($tv2)) { + return false; + } + } + return true; + } + + /** + * Get all AttributeTypeAndValue objects. + * + * @return AttributeTypeAndValue[] + */ + public function all(): array + { + return $this->_attribs; + } + + /** + * Get all AttributeTypeAndValue objects of the given attribute type. + * + * @param string $name Attribute OID or name + * + * @return AttributeTypeAndValue[] + */ + public function allOf(string $name): array + { + $oid = AttributeType::attrNameToOID($name); + $attribs = array_filter($this->_attribs, + function (AttributeTypeAndValue $tv) use ($oid) { + return $tv->oid() === $oid; + }); + return array_values($attribs); + } + + /** + * @see \Countable::count() + * + * @return int + */ + public function count(): int + { + return count($this->_attribs); + } + + /** + * @see \IteratorAggregate::getIterator() + * + * @return \ArrayIterator + */ + public function getIterator(): \ArrayIterator + { + return new \ArrayIterator($this->_attribs); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/DN/DNParser.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/DN/DNParser.php new file mode 100644 index 0000000..32b3228 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/DN/DNParser.php @@ -0,0 +1,428 @@ +#;'; + + /** + * DN string. + * + * @var string + */ + private $_dn; + + /** + * DN string length. + * + * @var int + */ + private $_len; + + /** + * Constructor. + * + * @param string $dn Distinguised name + */ + protected function __construct(string $dn) + { + $this->_dn = $dn; + $this->_len = strlen($dn); + } + + /** + * Parse distinguished name string to name-components. + * + * @param string $dn + * + * @return array + */ + public static function parseString(string $dn): array + { + $parser = new self($dn); + return $parser->parse(); + } + + /** + * Escape a AttributeValue string conforming to RFC 2253. + * + * @see https://tools.ietf.org/html/rfc2253#section-2.4 + * + * @param string $str + * + * @return string + */ + public static function escapeString(string $str): string + { + // one of the characters ",", "+", """, "\", "<", ">" or ";" + $str = preg_replace('/([,\+"\\\<\>;])/u', '\\\\$1', $str); + // a space character occurring at the end of the string + $str = preg_replace('/( )$/u', '\\\\$1', $str); + // a space or "#" character occurring at the beginning of the string + $str = preg_replace('/^([ #])/u', '\\\\$1', $str); + // implementation specific special characters + $str = preg_replace_callback('/([\pC])/u', + function ($m) { + $octets = str_split(bin2hex($m[1]), 2); + return implode('', + array_map( + function ($octet) { + return '\\' . strtoupper($octet); + }, $octets)); + }, $str); + return $str; + } + + /** + * Parse DN to name-components. + * + * @throws \RuntimeException + * + * @return array + */ + protected function parse(): array + { + $offset = 0; + $name = $this->_parseName($offset); + if ($offset < $this->_len) { + $remains = substr($this->_dn, $offset); + throw new \UnexpectedValueException( + 'Parser finished before the end of string' . + ", remaining: '{$remains}'."); + } + return $name; + } + + /** + * Parse 'name'. + * + * name-component *("," name-component) + * + * @param int $offset + * + * @return array Array of name-components + */ + private function _parseName(int &$offset): array + { + $idx = $offset; + $names = []; + while ($idx < $this->_len) { + $names[] = $this->_parseNameComponent($idx); + if ($idx >= $this->_len) { + break; + } + $this->_skipWs($idx); + if (',' != $this->_dn[$idx] && ';' != $this->_dn[$idx]) { + break; + } + ++$idx; + $this->_skipWs($idx); + } + $offset = $idx; + return array_reverse($names); + } + + /** + * Parse 'name-component'. + * + * attributeTypeAndValue *("+" attributeTypeAndValue) + * + * @param int $offset + * + * @return array Array of [type, value] tuples + */ + private function _parseNameComponent(int &$offset): array + { + $idx = $offset; + $tvpairs = []; + while ($idx < $this->_len) { + $tvpairs[] = $this->_parseAttrTypeAndValue($idx); + $this->_skipWs($idx); + if ($idx >= $this->_len || '+' != $this->_dn[$idx]) { + break; + } + ++$idx; + $this->_skipWs($idx); + } + $offset = $idx; + return $tvpairs; + } + + /** + * Parse 'attributeTypeAndValue'. + * + * attributeType "=" attributeValue + * + * @param int $offset + * + * @throws \UnexpectedValueException + * + * @return array A tuple of [type, value]. Value may be either a string or + * an Element, if it's encoded as hexstring. + */ + private function _parseAttrTypeAndValue(int &$offset): array + { + $idx = $offset; + $type = $this->_parseAttrType($idx); + $this->_skipWs($idx); + if ($idx >= $this->_len || '=' != $this->_dn[$idx++]) { + throw new \UnexpectedValueException('Invalid type and value pair.'); + } + $this->_skipWs($idx); + // hexstring + if ($idx < $this->_len && '#' == $this->_dn[$idx]) { + ++$idx; + $data = $this->_parseAttrHexValue($idx); + try { + $value = Element::fromDER($data); + } catch (DecodeException $e) { + throw new \UnexpectedValueException( + 'Invalid DER encoding from hexstring.', 0, $e); + } + } else { + $value = $this->_parseAttrStringValue($idx); + } + $offset = $idx; + return [$type, $value]; + } + + /** + * Parse 'attributeType'. + * + * (ALPHA 1*keychar) / oid + * + * @param int $offset + * + * @throws \UnexpectedValueException + * + * @return string + */ + private function _parseAttrType(int &$offset): string + { + $idx = $offset; + // dotted OID + $type = $this->_regexMatch('/^(?:oid\.)?([0-9]+(?:\.[0-9]+)*)/i', $idx); + if (null === $type) { + // name + $type = $this->_regexMatch('/^[a-z][a-z0-9\-]*/i', $idx); + if (null === $type) { + throw new \UnexpectedValueException('Invalid attribute type.'); + } + } + $offset = $idx; + return $type; + } + + /** + * Parse 'attributeValue' of string type. + * + * @param int $offset + * + * @throws \UnexpectedValueException + * + * @return string + */ + private function _parseAttrStringValue(int &$offset): string + { + $idx = $offset; + if ($idx >= $this->_len) { + return ''; + } + if ('"' == $this->_dn[$idx]) { // quoted string + $val = $this->_parseQuotedAttrString($idx); + } else { // string + $val = $this->_parseAttrString($idx); + } + $offset = $idx; + return $val; + } + + /** + * Parse plain 'attributeValue' string. + * + * @param int $offset + * + * @throws \UnexpectedValueException + * + * @return string + */ + private function _parseAttrString(int &$offset): string + { + $idx = $offset; + $val = ''; + $wsidx = null; + while ($idx < $this->_len) { + $c = $this->_dn[$idx]; + // pair (escape sequence) + if ('\\' == $c) { + ++$idx; + $val .= $this->_parsePairAfterSlash($idx); + $wsidx = null; + continue; + } + if ('"' == $c) { + throw new \UnexpectedValueException('Unexpected quotation.'); + } + if (false !== strpos(self::SPECIAL_CHARS, $c)) { + break; + } + // keep track of the first consecutive whitespace + if (' ' == $c) { + if (null === $wsidx) { + $wsidx = $idx; + } + } else { + $wsidx = null; + } + // stringchar + $val .= $c; + ++$idx; + } + // if there was non-escaped whitespace in the end of the value + if (null !== $wsidx) { + $val = substr($val, 0, -($idx - $wsidx)); + } + $offset = $idx; + return $val; + } + + /** + * Parse quoted 'attributeValue' string. + * + * @param int $offset Offset to starting quote + * + * @throws \UnexpectedValueException + * + * @return string + */ + private function _parseQuotedAttrString(int &$offset): string + { + $idx = $offset + 1; + $val = ''; + while ($idx < $this->_len) { + $c = $this->_dn[$idx]; + if ('\\' == $c) { // pair + ++$idx; + $val .= $this->_parsePairAfterSlash($idx); + continue; + } + if ('"' == $c) { + ++$idx; + break; + } + $val .= $c; + ++$idx; + } + $offset = $idx; + return $val; + } + + /** + * Parse 'attributeValue' of binary type. + * + * @param int $offset + * + * @throws \UnexpectedValueException + * + * @return string + */ + private function _parseAttrHexValue(int &$offset): string + { + $idx = $offset; + $hexstr = $this->_regexMatch('/^(?:[0-9a-f]{2})+/i', $idx); + if (null === $hexstr) { + throw new \UnexpectedValueException('Invalid hexstring.'); + } + $data = hex2bin($hexstr); + $offset = $idx; + return $data; + } + + /** + * Parse 'pair' after leading slash. + * + * @param int $offset + * + * @throws \UnexpectedValueException + * + * @return string + */ + private function _parsePairAfterSlash(int &$offset): string + { + $idx = $offset; + if ($idx >= $this->_len) { + throw new \UnexpectedValueException( + 'Unexpected end of escape sequence.'); + } + $c = $this->_dn[$idx++]; + // special | \ | " | SPACE + if (false !== strpos(self::SPECIAL_CHARS . '\\" ', $c)) { + $val = $c; + } else { // hexpair + if ($idx >= $this->_len) { + throw new \UnexpectedValueException('Unexpected end of hexpair.'); + } + $val = @hex2bin($c . $this->_dn[$idx++]); + if (false === $val) { + throw new \UnexpectedValueException('Invalid hexpair.'); + } + } + $offset = $idx; + return $val; + } + + /** + * Match DN to pattern and extract the last capture group. + * + * Updates offset to fully matched pattern. + * + * @param string $pattern + * @param int $offset + * + * @return null|string Null if pattern doesn't match + */ + private function _regexMatch(string $pattern, int &$offset): ?string + { + $idx = $offset; + if (!preg_match($pattern, substr($this->_dn, $idx), $match)) { + return null; + } + $idx += strlen($match[0]); + $offset = $idx; + return end($match); + } + + /** + * Skip consecutive spaces. + * + * @param int $offset + */ + private function _skipWs(int &$offset): void + { + $idx = $offset; + while ($idx < $this->_len) { + if (' ' != $this->_dn[$idx]) { + break; + } + ++$idx; + } + $offset = $idx; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/MatchingRule/BinaryMatch.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/MatchingRule/BinaryMatch.php new file mode 100644 index 0000000..34af3c6 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/MatchingRule/BinaryMatch.php @@ -0,0 +1,21 @@ +withCaseFolding(true)); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/MatchingRule/MatchingRule.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/MatchingRule/MatchingRule.php new file mode 100644 index 0000000..9997547 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/MatchingRule/MatchingRule.php @@ -0,0 +1,24 @@ +_prep = $preparer; + } + + /** + * {@inheritdoc} + */ + public function compare($assertion, $value): ?bool + { + $assertion = $this->_prep->prepare($assertion); + $value = $this->_prep->prepare($value); + return 0 === strcmp($assertion, $value); + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/CheckBidiStep.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/CheckBidiStep.php new file mode 100644 index 0000000..9f65487 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/CheckBidiStep.php @@ -0,0 +1,25 @@ +_fold = $fold_case; + } + + /** + * @param string $string UTF-8 encoded string + * + * @return string + */ + public function apply(string $string): string + { + // @todo Implement character mappings + if ($this->_fold) { + $string = mb_convert_case($string, MB_CASE_LOWER, 'UTF-8'); + } + return $string; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/NormalizeStep.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/NormalizeStep.php new file mode 100644 index 0000000..fbca4fb --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/NormalizeStep.php @@ -0,0 +1,24 @@ +_steps = $steps; + } + + /** + * Get default instance for given string type. + * + * @param int $string_type ASN.1 string type tag. + * + * @return self + */ + public static function forStringType(int $string_type): self + { + $steps = [ + self::STEP_TRANSCODE => new TranscodeStep($string_type), + self::STEP_MAP => new MapStep(), + self::STEP_NORMALIZE => new NormalizeStep(), + self::STEP_PROHIBIT => new ProhibitStep(), + self::STEP_CHECK_BIDI => new CheckBidiStep(), + // @todo Vary by string type + self::STEP_INSIGNIFICANT_CHARS => new InsignificantNonSubstringSpaceStep(), + ]; + return new self($steps); + } + + /** + * Get self with case folding set. + * + * @param bool $fold True to apply case folding + * + * @return self + */ + public function withCaseFolding(bool $fold): self + { + $obj = clone $this; + $obj->_steps[self::STEP_MAP] = new MapStep($fold); + return $obj; + } + + /** + * Prepare string. + * + * @param string $string + * + * @return string + */ + public function prepare(string $string): string + { + foreach ($this->_steps as $step) { + $string = $step->apply($string); + } + return $string; + } +} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/TranscodeStep.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/TranscodeStep.php new file mode 100644 index 0000000..3d29fc6 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/TranscodeStep.php @@ -0,0 +1,66 @@ +_type = $type; + } + + /** + * @param string $string String to prepare + * + * @throws \LogicException If string type is not supported + * + * @return string UTF-8 encoded string + */ + public function apply(string $string): string + { + switch ($this->_type) { + // UTF-8 string as is + case Element::TYPE_UTF8_STRING: + return $string; + // PrintableString maps directly to UTF-8 + case Element::TYPE_PRINTABLE_STRING: + return $string; + // UCS-2 to UTF-8 + case Element::TYPE_BMP_STRING: + return mb_convert_encoding($string, 'UTF-8', 'UCS-2BE'); + // UCS-4 to UTF-8 + case Element::TYPE_UNIVERSAL_STRING: + return mb_convert_encoding($string, 'UTF-8', 'UCS-4BE'); + // TeletexString mapping is a local matter. + // We take a shortcut here and encode it as a hexstring. + case Element::TYPE_T61_STRING: + $el = new T61String($string); + return '#' . bin2hex($el->toDER()); + } + throw new \LogicException( + 'Unsupported string type ' . Element::tagToName($this->_type) . '.'); + } +} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/Ctype.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/Ctype.php new file mode 100644 index 0000000..ba75a2c --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/Ctype.php @@ -0,0 +1,232 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Polyfill\Ctype; + +/** + * Ctype implementation through regex. + * + * @internal + * + * @author Gert de Pagter + */ +final class Ctype +{ + /** + * Returns TRUE if every character in text is either a letter or a digit, FALSE otherwise. + * + * @see https://php.net/ctype-alnum + * + * @param mixed $text + * + * @return bool + */ + public static function ctype_alnum($text) + { + $text = self::convert_int_to_char_for_ctype($text, __FUNCTION__); + + return \is_string($text) && '' !== $text && !preg_match('/[^A-Za-z0-9]/', $text); + } + + /** + * Returns TRUE if every character in text is a letter, FALSE otherwise. + * + * @see https://php.net/ctype-alpha + * + * @param mixed $text + * + * @return bool + */ + public static function ctype_alpha($text) + { + $text = self::convert_int_to_char_for_ctype($text, __FUNCTION__); + + return \is_string($text) && '' !== $text && !preg_match('/[^A-Za-z]/', $text); + } + + /** + * Returns TRUE if every character in text is a control character from the current locale, FALSE otherwise. + * + * @see https://php.net/ctype-cntrl + * + * @param mixed $text + * + * @return bool + */ + public static function ctype_cntrl($text) + { + $text = self::convert_int_to_char_for_ctype($text, __FUNCTION__); + + return \is_string($text) && '' !== $text && !preg_match('/[^\x00-\x1f\x7f]/', $text); + } + + /** + * Returns TRUE if every character in the string text is a decimal digit, FALSE otherwise. + * + * @see https://php.net/ctype-digit + * + * @param mixed $text + * + * @return bool + */ + public static function ctype_digit($text) + { + $text = self::convert_int_to_char_for_ctype($text, __FUNCTION__); + + return \is_string($text) && '' !== $text && !preg_match('/[^0-9]/', $text); + } + + /** + * Returns TRUE if every character in text is printable and actually creates visible output (no white space), FALSE otherwise. + * + * @see https://php.net/ctype-graph + * + * @param mixed $text + * + * @return bool + */ + public static function ctype_graph($text) + { + $text = self::convert_int_to_char_for_ctype($text, __FUNCTION__); + + return \is_string($text) && '' !== $text && !preg_match('/[^!-~]/', $text); + } + + /** + * Returns TRUE if every character in text is a lowercase letter. + * + * @see https://php.net/ctype-lower + * + * @param mixed $text + * + * @return bool + */ + public static function ctype_lower($text) + { + $text = self::convert_int_to_char_for_ctype($text, __FUNCTION__); + + return \is_string($text) && '' !== $text && !preg_match('/[^a-z]/', $text); + } + + /** + * Returns TRUE if every character in text will actually create output (including blanks). Returns FALSE if text contains control characters or characters that do not have any output or control function at all. + * + * @see https://php.net/ctype-print + * + * @param mixed $text + * + * @return bool + */ + public static function ctype_print($text) + { + $text = self::convert_int_to_char_for_ctype($text, __FUNCTION__); + + return \is_string($text) && '' !== $text && !preg_match('/[^ -~]/', $text); + } + + /** + * Returns TRUE if every character in text is printable, but neither letter, digit or blank, FALSE otherwise. + * + * @see https://php.net/ctype-punct + * + * @param mixed $text + * + * @return bool + */ + public static function ctype_punct($text) + { + $text = self::convert_int_to_char_for_ctype($text, __FUNCTION__); + + return \is_string($text) && '' !== $text && !preg_match('/[^!-\/\:-@\[-`\{-~]/', $text); + } + + /** + * Returns TRUE if every character in text creates some sort of white space, FALSE otherwise. Besides the blank character this also includes tab, vertical tab, line feed, carriage return and form feed characters. + * + * @see https://php.net/ctype-space + * + * @param mixed $text + * + * @return bool + */ + public static function ctype_space($text) + { + $text = self::convert_int_to_char_for_ctype($text, __FUNCTION__); + + return \is_string($text) && '' !== $text && !preg_match('/[^\s]/', $text); + } + + /** + * Returns TRUE if every character in text is an uppercase letter. + * + * @see https://php.net/ctype-upper + * + * @param mixed $text + * + * @return bool + */ + public static function ctype_upper($text) + { + $text = self::convert_int_to_char_for_ctype($text, __FUNCTION__); + + return \is_string($text) && '' !== $text && !preg_match('/[^A-Z]/', $text); + } + + /** + * Returns TRUE if every character in text is a hexadecimal 'digit', that is a decimal digit or a character from [A-Fa-f] , FALSE otherwise. + * + * @see https://php.net/ctype-xdigit + * + * @param mixed $text + * + * @return bool + */ + public static function ctype_xdigit($text) + { + $text = self::convert_int_to_char_for_ctype($text, __FUNCTION__); + + return \is_string($text) && '' !== $text && !preg_match('/[^A-Fa-f0-9]/', $text); + } + + /** + * Converts integers to their char versions according to normal ctype behaviour, if needed. + * + * If an integer between -128 and 255 inclusive is provided, + * it is interpreted as the ASCII value of a single character + * (negative values have 256 added in order to allow characters in the Extended ASCII range). + * Any other integer is interpreted as a string containing the decimal digits of the integer. + * + * @param mixed $int + * @param string $function + * + * @return mixed + */ + private static function convert_int_to_char_for_ctype($int, $function) + { + if (!\is_int($int)) { + return $int; + } + + if ($int < -128 || $int > 255) { + return (string) $int; + } + + if (\PHP_VERSION_ID >= 80100) { + @trigger_error($function.'(): Argument of type int will be interpreted as string in the future', \E_USER_DEPRECATED); + } + + if ($int < 0) { + $int += 256; + } + + return \chr($int); + } +} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/LICENSE b/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/LICENSE new file mode 100644 index 0000000..7536cae --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/LICENSE @@ -0,0 +1,19 @@ +Copyright (c) 2018-present Fabien Potencier + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is furnished +to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/README.md b/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/README.md new file mode 100644 index 0000000..b144d03 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/README.md @@ -0,0 +1,12 @@ +Symfony Polyfill / Ctype +======================== + +This component provides `ctype_*` functions to users who run php versions without the ctype extension. + +More information can be found in the +[main Polyfill README](https://github.com/symfony/polyfill/blob/main/README.md). + +License +======= + +This library is released under the [MIT license](LICENSE). diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/bootstrap.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/bootstrap.php new file mode 100644 index 0000000..d54524b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/bootstrap.php @@ -0,0 +1,50 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +use Symfony\Polyfill\Ctype as p; + +if (\PHP_VERSION_ID >= 80000) { + return require __DIR__.'/bootstrap80.php'; +} + +if (!function_exists('ctype_alnum')) { + function ctype_alnum($text) { return p\Ctype::ctype_alnum($text); } +} +if (!function_exists('ctype_alpha')) { + function ctype_alpha($text) { return p\Ctype::ctype_alpha($text); } +} +if (!function_exists('ctype_cntrl')) { + function ctype_cntrl($text) { return p\Ctype::ctype_cntrl($text); } +} +if (!function_exists('ctype_digit')) { + function ctype_digit($text) { return p\Ctype::ctype_digit($text); } +} +if (!function_exists('ctype_graph')) { + function ctype_graph($text) { return p\Ctype::ctype_graph($text); } +} +if (!function_exists('ctype_lower')) { + function ctype_lower($text) { return p\Ctype::ctype_lower($text); } +} +if (!function_exists('ctype_print')) { + function ctype_print($text) { return p\Ctype::ctype_print($text); } +} +if (!function_exists('ctype_punct')) { + function ctype_punct($text) { return p\Ctype::ctype_punct($text); } +} +if (!function_exists('ctype_space')) { + function ctype_space($text) { return p\Ctype::ctype_space($text); } +} +if (!function_exists('ctype_upper')) { + function ctype_upper($text) { return p\Ctype::ctype_upper($text); } +} +if (!function_exists('ctype_xdigit')) { + function ctype_xdigit($text) { return p\Ctype::ctype_xdigit($text); } +} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/bootstrap80.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/bootstrap80.php new file mode 100644 index 0000000..ab2f861 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/bootstrap80.php @@ -0,0 +1,46 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +use Symfony\Polyfill\Ctype as p; + +if (!function_exists('ctype_alnum')) { + function ctype_alnum(mixed $text): bool { return p\Ctype::ctype_alnum($text); } +} +if (!function_exists('ctype_alpha')) { + function ctype_alpha(mixed $text): bool { return p\Ctype::ctype_alpha($text); } +} +if (!function_exists('ctype_cntrl')) { + function ctype_cntrl(mixed $text): bool { return p\Ctype::ctype_cntrl($text); } +} +if (!function_exists('ctype_digit')) { + function ctype_digit(mixed $text): bool { return p\Ctype::ctype_digit($text); } +} +if (!function_exists('ctype_graph')) { + function ctype_graph(mixed $text): bool { return p\Ctype::ctype_graph($text); } +} +if (!function_exists('ctype_lower')) { + function ctype_lower(mixed $text): bool { return p\Ctype::ctype_lower($text); } +} +if (!function_exists('ctype_print')) { + function ctype_print(mixed $text): bool { return p\Ctype::ctype_print($text); } +} +if (!function_exists('ctype_punct')) { + function ctype_punct(mixed $text): bool { return p\Ctype::ctype_punct($text); } +} +if (!function_exists('ctype_space')) { + function ctype_space(mixed $text): bool { return p\Ctype::ctype_space($text); } +} +if (!function_exists('ctype_upper')) { + function ctype_upper(mixed $text): bool { return p\Ctype::ctype_upper($text); } +} +if (!function_exists('ctype_xdigit')) { + function ctype_xdigit(mixed $text): bool { return p\Ctype::ctype_xdigit($text); } +} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/composer.json b/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/composer.json new file mode 100644 index 0000000..e5c978f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/composer.json @@ -0,0 +1,41 @@ +{ + "name": "symfony/polyfill-ctype", + "type": "library", + "description": "Symfony polyfill for ctype functions", + "keywords": ["polyfill", "compatibility", "portable", "ctype"], + "homepage": "https://symfony.com", + "license": "MIT", + "authors": [ + { + "name": "Gert de Pagter", + "email": "BackEndTea@gmail.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "require": { + "php": ">=7.1" + }, + "provide": { + "ext-ctype": "*" + }, + "autoload": { + "psr-4": { "Symfony\\Polyfill\\Ctype\\": "" }, + "files": [ "bootstrap.php" ] + }, + "suggest": { + "ext-ctype": "For best performance" + }, + "minimum-stability": "dev", + "extra": { + "branch-alias": { + "dev-main": "1.28-dev" + }, + "thanks": { + "name": "symfony/polyfill", + "url": "https://github.com/symfony/polyfill" + } + } +} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/LICENSE b/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/LICENSE new file mode 100644 index 0000000..6e3afce --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/LICENSE @@ -0,0 +1,19 @@ +Copyright (c) 2015-present Fabien Potencier + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is furnished +to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Mbstring.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Mbstring.php new file mode 100644 index 0000000..2e0b969 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Mbstring.php @@ -0,0 +1,947 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Polyfill\Mbstring; + +/** + * Partial mbstring implementation in PHP, iconv based, UTF-8 centric. + * + * Implemented: + * - mb_chr - Returns a specific character from its Unicode code point + * - mb_convert_encoding - Convert character encoding + * - mb_convert_variables - Convert character code in variable(s) + * - mb_decode_mimeheader - Decode string in MIME header field + * - mb_encode_mimeheader - Encode string for MIME header XXX NATIVE IMPLEMENTATION IS REALLY BUGGED + * - mb_decode_numericentity - Decode HTML numeric string reference to character + * - mb_encode_numericentity - Encode character to HTML numeric string reference + * - mb_convert_case - Perform case folding on a string + * - mb_detect_encoding - Detect character encoding + * - mb_get_info - Get internal settings of mbstring + * - mb_http_input - Detect HTTP input character encoding + * - mb_http_output - Set/Get HTTP output character encoding + * - mb_internal_encoding - Set/Get internal character encoding + * - mb_list_encodings - Returns an array of all supported encodings + * - mb_ord - Returns the Unicode code point of a character + * - mb_output_handler - Callback function converts character encoding in output buffer + * - mb_scrub - Replaces ill-formed byte sequences with substitute characters + * - mb_strlen - Get string length + * - mb_strpos - Find position of first occurrence of string in a string + * - mb_strrpos - Find position of last occurrence of a string in a string + * - mb_str_split - Convert a string to an array + * - mb_strtolower - Make a string lowercase + * - mb_strtoupper - Make a string uppercase + * - mb_substitute_character - Set/Get substitution character + * - mb_substr - Get part of string + * - mb_stripos - Finds position of first occurrence of a string within another, case insensitive + * - mb_stristr - Finds first occurrence of a string within another, case insensitive + * - mb_strrchr - Finds the last occurrence of a character in a string within another + * - mb_strrichr - Finds the last occurrence of a character in a string within another, case insensitive + * - mb_strripos - Finds position of last occurrence of a string within another, case insensitive + * - mb_strstr - Finds first occurrence of a string within another + * - mb_strwidth - Return width of string + * - mb_substr_count - Count the number of substring occurrences + * + * Not implemented: + * - mb_convert_kana - Convert "kana" one from another ("zen-kaku", "han-kaku" and more) + * - mb_ereg_* - Regular expression with multibyte support + * - mb_parse_str - Parse GET/POST/COOKIE data and set global variable + * - mb_preferred_mime_name - Get MIME charset string + * - mb_regex_encoding - Returns current encoding for multibyte regex as string + * - mb_regex_set_options - Set/Get the default options for mbregex functions + * - mb_send_mail - Send encoded mail + * - mb_split - Split multibyte string using regular expression + * - mb_strcut - Get part of string + * - mb_strimwidth - Get truncated string with specified width + * + * @author Nicolas Grekas + * + * @internal + */ +final class Mbstring +{ + public const MB_CASE_FOLD = \PHP_INT_MAX; + + private const SIMPLE_CASE_FOLD = [ + ['µ', 'ſ', "\xCD\x85", 'ς', "\xCF\x90", "\xCF\x91", "\xCF\x95", "\xCF\x96", "\xCF\xB0", "\xCF\xB1", "\xCF\xB5", "\xE1\xBA\x9B", "\xE1\xBE\xBE"], + ['μ', 's', 'ι', 'σ', 'β', 'θ', 'φ', 'π', 'κ', 'ρ', 'ε', "\xE1\xB9\xA1", 'ι'], + ]; + + private static $encodingList = ['ASCII', 'UTF-8']; + private static $language = 'neutral'; + private static $internalEncoding = 'UTF-8'; + + public static function mb_convert_encoding($s, $toEncoding, $fromEncoding = null) + { + if (\is_array($fromEncoding) || (null !== $fromEncoding && false !== strpos($fromEncoding, ','))) { + $fromEncoding = self::mb_detect_encoding($s, $fromEncoding); + } else { + $fromEncoding = self::getEncoding($fromEncoding); + } + + $toEncoding = self::getEncoding($toEncoding); + + if ('BASE64' === $fromEncoding) { + $s = base64_decode($s); + $fromEncoding = $toEncoding; + } + + if ('BASE64' === $toEncoding) { + return base64_encode($s); + } + + if ('HTML-ENTITIES' === $toEncoding || 'HTML' === $toEncoding) { + if ('HTML-ENTITIES' === $fromEncoding || 'HTML' === $fromEncoding) { + $fromEncoding = 'Windows-1252'; + } + if ('UTF-8' !== $fromEncoding) { + $s = iconv($fromEncoding, 'UTF-8//IGNORE', $s); + } + + return preg_replace_callback('/[\x80-\xFF]+/', [__CLASS__, 'html_encoding_callback'], $s); + } + + if ('HTML-ENTITIES' === $fromEncoding) { + $s = html_entity_decode($s, \ENT_COMPAT, 'UTF-8'); + $fromEncoding = 'UTF-8'; + } + + return iconv($fromEncoding, $toEncoding.'//IGNORE', $s); + } + + public static function mb_convert_variables($toEncoding, $fromEncoding, &...$vars) + { + $ok = true; + array_walk_recursive($vars, function (&$v) use (&$ok, $toEncoding, $fromEncoding) { + if (false === $v = self::mb_convert_encoding($v, $toEncoding, $fromEncoding)) { + $ok = false; + } + }); + + return $ok ? $fromEncoding : false; + } + + public static function mb_decode_mimeheader($s) + { + return iconv_mime_decode($s, 2, self::$internalEncoding); + } + + public static function mb_encode_mimeheader($s, $charset = null, $transferEncoding = null, $linefeed = null, $indent = null) + { + trigger_error('mb_encode_mimeheader() is bugged. Please use iconv_mime_encode() instead', \E_USER_WARNING); + } + + public static function mb_decode_numericentity($s, $convmap, $encoding = null) + { + if (null !== $s && !\is_scalar($s) && !(\is_object($s) && method_exists($s, '__toString'))) { + trigger_error('mb_decode_numericentity() expects parameter 1 to be string, '.\gettype($s).' given', \E_USER_WARNING); + + return null; + } + + if (!\is_array($convmap) || (80000 > \PHP_VERSION_ID && !$convmap)) { + return false; + } + + if (null !== $encoding && !\is_scalar($encoding)) { + trigger_error('mb_decode_numericentity() expects parameter 3 to be string, '.\gettype($s).' given', \E_USER_WARNING); + + return ''; // Instead of null (cf. mb_encode_numericentity). + } + + $s = (string) $s; + if ('' === $s) { + return ''; + } + + $encoding = self::getEncoding($encoding); + + if ('UTF-8' === $encoding) { + $encoding = null; + if (!preg_match('//u', $s)) { + $s = @iconv('UTF-8', 'UTF-8//IGNORE', $s); + } + } else { + $s = iconv($encoding, 'UTF-8//IGNORE', $s); + } + + $cnt = floor(\count($convmap) / 4) * 4; + + for ($i = 0; $i < $cnt; $i += 4) { + // collector_decode_htmlnumericentity ignores $convmap[$i + 3] + $convmap[$i] += $convmap[$i + 2]; + $convmap[$i + 1] += $convmap[$i + 2]; + } + + $s = preg_replace_callback('/&#(?:0*([0-9]+)|x0*([0-9a-fA-F]+))(?!&);?/', function (array $m) use ($cnt, $convmap) { + $c = isset($m[2]) ? (int) hexdec($m[2]) : $m[1]; + for ($i = 0; $i < $cnt; $i += 4) { + if ($c >= $convmap[$i] && $c <= $convmap[$i + 1]) { + return self::mb_chr($c - $convmap[$i + 2]); + } + } + + return $m[0]; + }, $s); + + if (null === $encoding) { + return $s; + } + + return iconv('UTF-8', $encoding.'//IGNORE', $s); + } + + public static function mb_encode_numericentity($s, $convmap, $encoding = null, $is_hex = false) + { + if (null !== $s && !\is_scalar($s) && !(\is_object($s) && method_exists($s, '__toString'))) { + trigger_error('mb_encode_numericentity() expects parameter 1 to be string, '.\gettype($s).' given', \E_USER_WARNING); + + return null; + } + + if (!\is_array($convmap) || (80000 > \PHP_VERSION_ID && !$convmap)) { + return false; + } + + if (null !== $encoding && !\is_scalar($encoding)) { + trigger_error('mb_encode_numericentity() expects parameter 3 to be string, '.\gettype($s).' given', \E_USER_WARNING); + + return null; // Instead of '' (cf. mb_decode_numericentity). + } + + if (null !== $is_hex && !\is_scalar($is_hex)) { + trigger_error('mb_encode_numericentity() expects parameter 4 to be boolean, '.\gettype($s).' given', \E_USER_WARNING); + + return null; + } + + $s = (string) $s; + if ('' === $s) { + return ''; + } + + $encoding = self::getEncoding($encoding); + + if ('UTF-8' === $encoding) { + $encoding = null; + if (!preg_match('//u', $s)) { + $s = @iconv('UTF-8', 'UTF-8//IGNORE', $s); + } + } else { + $s = iconv($encoding, 'UTF-8//IGNORE', $s); + } + + static $ulenMask = ["\xC0" => 2, "\xD0" => 2, "\xE0" => 3, "\xF0" => 4]; + + $cnt = floor(\count($convmap) / 4) * 4; + $i = 0; + $len = \strlen($s); + $result = ''; + + while ($i < $len) { + $ulen = $s[$i] < "\x80" ? 1 : $ulenMask[$s[$i] & "\xF0"]; + $uchr = substr($s, $i, $ulen); + $i += $ulen; + $c = self::mb_ord($uchr); + + for ($j = 0; $j < $cnt; $j += 4) { + if ($c >= $convmap[$j] && $c <= $convmap[$j + 1]) { + $cOffset = ($c + $convmap[$j + 2]) & $convmap[$j + 3]; + $result .= $is_hex ? sprintf('&#x%X;', $cOffset) : '&#'.$cOffset.';'; + continue 2; + } + } + $result .= $uchr; + } + + if (null === $encoding) { + return $result; + } + + return iconv('UTF-8', $encoding.'//IGNORE', $result); + } + + public static function mb_convert_case($s, $mode, $encoding = null) + { + $s = (string) $s; + if ('' === $s) { + return ''; + } + + $encoding = self::getEncoding($encoding); + + if ('UTF-8' === $encoding) { + $encoding = null; + if (!preg_match('//u', $s)) { + $s = @iconv('UTF-8', 'UTF-8//IGNORE', $s); + } + } else { + $s = iconv($encoding, 'UTF-8//IGNORE', $s); + } + + if (\MB_CASE_TITLE == $mode) { + static $titleRegexp = null; + if (null === $titleRegexp) { + $titleRegexp = self::getData('titleCaseRegexp'); + } + $s = preg_replace_callback($titleRegexp, [__CLASS__, 'title_case'], $s); + } else { + if (\MB_CASE_UPPER == $mode) { + static $upper = null; + if (null === $upper) { + $upper = self::getData('upperCase'); + } + $map = $upper; + } else { + if (self::MB_CASE_FOLD === $mode) { + static $caseFolding = null; + if (null === $caseFolding) { + $caseFolding = self::getData('caseFolding'); + } + $s = strtr($s, $caseFolding); + } + + static $lower = null; + if (null === $lower) { + $lower = self::getData('lowerCase'); + } + $map = $lower; + } + + static $ulenMask = ["\xC0" => 2, "\xD0" => 2, "\xE0" => 3, "\xF0" => 4]; + + $i = 0; + $len = \strlen($s); + + while ($i < $len) { + $ulen = $s[$i] < "\x80" ? 1 : $ulenMask[$s[$i] & "\xF0"]; + $uchr = substr($s, $i, $ulen); + $i += $ulen; + + if (isset($map[$uchr])) { + $uchr = $map[$uchr]; + $nlen = \strlen($uchr); + + if ($nlen == $ulen) { + $nlen = $i; + do { + $s[--$nlen] = $uchr[--$ulen]; + } while ($ulen); + } else { + $s = substr_replace($s, $uchr, $i - $ulen, $ulen); + $len += $nlen - $ulen; + $i += $nlen - $ulen; + } + } + } + } + + if (null === $encoding) { + return $s; + } + + return iconv('UTF-8', $encoding.'//IGNORE', $s); + } + + public static function mb_internal_encoding($encoding = null) + { + if (null === $encoding) { + return self::$internalEncoding; + } + + $normalizedEncoding = self::getEncoding($encoding); + + if ('UTF-8' === $normalizedEncoding || false !== @iconv($normalizedEncoding, $normalizedEncoding, ' ')) { + self::$internalEncoding = $normalizedEncoding; + + return true; + } + + if (80000 > \PHP_VERSION_ID) { + return false; + } + + throw new \ValueError(sprintf('Argument #1 ($encoding) must be a valid encoding, "%s" given', $encoding)); + } + + public static function mb_language($lang = null) + { + if (null === $lang) { + return self::$language; + } + + switch ($normalizedLang = strtolower($lang)) { + case 'uni': + case 'neutral': + self::$language = $normalizedLang; + + return true; + } + + if (80000 > \PHP_VERSION_ID) { + return false; + } + + throw new \ValueError(sprintf('Argument #1 ($language) must be a valid language, "%s" given', $lang)); + } + + public static function mb_list_encodings() + { + return ['UTF-8']; + } + + public static function mb_encoding_aliases($encoding) + { + switch (strtoupper($encoding)) { + case 'UTF8': + case 'UTF-8': + return ['utf8']; + } + + return false; + } + + public static function mb_check_encoding($var = null, $encoding = null) + { + if (PHP_VERSION_ID < 70200 && \is_array($var)) { + trigger_error('mb_check_encoding() expects parameter 1 to be string, array given', \E_USER_WARNING); + + return null; + } + + if (null === $encoding) { + if (null === $var) { + return false; + } + $encoding = self::$internalEncoding; + } + + if (!\is_array($var)) { + return self::mb_detect_encoding($var, [$encoding]) || false !== @iconv($encoding, $encoding, $var); + } + + foreach ($var as $key => $value) { + if (!self::mb_check_encoding($key, $encoding)) { + return false; + } + if (!self::mb_check_encoding($value, $encoding)) { + return false; + } + } + + return true; + + } + + public static function mb_detect_encoding($str, $encodingList = null, $strict = false) + { + if (null === $encodingList) { + $encodingList = self::$encodingList; + } else { + if (!\is_array($encodingList)) { + $encodingList = array_map('trim', explode(',', $encodingList)); + } + $encodingList = array_map('strtoupper', $encodingList); + } + + foreach ($encodingList as $enc) { + switch ($enc) { + case 'ASCII': + if (!preg_match('/[\x80-\xFF]/', $str)) { + return $enc; + } + break; + + case 'UTF8': + case 'UTF-8': + if (preg_match('//u', $str)) { + return 'UTF-8'; + } + break; + + default: + if (0 === strncmp($enc, 'ISO-8859-', 9)) { + return $enc; + } + } + } + + return false; + } + + public static function mb_detect_order($encodingList = null) + { + if (null === $encodingList) { + return self::$encodingList; + } + + if (!\is_array($encodingList)) { + $encodingList = array_map('trim', explode(',', $encodingList)); + } + $encodingList = array_map('strtoupper', $encodingList); + + foreach ($encodingList as $enc) { + switch ($enc) { + default: + if (strncmp($enc, 'ISO-8859-', 9)) { + return false; + } + // no break + case 'ASCII': + case 'UTF8': + case 'UTF-8': + } + } + + self::$encodingList = $encodingList; + + return true; + } + + public static function mb_strlen($s, $encoding = null) + { + $encoding = self::getEncoding($encoding); + if ('CP850' === $encoding || 'ASCII' === $encoding) { + return \strlen($s); + } + + return @iconv_strlen($s, $encoding); + } + + public static function mb_strpos($haystack, $needle, $offset = 0, $encoding = null) + { + $encoding = self::getEncoding($encoding); + if ('CP850' === $encoding || 'ASCII' === $encoding) { + return strpos($haystack, $needle, $offset); + } + + $needle = (string) $needle; + if ('' === $needle) { + if (80000 > \PHP_VERSION_ID) { + trigger_error(__METHOD__.': Empty delimiter', \E_USER_WARNING); + + return false; + } + + return 0; + } + + return iconv_strpos($haystack, $needle, $offset, $encoding); + } + + public static function mb_strrpos($haystack, $needle, $offset = 0, $encoding = null) + { + $encoding = self::getEncoding($encoding); + if ('CP850' === $encoding || 'ASCII' === $encoding) { + return strrpos($haystack, $needle, $offset); + } + + if ($offset != (int) $offset) { + $offset = 0; + } elseif ($offset = (int) $offset) { + if ($offset < 0) { + if (0 > $offset += self::mb_strlen($needle)) { + $haystack = self::mb_substr($haystack, 0, $offset, $encoding); + } + $offset = 0; + } else { + $haystack = self::mb_substr($haystack, $offset, 2147483647, $encoding); + } + } + + $pos = '' !== $needle || 80000 > \PHP_VERSION_ID + ? iconv_strrpos($haystack, $needle, $encoding) + : self::mb_strlen($haystack, $encoding); + + return false !== $pos ? $offset + $pos : false; + } + + public static function mb_str_split($string, $split_length = 1, $encoding = null) + { + if (null !== $string && !\is_scalar($string) && !(\is_object($string) && method_exists($string, '__toString'))) { + trigger_error('mb_str_split() expects parameter 1 to be string, '.\gettype($string).' given', \E_USER_WARNING); + + return null; + } + + if (1 > $split_length = (int) $split_length) { + if (80000 > \PHP_VERSION_ID) { + trigger_error('The length of each segment must be greater than zero', \E_USER_WARNING); + + return false; + } + + throw new \ValueError('Argument #2 ($length) must be greater than 0'); + } + + if (null === $encoding) { + $encoding = mb_internal_encoding(); + } + + if ('UTF-8' === $encoding = self::getEncoding($encoding)) { + $rx = '/('; + while (65535 < $split_length) { + $rx .= '.{65535}'; + $split_length -= 65535; + } + $rx .= '.{'.$split_length.'})/us'; + + return preg_split($rx, $string, -1, \PREG_SPLIT_DELIM_CAPTURE | \PREG_SPLIT_NO_EMPTY); + } + + $result = []; + $length = mb_strlen($string, $encoding); + + for ($i = 0; $i < $length; $i += $split_length) { + $result[] = mb_substr($string, $i, $split_length, $encoding); + } + + return $result; + } + + public static function mb_strtolower($s, $encoding = null) + { + return self::mb_convert_case($s, \MB_CASE_LOWER, $encoding); + } + + public static function mb_strtoupper($s, $encoding = null) + { + return self::mb_convert_case($s, \MB_CASE_UPPER, $encoding); + } + + public static function mb_substitute_character($c = null) + { + if (null === $c) { + return 'none'; + } + if (0 === strcasecmp($c, 'none')) { + return true; + } + if (80000 > \PHP_VERSION_ID) { + return false; + } + if (\is_int($c) || 'long' === $c || 'entity' === $c) { + return false; + } + + throw new \ValueError('Argument #1 ($substitute_character) must be "none", "long", "entity" or a valid codepoint'); + } + + public static function mb_substr($s, $start, $length = null, $encoding = null) + { + $encoding = self::getEncoding($encoding); + if ('CP850' === $encoding || 'ASCII' === $encoding) { + return (string) substr($s, $start, null === $length ? 2147483647 : $length); + } + + if ($start < 0) { + $start = iconv_strlen($s, $encoding) + $start; + if ($start < 0) { + $start = 0; + } + } + + if (null === $length) { + $length = 2147483647; + } elseif ($length < 0) { + $length = iconv_strlen($s, $encoding) + $length - $start; + if ($length < 0) { + return ''; + } + } + + return (string) iconv_substr($s, $start, $length, $encoding); + } + + public static function mb_stripos($haystack, $needle, $offset = 0, $encoding = null) + { + [$haystack, $needle] = str_replace(self::SIMPLE_CASE_FOLD[0], self::SIMPLE_CASE_FOLD[1], [ + self::mb_convert_case($haystack, \MB_CASE_LOWER, $encoding), + self::mb_convert_case($needle, \MB_CASE_LOWER, $encoding), + ]); + + return self::mb_strpos($haystack, $needle, $offset, $encoding); + } + + public static function mb_stristr($haystack, $needle, $part = false, $encoding = null) + { + $pos = self::mb_stripos($haystack, $needle, 0, $encoding); + + return self::getSubpart($pos, $part, $haystack, $encoding); + } + + public static function mb_strrchr($haystack, $needle, $part = false, $encoding = null) + { + $encoding = self::getEncoding($encoding); + if ('CP850' === $encoding || 'ASCII' === $encoding) { + $pos = strrpos($haystack, $needle); + } else { + $needle = self::mb_substr($needle, 0, 1, $encoding); + $pos = iconv_strrpos($haystack, $needle, $encoding); + } + + return self::getSubpart($pos, $part, $haystack, $encoding); + } + + public static function mb_strrichr($haystack, $needle, $part = false, $encoding = null) + { + $needle = self::mb_substr($needle, 0, 1, $encoding); + $pos = self::mb_strripos($haystack, $needle, $encoding); + + return self::getSubpart($pos, $part, $haystack, $encoding); + } + + public static function mb_strripos($haystack, $needle, $offset = 0, $encoding = null) + { + $haystack = self::mb_convert_case($haystack, \MB_CASE_LOWER, $encoding); + $needle = self::mb_convert_case($needle, \MB_CASE_LOWER, $encoding); + + $haystack = str_replace(self::SIMPLE_CASE_FOLD[0], self::SIMPLE_CASE_FOLD[1], $haystack); + $needle = str_replace(self::SIMPLE_CASE_FOLD[0], self::SIMPLE_CASE_FOLD[1], $needle); + + return self::mb_strrpos($haystack, $needle, $offset, $encoding); + } + + public static function mb_strstr($haystack, $needle, $part = false, $encoding = null) + { + $pos = strpos($haystack, $needle); + if (false === $pos) { + return false; + } + if ($part) { + return substr($haystack, 0, $pos); + } + + return substr($haystack, $pos); + } + + public static function mb_get_info($type = 'all') + { + $info = [ + 'internal_encoding' => self::$internalEncoding, + 'http_output' => 'pass', + 'http_output_conv_mimetypes' => '^(text/|application/xhtml\+xml)', + 'func_overload' => 0, + 'func_overload_list' => 'no overload', + 'mail_charset' => 'UTF-8', + 'mail_header_encoding' => 'BASE64', + 'mail_body_encoding' => 'BASE64', + 'illegal_chars' => 0, + 'encoding_translation' => 'Off', + 'language' => self::$language, + 'detect_order' => self::$encodingList, + 'substitute_character' => 'none', + 'strict_detection' => 'Off', + ]; + + if ('all' === $type) { + return $info; + } + if (isset($info[$type])) { + return $info[$type]; + } + + return false; + } + + public static function mb_http_input($type = '') + { + return false; + } + + public static function mb_http_output($encoding = null) + { + return null !== $encoding ? 'pass' === $encoding : 'pass'; + } + + public static function mb_strwidth($s, $encoding = null) + { + $encoding = self::getEncoding($encoding); + + if ('UTF-8' !== $encoding) { + $s = iconv($encoding, 'UTF-8//IGNORE', $s); + } + + $s = preg_replace('/[\x{1100}-\x{115F}\x{2329}\x{232A}\x{2E80}-\x{303E}\x{3040}-\x{A4CF}\x{AC00}-\x{D7A3}\x{F900}-\x{FAFF}\x{FE10}-\x{FE19}\x{FE30}-\x{FE6F}\x{FF00}-\x{FF60}\x{FFE0}-\x{FFE6}\x{20000}-\x{2FFFD}\x{30000}-\x{3FFFD}]/u', '', $s, -1, $wide); + + return ($wide << 1) + iconv_strlen($s, 'UTF-8'); + } + + public static function mb_substr_count($haystack, $needle, $encoding = null) + { + return substr_count($haystack, $needle); + } + + public static function mb_output_handler($contents, $status) + { + return $contents; + } + + public static function mb_chr($code, $encoding = null) + { + if (0x80 > $code %= 0x200000) { + $s = \chr($code); + } elseif (0x800 > $code) { + $s = \chr(0xC0 | $code >> 6).\chr(0x80 | $code & 0x3F); + } elseif (0x10000 > $code) { + $s = \chr(0xE0 | $code >> 12).\chr(0x80 | $code >> 6 & 0x3F).\chr(0x80 | $code & 0x3F); + } else { + $s = \chr(0xF0 | $code >> 18).\chr(0x80 | $code >> 12 & 0x3F).\chr(0x80 | $code >> 6 & 0x3F).\chr(0x80 | $code & 0x3F); + } + + if ('UTF-8' !== $encoding = self::getEncoding($encoding)) { + $s = mb_convert_encoding($s, $encoding, 'UTF-8'); + } + + return $s; + } + + public static function mb_ord($s, $encoding = null) + { + if ('UTF-8' !== $encoding = self::getEncoding($encoding)) { + $s = mb_convert_encoding($s, 'UTF-8', $encoding); + } + + if (1 === \strlen($s)) { + return \ord($s); + } + + $code = ($s = unpack('C*', substr($s, 0, 4))) ? $s[1] : 0; + if (0xF0 <= $code) { + return (($code - 0xF0) << 18) + (($s[2] - 0x80) << 12) + (($s[3] - 0x80) << 6) + $s[4] - 0x80; + } + if (0xE0 <= $code) { + return (($code - 0xE0) << 12) + (($s[2] - 0x80) << 6) + $s[3] - 0x80; + } + if (0xC0 <= $code) { + return (($code - 0xC0) << 6) + $s[2] - 0x80; + } + + return $code; + } + + public static function mb_str_pad(string $string, int $length, string $pad_string = ' ', int $pad_type = \STR_PAD_RIGHT, string $encoding = null): string + { + if (!\in_array($pad_type, [\STR_PAD_RIGHT, \STR_PAD_LEFT, \STR_PAD_BOTH], true)) { + throw new \ValueError('mb_str_pad(): Argument #4 ($pad_type) must be STR_PAD_LEFT, STR_PAD_RIGHT, or STR_PAD_BOTH'); + } + + if (null === $encoding) { + $encoding = self::mb_internal_encoding(); + } + + try { + $validEncoding = @self::mb_check_encoding('', $encoding); + } catch (\ValueError $e) { + throw new \ValueError(sprintf('mb_str_pad(): Argument #5 ($encoding) must be a valid encoding, "%s" given', $encoding)); + } + + // BC for PHP 7.3 and lower + if (!$validEncoding) { + throw new \ValueError(sprintf('mb_str_pad(): Argument #5 ($encoding) must be a valid encoding, "%s" given', $encoding)); + } + + if (self::mb_strlen($pad_string, $encoding) <= 0) { + throw new \ValueError('mb_str_pad(): Argument #3 ($pad_string) must be a non-empty string'); + } + + $paddingRequired = $length - self::mb_strlen($string, $encoding); + + if ($paddingRequired < 1) { + return $string; + } + + switch ($pad_type) { + case \STR_PAD_LEFT: + return self::mb_substr(str_repeat($pad_string, $paddingRequired), 0, $paddingRequired, $encoding).$string; + case \STR_PAD_RIGHT: + return $string.self::mb_substr(str_repeat($pad_string, $paddingRequired), 0, $paddingRequired, $encoding); + default: + $leftPaddingLength = floor($paddingRequired / 2); + $rightPaddingLength = $paddingRequired - $leftPaddingLength; + + return self::mb_substr(str_repeat($pad_string, $leftPaddingLength), 0, $leftPaddingLength, $encoding).$string.self::mb_substr(str_repeat($pad_string, $rightPaddingLength), 0, $rightPaddingLength, $encoding); + } + } + + private static function getSubpart($pos, $part, $haystack, $encoding) + { + if (false === $pos) { + return false; + } + if ($part) { + return self::mb_substr($haystack, 0, $pos, $encoding); + } + + return self::mb_substr($haystack, $pos, null, $encoding); + } + + private static function html_encoding_callback(array $m) + { + $i = 1; + $entities = ''; + $m = unpack('C*', htmlentities($m[0], \ENT_COMPAT, 'UTF-8')); + + while (isset($m[$i])) { + if (0x80 > $m[$i]) { + $entities .= \chr($m[$i++]); + continue; + } + if (0xF0 <= $m[$i]) { + $c = (($m[$i++] - 0xF0) << 18) + (($m[$i++] - 0x80) << 12) + (($m[$i++] - 0x80) << 6) + $m[$i++] - 0x80; + } elseif (0xE0 <= $m[$i]) { + $c = (($m[$i++] - 0xE0) << 12) + (($m[$i++] - 0x80) << 6) + $m[$i++] - 0x80; + } else { + $c = (($m[$i++] - 0xC0) << 6) + $m[$i++] - 0x80; + } + + $entities .= '&#'.$c.';'; + } + + return $entities; + } + + private static function title_case(array $s) + { + return self::mb_convert_case($s[1], \MB_CASE_UPPER, 'UTF-8').self::mb_convert_case($s[2], \MB_CASE_LOWER, 'UTF-8'); + } + + private static function getData($file) + { + if (file_exists($file = __DIR__.'/Resources/unidata/'.$file.'.php')) { + return require $file; + } + + return false; + } + + private static function getEncoding($encoding) + { + if (null === $encoding) { + return self::$internalEncoding; + } + + if ('UTF-8' === $encoding) { + return 'UTF-8'; + } + + $encoding = strtoupper($encoding); + + if ('8BIT' === $encoding || 'BINARY' === $encoding) { + return 'CP850'; + } + + if ('UTF8' === $encoding) { + return 'UTF-8'; + } + + return $encoding; + } +} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/README.md b/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/README.md new file mode 100644 index 0000000..478b40d --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/README.md @@ -0,0 +1,13 @@ +Symfony Polyfill / Mbstring +=========================== + +This component provides a partial, native PHP implementation for the +[Mbstring](https://php.net/mbstring) extension. + +More information can be found in the +[main Polyfill README](https://github.com/symfony/polyfill/blob/main/README.md). + +License +======= + +This library is released under the [MIT license](LICENSE). diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Resources/unidata/caseFolding.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Resources/unidata/caseFolding.php new file mode 100644 index 0000000..512bba0 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Resources/unidata/caseFolding.php @@ -0,0 +1,119 @@ + 'i̇', + 'µ' => 'μ', + 'ſ' => 's', + 'ͅ' => 'ι', + 'ς' => 'σ', + 'ϐ' => 'β', + 'ϑ' => 'θ', + 'ϕ' => 'φ', + 'ϖ' => 'π', + 'ϰ' => 'κ', + 'ϱ' => 'ρ', + 'ϵ' => 'ε', + 'ẛ' => 'ṡ', + 'ι' => 'ι', + 'ß' => 'ss', + 'ʼn' => 'ʼn', + 'ǰ' => 'ǰ', + 'ΐ' => 'ΐ', + 'ΰ' => 'ΰ', + 'և' => 'եւ', + 'ẖ' => 'ẖ', + 'ẗ' => 'ẗ', + 'ẘ' => 'ẘ', + 'ẙ' => 'ẙ', + 'ẚ' => 'aʾ', + 'ẞ' => 'ss', + 'ὐ' => 'ὐ', + 'ὒ' => 'ὒ', + 'ὔ' => 'ὔ', + 'ὖ' => 'ὖ', + 'ᾀ' => 'ἀι', + 'ᾁ' => 'ἁι', + 'ᾂ' => 'ἂι', + 'ᾃ' => 'ἃι', + 'ᾄ' => 'ἄι', + 'ᾅ' => 'ἅι', + 'ᾆ' => 'ἆι', + 'ᾇ' => 'ἇι', + 'ᾈ' => 'ἀι', + 'ᾉ' => 'ἁι', + 'ᾊ' => 'ἂι', + 'ᾋ' => 'ἃι', + 'ᾌ' => 'ἄι', + 'ᾍ' => 'ἅι', + 'ᾎ' => 'ἆι', + 'ᾏ' => 'ἇι', + 'ᾐ' => 'ἠι', + 'ᾑ' => 'ἡι', + 'ᾒ' => 'ἢι', + 'ᾓ' => 'ἣι', + 'ᾔ' => 'ἤι', + 'ᾕ' => 'ἥι', + 'ᾖ' => 'ἦι', + 'ᾗ' => 'ἧι', + 'ᾘ' => 'ἠι', + 'ᾙ' => 'ἡι', + 'ᾚ' => 'ἢι', + 'ᾛ' => 'ἣι', + 'ᾜ' => 'ἤι', + 'ᾝ' => 'ἥι', + 'ᾞ' => 'ἦι', + 'ᾟ' => 'ἧι', + 'ᾠ' => 'ὠι', + 'ᾡ' => 'ὡι', + 'ᾢ' => 'ὢι', + 'ᾣ' => 'ὣι', + 'ᾤ' => 'ὤι', + 'ᾥ' => 'ὥι', + 'ᾦ' => 'ὦι', + 'ᾧ' => 'ὧι', + 'ᾨ' => 'ὠι', + 'ᾩ' => 'ὡι', + 'ᾪ' => 'ὢι', + 'ᾫ' => 'ὣι', + 'ᾬ' => 'ὤι', + 'ᾭ' => 'ὥι', + 'ᾮ' => 'ὦι', + 'ᾯ' => 'ὧι', + 'ᾲ' => 'ὰι', + 'ᾳ' => 'αι', + 'ᾴ' => 'άι', + 'ᾶ' => 'ᾶ', + 'ᾷ' => 'ᾶι', + 'ᾼ' => 'αι', + 'ῂ' => 'ὴι', + 'ῃ' => 'ηι', + 'ῄ' => 'ήι', + 'ῆ' => 'ῆ', + 'ῇ' => 'ῆι', + 'ῌ' => 'ηι', + 'ῒ' => 'ῒ', + 'ῖ' => 'ῖ', + 'ῗ' => 'ῗ', + 'ῢ' => 'ῢ', + 'ῤ' => 'ῤ', + 'ῦ' => 'ῦ', + 'ῧ' => 'ῧ', + 'ῲ' => 'ὼι', + 'ῳ' => 'ωι', + 'ῴ' => 'ώι', + 'ῶ' => 'ῶ', + 'ῷ' => 'ῶι', + 'ῼ' => 'ωι', + 'ff' => 'ff', + 'fi' => 'fi', + 'fl' => 'fl', + 'ffi' => 'ffi', + 'ffl' => 'ffl', + 'ſt' => 'st', + 'st' => 'st', + 'ﬓ' => 'մն', + 'ﬔ' => 'մե', + 'ﬕ' => 'մի', + 'ﬖ' => 'վն', + 'ﬗ' => 'մխ', +]; diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Resources/unidata/lowerCase.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Resources/unidata/lowerCase.php new file mode 100644 index 0000000..fac60b0 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Resources/unidata/lowerCase.php @@ -0,0 +1,1397 @@ + 'a', + 'B' => 'b', + 'C' => 'c', + 'D' => 'd', + 'E' => 'e', + 'F' => 'f', + 'G' => 'g', + 'H' => 'h', + 'I' => 'i', + 'J' => 'j', + 'K' => 'k', + 'L' => 'l', + 'M' => 'm', + 'N' => 'n', + 'O' => 'o', + 'P' => 'p', + 'Q' => 'q', + 'R' => 'r', + 'S' => 's', + 'T' => 't', + 'U' => 'u', + 'V' => 'v', + 'W' => 'w', + 'X' => 'x', + 'Y' => 'y', + 'Z' => 'z', + 'À' => 'à', + 'Á' => 'á', + 'Â' => 'â', + 'Ã' => 'ã', + 'Ä' => 'ä', + 'Å' => 'å', + 'Æ' => 'æ', + 'Ç' => 'ç', + 'È' => 'è', + 'É' => 'é', + 'Ê' => 'ê', + 'Ë' => 'ë', + 'Ì' => 'ì', + 'Í' => 'í', + 'Î' => 'î', + 'Ï' => 'ï', + 'Ð' => 'ð', + 'Ñ' => 'ñ', + 'Ò' => 'ò', + 'Ó' => 'ó', + 'Ô' => 'ô', + 'Õ' => 'õ', + 'Ö' => 'ö', + 'Ø' => 'ø', + 'Ù' => 'ù', + 'Ú' => 'ú', + 'Û' => 'û', + 'Ü' => 'ü', + 'Ý' => 'ý', + 'Þ' => 'þ', + 'Ā' => 'ā', + 'Ă' => 'ă', + 'Ą' => 'ą', + 'Ć' => 'ć', + 'Ĉ' => 'ĉ', + 'Ċ' => 'ċ', + 'Č' => 'č', + 'Ď' => 'ď', + 'Đ' => 'đ', + 'Ē' => 'ē', + 'Ĕ' => 'ĕ', + 'Ė' => 'ė', + 'Ę' => 'ę', + 'Ě' => 'ě', + 'Ĝ' => 'ĝ', + 'Ğ' => 'ğ', + 'Ġ' => 'ġ', + 'Ģ' => 'ģ', + 'Ĥ' => 'ĥ', + 'Ħ' => 'ħ', + 'Ĩ' => 'ĩ', + 'Ī' => 'ī', + 'Ĭ' => 'ĭ', + 'Į' => 'į', + 'İ' => 'i̇', + 'IJ' => 'ij', + 'Ĵ' => 'ĵ', + 'Ķ' => 'ķ', + 'Ĺ' => 'ĺ', + 'Ļ' => 'ļ', + 'Ľ' => 'ľ', + 'Ŀ' => 'ŀ', + 'Ł' => 'ł', + 'Ń' => 'ń', + 'Ņ' => 'ņ', + 'Ň' => 'ň', + 'Ŋ' => 'ŋ', + 'Ō' => 'ō', + 'Ŏ' => 'ŏ', + 'Ő' => 'ő', + 'Œ' => 'œ', + 'Ŕ' => 'ŕ', + 'Ŗ' => 'ŗ', + 'Ř' => 'ř', + 'Ś' => 'ś', + 'Ŝ' => 'ŝ', + 'Ş' => 'ş', + 'Š' => 'š', + 'Ţ' => 'ţ', + 'Ť' => 'ť', + 'Ŧ' => 'ŧ', + 'Ũ' => 'ũ', + 'Ū' => 'ū', + 'Ŭ' => 'ŭ', + 'Ů' => 'ů', + 'Ű' => 'ű', + 'Ų' => 'ų', + 'Ŵ' => 'ŵ', + 'Ŷ' => 'ŷ', + 'Ÿ' => 'ÿ', + 'Ź' => 'ź', + 'Ż' => 'ż', + 'Ž' => 'ž', + 'Ɓ' => 'ɓ', + 'Ƃ' => 'ƃ', + 'Ƅ' => 'ƅ', + 'Ɔ' => 'ɔ', + 'Ƈ' => 'ƈ', + 'Ɖ' => 'ɖ', + 'Ɗ' => 'ɗ', + 'Ƌ' => 'ƌ', + 'Ǝ' => 'ǝ', + 'Ə' => 'ə', + 'Ɛ' => 'ɛ', + 'Ƒ' => 'ƒ', + 'Ɠ' => 'ɠ', + 'Ɣ' => 'ɣ', + 'Ɩ' => 'ɩ', + 'Ɨ' => 'ɨ', + 'Ƙ' => 'ƙ', + 'Ɯ' => 'ɯ', + 'Ɲ' => 'ɲ', + 'Ɵ' => 'ɵ', + 'Ơ' => 'ơ', + 'Ƣ' => 'ƣ', + 'Ƥ' => 'ƥ', + 'Ʀ' => 'ʀ', + 'Ƨ' => 'ƨ', + 'Ʃ' => 'ʃ', + 'Ƭ' => 'ƭ', + 'Ʈ' => 'ʈ', + 'Ư' => 'ư', + 'Ʊ' => 'ʊ', + 'Ʋ' => 'ʋ', + 'Ƴ' => 'ƴ', + 'Ƶ' => 'ƶ', + 'Ʒ' => 'ʒ', + 'Ƹ' => 'ƹ', + 'Ƽ' => 'ƽ', + 'DŽ' => 'dž', + 'Dž' => 'dž', + 'LJ' => 'lj', + 'Lj' => 'lj', + 'NJ' => 'nj', + 'Nj' => 'nj', + 'Ǎ' => 'ǎ', + 'Ǐ' => 'ǐ', + 'Ǒ' => 'ǒ', + 'Ǔ' => 'ǔ', + 'Ǖ' => 'ǖ', + 'Ǘ' => 'ǘ', + 'Ǚ' => 'ǚ', + 'Ǜ' => 'ǜ', + 'Ǟ' => 'ǟ', + 'Ǡ' => 'ǡ', + 'Ǣ' => 'ǣ', + 'Ǥ' => 'ǥ', + 'Ǧ' => 'ǧ', + 'Ǩ' => 'ǩ', + 'Ǫ' => 'ǫ', + 'Ǭ' => 'ǭ', + 'Ǯ' => 'ǯ', + 'DZ' => 'dz', + 'Dz' => 'dz', + 'Ǵ' => 'ǵ', + 'Ƕ' => 'ƕ', + 'Ƿ' => 'ƿ', + 'Ǹ' => 'ǹ', + 'Ǻ' => 'ǻ', + 'Ǽ' => 'ǽ', + 'Ǿ' => 'ǿ', + 'Ȁ' => 'ȁ', + 'Ȃ' => 'ȃ', + 'Ȅ' => 'ȅ', + 'Ȇ' => 'ȇ', + 'Ȉ' => 'ȉ', + 'Ȋ' => 'ȋ', + 'Ȍ' => 'ȍ', + 'Ȏ' => 'ȏ', + 'Ȑ' => 'ȑ', + 'Ȓ' => 'ȓ', + 'Ȕ' => 'ȕ', + 'Ȗ' => 'ȗ', + 'Ș' => 'ș', + 'Ț' => 'ț', + 'Ȝ' => 'ȝ', + 'Ȟ' => 'ȟ', + 'Ƞ' => 'ƞ', + 'Ȣ' => 'ȣ', + 'Ȥ' => 'ȥ', + 'Ȧ' => 'ȧ', + 'Ȩ' => 'ȩ', + 'Ȫ' => 'ȫ', + 'Ȭ' => 'ȭ', + 'Ȯ' => 'ȯ', + 'Ȱ' => 'ȱ', + 'Ȳ' => 'ȳ', + 'Ⱥ' => 'ⱥ', + 'Ȼ' => 'ȼ', + 'Ƚ' => 'ƚ', + 'Ⱦ' => 'ⱦ', + 'Ɂ' => 'ɂ', + 'Ƀ' => 'ƀ', + 'Ʉ' => 'ʉ', + 'Ʌ' => 'ʌ', + 'Ɇ' => 'ɇ', + 'Ɉ' => 'ɉ', + 'Ɋ' => 'ɋ', + 'Ɍ' => 'ɍ', + 'Ɏ' => 'ɏ', + 'Ͱ' => 'ͱ', + 'Ͳ' => 'ͳ', + 'Ͷ' => 'ͷ', + 'Ϳ' => 'ϳ', + 'Ά' => 'ά', + 'Έ' => 'έ', + 'Ή' => 'ή', + 'Ί' => 'ί', + 'Ό' => 'ό', + 'Ύ' => 'ύ', + 'Ώ' => 'ώ', + 'Α' => 'α', + 'Β' => 'β', + 'Γ' => 'γ', + 'Δ' => 'δ', + 'Ε' => 'ε', + 'Ζ' => 'ζ', + 'Η' => 'η', + 'Θ' => 'θ', + 'Ι' => 'ι', + 'Κ' => 'κ', + 'Λ' => 'λ', + 'Μ' => 'μ', + 'Ν' => 'ν', + 'Ξ' => 'ξ', + 'Ο' => 'ο', + 'Π' => 'π', + 'Ρ' => 'ρ', + 'Σ' => 'σ', + 'Τ' => 'τ', + 'Υ' => 'υ', + 'Φ' => 'φ', + 'Χ' => 'χ', + 'Ψ' => 'ψ', + 'Ω' => 'ω', + 'Ϊ' => 'ϊ', + 'Ϋ' => 'ϋ', + 'Ϗ' => 'ϗ', + 'Ϙ' => 'ϙ', + 'Ϛ' => 'ϛ', + 'Ϝ' => 'ϝ', + 'Ϟ' => 'ϟ', + 'Ϡ' => 'ϡ', + 'Ϣ' => 'ϣ', + 'Ϥ' => 'ϥ', + 'Ϧ' => 'ϧ', + 'Ϩ' => 'ϩ', + 'Ϫ' => 'ϫ', + 'Ϭ' => 'ϭ', + 'Ϯ' => 'ϯ', + 'ϴ' => 'θ', + 'Ϸ' => 'ϸ', + 'Ϲ' => 'ϲ', + 'Ϻ' => 'ϻ', + 'Ͻ' => 'ͻ', + 'Ͼ' => 'ͼ', + 'Ͽ' => 'ͽ', + 'Ѐ' => 'ѐ', + 'Ё' => 'ё', + 'Ђ' => 'ђ', + 'Ѓ' => 'ѓ', + 'Є' => 'є', + 'Ѕ' => 'ѕ', + 'І' => 'і', + 'Ї' => 'ї', + 'Ј' => 'ј', + 'Љ' => 'љ', + 'Њ' => 'њ', + 'Ћ' => 'ћ', + 'Ќ' => 'ќ', + 'Ѝ' => 'ѝ', + 'Ў' => 'ў', + 'Џ' => 'џ', + 'А' => 'а', + 'Б' => 'б', + 'В' => 'в', + 'Г' => 'г', + 'Д' => 'д', + 'Е' => 'е', + 'Ж' => 'ж', + 'З' => 'з', + 'И' => 'и', + 'Й' => 'й', + 'К' => 'к', + 'Л' => 'л', + 'М' => 'м', + 'Н' => 'н', + 'О' => 'о', + 'П' => 'п', + 'Р' => 'р', + 'С' => 'с', + 'Т' => 'т', + 'У' => 'у', + 'Ф' => 'ф', + 'Х' => 'х', + 'Ц' => 'ц', + 'Ч' => 'ч', + 'Ш' => 'ш', + 'Щ' => 'щ', + 'Ъ' => 'ъ', + 'Ы' => 'ы', + 'Ь' => 'ь', + 'Э' => 'э', + 'Ю' => 'ю', + 'Я' => 'я', + 'Ѡ' => 'ѡ', + 'Ѣ' => 'ѣ', + 'Ѥ' => 'ѥ', + 'Ѧ' => 'ѧ', + 'Ѩ' => 'ѩ', + 'Ѫ' => 'ѫ', + 'Ѭ' => 'ѭ', + 'Ѯ' => 'ѯ', + 'Ѱ' => 'ѱ', + 'Ѳ' => 'ѳ', + 'Ѵ' => 'ѵ', + 'Ѷ' => 'ѷ', + 'Ѹ' => 'ѹ', + 'Ѻ' => 'ѻ', + 'Ѽ' => 'ѽ', + 'Ѿ' => 'ѿ', + 'Ҁ' => 'ҁ', + 'Ҋ' => 'ҋ', + 'Ҍ' => 'ҍ', + 'Ҏ' => 'ҏ', + 'Ґ' => 'ґ', + 'Ғ' => 'ғ', + 'Ҕ' => 'ҕ', + 'Җ' => 'җ', + 'Ҙ' => 'ҙ', + 'Қ' => 'қ', + 'Ҝ' => 'ҝ', + 'Ҟ' => 'ҟ', + 'Ҡ' => 'ҡ', + 'Ң' => 'ң', + 'Ҥ' => 'ҥ', + 'Ҧ' => 'ҧ', + 'Ҩ' => 'ҩ', + 'Ҫ' => 'ҫ', + 'Ҭ' => 'ҭ', + 'Ү' => 'ү', + 'Ұ' => 'ұ', + 'Ҳ' => 'ҳ', + 'Ҵ' => 'ҵ', + 'Ҷ' => 'ҷ', + 'Ҹ' => 'ҹ', + 'Һ' => 'һ', + 'Ҽ' => 'ҽ', + 'Ҿ' => 'ҿ', + 'Ӏ' => 'ӏ', + 'Ӂ' => 'ӂ', + 'Ӄ' => 'ӄ', + 'Ӆ' => 'ӆ', + 'Ӈ' => 'ӈ', + 'Ӊ' => 'ӊ', + 'Ӌ' => 'ӌ', + 'Ӎ' => 'ӎ', + 'Ӑ' => 'ӑ', + 'Ӓ' => 'ӓ', + 'Ӕ' => 'ӕ', + 'Ӗ' => 'ӗ', + 'Ә' => 'ә', + 'Ӛ' => 'ӛ', + 'Ӝ' => 'ӝ', + 'Ӟ' => 'ӟ', + 'Ӡ' => 'ӡ', + 'Ӣ' => 'ӣ', + 'Ӥ' => 'ӥ', + 'Ӧ' => 'ӧ', + 'Ө' => 'ө', + 'Ӫ' => 'ӫ', + 'Ӭ' => 'ӭ', + 'Ӯ' => 'ӯ', + 'Ӱ' => 'ӱ', + 'Ӳ' => 'ӳ', + 'Ӵ' => 'ӵ', + 'Ӷ' => 'ӷ', + 'Ӹ' => 'ӹ', + 'Ӻ' => 'ӻ', + 'Ӽ' => 'ӽ', + 'Ӿ' => 'ӿ', + 'Ԁ' => 'ԁ', + 'Ԃ' => 'ԃ', + 'Ԅ' => 'ԅ', + 'Ԇ' => 'ԇ', + 'Ԉ' => 'ԉ', + 'Ԋ' => 'ԋ', + 'Ԍ' => 'ԍ', + 'Ԏ' => 'ԏ', + 'Ԑ' => 'ԑ', + 'Ԓ' => 'ԓ', + 'Ԕ' => 'ԕ', + 'Ԗ' => 'ԗ', + 'Ԙ' => 'ԙ', + 'Ԛ' => 'ԛ', + 'Ԝ' => 'ԝ', + 'Ԟ' => 'ԟ', + 'Ԡ' => 'ԡ', + 'Ԣ' => 'ԣ', + 'Ԥ' => 'ԥ', + 'Ԧ' => 'ԧ', + 'Ԩ' => 'ԩ', + 'Ԫ' => 'ԫ', + 'Ԭ' => 'ԭ', + 'Ԯ' => 'ԯ', + 'Ա' => 'ա', + 'Բ' => 'բ', + 'Գ' => 'գ', + 'Դ' => 'դ', + 'Ե' => 'ե', + 'Զ' => 'զ', + 'Է' => 'է', + 'Ը' => 'ը', + 'Թ' => 'թ', + 'Ժ' => 'ժ', + 'Ի' => 'ի', + 'Լ' => 'լ', + 'Խ' => 'խ', + 'Ծ' => 'ծ', + 'Կ' => 'կ', + 'Հ' => 'հ', + 'Ձ' => 'ձ', + 'Ղ' => 'ղ', + 'Ճ' => 'ճ', + 'Մ' => 'մ', + 'Յ' => 'յ', + 'Ն' => 'ն', + 'Շ' => 'շ', + 'Ո' => 'ո', + 'Չ' => 'չ', + 'Պ' => 'պ', + 'Ջ' => 'ջ', + 'Ռ' => 'ռ', + 'Ս' => 'ս', + 'Վ' => 'վ', + 'Տ' => 'տ', + 'Ր' => 'ր', + 'Ց' => 'ց', + 'Ւ' => 'ւ', + 'Փ' => 'փ', + 'Ք' => 'ք', + 'Օ' => 'օ', + 'Ֆ' => 'ֆ', + 'Ⴀ' => 'ⴀ', + 'Ⴁ' => 'ⴁ', + 'Ⴂ' => 'ⴂ', + 'Ⴃ' => 'ⴃ', + 'Ⴄ' => 'ⴄ', + 'Ⴅ' => 'ⴅ', + 'Ⴆ' => 'ⴆ', + 'Ⴇ' => 'ⴇ', + 'Ⴈ' => 'ⴈ', + 'Ⴉ' => 'ⴉ', + 'Ⴊ' => 'ⴊ', + 'Ⴋ' => 'ⴋ', + 'Ⴌ' => 'ⴌ', + 'Ⴍ' => 'ⴍ', + 'Ⴎ' => 'ⴎ', + 'Ⴏ' => 'ⴏ', + 'Ⴐ' => 'ⴐ', + 'Ⴑ' => 'ⴑ', + 'Ⴒ' => 'ⴒ', + 'Ⴓ' => 'ⴓ', + 'Ⴔ' => 'ⴔ', + 'Ⴕ' => 'ⴕ', + 'Ⴖ' => 'ⴖ', + 'Ⴗ' => 'ⴗ', + 'Ⴘ' => 'ⴘ', + 'Ⴙ' => 'ⴙ', + 'Ⴚ' => 'ⴚ', + 'Ⴛ' => 'ⴛ', + 'Ⴜ' => 'ⴜ', + 'Ⴝ' => 'ⴝ', + 'Ⴞ' => 'ⴞ', + 'Ⴟ' => 'ⴟ', + 'Ⴠ' => 'ⴠ', + 'Ⴡ' => 'ⴡ', + 'Ⴢ' => 'ⴢ', + 'Ⴣ' => 'ⴣ', + 'Ⴤ' => 'ⴤ', + 'Ⴥ' => 'ⴥ', + 'Ⴧ' => 'ⴧ', + 'Ⴭ' => 'ⴭ', + 'Ꭰ' => 'ꭰ', + 'Ꭱ' => 'ꭱ', + 'Ꭲ' => 'ꭲ', + 'Ꭳ' => 'ꭳ', + 'Ꭴ' => 'ꭴ', + 'Ꭵ' => 'ꭵ', + 'Ꭶ' => 'ꭶ', + 'Ꭷ' => 'ꭷ', + 'Ꭸ' => 'ꭸ', + 'Ꭹ' => 'ꭹ', + 'Ꭺ' => 'ꭺ', + 'Ꭻ' => 'ꭻ', + 'Ꭼ' => 'ꭼ', + 'Ꭽ' => 'ꭽ', + 'Ꭾ' => 'ꭾ', + 'Ꭿ' => 'ꭿ', + 'Ꮀ' => 'ꮀ', + 'Ꮁ' => 'ꮁ', + 'Ꮂ' => 'ꮂ', + 'Ꮃ' => 'ꮃ', + 'Ꮄ' => 'ꮄ', + 'Ꮅ' => 'ꮅ', + 'Ꮆ' => 'ꮆ', + 'Ꮇ' => 'ꮇ', + 'Ꮈ' => 'ꮈ', + 'Ꮉ' => 'ꮉ', + 'Ꮊ' => 'ꮊ', + 'Ꮋ' => 'ꮋ', + 'Ꮌ' => 'ꮌ', + 'Ꮍ' => 'ꮍ', + 'Ꮎ' => 'ꮎ', + 'Ꮏ' => 'ꮏ', + 'Ꮐ' => 'ꮐ', + 'Ꮑ' => 'ꮑ', + 'Ꮒ' => 'ꮒ', + 'Ꮓ' => 'ꮓ', + 'Ꮔ' => 'ꮔ', + 'Ꮕ' => 'ꮕ', + 'Ꮖ' => 'ꮖ', + 'Ꮗ' => 'ꮗ', + 'Ꮘ' => 'ꮘ', + 'Ꮙ' => 'ꮙ', + 'Ꮚ' => 'ꮚ', + 'Ꮛ' => 'ꮛ', + 'Ꮜ' => 'ꮜ', + 'Ꮝ' => 'ꮝ', + 'Ꮞ' => 'ꮞ', + 'Ꮟ' => 'ꮟ', + 'Ꮠ' => 'ꮠ', + 'Ꮡ' => 'ꮡ', + 'Ꮢ' => 'ꮢ', + 'Ꮣ' => 'ꮣ', + 'Ꮤ' => 'ꮤ', + 'Ꮥ' => 'ꮥ', + 'Ꮦ' => 'ꮦ', + 'Ꮧ' => 'ꮧ', + 'Ꮨ' => 'ꮨ', + 'Ꮩ' => 'ꮩ', + 'Ꮪ' => 'ꮪ', + 'Ꮫ' => 'ꮫ', + 'Ꮬ' => 'ꮬ', + 'Ꮭ' => 'ꮭ', + 'Ꮮ' => 'ꮮ', + 'Ꮯ' => 'ꮯ', + 'Ꮰ' => 'ꮰ', + 'Ꮱ' => 'ꮱ', + 'Ꮲ' => 'ꮲ', + 'Ꮳ' => 'ꮳ', + 'Ꮴ' => 'ꮴ', + 'Ꮵ' => 'ꮵ', + 'Ꮶ' => 'ꮶ', + 'Ꮷ' => 'ꮷ', + 'Ꮸ' => 'ꮸ', + 'Ꮹ' => 'ꮹ', + 'Ꮺ' => 'ꮺ', + 'Ꮻ' => 'ꮻ', + 'Ꮼ' => 'ꮼ', + 'Ꮽ' => 'ꮽ', + 'Ꮾ' => 'ꮾ', + 'Ꮿ' => 'ꮿ', + 'Ᏸ' => 'ᏸ', + 'Ᏹ' => 'ᏹ', + 'Ᏺ' => 'ᏺ', + 'Ᏻ' => 'ᏻ', + 'Ᏼ' => 'ᏼ', + 'Ᏽ' => 'ᏽ', + 'Ა' => 'ა', + 'Ბ' => 'ბ', + 'Გ' => 'გ', + 'Დ' => 'დ', + 'Ე' => 'ე', + 'Ვ' => 'ვ', + 'Ზ' => 'ზ', + 'Თ' => 'თ', + 'Ი' => 'ი', + 'Კ' => 'კ', + 'Ლ' => 'ლ', + 'Მ' => 'მ', + 'Ნ' => 'ნ', + 'Ო' => 'ო', + 'Პ' => 'პ', + 'Ჟ' => 'ჟ', + 'Რ' => 'რ', + 'Ს' => 'ს', + 'Ტ' => 'ტ', + 'Უ' => 'უ', + 'Ფ' => 'ფ', + 'Ქ' => 'ქ', + 'Ღ' => 'ღ', + 'Ყ' => 'ყ', + 'Შ' => 'შ', + 'Ჩ' => 'ჩ', + 'Ც' => 'ც', + 'Ძ' => 'ძ', + 'Წ' => 'წ', + 'Ჭ' => 'ჭ', + 'Ხ' => 'ხ', + 'Ჯ' => 'ჯ', + 'Ჰ' => 'ჰ', + 'Ჱ' => 'ჱ', + 'Ჲ' => 'ჲ', + 'Ჳ' => 'ჳ', + 'Ჴ' => 'ჴ', + 'Ჵ' => 'ჵ', + 'Ჶ' => 'ჶ', + 'Ჷ' => 'ჷ', + 'Ჸ' => 'ჸ', + 'Ჹ' => 'ჹ', + 'Ჺ' => 'ჺ', + 'Ჽ' => 'ჽ', + 'Ჾ' => 'ჾ', + 'Ჿ' => 'ჿ', + 'Ḁ' => 'ḁ', + 'Ḃ' => 'ḃ', + 'Ḅ' => 'ḅ', + 'Ḇ' => 'ḇ', + 'Ḉ' => 'ḉ', + 'Ḋ' => 'ḋ', + 'Ḍ' => 'ḍ', + 'Ḏ' => 'ḏ', + 'Ḑ' => 'ḑ', + 'Ḓ' => 'ḓ', + 'Ḕ' => 'ḕ', + 'Ḗ' => 'ḗ', + 'Ḙ' => 'ḙ', + 'Ḛ' => 'ḛ', + 'Ḝ' => 'ḝ', + 'Ḟ' => 'ḟ', + 'Ḡ' => 'ḡ', + 'Ḣ' => 'ḣ', + 'Ḥ' => 'ḥ', + 'Ḧ' => 'ḧ', + 'Ḩ' => 'ḩ', + 'Ḫ' => 'ḫ', + 'Ḭ' => 'ḭ', + 'Ḯ' => 'ḯ', + 'Ḱ' => 'ḱ', + 'Ḳ' => 'ḳ', + 'Ḵ' => 'ḵ', + 'Ḷ' => 'ḷ', + 'Ḹ' => 'ḹ', + 'Ḻ' => 'ḻ', + 'Ḽ' => 'ḽ', + 'Ḿ' => 'ḿ', + 'Ṁ' => 'ṁ', + 'Ṃ' => 'ṃ', + 'Ṅ' => 'ṅ', + 'Ṇ' => 'ṇ', + 'Ṉ' => 'ṉ', + 'Ṋ' => 'ṋ', + 'Ṍ' => 'ṍ', + 'Ṏ' => 'ṏ', + 'Ṑ' => 'ṑ', + 'Ṓ' => 'ṓ', + 'Ṕ' => 'ṕ', + 'Ṗ' => 'ṗ', + 'Ṙ' => 'ṙ', + 'Ṛ' => 'ṛ', + 'Ṝ' => 'ṝ', + 'Ṟ' => 'ṟ', + 'Ṡ' => 'ṡ', + 'Ṣ' => 'ṣ', + 'Ṥ' => 'ṥ', + 'Ṧ' => 'ṧ', + 'Ṩ' => 'ṩ', + 'Ṫ' => 'ṫ', + 'Ṭ' => 'ṭ', + 'Ṯ' => 'ṯ', + 'Ṱ' => 'ṱ', + 'Ṳ' => 'ṳ', + 'Ṵ' => 'ṵ', + 'Ṷ' => 'ṷ', + 'Ṹ' => 'ṹ', + 'Ṻ' => 'ṻ', + 'Ṽ' => 'ṽ', + 'Ṿ' => 'ṿ', + 'Ẁ' => 'ẁ', + 'Ẃ' => 'ẃ', + 'Ẅ' => 'ẅ', + 'Ẇ' => 'ẇ', + 'Ẉ' => 'ẉ', + 'Ẋ' => 'ẋ', + 'Ẍ' => 'ẍ', + 'Ẏ' => 'ẏ', + 'Ẑ' => 'ẑ', + 'Ẓ' => 'ẓ', + 'Ẕ' => 'ẕ', + 'ẞ' => 'ß', + 'Ạ' => 'ạ', + 'Ả' => 'ả', + 'Ấ' => 'ấ', + 'Ầ' => 'ầ', + 'Ẩ' => 'ẩ', + 'Ẫ' => 'ẫ', + 'Ậ' => 'ậ', + 'Ắ' => 'ắ', + 'Ằ' => 'ằ', + 'Ẳ' => 'ẳ', + 'Ẵ' => 'ẵ', + 'Ặ' => 'ặ', + 'Ẹ' => 'ẹ', + 'Ẻ' => 'ẻ', + 'Ẽ' => 'ẽ', + 'Ế' => 'ế', + 'Ề' => 'ề', + 'Ể' => 'ể', + 'Ễ' => 'ễ', + 'Ệ' => 'ệ', + 'Ỉ' => 'ỉ', + 'Ị' => 'ị', + 'Ọ' => 'ọ', + 'Ỏ' => 'ỏ', + 'Ố' => 'ố', + 'Ồ' => 'ồ', + 'Ổ' => 'ổ', + 'Ỗ' => 'ỗ', + 'Ộ' => 'ộ', + 'Ớ' => 'ớ', + 'Ờ' => 'ờ', + 'Ở' => 'ở', + 'Ỡ' => 'ỡ', + 'Ợ' => 'ợ', + 'Ụ' => 'ụ', + 'Ủ' => 'ủ', + 'Ứ' => 'ứ', + 'Ừ' => 'ừ', + 'Ử' => 'ử', + 'Ữ' => 'ữ', + 'Ự' => 'ự', + 'Ỳ' => 'ỳ', + 'Ỵ' => 'ỵ', + 'Ỷ' => 'ỷ', + 'Ỹ' => 'ỹ', + 'Ỻ' => 'ỻ', + 'Ỽ' => 'ỽ', + 'Ỿ' => 'ỿ', + 'Ἀ' => 'ἀ', + 'Ἁ' => 'ἁ', + 'Ἂ' => 'ἂ', + 'Ἃ' => 'ἃ', + 'Ἄ' => 'ἄ', + 'Ἅ' => 'ἅ', + 'Ἆ' => 'ἆ', + 'Ἇ' => 'ἇ', + 'Ἐ' => 'ἐ', + 'Ἑ' => 'ἑ', + 'Ἒ' => 'ἒ', + 'Ἓ' => 'ἓ', + 'Ἔ' => 'ἔ', + 'Ἕ' => 'ἕ', + 'Ἠ' => 'ἠ', + 'Ἡ' => 'ἡ', + 'Ἢ' => 'ἢ', + 'Ἣ' => 'ἣ', + 'Ἤ' => 'ἤ', + 'Ἥ' => 'ἥ', + 'Ἦ' => 'ἦ', + 'Ἧ' => 'ἧ', + 'Ἰ' => 'ἰ', + 'Ἱ' => 'ἱ', + 'Ἲ' => 'ἲ', + 'Ἳ' => 'ἳ', + 'Ἴ' => 'ἴ', + 'Ἵ' => 'ἵ', + 'Ἶ' => 'ἶ', + 'Ἷ' => 'ἷ', + 'Ὀ' => 'ὀ', + 'Ὁ' => 'ὁ', + 'Ὂ' => 'ὂ', + 'Ὃ' => 'ὃ', + 'Ὄ' => 'ὄ', + 'Ὅ' => 'ὅ', + 'Ὑ' => 'ὑ', + 'Ὓ' => 'ὓ', + 'Ὕ' => 'ὕ', + 'Ὗ' => 'ὗ', + 'Ὠ' => 'ὠ', + 'Ὡ' => 'ὡ', + 'Ὢ' => 'ὢ', + 'Ὣ' => 'ὣ', + 'Ὤ' => 'ὤ', + 'Ὥ' => 'ὥ', + 'Ὦ' => 'ὦ', + 'Ὧ' => 'ὧ', + 'ᾈ' => 'ᾀ', + 'ᾉ' => 'ᾁ', + 'ᾊ' => 'ᾂ', + 'ᾋ' => 'ᾃ', + 'ᾌ' => 'ᾄ', + 'ᾍ' => 'ᾅ', + 'ᾎ' => 'ᾆ', + 'ᾏ' => 'ᾇ', + 'ᾘ' => 'ᾐ', + 'ᾙ' => 'ᾑ', + 'ᾚ' => 'ᾒ', + 'ᾛ' => 'ᾓ', + 'ᾜ' => 'ᾔ', + 'ᾝ' => 'ᾕ', + 'ᾞ' => 'ᾖ', + 'ᾟ' => 'ᾗ', + 'ᾨ' => 'ᾠ', + 'ᾩ' => 'ᾡ', + 'ᾪ' => 'ᾢ', + 'ᾫ' => 'ᾣ', + 'ᾬ' => 'ᾤ', + 'ᾭ' => 'ᾥ', + 'ᾮ' => 'ᾦ', + 'ᾯ' => 'ᾧ', + 'Ᾰ' => 'ᾰ', + 'Ᾱ' => 'ᾱ', + 'Ὰ' => 'ὰ', + 'Ά' => 'ά', + 'ᾼ' => 'ᾳ', + 'Ὲ' => 'ὲ', + 'Έ' => 'έ', + 'Ὴ' => 'ὴ', + 'Ή' => 'ή', + 'ῌ' => 'ῃ', + 'Ῐ' => 'ῐ', + 'Ῑ' => 'ῑ', + 'Ὶ' => 'ὶ', + 'Ί' => 'ί', + 'Ῠ' => 'ῠ', + 'Ῡ' => 'ῡ', + 'Ὺ' => 'ὺ', + 'Ύ' => 'ύ', + 'Ῥ' => 'ῥ', + 'Ὸ' => 'ὸ', + 'Ό' => 'ό', + 'Ὼ' => 'ὼ', + 'Ώ' => 'ώ', + 'ῼ' => 'ῳ', + 'Ω' => 'ω', + 'K' => 'k', + 'Å' => 'å', + 'Ⅎ' => 'ⅎ', + 'Ⅰ' => 'ⅰ', + 'Ⅱ' => 'ⅱ', + 'Ⅲ' => 'ⅲ', + 'Ⅳ' => 'ⅳ', + 'Ⅴ' => 'ⅴ', + 'Ⅵ' => 'ⅵ', + 'Ⅶ' => 'ⅶ', + 'Ⅷ' => 'ⅷ', + 'Ⅸ' => 'ⅸ', + 'Ⅹ' => 'ⅹ', + 'Ⅺ' => 'ⅺ', + 'Ⅻ' => 'ⅻ', + 'Ⅼ' => 'ⅼ', + 'Ⅽ' => 'ⅽ', + 'Ⅾ' => 'ⅾ', + 'Ⅿ' => 'ⅿ', + 'Ↄ' => 'ↄ', + 'Ⓐ' => 'ⓐ', + 'Ⓑ' => 'ⓑ', + 'Ⓒ' => 'ⓒ', + 'Ⓓ' => 'ⓓ', + 'Ⓔ' => 'ⓔ', + 'Ⓕ' => 'ⓕ', + 'Ⓖ' => 'ⓖ', + 'Ⓗ' => 'ⓗ', + 'Ⓘ' => 'ⓘ', + 'Ⓙ' => 'ⓙ', + 'Ⓚ' => 'ⓚ', + 'Ⓛ' => 'ⓛ', + 'Ⓜ' => 'ⓜ', + 'Ⓝ' => 'ⓝ', + 'Ⓞ' => 'ⓞ', + 'Ⓟ' => 'ⓟ', + 'Ⓠ' => 'ⓠ', + 'Ⓡ' => 'ⓡ', + 'Ⓢ' => 'ⓢ', + 'Ⓣ' => 'ⓣ', + 'Ⓤ' => 'ⓤ', + 'Ⓥ' => 'ⓥ', + 'Ⓦ' => 'ⓦ', + 'Ⓧ' => 'ⓧ', + 'Ⓨ' => 'ⓨ', + 'Ⓩ' => 'ⓩ', + 'Ⰰ' => 'ⰰ', + 'Ⰱ' => 'ⰱ', + 'Ⰲ' => 'ⰲ', + 'Ⰳ' => 'ⰳ', + 'Ⰴ' => 'ⰴ', + 'Ⰵ' => 'ⰵ', + 'Ⰶ' => 'ⰶ', + 'Ⰷ' => 'ⰷ', + 'Ⰸ' => 'ⰸ', + 'Ⰹ' => 'ⰹ', + 'Ⰺ' => 'ⰺ', + 'Ⰻ' => 'ⰻ', + 'Ⰼ' => 'ⰼ', + 'Ⰽ' => 'ⰽ', + 'Ⰾ' => 'ⰾ', + 'Ⰿ' => 'ⰿ', + 'Ⱀ' => 'ⱀ', + 'Ⱁ' => 'ⱁ', + 'Ⱂ' => 'ⱂ', + 'Ⱃ' => 'ⱃ', + 'Ⱄ' => 'ⱄ', + 'Ⱅ' => 'ⱅ', + 'Ⱆ' => 'ⱆ', + 'Ⱇ' => 'ⱇ', + 'Ⱈ' => 'ⱈ', + 'Ⱉ' => 'ⱉ', + 'Ⱊ' => 'ⱊ', + 'Ⱋ' => 'ⱋ', + 'Ⱌ' => 'ⱌ', + 'Ⱍ' => 'ⱍ', + 'Ⱎ' => 'ⱎ', + 'Ⱏ' => 'ⱏ', + 'Ⱐ' => 'ⱐ', + 'Ⱑ' => 'ⱑ', + 'Ⱒ' => 'ⱒ', + 'Ⱓ' => 'ⱓ', + 'Ⱔ' => 'ⱔ', + 'Ⱕ' => 'ⱕ', + 'Ⱖ' => 'ⱖ', + 'Ⱗ' => 'ⱗ', + 'Ⱘ' => 'ⱘ', + 'Ⱙ' => 'ⱙ', + 'Ⱚ' => 'ⱚ', + 'Ⱛ' => 'ⱛ', + 'Ⱜ' => 'ⱜ', + 'Ⱝ' => 'ⱝ', + 'Ⱞ' => 'ⱞ', + 'Ⱡ' => 'ⱡ', + 'Ɫ' => 'ɫ', + 'Ᵽ' => 'ᵽ', + 'Ɽ' => 'ɽ', + 'Ⱨ' => 'ⱨ', + 'Ⱪ' => 'ⱪ', + 'Ⱬ' => 'ⱬ', + 'Ɑ' => 'ɑ', + 'Ɱ' => 'ɱ', + 'Ɐ' => 'ɐ', + 'Ɒ' => 'ɒ', + 'Ⱳ' => 'ⱳ', + 'Ⱶ' => 'ⱶ', + 'Ȿ' => 'ȿ', + 'Ɀ' => 'ɀ', + 'Ⲁ' => 'ⲁ', + 'Ⲃ' => 'ⲃ', + 'Ⲅ' => 'ⲅ', + 'Ⲇ' => 'ⲇ', + 'Ⲉ' => 'ⲉ', + 'Ⲋ' => 'ⲋ', + 'Ⲍ' => 'ⲍ', + 'Ⲏ' => 'ⲏ', + 'Ⲑ' => 'ⲑ', + 'Ⲓ' => 'ⲓ', + 'Ⲕ' => 'ⲕ', + 'Ⲗ' => 'ⲗ', + 'Ⲙ' => 'ⲙ', + 'Ⲛ' => 'ⲛ', + 'Ⲝ' => 'ⲝ', + 'Ⲟ' => 'ⲟ', + 'Ⲡ' => 'ⲡ', + 'Ⲣ' => 'ⲣ', + 'Ⲥ' => 'ⲥ', + 'Ⲧ' => 'ⲧ', + 'Ⲩ' => 'ⲩ', + 'Ⲫ' => 'ⲫ', + 'Ⲭ' => 'ⲭ', + 'Ⲯ' => 'ⲯ', + 'Ⲱ' => 'ⲱ', + 'Ⲳ' => 'ⲳ', + 'Ⲵ' => 'ⲵ', + 'Ⲷ' => 'ⲷ', + 'Ⲹ' => 'ⲹ', + 'Ⲻ' => 'ⲻ', + 'Ⲽ' => 'ⲽ', + 'Ⲿ' => 'ⲿ', + 'Ⳁ' => 'ⳁ', + 'Ⳃ' => 'ⳃ', + 'Ⳅ' => 'ⳅ', + 'Ⳇ' => 'ⳇ', + 'Ⳉ' => 'ⳉ', + 'Ⳋ' => 'ⳋ', + 'Ⳍ' => 'ⳍ', + 'Ⳏ' => 'ⳏ', + 'Ⳑ' => 'ⳑ', + 'Ⳓ' => 'ⳓ', + 'Ⳕ' => 'ⳕ', + 'Ⳗ' => 'ⳗ', + 'Ⳙ' => 'ⳙ', + 'Ⳛ' => 'ⳛ', + 'Ⳝ' => 'ⳝ', + 'Ⳟ' => 'ⳟ', + 'Ⳡ' => 'ⳡ', + 'Ⳣ' => 'ⳣ', + 'Ⳬ' => 'ⳬ', + 'Ⳮ' => 'ⳮ', + 'Ⳳ' => 'ⳳ', + 'Ꙁ' => 'ꙁ', + 'Ꙃ' => 'ꙃ', + 'Ꙅ' => 'ꙅ', + 'Ꙇ' => 'ꙇ', + 'Ꙉ' => 'ꙉ', + 'Ꙋ' => 'ꙋ', + 'Ꙍ' => 'ꙍ', + 'Ꙏ' => 'ꙏ', + 'Ꙑ' => 'ꙑ', + 'Ꙓ' => 'ꙓ', + 'Ꙕ' => 'ꙕ', + 'Ꙗ' => 'ꙗ', + 'Ꙙ' => 'ꙙ', + 'Ꙛ' => 'ꙛ', + 'Ꙝ' => 'ꙝ', + 'Ꙟ' => 'ꙟ', + 'Ꙡ' => 'ꙡ', + 'Ꙣ' => 'ꙣ', + 'Ꙥ' => 'ꙥ', + 'Ꙧ' => 'ꙧ', + 'Ꙩ' => 'ꙩ', + 'Ꙫ' => 'ꙫ', + 'Ꙭ' => 'ꙭ', + 'Ꚁ' => 'ꚁ', + 'Ꚃ' => 'ꚃ', + 'Ꚅ' => 'ꚅ', + 'Ꚇ' => 'ꚇ', + 'Ꚉ' => 'ꚉ', + 'Ꚋ' => 'ꚋ', + 'Ꚍ' => 'ꚍ', + 'Ꚏ' => 'ꚏ', + 'Ꚑ' => 'ꚑ', + 'Ꚓ' => 'ꚓ', + 'Ꚕ' => 'ꚕ', + 'Ꚗ' => 'ꚗ', + 'Ꚙ' => 'ꚙ', + 'Ꚛ' => 'ꚛ', + 'Ꜣ' => 'ꜣ', + 'Ꜥ' => 'ꜥ', + 'Ꜧ' => 'ꜧ', + 'Ꜩ' => 'ꜩ', + 'Ꜫ' => 'ꜫ', + 'Ꜭ' => 'ꜭ', + 'Ꜯ' => 'ꜯ', + 'Ꜳ' => 'ꜳ', + 'Ꜵ' => 'ꜵ', + 'Ꜷ' => 'ꜷ', + 'Ꜹ' => 'ꜹ', + 'Ꜻ' => 'ꜻ', + 'Ꜽ' => 'ꜽ', + 'Ꜿ' => 'ꜿ', + 'Ꝁ' => 'ꝁ', + 'Ꝃ' => 'ꝃ', + 'Ꝅ' => 'ꝅ', + 'Ꝇ' => 'ꝇ', + 'Ꝉ' => 'ꝉ', + 'Ꝋ' => 'ꝋ', + 'Ꝍ' => 'ꝍ', + 'Ꝏ' => 'ꝏ', + 'Ꝑ' => 'ꝑ', + 'Ꝓ' => 'ꝓ', + 'Ꝕ' => 'ꝕ', + 'Ꝗ' => 'ꝗ', + 'Ꝙ' => 'ꝙ', + 'Ꝛ' => 'ꝛ', + 'Ꝝ' => 'ꝝ', + 'Ꝟ' => 'ꝟ', + 'Ꝡ' => 'ꝡ', + 'Ꝣ' => 'ꝣ', + 'Ꝥ' => 'ꝥ', + 'Ꝧ' => 'ꝧ', + 'Ꝩ' => 'ꝩ', + 'Ꝫ' => 'ꝫ', + 'Ꝭ' => 'ꝭ', + 'Ꝯ' => 'ꝯ', + 'Ꝺ' => 'ꝺ', + 'Ꝼ' => 'ꝼ', + 'Ᵹ' => 'ᵹ', + 'Ꝿ' => 'ꝿ', + 'Ꞁ' => 'ꞁ', + 'Ꞃ' => 'ꞃ', + 'Ꞅ' => 'ꞅ', + 'Ꞇ' => 'ꞇ', + 'Ꞌ' => 'ꞌ', + 'Ɥ' => 'ɥ', + 'Ꞑ' => 'ꞑ', + 'Ꞓ' => 'ꞓ', + 'Ꞗ' => 'ꞗ', + 'Ꞙ' => 'ꞙ', + 'Ꞛ' => 'ꞛ', + 'Ꞝ' => 'ꞝ', + 'Ꞟ' => 'ꞟ', + 'Ꞡ' => 'ꞡ', + 'Ꞣ' => 'ꞣ', + 'Ꞥ' => 'ꞥ', + 'Ꞧ' => 'ꞧ', + 'Ꞩ' => 'ꞩ', + 'Ɦ' => 'ɦ', + 'Ɜ' => 'ɜ', + 'Ɡ' => 'ɡ', + 'Ɬ' => 'ɬ', + 'Ɪ' => 'ɪ', + 'Ʞ' => 'ʞ', + 'Ʇ' => 'ʇ', + 'Ʝ' => 'ʝ', + 'Ꭓ' => 'ꭓ', + 'Ꞵ' => 'ꞵ', + 'Ꞷ' => 'ꞷ', + 'Ꞹ' => 'ꞹ', + 'Ꞻ' => 'ꞻ', + 'Ꞽ' => 'ꞽ', + 'Ꞿ' => 'ꞿ', + 'Ꟃ' => 'ꟃ', + 'Ꞔ' => 'ꞔ', + 'Ʂ' => 'ʂ', + 'Ᶎ' => 'ᶎ', + 'Ꟈ' => 'ꟈ', + 'Ꟊ' => 'ꟊ', + 'Ꟶ' => 'ꟶ', + 'A' => 'a', + 'B' => 'b', + 'C' => 'c', + 'D' => 'd', + 'E' => 'e', + 'F' => 'f', + 'G' => 'g', + 'H' => 'h', + 'I' => 'i', + 'J' => 'j', + 'K' => 'k', + 'L' => 'l', + 'M' => 'm', + 'N' => 'n', + 'O' => 'o', + 'P' => 'p', + 'Q' => 'q', + 'R' => 'r', + 'S' => 's', + 'T' => 't', + 'U' => 'u', + 'V' => 'v', + 'W' => 'w', + 'X' => 'x', + 'Y' => 'y', + 'Z' => 'z', + '𐐀' => '𐐨', + '𐐁' => '𐐩', + '𐐂' => '𐐪', + '𐐃' => '𐐫', + '𐐄' => '𐐬', + '𐐅' => '𐐭', + '𐐆' => '𐐮', + '𐐇' => '𐐯', + '𐐈' => '𐐰', + '𐐉' => '𐐱', + '𐐊' => '𐐲', + '𐐋' => '𐐳', + '𐐌' => '𐐴', + '𐐍' => '𐐵', + '𐐎' => '𐐶', + '𐐏' => '𐐷', + '𐐐' => '𐐸', + '𐐑' => '𐐹', + '𐐒' => '𐐺', + '𐐓' => '𐐻', + '𐐔' => '𐐼', + '𐐕' => '𐐽', + '𐐖' => '𐐾', + '𐐗' => '𐐿', + '𐐘' => '𐑀', + '𐐙' => '𐑁', + '𐐚' => '𐑂', + '𐐛' => '𐑃', + '𐐜' => '𐑄', + '𐐝' => '𐑅', + '𐐞' => '𐑆', + '𐐟' => '𐑇', + '𐐠' => '𐑈', + '𐐡' => '𐑉', + '𐐢' => '𐑊', + '𐐣' => '𐑋', + '𐐤' => '𐑌', + '𐐥' => '𐑍', + '𐐦' => '𐑎', + '𐐧' => '𐑏', + '𐒰' => '𐓘', + '𐒱' => '𐓙', + '𐒲' => '𐓚', + '𐒳' => '𐓛', + '𐒴' => '𐓜', + '𐒵' => '𐓝', + '𐒶' => '𐓞', + '𐒷' => '𐓟', + '𐒸' => '𐓠', + '𐒹' => '𐓡', + '𐒺' => '𐓢', + '𐒻' => '𐓣', + '𐒼' => '𐓤', + '𐒽' => '𐓥', + '𐒾' => '𐓦', + '𐒿' => '𐓧', + '𐓀' => '𐓨', + '𐓁' => '𐓩', + '𐓂' => '𐓪', + '𐓃' => '𐓫', + '𐓄' => '𐓬', + '𐓅' => '𐓭', + '𐓆' => '𐓮', + '𐓇' => '𐓯', + '𐓈' => '𐓰', + '𐓉' => '𐓱', + '𐓊' => '𐓲', + '𐓋' => '𐓳', + '𐓌' => '𐓴', + '𐓍' => '𐓵', + '𐓎' => '𐓶', + '𐓏' => '𐓷', + '𐓐' => '𐓸', + '𐓑' => '𐓹', + '𐓒' => '𐓺', + '𐓓' => '𐓻', + '𐲀' => '𐳀', + '𐲁' => '𐳁', + '𐲂' => '𐳂', + '𐲃' => '𐳃', + '𐲄' => '𐳄', + '𐲅' => '𐳅', + '𐲆' => '𐳆', + '𐲇' => '𐳇', + '𐲈' => '𐳈', + '𐲉' => '𐳉', + '𐲊' => '𐳊', + '𐲋' => '𐳋', + '𐲌' => '𐳌', + '𐲍' => '𐳍', + '𐲎' => '𐳎', + '𐲏' => '𐳏', + '𐲐' => '𐳐', + '𐲑' => '𐳑', + '𐲒' => '𐳒', + '𐲓' => '𐳓', + '𐲔' => '𐳔', + '𐲕' => '𐳕', + '𐲖' => '𐳖', + '𐲗' => '𐳗', + '𐲘' => '𐳘', + '𐲙' => '𐳙', + '𐲚' => '𐳚', + '𐲛' => '𐳛', + '𐲜' => '𐳜', + '𐲝' => '𐳝', + '𐲞' => '𐳞', + '𐲟' => '𐳟', + '𐲠' => '𐳠', + '𐲡' => '𐳡', + '𐲢' => '𐳢', + '𐲣' => '𐳣', + '𐲤' => '𐳤', + '𐲥' => '𐳥', + '𐲦' => '𐳦', + '𐲧' => '𐳧', + '𐲨' => '𐳨', + '𐲩' => '𐳩', + '𐲪' => '𐳪', + '𐲫' => '𐳫', + '𐲬' => '𐳬', + '𐲭' => '𐳭', + '𐲮' => '𐳮', + '𐲯' => '𐳯', + '𐲰' => '𐳰', + '𐲱' => '𐳱', + '𐲲' => '𐳲', + '𑢠' => '𑣀', + '𑢡' => '𑣁', + '𑢢' => '𑣂', + '𑢣' => '𑣃', + '𑢤' => '𑣄', + '𑢥' => '𑣅', + '𑢦' => '𑣆', + '𑢧' => '𑣇', + '𑢨' => '𑣈', + '𑢩' => '𑣉', + '𑢪' => '𑣊', + '𑢫' => '𑣋', + '𑢬' => '𑣌', + '𑢭' => '𑣍', + '𑢮' => '𑣎', + '𑢯' => '𑣏', + '𑢰' => '𑣐', + '𑢱' => '𑣑', + '𑢲' => '𑣒', + '𑢳' => '𑣓', + '𑢴' => '𑣔', + '𑢵' => '𑣕', + '𑢶' => '𑣖', + '𑢷' => '𑣗', + '𑢸' => '𑣘', + '𑢹' => '𑣙', + '𑢺' => '𑣚', + '𑢻' => '𑣛', + '𑢼' => '𑣜', + '𑢽' => '𑣝', + '𑢾' => '𑣞', + '𑢿' => '𑣟', + '𖹀' => '𖹠', + '𖹁' => '𖹡', + '𖹂' => '𖹢', + '𖹃' => '𖹣', + '𖹄' => '𖹤', + '𖹅' => '𖹥', + '𖹆' => '𖹦', + '𖹇' => '𖹧', + '𖹈' => '𖹨', + '𖹉' => '𖹩', + '𖹊' => '𖹪', + '𖹋' => '𖹫', + '𖹌' => '𖹬', + '𖹍' => '𖹭', + '𖹎' => '𖹮', + '𖹏' => '𖹯', + '𖹐' => '𖹰', + '𖹑' => '𖹱', + '𖹒' => '𖹲', + '𖹓' => '𖹳', + '𖹔' => '𖹴', + '𖹕' => '𖹵', + '𖹖' => '𖹶', + '𖹗' => '𖹷', + '𖹘' => '𖹸', + '𖹙' => '𖹹', + '𖹚' => '𖹺', + '𖹛' => '𖹻', + '𖹜' => '𖹼', + '𖹝' => '𖹽', + '𖹞' => '𖹾', + '𖹟' => '𖹿', + '𞤀' => '𞤢', + '𞤁' => '𞤣', + '𞤂' => '𞤤', + '𞤃' => '𞤥', + '𞤄' => '𞤦', + '𞤅' => '𞤧', + '𞤆' => '𞤨', + '𞤇' => '𞤩', + '𞤈' => '𞤪', + '𞤉' => '𞤫', + '𞤊' => '𞤬', + '𞤋' => '𞤭', + '𞤌' => '𞤮', + '𞤍' => '𞤯', + '𞤎' => '𞤰', + '𞤏' => '𞤱', + '𞤐' => '𞤲', + '𞤑' => '𞤳', + '𞤒' => '𞤴', + '𞤓' => '𞤵', + '𞤔' => '𞤶', + '𞤕' => '𞤷', + '𞤖' => '𞤸', + '𞤗' => '𞤹', + '𞤘' => '𞤺', + '𞤙' => '𞤻', + '𞤚' => '𞤼', + '𞤛' => '𞤽', + '𞤜' => '𞤾', + '𞤝' => '𞤿', + '𞤞' => '𞥀', + '𞤟' => '𞥁', + '𞤠' => '𞥂', + '𞤡' => '𞥃', +); diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Resources/unidata/titleCaseRegexp.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Resources/unidata/titleCaseRegexp.php new file mode 100644 index 0000000..2a8f6e7 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Resources/unidata/titleCaseRegexp.php @@ -0,0 +1,5 @@ + 'A', + 'b' => 'B', + 'c' => 'C', + 'd' => 'D', + 'e' => 'E', + 'f' => 'F', + 'g' => 'G', + 'h' => 'H', + 'i' => 'I', + 'j' => 'J', + 'k' => 'K', + 'l' => 'L', + 'm' => 'M', + 'n' => 'N', + 'o' => 'O', + 'p' => 'P', + 'q' => 'Q', + 'r' => 'R', + 's' => 'S', + 't' => 'T', + 'u' => 'U', + 'v' => 'V', + 'w' => 'W', + 'x' => 'X', + 'y' => 'Y', + 'z' => 'Z', + 'µ' => 'Μ', + 'à' => 'À', + 'á' => 'Á', + 'â' => 'Â', + 'ã' => 'Ã', + 'ä' => 'Ä', + 'å' => 'Å', + 'æ' => 'Æ', + 'ç' => 'Ç', + 'è' => 'È', + 'é' => 'É', + 'ê' => 'Ê', + 'ë' => 'Ë', + 'ì' => 'Ì', + 'í' => 'Í', + 'î' => 'Î', + 'ï' => 'Ï', + 'ð' => 'Ð', + 'ñ' => 'Ñ', + 'ò' => 'Ò', + 'ó' => 'Ó', + 'ô' => 'Ô', + 'õ' => 'Õ', + 'ö' => 'Ö', + 'ø' => 'Ø', + 'ù' => 'Ù', + 'ú' => 'Ú', + 'û' => 'Û', + 'ü' => 'Ü', + 'ý' => 'Ý', + 'þ' => 'Þ', + 'ÿ' => 'Ÿ', + 'ā' => 'Ā', + 'ă' => 'Ă', + 'ą' => 'Ą', + 'ć' => 'Ć', + 'ĉ' => 'Ĉ', + 'ċ' => 'Ċ', + 'č' => 'Č', + 'ď' => 'Ď', + 'đ' => 'Đ', + 'ē' => 'Ē', + 'ĕ' => 'Ĕ', + 'ė' => 'Ė', + 'ę' => 'Ę', + 'ě' => 'Ě', + 'ĝ' => 'Ĝ', + 'ğ' => 'Ğ', + 'ġ' => 'Ġ', + 'ģ' => 'Ģ', + 'ĥ' => 'Ĥ', + 'ħ' => 'Ħ', + 'ĩ' => 'Ĩ', + 'ī' => 'Ī', + 'ĭ' => 'Ĭ', + 'į' => 'Į', + 'ı' => 'I', + 'ij' => 'IJ', + 'ĵ' => 'Ĵ', + 'ķ' => 'Ķ', + 'ĺ' => 'Ĺ', + 'ļ' => 'Ļ', + 'ľ' => 'Ľ', + 'ŀ' => 'Ŀ', + 'ł' => 'Ł', + 'ń' => 'Ń', + 'ņ' => 'Ņ', + 'ň' => 'Ň', + 'ŋ' => 'Ŋ', + 'ō' => 'Ō', + 'ŏ' => 'Ŏ', + 'ő' => 'Ő', + 'œ' => 'Œ', + 'ŕ' => 'Ŕ', + 'ŗ' => 'Ŗ', + 'ř' => 'Ř', + 'ś' => 'Ś', + 'ŝ' => 'Ŝ', + 'ş' => 'Ş', + 'š' => 'Š', + 'ţ' => 'Ţ', + 'ť' => 'Ť', + 'ŧ' => 'Ŧ', + 'ũ' => 'Ũ', + 'ū' => 'Ū', + 'ŭ' => 'Ŭ', + 'ů' => 'Ů', + 'ű' => 'Ű', + 'ų' => 'Ų', + 'ŵ' => 'Ŵ', + 'ŷ' => 'Ŷ', + 'ź' => 'Ź', + 'ż' => 'Ż', + 'ž' => 'Ž', + 'ſ' => 'S', + 'ƀ' => 'Ƀ', + 'ƃ' => 'Ƃ', + 'ƅ' => 'Ƅ', + 'ƈ' => 'Ƈ', + 'ƌ' => 'Ƌ', + 'ƒ' => 'Ƒ', + 'ƕ' => 'Ƕ', + 'ƙ' => 'Ƙ', + 'ƚ' => 'Ƚ', + 'ƞ' => 'Ƞ', + 'ơ' => 'Ơ', + 'ƣ' => 'Ƣ', + 'ƥ' => 'Ƥ', + 'ƨ' => 'Ƨ', + 'ƭ' => 'Ƭ', + 'ư' => 'Ư', + 'ƴ' => 'Ƴ', + 'ƶ' => 'Ƶ', + 'ƹ' => 'Ƹ', + 'ƽ' => 'Ƽ', + 'ƿ' => 'Ƿ', + 'Dž' => 'DŽ', + 'dž' => 'DŽ', + 'Lj' => 'LJ', + 'lj' => 'LJ', + 'Nj' => 'NJ', + 'nj' => 'NJ', + 'ǎ' => 'Ǎ', + 'ǐ' => 'Ǐ', + 'ǒ' => 'Ǒ', + 'ǔ' => 'Ǔ', + 'ǖ' => 'Ǖ', + 'ǘ' => 'Ǘ', + 'ǚ' => 'Ǚ', + 'ǜ' => 'Ǜ', + 'ǝ' => 'Ǝ', + 'ǟ' => 'Ǟ', + 'ǡ' => 'Ǡ', + 'ǣ' => 'Ǣ', + 'ǥ' => 'Ǥ', + 'ǧ' => 'Ǧ', + 'ǩ' => 'Ǩ', + 'ǫ' => 'Ǫ', + 'ǭ' => 'Ǭ', + 'ǯ' => 'Ǯ', + 'Dz' => 'DZ', + 'dz' => 'DZ', + 'ǵ' => 'Ǵ', + 'ǹ' => 'Ǹ', + 'ǻ' => 'Ǻ', + 'ǽ' => 'Ǽ', + 'ǿ' => 'Ǿ', + 'ȁ' => 'Ȁ', + 'ȃ' => 'Ȃ', + 'ȅ' => 'Ȅ', + 'ȇ' => 'Ȇ', + 'ȉ' => 'Ȉ', + 'ȋ' => 'Ȋ', + 'ȍ' => 'Ȍ', + 'ȏ' => 'Ȏ', + 'ȑ' => 'Ȑ', + 'ȓ' => 'Ȓ', + 'ȕ' => 'Ȕ', + 'ȗ' => 'Ȗ', + 'ș' => 'Ș', + 'ț' => 'Ț', + 'ȝ' => 'Ȝ', + 'ȟ' => 'Ȟ', + 'ȣ' => 'Ȣ', + 'ȥ' => 'Ȥ', + 'ȧ' => 'Ȧ', + 'ȩ' => 'Ȩ', + 'ȫ' => 'Ȫ', + 'ȭ' => 'Ȭ', + 'ȯ' => 'Ȯ', + 'ȱ' => 'Ȱ', + 'ȳ' => 'Ȳ', + 'ȼ' => 'Ȼ', + 'ȿ' => 'Ȿ', + 'ɀ' => 'Ɀ', + 'ɂ' => 'Ɂ', + 'ɇ' => 'Ɇ', + 'ɉ' => 'Ɉ', + 'ɋ' => 'Ɋ', + 'ɍ' => 'Ɍ', + 'ɏ' => 'Ɏ', + 'ɐ' => 'Ɐ', + 'ɑ' => 'Ɑ', + 'ɒ' => 'Ɒ', + 'ɓ' => 'Ɓ', + 'ɔ' => 'Ɔ', + 'ɖ' => 'Ɖ', + 'ɗ' => 'Ɗ', + 'ə' => 'Ə', + 'ɛ' => 'Ɛ', + 'ɜ' => 'Ɜ', + 'ɠ' => 'Ɠ', + 'ɡ' => 'Ɡ', + 'ɣ' => 'Ɣ', + 'ɥ' => 'Ɥ', + 'ɦ' => 'Ɦ', + 'ɨ' => 'Ɨ', + 'ɩ' => 'Ɩ', + 'ɪ' => 'Ɪ', + 'ɫ' => 'Ɫ', + 'ɬ' => 'Ɬ', + 'ɯ' => 'Ɯ', + 'ɱ' => 'Ɱ', + 'ɲ' => 'Ɲ', + 'ɵ' => 'Ɵ', + 'ɽ' => 'Ɽ', + 'ʀ' => 'Ʀ', + 'ʂ' => 'Ʂ', + 'ʃ' => 'Ʃ', + 'ʇ' => 'Ʇ', + 'ʈ' => 'Ʈ', + 'ʉ' => 'Ʉ', + 'ʊ' => 'Ʊ', + 'ʋ' => 'Ʋ', + 'ʌ' => 'Ʌ', + 'ʒ' => 'Ʒ', + 'ʝ' => 'Ʝ', + 'ʞ' => 'Ʞ', + 'ͅ' => 'Ι', + 'ͱ' => 'Ͱ', + 'ͳ' => 'Ͳ', + 'ͷ' => 'Ͷ', + 'ͻ' => 'Ͻ', + 'ͼ' => 'Ͼ', + 'ͽ' => 'Ͽ', + 'ά' => 'Ά', + 'έ' => 'Έ', + 'ή' => 'Ή', + 'ί' => 'Ί', + 'α' => 'Α', + 'β' => 'Β', + 'γ' => 'Γ', + 'δ' => 'Δ', + 'ε' => 'Ε', + 'ζ' => 'Ζ', + 'η' => 'Η', + 'θ' => 'Θ', + 'ι' => 'Ι', + 'κ' => 'Κ', + 'λ' => 'Λ', + 'μ' => 'Μ', + 'ν' => 'Ν', + 'ξ' => 'Ξ', + 'ο' => 'Ο', + 'π' => 'Π', + 'ρ' => 'Ρ', + 'ς' => 'Σ', + 'σ' => 'Σ', + 'τ' => 'Τ', + 'υ' => 'Υ', + 'φ' => 'Φ', + 'χ' => 'Χ', + 'ψ' => 'Ψ', + 'ω' => 'Ω', + 'ϊ' => 'Ϊ', + 'ϋ' => 'Ϋ', + 'ό' => 'Ό', + 'ύ' => 'Ύ', + 'ώ' => 'Ώ', + 'ϐ' => 'Β', + 'ϑ' => 'Θ', + 'ϕ' => 'Φ', + 'ϖ' => 'Π', + 'ϗ' => 'Ϗ', + 'ϙ' => 'Ϙ', + 'ϛ' => 'Ϛ', + 'ϝ' => 'Ϝ', + 'ϟ' => 'Ϟ', + 'ϡ' => 'Ϡ', + 'ϣ' => 'Ϣ', + 'ϥ' => 'Ϥ', + 'ϧ' => 'Ϧ', + 'ϩ' => 'Ϩ', + 'ϫ' => 'Ϫ', + 'ϭ' => 'Ϭ', + 'ϯ' => 'Ϯ', + 'ϰ' => 'Κ', + 'ϱ' => 'Ρ', + 'ϲ' => 'Ϲ', + 'ϳ' => 'Ϳ', + 'ϵ' => 'Ε', + 'ϸ' => 'Ϸ', + 'ϻ' => 'Ϻ', + 'а' => 'А', + 'б' => 'Б', + 'в' => 'В', + 'г' => 'Г', + 'д' => 'Д', + 'е' => 'Е', + 'ж' => 'Ж', + 'з' => 'З', + 'и' => 'И', + 'й' => 'Й', + 'к' => 'К', + 'л' => 'Л', + 'м' => 'М', + 'н' => 'Н', + 'о' => 'О', + 'п' => 'П', + 'р' => 'Р', + 'с' => 'С', + 'т' => 'Т', + 'у' => 'У', + 'ф' => 'Ф', + 'х' => 'Х', + 'ц' => 'Ц', + 'ч' => 'Ч', + 'ш' => 'Ш', + 'щ' => 'Щ', + 'ъ' => 'Ъ', + 'ы' => 'Ы', + 'ь' => 'Ь', + 'э' => 'Э', + 'ю' => 'Ю', + 'я' => 'Я', + 'ѐ' => 'Ѐ', + 'ё' => 'Ё', + 'ђ' => 'Ђ', + 'ѓ' => 'Ѓ', + 'є' => 'Є', + 'ѕ' => 'Ѕ', + 'і' => 'І', + 'ї' => 'Ї', + 'ј' => 'Ј', + 'љ' => 'Љ', + 'њ' => 'Њ', + 'ћ' => 'Ћ', + 'ќ' => 'Ќ', + 'ѝ' => 'Ѝ', + 'ў' => 'Ў', + 'џ' => 'Џ', + 'ѡ' => 'Ѡ', + 'ѣ' => 'Ѣ', + 'ѥ' => 'Ѥ', + 'ѧ' => 'Ѧ', + 'ѩ' => 'Ѩ', + 'ѫ' => 'Ѫ', + 'ѭ' => 'Ѭ', + 'ѯ' => 'Ѯ', + 'ѱ' => 'Ѱ', + 'ѳ' => 'Ѳ', + 'ѵ' => 'Ѵ', + 'ѷ' => 'Ѷ', + 'ѹ' => 'Ѹ', + 'ѻ' => 'Ѻ', + 'ѽ' => 'Ѽ', + 'ѿ' => 'Ѿ', + 'ҁ' => 'Ҁ', + 'ҋ' => 'Ҋ', + 'ҍ' => 'Ҍ', + 'ҏ' => 'Ҏ', + 'ґ' => 'Ґ', + 'ғ' => 'Ғ', + 'ҕ' => 'Ҕ', + 'җ' => 'Җ', + 'ҙ' => 'Ҙ', + 'қ' => 'Қ', + 'ҝ' => 'Ҝ', + 'ҟ' => 'Ҟ', + 'ҡ' => 'Ҡ', + 'ң' => 'Ң', + 'ҥ' => 'Ҥ', + 'ҧ' => 'Ҧ', + 'ҩ' => 'Ҩ', + 'ҫ' => 'Ҫ', + 'ҭ' => 'Ҭ', + 'ү' => 'Ү', + 'ұ' => 'Ұ', + 'ҳ' => 'Ҳ', + 'ҵ' => 'Ҵ', + 'ҷ' => 'Ҷ', + 'ҹ' => 'Ҹ', + 'һ' => 'Һ', + 'ҽ' => 'Ҽ', + 'ҿ' => 'Ҿ', + 'ӂ' => 'Ӂ', + 'ӄ' => 'Ӄ', + 'ӆ' => 'Ӆ', + 'ӈ' => 'Ӈ', + 'ӊ' => 'Ӊ', + 'ӌ' => 'Ӌ', + 'ӎ' => 'Ӎ', + 'ӏ' => 'Ӏ', + 'ӑ' => 'Ӑ', + 'ӓ' => 'Ӓ', + 'ӕ' => 'Ӕ', + 'ӗ' => 'Ӗ', + 'ә' => 'Ә', + 'ӛ' => 'Ӛ', + 'ӝ' => 'Ӝ', + 'ӟ' => 'Ӟ', + 'ӡ' => 'Ӡ', + 'ӣ' => 'Ӣ', + 'ӥ' => 'Ӥ', + 'ӧ' => 'Ӧ', + 'ө' => 'Ө', + 'ӫ' => 'Ӫ', + 'ӭ' => 'Ӭ', + 'ӯ' => 'Ӯ', + 'ӱ' => 'Ӱ', + 'ӳ' => 'Ӳ', + 'ӵ' => 'Ӵ', + 'ӷ' => 'Ӷ', + 'ӹ' => 'Ӹ', + 'ӻ' => 'Ӻ', + 'ӽ' => 'Ӽ', + 'ӿ' => 'Ӿ', + 'ԁ' => 'Ԁ', + 'ԃ' => 'Ԃ', + 'ԅ' => 'Ԅ', + 'ԇ' => 'Ԇ', + 'ԉ' => 'Ԉ', + 'ԋ' => 'Ԋ', + 'ԍ' => 'Ԍ', + 'ԏ' => 'Ԏ', + 'ԑ' => 'Ԑ', + 'ԓ' => 'Ԓ', + 'ԕ' => 'Ԕ', + 'ԗ' => 'Ԗ', + 'ԙ' => 'Ԙ', + 'ԛ' => 'Ԛ', + 'ԝ' => 'Ԝ', + 'ԟ' => 'Ԟ', + 'ԡ' => 'Ԡ', + 'ԣ' => 'Ԣ', + 'ԥ' => 'Ԥ', + 'ԧ' => 'Ԧ', + 'ԩ' => 'Ԩ', + 'ԫ' => 'Ԫ', + 'ԭ' => 'Ԭ', + 'ԯ' => 'Ԯ', + 'ա' => 'Ա', + 'բ' => 'Բ', + 'գ' => 'Գ', + 'դ' => 'Դ', + 'ե' => 'Ե', + 'զ' => 'Զ', + 'է' => 'Է', + 'ը' => 'Ը', + 'թ' => 'Թ', + 'ժ' => 'Ժ', + 'ի' => 'Ի', + 'լ' => 'Լ', + 'խ' => 'Խ', + 'ծ' => 'Ծ', + 'կ' => 'Կ', + 'հ' => 'Հ', + 'ձ' => 'Ձ', + 'ղ' => 'Ղ', + 'ճ' => 'Ճ', + 'մ' => 'Մ', + 'յ' => 'Յ', + 'ն' => 'Ն', + 'շ' => 'Շ', + 'ո' => 'Ո', + 'չ' => 'Չ', + 'պ' => 'Պ', + 'ջ' => 'Ջ', + 'ռ' => 'Ռ', + 'ս' => 'Ս', + 'վ' => 'Վ', + 'տ' => 'Տ', + 'ր' => 'Ր', + 'ց' => 'Ց', + 'ւ' => 'Ւ', + 'փ' => 'Փ', + 'ք' => 'Ք', + 'օ' => 'Օ', + 'ֆ' => 'Ֆ', + 'ა' => 'Ა', + 'ბ' => 'Ბ', + 'გ' => 'Გ', + 'დ' => 'Დ', + 'ე' => 'Ე', + 'ვ' => 'Ვ', + 'ზ' => 'Ზ', + 'თ' => 'Თ', + 'ი' => 'Ი', + 'კ' => 'Კ', + 'ლ' => 'Ლ', + 'მ' => 'Მ', + 'ნ' => 'Ნ', + 'ო' => 'Ო', + 'პ' => 'Პ', + 'ჟ' => 'Ჟ', + 'რ' => 'Რ', + 'ს' => 'Ს', + 'ტ' => 'Ტ', + 'უ' => 'Უ', + 'ფ' => 'Ფ', + 'ქ' => 'Ქ', + 'ღ' => 'Ღ', + 'ყ' => 'Ყ', + 'შ' => 'Შ', + 'ჩ' => 'Ჩ', + 'ც' => 'Ც', + 'ძ' => 'Ძ', + 'წ' => 'Წ', + 'ჭ' => 'Ჭ', + 'ხ' => 'Ხ', + 'ჯ' => 'Ჯ', + 'ჰ' => 'Ჰ', + 'ჱ' => 'Ჱ', + 'ჲ' => 'Ჲ', + 'ჳ' => 'Ჳ', + 'ჴ' => 'Ჴ', + 'ჵ' => 'Ჵ', + 'ჶ' => 'Ჶ', + 'ჷ' => 'Ჷ', + 'ჸ' => 'Ჸ', + 'ჹ' => 'Ჹ', + 'ჺ' => 'Ჺ', + 'ჽ' => 'Ჽ', + 'ჾ' => 'Ჾ', + 'ჿ' => 'Ჿ', + 'ᏸ' => 'Ᏸ', + 'ᏹ' => 'Ᏹ', + 'ᏺ' => 'Ᏺ', + 'ᏻ' => 'Ᏻ', + 'ᏼ' => 'Ᏼ', + 'ᏽ' => 'Ᏽ', + 'ᲀ' => 'В', + 'ᲁ' => 'Д', + 'ᲂ' => 'О', + 'ᲃ' => 'С', + 'ᲄ' => 'Т', + 'ᲅ' => 'Т', + 'ᲆ' => 'Ъ', + 'ᲇ' => 'Ѣ', + 'ᲈ' => 'Ꙋ', + 'ᵹ' => 'Ᵹ', + 'ᵽ' => 'Ᵽ', + 'ᶎ' => 'Ᶎ', + 'ḁ' => 'Ḁ', + 'ḃ' => 'Ḃ', + 'ḅ' => 'Ḅ', + 'ḇ' => 'Ḇ', + 'ḉ' => 'Ḉ', + 'ḋ' => 'Ḋ', + 'ḍ' => 'Ḍ', + 'ḏ' => 'Ḏ', + 'ḑ' => 'Ḑ', + 'ḓ' => 'Ḓ', + 'ḕ' => 'Ḕ', + 'ḗ' => 'Ḗ', + 'ḙ' => 'Ḙ', + 'ḛ' => 'Ḛ', + 'ḝ' => 'Ḝ', + 'ḟ' => 'Ḟ', + 'ḡ' => 'Ḡ', + 'ḣ' => 'Ḣ', + 'ḥ' => 'Ḥ', + 'ḧ' => 'Ḧ', + 'ḩ' => 'Ḩ', + 'ḫ' => 'Ḫ', + 'ḭ' => 'Ḭ', + 'ḯ' => 'Ḯ', + 'ḱ' => 'Ḱ', + 'ḳ' => 'Ḳ', + 'ḵ' => 'Ḵ', + 'ḷ' => 'Ḷ', + 'ḹ' => 'Ḹ', + 'ḻ' => 'Ḻ', + 'ḽ' => 'Ḽ', + 'ḿ' => 'Ḿ', + 'ṁ' => 'Ṁ', + 'ṃ' => 'Ṃ', + 'ṅ' => 'Ṅ', + 'ṇ' => 'Ṇ', + 'ṉ' => 'Ṉ', + 'ṋ' => 'Ṋ', + 'ṍ' => 'Ṍ', + 'ṏ' => 'Ṏ', + 'ṑ' => 'Ṑ', + 'ṓ' => 'Ṓ', + 'ṕ' => 'Ṕ', + 'ṗ' => 'Ṗ', + 'ṙ' => 'Ṙ', + 'ṛ' => 'Ṛ', + 'ṝ' => 'Ṝ', + 'ṟ' => 'Ṟ', + 'ṡ' => 'Ṡ', + 'ṣ' => 'Ṣ', + 'ṥ' => 'Ṥ', + 'ṧ' => 'Ṧ', + 'ṩ' => 'Ṩ', + 'ṫ' => 'Ṫ', + 'ṭ' => 'Ṭ', + 'ṯ' => 'Ṯ', + 'ṱ' => 'Ṱ', + 'ṳ' => 'Ṳ', + 'ṵ' => 'Ṵ', + 'ṷ' => 'Ṷ', + 'ṹ' => 'Ṹ', + 'ṻ' => 'Ṻ', + 'ṽ' => 'Ṽ', + 'ṿ' => 'Ṿ', + 'ẁ' => 'Ẁ', + 'ẃ' => 'Ẃ', + 'ẅ' => 'Ẅ', + 'ẇ' => 'Ẇ', + 'ẉ' => 'Ẉ', + 'ẋ' => 'Ẋ', + 'ẍ' => 'Ẍ', + 'ẏ' => 'Ẏ', + 'ẑ' => 'Ẑ', + 'ẓ' => 'Ẓ', + 'ẕ' => 'Ẕ', + 'ẛ' => 'Ṡ', + 'ạ' => 'Ạ', + 'ả' => 'Ả', + 'ấ' => 'Ấ', + 'ầ' => 'Ầ', + 'ẩ' => 'Ẩ', + 'ẫ' => 'Ẫ', + 'ậ' => 'Ậ', + 'ắ' => 'Ắ', + 'ằ' => 'Ằ', + 'ẳ' => 'Ẳ', + 'ẵ' => 'Ẵ', + 'ặ' => 'Ặ', + 'ẹ' => 'Ẹ', + 'ẻ' => 'Ẻ', + 'ẽ' => 'Ẽ', + 'ế' => 'Ế', + 'ề' => 'Ề', + 'ể' => 'Ể', + 'ễ' => 'Ễ', + 'ệ' => 'Ệ', + 'ỉ' => 'Ỉ', + 'ị' => 'Ị', + 'ọ' => 'Ọ', + 'ỏ' => 'Ỏ', + 'ố' => 'Ố', + 'ồ' => 'Ồ', + 'ổ' => 'Ổ', + 'ỗ' => 'Ỗ', + 'ộ' => 'Ộ', + 'ớ' => 'Ớ', + 'ờ' => 'Ờ', + 'ở' => 'Ở', + 'ỡ' => 'Ỡ', + 'ợ' => 'Ợ', + 'ụ' => 'Ụ', + 'ủ' => 'Ủ', + 'ứ' => 'Ứ', + 'ừ' => 'Ừ', + 'ử' => 'Ử', + 'ữ' => 'Ữ', + 'ự' => 'Ự', + 'ỳ' => 'Ỳ', + 'ỵ' => 'Ỵ', + 'ỷ' => 'Ỷ', + 'ỹ' => 'Ỹ', + 'ỻ' => 'Ỻ', + 'ỽ' => 'Ỽ', + 'ỿ' => 'Ỿ', + 'ἀ' => 'Ἀ', + 'ἁ' => 'Ἁ', + 'ἂ' => 'Ἂ', + 'ἃ' => 'Ἃ', + 'ἄ' => 'Ἄ', + 'ἅ' => 'Ἅ', + 'ἆ' => 'Ἆ', + 'ἇ' => 'Ἇ', + 'ἐ' => 'Ἐ', + 'ἑ' => 'Ἑ', + 'ἒ' => 'Ἒ', + 'ἓ' => 'Ἓ', + 'ἔ' => 'Ἔ', + 'ἕ' => 'Ἕ', + 'ἠ' => 'Ἠ', + 'ἡ' => 'Ἡ', + 'ἢ' => 'Ἢ', + 'ἣ' => 'Ἣ', + 'ἤ' => 'Ἤ', + 'ἥ' => 'Ἥ', + 'ἦ' => 'Ἦ', + 'ἧ' => 'Ἧ', + 'ἰ' => 'Ἰ', + 'ἱ' => 'Ἱ', + 'ἲ' => 'Ἲ', + 'ἳ' => 'Ἳ', + 'ἴ' => 'Ἴ', + 'ἵ' => 'Ἵ', + 'ἶ' => 'Ἶ', + 'ἷ' => 'Ἷ', + 'ὀ' => 'Ὀ', + 'ὁ' => 'Ὁ', + 'ὂ' => 'Ὂ', + 'ὃ' => 'Ὃ', + 'ὄ' => 'Ὄ', + 'ὅ' => 'Ὅ', + 'ὑ' => 'Ὑ', + 'ὓ' => 'Ὓ', + 'ὕ' => 'Ὕ', + 'ὗ' => 'Ὗ', + 'ὠ' => 'Ὠ', + 'ὡ' => 'Ὡ', + 'ὢ' => 'Ὢ', + 'ὣ' => 'Ὣ', + 'ὤ' => 'Ὤ', + 'ὥ' => 'Ὥ', + 'ὦ' => 'Ὦ', + 'ὧ' => 'Ὧ', + 'ὰ' => 'Ὰ', + 'ά' => 'Ά', + 'ὲ' => 'Ὲ', + 'έ' => 'Έ', + 'ὴ' => 'Ὴ', + 'ή' => 'Ή', + 'ὶ' => 'Ὶ', + 'ί' => 'Ί', + 'ὸ' => 'Ὸ', + 'ό' => 'Ό', + 'ὺ' => 'Ὺ', + 'ύ' => 'Ύ', + 'ὼ' => 'Ὼ', + 'ώ' => 'Ώ', + 'ᾀ' => 'ἈΙ', + 'ᾁ' => 'ἉΙ', + 'ᾂ' => 'ἊΙ', + 'ᾃ' => 'ἋΙ', + 'ᾄ' => 'ἌΙ', + 'ᾅ' => 'ἍΙ', + 'ᾆ' => 'ἎΙ', + 'ᾇ' => 'ἏΙ', + 'ᾐ' => 'ἨΙ', + 'ᾑ' => 'ἩΙ', + 'ᾒ' => 'ἪΙ', + 'ᾓ' => 'ἫΙ', + 'ᾔ' => 'ἬΙ', + 'ᾕ' => 'ἭΙ', + 'ᾖ' => 'ἮΙ', + 'ᾗ' => 'ἯΙ', + 'ᾠ' => 'ὨΙ', + 'ᾡ' => 'ὩΙ', + 'ᾢ' => 'ὪΙ', + 'ᾣ' => 'ὫΙ', + 'ᾤ' => 'ὬΙ', + 'ᾥ' => 'ὭΙ', + 'ᾦ' => 'ὮΙ', + 'ᾧ' => 'ὯΙ', + 'ᾰ' => 'Ᾰ', + 'ᾱ' => 'Ᾱ', + 'ᾳ' => 'ΑΙ', + 'ι' => 'Ι', + 'ῃ' => 'ΗΙ', + 'ῐ' => 'Ῐ', + 'ῑ' => 'Ῑ', + 'ῠ' => 'Ῠ', + 'ῡ' => 'Ῡ', + 'ῥ' => 'Ῥ', + 'ῳ' => 'ΩΙ', + 'ⅎ' => 'Ⅎ', + 'ⅰ' => 'Ⅰ', + 'ⅱ' => 'Ⅱ', + 'ⅲ' => 'Ⅲ', + 'ⅳ' => 'Ⅳ', + 'ⅴ' => 'Ⅴ', + 'ⅵ' => 'Ⅵ', + 'ⅶ' => 'Ⅶ', + 'ⅷ' => 'Ⅷ', + 'ⅸ' => 'Ⅸ', + 'ⅹ' => 'Ⅹ', + 'ⅺ' => 'Ⅺ', + 'ⅻ' => 'Ⅻ', + 'ⅼ' => 'Ⅼ', + 'ⅽ' => 'Ⅽ', + 'ⅾ' => 'Ⅾ', + 'ⅿ' => 'Ⅿ', + 'ↄ' => 'Ↄ', + 'ⓐ' => 'Ⓐ', + 'ⓑ' => 'Ⓑ', + 'ⓒ' => 'Ⓒ', + 'ⓓ' => 'Ⓓ', + 'ⓔ' => 'Ⓔ', + 'ⓕ' => 'Ⓕ', + 'ⓖ' => 'Ⓖ', + 'ⓗ' => 'Ⓗ', + 'ⓘ' => 'Ⓘ', + 'ⓙ' => 'Ⓙ', + 'ⓚ' => 'Ⓚ', + 'ⓛ' => 'Ⓛ', + 'ⓜ' => 'Ⓜ', + 'ⓝ' => 'Ⓝ', + 'ⓞ' => 'Ⓞ', + 'ⓟ' => 'Ⓟ', + 'ⓠ' => 'Ⓠ', + 'ⓡ' => 'Ⓡ', + 'ⓢ' => 'Ⓢ', + 'ⓣ' => 'Ⓣ', + 'ⓤ' => 'Ⓤ', + 'ⓥ' => 'Ⓥ', + 'ⓦ' => 'Ⓦ', + 'ⓧ' => 'Ⓧ', + 'ⓨ' => 'Ⓨ', + 'ⓩ' => 'Ⓩ', + 'ⰰ' => 'Ⰰ', + 'ⰱ' => 'Ⰱ', + 'ⰲ' => 'Ⰲ', + 'ⰳ' => 'Ⰳ', + 'ⰴ' => 'Ⰴ', + 'ⰵ' => 'Ⰵ', + 'ⰶ' => 'Ⰶ', + 'ⰷ' => 'Ⰷ', + 'ⰸ' => 'Ⰸ', + 'ⰹ' => 'Ⰹ', + 'ⰺ' => 'Ⰺ', + 'ⰻ' => 'Ⰻ', + 'ⰼ' => 'Ⰼ', + 'ⰽ' => 'Ⰽ', + 'ⰾ' => 'Ⰾ', + 'ⰿ' => 'Ⰿ', + 'ⱀ' => 'Ⱀ', + 'ⱁ' => 'Ⱁ', + 'ⱂ' => 'Ⱂ', + 'ⱃ' => 'Ⱃ', + 'ⱄ' => 'Ⱄ', + 'ⱅ' => 'Ⱅ', + 'ⱆ' => 'Ⱆ', + 'ⱇ' => 'Ⱇ', + 'ⱈ' => 'Ⱈ', + 'ⱉ' => 'Ⱉ', + 'ⱊ' => 'Ⱊ', + 'ⱋ' => 'Ⱋ', + 'ⱌ' => 'Ⱌ', + 'ⱍ' => 'Ⱍ', + 'ⱎ' => 'Ⱎ', + 'ⱏ' => 'Ⱏ', + 'ⱐ' => 'Ⱐ', + 'ⱑ' => 'Ⱑ', + 'ⱒ' => 'Ⱒ', + 'ⱓ' => 'Ⱓ', + 'ⱔ' => 'Ⱔ', + 'ⱕ' => 'Ⱕ', + 'ⱖ' => 'Ⱖ', + 'ⱗ' => 'Ⱗ', + 'ⱘ' => 'Ⱘ', + 'ⱙ' => 'Ⱙ', + 'ⱚ' => 'Ⱚ', + 'ⱛ' => 'Ⱛ', + 'ⱜ' => 'Ⱜ', + 'ⱝ' => 'Ⱝ', + 'ⱞ' => 'Ⱞ', + 'ⱡ' => 'Ⱡ', + 'ⱥ' => 'Ⱥ', + 'ⱦ' => 'Ⱦ', + 'ⱨ' => 'Ⱨ', + 'ⱪ' => 'Ⱪ', + 'ⱬ' => 'Ⱬ', + 'ⱳ' => 'Ⱳ', + 'ⱶ' => 'Ⱶ', + 'ⲁ' => 'Ⲁ', + 'ⲃ' => 'Ⲃ', + 'ⲅ' => 'Ⲅ', + 'ⲇ' => 'Ⲇ', + 'ⲉ' => 'Ⲉ', + 'ⲋ' => 'Ⲋ', + 'ⲍ' => 'Ⲍ', + 'ⲏ' => 'Ⲏ', + 'ⲑ' => 'Ⲑ', + 'ⲓ' => 'Ⲓ', + 'ⲕ' => 'Ⲕ', + 'ⲗ' => 'Ⲗ', + 'ⲙ' => 'Ⲙ', + 'ⲛ' => 'Ⲛ', + 'ⲝ' => 'Ⲝ', + 'ⲟ' => 'Ⲟ', + 'ⲡ' => 'Ⲡ', + 'ⲣ' => 'Ⲣ', + 'ⲥ' => 'Ⲥ', + 'ⲧ' => 'Ⲧ', + 'ⲩ' => 'Ⲩ', + 'ⲫ' => 'Ⲫ', + 'ⲭ' => 'Ⲭ', + 'ⲯ' => 'Ⲯ', + 'ⲱ' => 'Ⲱ', + 'ⲳ' => 'Ⲳ', + 'ⲵ' => 'Ⲵ', + 'ⲷ' => 'Ⲷ', + 'ⲹ' => 'Ⲹ', + 'ⲻ' => 'Ⲻ', + 'ⲽ' => 'Ⲽ', + 'ⲿ' => 'Ⲿ', + 'ⳁ' => 'Ⳁ', + 'ⳃ' => 'Ⳃ', + 'ⳅ' => 'Ⳅ', + 'ⳇ' => 'Ⳇ', + 'ⳉ' => 'Ⳉ', + 'ⳋ' => 'Ⳋ', + 'ⳍ' => 'Ⳍ', + 'ⳏ' => 'Ⳏ', + 'ⳑ' => 'Ⳑ', + 'ⳓ' => 'Ⳓ', + 'ⳕ' => 'Ⳕ', + 'ⳗ' => 'Ⳗ', + 'ⳙ' => 'Ⳙ', + 'ⳛ' => 'Ⳛ', + 'ⳝ' => 'Ⳝ', + 'ⳟ' => 'Ⳟ', + 'ⳡ' => 'Ⳡ', + 'ⳣ' => 'Ⳣ', + 'ⳬ' => 'Ⳬ', + 'ⳮ' => 'Ⳮ', + 'ⳳ' => 'Ⳳ', + 'ⴀ' => 'Ⴀ', + 'ⴁ' => 'Ⴁ', + 'ⴂ' => 'Ⴂ', + 'ⴃ' => 'Ⴃ', + 'ⴄ' => 'Ⴄ', + 'ⴅ' => 'Ⴅ', + 'ⴆ' => 'Ⴆ', + 'ⴇ' => 'Ⴇ', + 'ⴈ' => 'Ⴈ', + 'ⴉ' => 'Ⴉ', + 'ⴊ' => 'Ⴊ', + 'ⴋ' => 'Ⴋ', + 'ⴌ' => 'Ⴌ', + 'ⴍ' => 'Ⴍ', + 'ⴎ' => 'Ⴎ', + 'ⴏ' => 'Ⴏ', + 'ⴐ' => 'Ⴐ', + 'ⴑ' => 'Ⴑ', + 'ⴒ' => 'Ⴒ', + 'ⴓ' => 'Ⴓ', + 'ⴔ' => 'Ⴔ', + 'ⴕ' => 'Ⴕ', + 'ⴖ' => 'Ⴖ', + 'ⴗ' => 'Ⴗ', + 'ⴘ' => 'Ⴘ', + 'ⴙ' => 'Ⴙ', + 'ⴚ' => 'Ⴚ', + 'ⴛ' => 'Ⴛ', + 'ⴜ' => 'Ⴜ', + 'ⴝ' => 'Ⴝ', + 'ⴞ' => 'Ⴞ', + 'ⴟ' => 'Ⴟ', + 'ⴠ' => 'Ⴠ', + 'ⴡ' => 'Ⴡ', + 'ⴢ' => 'Ⴢ', + 'ⴣ' => 'Ⴣ', + 'ⴤ' => 'Ⴤ', + 'ⴥ' => 'Ⴥ', + 'ⴧ' => 'Ⴧ', + 'ⴭ' => 'Ⴭ', + 'ꙁ' => 'Ꙁ', + 'ꙃ' => 'Ꙃ', + 'ꙅ' => 'Ꙅ', + 'ꙇ' => 'Ꙇ', + 'ꙉ' => 'Ꙉ', + 'ꙋ' => 'Ꙋ', + 'ꙍ' => 'Ꙍ', + 'ꙏ' => 'Ꙏ', + 'ꙑ' => 'Ꙑ', + 'ꙓ' => 'Ꙓ', + 'ꙕ' => 'Ꙕ', + 'ꙗ' => 'Ꙗ', + 'ꙙ' => 'Ꙙ', + 'ꙛ' => 'Ꙛ', + 'ꙝ' => 'Ꙝ', + 'ꙟ' => 'Ꙟ', + 'ꙡ' => 'Ꙡ', + 'ꙣ' => 'Ꙣ', + 'ꙥ' => 'Ꙥ', + 'ꙧ' => 'Ꙧ', + 'ꙩ' => 'Ꙩ', + 'ꙫ' => 'Ꙫ', + 'ꙭ' => 'Ꙭ', + 'ꚁ' => 'Ꚁ', + 'ꚃ' => 'Ꚃ', + 'ꚅ' => 'Ꚅ', + 'ꚇ' => 'Ꚇ', + 'ꚉ' => 'Ꚉ', + 'ꚋ' => 'Ꚋ', + 'ꚍ' => 'Ꚍ', + 'ꚏ' => 'Ꚏ', + 'ꚑ' => 'Ꚑ', + 'ꚓ' => 'Ꚓ', + 'ꚕ' => 'Ꚕ', + 'ꚗ' => 'Ꚗ', + 'ꚙ' => 'Ꚙ', + 'ꚛ' => 'Ꚛ', + 'ꜣ' => 'Ꜣ', + 'ꜥ' => 'Ꜥ', + 'ꜧ' => 'Ꜧ', + 'ꜩ' => 'Ꜩ', + 'ꜫ' => 'Ꜫ', + 'ꜭ' => 'Ꜭ', + 'ꜯ' => 'Ꜯ', + 'ꜳ' => 'Ꜳ', + 'ꜵ' => 'Ꜵ', + 'ꜷ' => 'Ꜷ', + 'ꜹ' => 'Ꜹ', + 'ꜻ' => 'Ꜻ', + 'ꜽ' => 'Ꜽ', + 'ꜿ' => 'Ꜿ', + 'ꝁ' => 'Ꝁ', + 'ꝃ' => 'Ꝃ', + 'ꝅ' => 'Ꝅ', + 'ꝇ' => 'Ꝇ', + 'ꝉ' => 'Ꝉ', + 'ꝋ' => 'Ꝋ', + 'ꝍ' => 'Ꝍ', + 'ꝏ' => 'Ꝏ', + 'ꝑ' => 'Ꝑ', + 'ꝓ' => 'Ꝓ', + 'ꝕ' => 'Ꝕ', + 'ꝗ' => 'Ꝗ', + 'ꝙ' => 'Ꝙ', + 'ꝛ' => 'Ꝛ', + 'ꝝ' => 'Ꝝ', + 'ꝟ' => 'Ꝟ', + 'ꝡ' => 'Ꝡ', + 'ꝣ' => 'Ꝣ', + 'ꝥ' => 'Ꝥ', + 'ꝧ' => 'Ꝧ', + 'ꝩ' => 'Ꝩ', + 'ꝫ' => 'Ꝫ', + 'ꝭ' => 'Ꝭ', + 'ꝯ' => 'Ꝯ', + 'ꝺ' => 'Ꝺ', + 'ꝼ' => 'Ꝼ', + 'ꝿ' => 'Ꝿ', + 'ꞁ' => 'Ꞁ', + 'ꞃ' => 'Ꞃ', + 'ꞅ' => 'Ꞅ', + 'ꞇ' => 'Ꞇ', + 'ꞌ' => 'Ꞌ', + 'ꞑ' => 'Ꞑ', + 'ꞓ' => 'Ꞓ', + 'ꞔ' => 'Ꞔ', + 'ꞗ' => 'Ꞗ', + 'ꞙ' => 'Ꞙ', + 'ꞛ' => 'Ꞛ', + 'ꞝ' => 'Ꞝ', + 'ꞟ' => 'Ꞟ', + 'ꞡ' => 'Ꞡ', + 'ꞣ' => 'Ꞣ', + 'ꞥ' => 'Ꞥ', + 'ꞧ' => 'Ꞧ', + 'ꞩ' => 'Ꞩ', + 'ꞵ' => 'Ꞵ', + 'ꞷ' => 'Ꞷ', + 'ꞹ' => 'Ꞹ', + 'ꞻ' => 'Ꞻ', + 'ꞽ' => 'Ꞽ', + 'ꞿ' => 'Ꞿ', + 'ꟃ' => 'Ꟃ', + 'ꟈ' => 'Ꟈ', + 'ꟊ' => 'Ꟊ', + 'ꟶ' => 'Ꟶ', + 'ꭓ' => 'Ꭓ', + 'ꭰ' => 'Ꭰ', + 'ꭱ' => 'Ꭱ', + 'ꭲ' => 'Ꭲ', + 'ꭳ' => 'Ꭳ', + 'ꭴ' => 'Ꭴ', + 'ꭵ' => 'Ꭵ', + 'ꭶ' => 'Ꭶ', + 'ꭷ' => 'Ꭷ', + 'ꭸ' => 'Ꭸ', + 'ꭹ' => 'Ꭹ', + 'ꭺ' => 'Ꭺ', + 'ꭻ' => 'Ꭻ', + 'ꭼ' => 'Ꭼ', + 'ꭽ' => 'Ꭽ', + 'ꭾ' => 'Ꭾ', + 'ꭿ' => 'Ꭿ', + 'ꮀ' => 'Ꮀ', + 'ꮁ' => 'Ꮁ', + 'ꮂ' => 'Ꮂ', + 'ꮃ' => 'Ꮃ', + 'ꮄ' => 'Ꮄ', + 'ꮅ' => 'Ꮅ', + 'ꮆ' => 'Ꮆ', + 'ꮇ' => 'Ꮇ', + 'ꮈ' => 'Ꮈ', + 'ꮉ' => 'Ꮉ', + 'ꮊ' => 'Ꮊ', + 'ꮋ' => 'Ꮋ', + 'ꮌ' => 'Ꮌ', + 'ꮍ' => 'Ꮍ', + 'ꮎ' => 'Ꮎ', + 'ꮏ' => 'Ꮏ', + 'ꮐ' => 'Ꮐ', + 'ꮑ' => 'Ꮑ', + 'ꮒ' => 'Ꮒ', + 'ꮓ' => 'Ꮓ', + 'ꮔ' => 'Ꮔ', + 'ꮕ' => 'Ꮕ', + 'ꮖ' => 'Ꮖ', + 'ꮗ' => 'Ꮗ', + 'ꮘ' => 'Ꮘ', + 'ꮙ' => 'Ꮙ', + 'ꮚ' => 'Ꮚ', + 'ꮛ' => 'Ꮛ', + 'ꮜ' => 'Ꮜ', + 'ꮝ' => 'Ꮝ', + 'ꮞ' => 'Ꮞ', + 'ꮟ' => 'Ꮟ', + 'ꮠ' => 'Ꮠ', + 'ꮡ' => 'Ꮡ', + 'ꮢ' => 'Ꮢ', + 'ꮣ' => 'Ꮣ', + 'ꮤ' => 'Ꮤ', + 'ꮥ' => 'Ꮥ', + 'ꮦ' => 'Ꮦ', + 'ꮧ' => 'Ꮧ', + 'ꮨ' => 'Ꮨ', + 'ꮩ' => 'Ꮩ', + 'ꮪ' => 'Ꮪ', + 'ꮫ' => 'Ꮫ', + 'ꮬ' => 'Ꮬ', + 'ꮭ' => 'Ꮭ', + 'ꮮ' => 'Ꮮ', + 'ꮯ' => 'Ꮯ', + 'ꮰ' => 'Ꮰ', + 'ꮱ' => 'Ꮱ', + 'ꮲ' => 'Ꮲ', + 'ꮳ' => 'Ꮳ', + 'ꮴ' => 'Ꮴ', + 'ꮵ' => 'Ꮵ', + 'ꮶ' => 'Ꮶ', + 'ꮷ' => 'Ꮷ', + 'ꮸ' => 'Ꮸ', + 'ꮹ' => 'Ꮹ', + 'ꮺ' => 'Ꮺ', + 'ꮻ' => 'Ꮻ', + 'ꮼ' => 'Ꮼ', + 'ꮽ' => 'Ꮽ', + 'ꮾ' => 'Ꮾ', + 'ꮿ' => 'Ꮿ', + 'a' => 'A', + 'b' => 'B', + 'c' => 'C', + 'd' => 'D', + 'e' => 'E', + 'f' => 'F', + 'g' => 'G', + 'h' => 'H', + 'i' => 'I', + 'j' => 'J', + 'k' => 'K', + 'l' => 'L', + 'm' => 'M', + 'n' => 'N', + 'o' => 'O', + 'p' => 'P', + 'q' => 'Q', + 'r' => 'R', + 's' => 'S', + 't' => 'T', + 'u' => 'U', + 'v' => 'V', + 'w' => 'W', + 'x' => 'X', + 'y' => 'Y', + 'z' => 'Z', + '𐐨' => '𐐀', + '𐐩' => '𐐁', + '𐐪' => '𐐂', + '𐐫' => '𐐃', + '𐐬' => '𐐄', + '𐐭' => '𐐅', + '𐐮' => '𐐆', + '𐐯' => '𐐇', + '𐐰' => '𐐈', + '𐐱' => '𐐉', + '𐐲' => '𐐊', + '𐐳' => '𐐋', + '𐐴' => '𐐌', + '𐐵' => '𐐍', + '𐐶' => '𐐎', + '𐐷' => '𐐏', + '𐐸' => '𐐐', + '𐐹' => '𐐑', + '𐐺' => '𐐒', + '𐐻' => '𐐓', + '𐐼' => '𐐔', + '𐐽' => '𐐕', + '𐐾' => '𐐖', + '𐐿' => '𐐗', + '𐑀' => '𐐘', + '𐑁' => '𐐙', + '𐑂' => '𐐚', + '𐑃' => '𐐛', + '𐑄' => '𐐜', + '𐑅' => '𐐝', + '𐑆' => '𐐞', + '𐑇' => '𐐟', + '𐑈' => '𐐠', + '𐑉' => '𐐡', + '𐑊' => '𐐢', + '𐑋' => '𐐣', + '𐑌' => '𐐤', + '𐑍' => '𐐥', + '𐑎' => '𐐦', + '𐑏' => '𐐧', + '𐓘' => '𐒰', + '𐓙' => '𐒱', + '𐓚' => '𐒲', + '𐓛' => '𐒳', + '𐓜' => '𐒴', + '𐓝' => '𐒵', + '𐓞' => '𐒶', + '𐓟' => '𐒷', + '𐓠' => '𐒸', + '𐓡' => '𐒹', + '𐓢' => '𐒺', + '𐓣' => '𐒻', + '𐓤' => '𐒼', + '𐓥' => '𐒽', + '𐓦' => '𐒾', + '𐓧' => '𐒿', + '𐓨' => '𐓀', + '𐓩' => '𐓁', + '𐓪' => '𐓂', + '𐓫' => '𐓃', + '𐓬' => '𐓄', + '𐓭' => '𐓅', + '𐓮' => '𐓆', + '𐓯' => '𐓇', + '𐓰' => '𐓈', + '𐓱' => '𐓉', + '𐓲' => '𐓊', + '𐓳' => '𐓋', + '𐓴' => '𐓌', + '𐓵' => '𐓍', + '𐓶' => '𐓎', + '𐓷' => '𐓏', + '𐓸' => '𐓐', + '𐓹' => '𐓑', + '𐓺' => '𐓒', + '𐓻' => '𐓓', + '𐳀' => '𐲀', + '𐳁' => '𐲁', + '𐳂' => '𐲂', + '𐳃' => '𐲃', + '𐳄' => '𐲄', + '𐳅' => '𐲅', + '𐳆' => '𐲆', + '𐳇' => '𐲇', + '𐳈' => '𐲈', + '𐳉' => '𐲉', + '𐳊' => '𐲊', + '𐳋' => '𐲋', + '𐳌' => '𐲌', + '𐳍' => '𐲍', + '𐳎' => '𐲎', + '𐳏' => '𐲏', + '𐳐' => '𐲐', + '𐳑' => '𐲑', + '𐳒' => '𐲒', + '𐳓' => '𐲓', + '𐳔' => '𐲔', + '𐳕' => '𐲕', + '𐳖' => '𐲖', + '𐳗' => '𐲗', + '𐳘' => '𐲘', + '𐳙' => '𐲙', + '𐳚' => '𐲚', + '𐳛' => '𐲛', + '𐳜' => '𐲜', + '𐳝' => '𐲝', + '𐳞' => '𐲞', + '𐳟' => '𐲟', + '𐳠' => '𐲠', + '𐳡' => '𐲡', + '𐳢' => '𐲢', + '𐳣' => '𐲣', + '𐳤' => '𐲤', + '𐳥' => '𐲥', + '𐳦' => '𐲦', + '𐳧' => '𐲧', + '𐳨' => '𐲨', + '𐳩' => '𐲩', + '𐳪' => '𐲪', + '𐳫' => '𐲫', + '𐳬' => '𐲬', + '𐳭' => '𐲭', + '𐳮' => '𐲮', + '𐳯' => '𐲯', + '𐳰' => '𐲰', + '𐳱' => '𐲱', + '𐳲' => '𐲲', + '𑣀' => '𑢠', + '𑣁' => '𑢡', + '𑣂' => '𑢢', + '𑣃' => '𑢣', + '𑣄' => '𑢤', + '𑣅' => '𑢥', + '𑣆' => '𑢦', + '𑣇' => '𑢧', + '𑣈' => '𑢨', + '𑣉' => '𑢩', + '𑣊' => '𑢪', + '𑣋' => '𑢫', + '𑣌' => '𑢬', + '𑣍' => '𑢭', + '𑣎' => '𑢮', + '𑣏' => '𑢯', + '𑣐' => '𑢰', + '𑣑' => '𑢱', + '𑣒' => '𑢲', + '𑣓' => '𑢳', + '𑣔' => '𑢴', + '𑣕' => '𑢵', + '𑣖' => '𑢶', + '𑣗' => '𑢷', + '𑣘' => '𑢸', + '𑣙' => '𑢹', + '𑣚' => '𑢺', + '𑣛' => '𑢻', + '𑣜' => '𑢼', + '𑣝' => '𑢽', + '𑣞' => '𑢾', + '𑣟' => '𑢿', + '𖹠' => '𖹀', + '𖹡' => '𖹁', + '𖹢' => '𖹂', + '𖹣' => '𖹃', + '𖹤' => '𖹄', + '𖹥' => '𖹅', + '𖹦' => '𖹆', + '𖹧' => '𖹇', + '𖹨' => '𖹈', + '𖹩' => '𖹉', + '𖹪' => '𖹊', + '𖹫' => '𖹋', + '𖹬' => '𖹌', + '𖹭' => '𖹍', + '𖹮' => '𖹎', + '𖹯' => '𖹏', + '𖹰' => '𖹐', + '𖹱' => '𖹑', + '𖹲' => '𖹒', + '𖹳' => '𖹓', + '𖹴' => '𖹔', + '𖹵' => '𖹕', + '𖹶' => '𖹖', + '𖹷' => '𖹗', + '𖹸' => '𖹘', + '𖹹' => '𖹙', + '𖹺' => '𖹚', + '𖹻' => '𖹛', + '𖹼' => '𖹜', + '𖹽' => '𖹝', + '𖹾' => '𖹞', + '𖹿' => '𖹟', + '𞤢' => '𞤀', + '𞤣' => '𞤁', + '𞤤' => '𞤂', + '𞤥' => '𞤃', + '𞤦' => '𞤄', + '𞤧' => '𞤅', + '𞤨' => '𞤆', + '𞤩' => '𞤇', + '𞤪' => '𞤈', + '𞤫' => '𞤉', + '𞤬' => '𞤊', + '𞤭' => '𞤋', + '𞤮' => '𞤌', + '𞤯' => '𞤍', + '𞤰' => '𞤎', + '𞤱' => '𞤏', + '𞤲' => '𞤐', + '𞤳' => '𞤑', + '𞤴' => '𞤒', + '𞤵' => '𞤓', + '𞤶' => '𞤔', + '𞤷' => '𞤕', + '𞤸' => '𞤖', + '𞤹' => '𞤗', + '𞤺' => '𞤘', + '𞤻' => '𞤙', + '𞤼' => '𞤚', + '𞤽' => '𞤛', + '𞤾' => '𞤜', + '𞤿' => '𞤝', + '𞥀' => '𞤞', + '𞥁' => '𞤟', + '𞥂' => '𞤠', + '𞥃' => '𞤡', + 'ß' => 'SS', + 'ff' => 'FF', + 'fi' => 'FI', + 'fl' => 'FL', + 'ffi' => 'FFI', + 'ffl' => 'FFL', + 'ſt' => 'ST', + 'st' => 'ST', + 'և' => 'ԵՒ', + 'ﬓ' => 'ՄՆ', + 'ﬔ' => 'ՄԵ', + 'ﬕ' => 'ՄԻ', + 'ﬖ' => 'ՎՆ', + 'ﬗ' => 'ՄԽ', + 'ʼn' => 'ʼN', + 'ΐ' => 'Ϊ́', + 'ΰ' => 'Ϋ́', + 'ǰ' => 'J̌', + 'ẖ' => 'H̱', + 'ẗ' => 'T̈', + 'ẘ' => 'W̊', + 'ẙ' => 'Y̊', + 'ẚ' => 'Aʾ', + 'ὐ' => 'Υ̓', + 'ὒ' => 'Υ̓̀', + 'ὔ' => 'Υ̓́', + 'ὖ' => 'Υ̓͂', + 'ᾶ' => 'Α͂', + 'ῆ' => 'Η͂', + 'ῒ' => 'Ϊ̀', + 'ΐ' => 'Ϊ́', + 'ῖ' => 'Ι͂', + 'ῗ' => 'Ϊ͂', + 'ῢ' => 'Ϋ̀', + 'ΰ' => 'Ϋ́', + 'ῤ' => 'Ρ̓', + 'ῦ' => 'Υ͂', + 'ῧ' => 'Ϋ͂', + 'ῶ' => 'Ω͂', + 'ᾈ' => 'ἈΙ', + 'ᾉ' => 'ἉΙ', + 'ᾊ' => 'ἊΙ', + 'ᾋ' => 'ἋΙ', + 'ᾌ' => 'ἌΙ', + 'ᾍ' => 'ἍΙ', + 'ᾎ' => 'ἎΙ', + 'ᾏ' => 'ἏΙ', + 'ᾘ' => 'ἨΙ', + 'ᾙ' => 'ἩΙ', + 'ᾚ' => 'ἪΙ', + 'ᾛ' => 'ἫΙ', + 'ᾜ' => 'ἬΙ', + 'ᾝ' => 'ἭΙ', + 'ᾞ' => 'ἮΙ', + 'ᾟ' => 'ἯΙ', + 'ᾨ' => 'ὨΙ', + 'ᾩ' => 'ὩΙ', + 'ᾪ' => 'ὪΙ', + 'ᾫ' => 'ὫΙ', + 'ᾬ' => 'ὬΙ', + 'ᾭ' => 'ὭΙ', + 'ᾮ' => 'ὮΙ', + 'ᾯ' => 'ὯΙ', + 'ᾼ' => 'ΑΙ', + 'ῌ' => 'ΗΙ', + 'ῼ' => 'ΩΙ', + 'ᾲ' => 'ᾺΙ', + 'ᾴ' => 'ΆΙ', + 'ῂ' => 'ῊΙ', + 'ῄ' => 'ΉΙ', + 'ῲ' => 'ῺΙ', + 'ῴ' => 'ΏΙ', + 'ᾷ' => 'Α͂Ι', + 'ῇ' => 'Η͂Ι', + 'ῷ' => 'Ω͂Ι', +); diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/bootstrap.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/bootstrap.php new file mode 100644 index 0000000..ecf1a03 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/bootstrap.php @@ -0,0 +1,151 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +use Symfony\Polyfill\Mbstring as p; + +if (\PHP_VERSION_ID >= 80000) { + return require __DIR__.'/bootstrap80.php'; +} + +if (!function_exists('mb_convert_encoding')) { + function mb_convert_encoding($string, $to_encoding, $from_encoding = null) { return p\Mbstring::mb_convert_encoding($string, $to_encoding, $from_encoding); } +} +if (!function_exists('mb_decode_mimeheader')) { + function mb_decode_mimeheader($string) { return p\Mbstring::mb_decode_mimeheader($string); } +} +if (!function_exists('mb_encode_mimeheader')) { + function mb_encode_mimeheader($string, $charset = null, $transfer_encoding = null, $newline = "\r\n", $indent = 0) { return p\Mbstring::mb_encode_mimeheader($string, $charset, $transfer_encoding, $newline, $indent); } +} +if (!function_exists('mb_decode_numericentity')) { + function mb_decode_numericentity($string, $map, $encoding = null) { return p\Mbstring::mb_decode_numericentity($string, $map, $encoding); } +} +if (!function_exists('mb_encode_numericentity')) { + function mb_encode_numericentity($string, $map, $encoding = null, $hex = false) { return p\Mbstring::mb_encode_numericentity($string, $map, $encoding, $hex); } +} +if (!function_exists('mb_convert_case')) { + function mb_convert_case($string, $mode, $encoding = null) { return p\Mbstring::mb_convert_case($string, $mode, $encoding); } +} +if (!function_exists('mb_internal_encoding')) { + function mb_internal_encoding($encoding = null) { return p\Mbstring::mb_internal_encoding($encoding); } +} +if (!function_exists('mb_language')) { + function mb_language($language = null) { return p\Mbstring::mb_language($language); } +} +if (!function_exists('mb_list_encodings')) { + function mb_list_encodings() { return p\Mbstring::mb_list_encodings(); } +} +if (!function_exists('mb_encoding_aliases')) { + function mb_encoding_aliases($encoding) { return p\Mbstring::mb_encoding_aliases($encoding); } +} +if (!function_exists('mb_check_encoding')) { + function mb_check_encoding($value = null, $encoding = null) { return p\Mbstring::mb_check_encoding($value, $encoding); } +} +if (!function_exists('mb_detect_encoding')) { + function mb_detect_encoding($string, $encodings = null, $strict = false) { return p\Mbstring::mb_detect_encoding($string, $encodings, $strict); } +} +if (!function_exists('mb_detect_order')) { + function mb_detect_order($encoding = null) { return p\Mbstring::mb_detect_order($encoding); } +} +if (!function_exists('mb_parse_str')) { + function mb_parse_str($string, &$result = []) { parse_str($string, $result); return (bool) $result; } +} +if (!function_exists('mb_strlen')) { + function mb_strlen($string, $encoding = null) { return p\Mbstring::mb_strlen($string, $encoding); } +} +if (!function_exists('mb_strpos')) { + function mb_strpos($haystack, $needle, $offset = 0, $encoding = null) { return p\Mbstring::mb_strpos($haystack, $needle, $offset, $encoding); } +} +if (!function_exists('mb_strtolower')) { + function mb_strtolower($string, $encoding = null) { return p\Mbstring::mb_strtolower($string, $encoding); } +} +if (!function_exists('mb_strtoupper')) { + function mb_strtoupper($string, $encoding = null) { return p\Mbstring::mb_strtoupper($string, $encoding); } +} +if (!function_exists('mb_substitute_character')) { + function mb_substitute_character($substitute_character = null) { return p\Mbstring::mb_substitute_character($substitute_character); } +} +if (!function_exists('mb_substr')) { + function mb_substr($string, $start, $length = 2147483647, $encoding = null) { return p\Mbstring::mb_substr($string, $start, $length, $encoding); } +} +if (!function_exists('mb_stripos')) { + function mb_stripos($haystack, $needle, $offset = 0, $encoding = null) { return p\Mbstring::mb_stripos($haystack, $needle, $offset, $encoding); } +} +if (!function_exists('mb_stristr')) { + function mb_stristr($haystack, $needle, $before_needle = false, $encoding = null) { return p\Mbstring::mb_stristr($haystack, $needle, $before_needle, $encoding); } +} +if (!function_exists('mb_strrchr')) { + function mb_strrchr($haystack, $needle, $before_needle = false, $encoding = null) { return p\Mbstring::mb_strrchr($haystack, $needle, $before_needle, $encoding); } +} +if (!function_exists('mb_strrichr')) { + function mb_strrichr($haystack, $needle, $before_needle = false, $encoding = null) { return p\Mbstring::mb_strrichr($haystack, $needle, $before_needle, $encoding); } +} +if (!function_exists('mb_strripos')) { + function mb_strripos($haystack, $needle, $offset = 0, $encoding = null) { return p\Mbstring::mb_strripos($haystack, $needle, $offset, $encoding); } +} +if (!function_exists('mb_strrpos')) { + function mb_strrpos($haystack, $needle, $offset = 0, $encoding = null) { return p\Mbstring::mb_strrpos($haystack, $needle, $offset, $encoding); } +} +if (!function_exists('mb_strstr')) { + function mb_strstr($haystack, $needle, $before_needle = false, $encoding = null) { return p\Mbstring::mb_strstr($haystack, $needle, $before_needle, $encoding); } +} +if (!function_exists('mb_get_info')) { + function mb_get_info($type = 'all') { return p\Mbstring::mb_get_info($type); } +} +if (!function_exists('mb_http_output')) { + function mb_http_output($encoding = null) { return p\Mbstring::mb_http_output($encoding); } +} +if (!function_exists('mb_strwidth')) { + function mb_strwidth($string, $encoding = null) { return p\Mbstring::mb_strwidth($string, $encoding); } +} +if (!function_exists('mb_substr_count')) { + function mb_substr_count($haystack, $needle, $encoding = null) { return p\Mbstring::mb_substr_count($haystack, $needle, $encoding); } +} +if (!function_exists('mb_output_handler')) { + function mb_output_handler($string, $status) { return p\Mbstring::mb_output_handler($string, $status); } +} +if (!function_exists('mb_http_input')) { + function mb_http_input($type = null) { return p\Mbstring::mb_http_input($type); } +} + +if (!function_exists('mb_convert_variables')) { + function mb_convert_variables($to_encoding, $from_encoding, &...$vars) { return p\Mbstring::mb_convert_variables($to_encoding, $from_encoding, ...$vars); } +} + +if (!function_exists('mb_ord')) { + function mb_ord($string, $encoding = null) { return p\Mbstring::mb_ord($string, $encoding); } +} +if (!function_exists('mb_chr')) { + function mb_chr($codepoint, $encoding = null) { return p\Mbstring::mb_chr($codepoint, $encoding); } +} +if (!function_exists('mb_scrub')) { + function mb_scrub($string, $encoding = null) { $encoding = null === $encoding ? mb_internal_encoding() : $encoding; return mb_convert_encoding($string, $encoding, $encoding); } +} +if (!function_exists('mb_str_split')) { + function mb_str_split($string, $length = 1, $encoding = null) { return p\Mbstring::mb_str_split($string, $length, $encoding); } +} + +if (!function_exists('mb_str_pad')) { + function mb_str_pad(string $string, int $length, string $pad_string = ' ', int $pad_type = STR_PAD_RIGHT, ?string $encoding = null): string { return p\Mbstring::mb_str_pad($string, $length, $pad_string, $pad_type, $encoding); } +} + +if (extension_loaded('mbstring')) { + return; +} + +if (!defined('MB_CASE_UPPER')) { + define('MB_CASE_UPPER', 0); +} +if (!defined('MB_CASE_LOWER')) { + define('MB_CASE_LOWER', 1); +} +if (!defined('MB_CASE_TITLE')) { + define('MB_CASE_TITLE', 2); +} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/bootstrap80.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/bootstrap80.php new file mode 100644 index 0000000..2f9fb5b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/bootstrap80.php @@ -0,0 +1,147 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +use Symfony\Polyfill\Mbstring as p; + +if (!function_exists('mb_convert_encoding')) { + function mb_convert_encoding(array|string|null $string, ?string $to_encoding, array|string|null $from_encoding = null): array|string|false { return p\Mbstring::mb_convert_encoding($string ?? '', (string) $to_encoding, $from_encoding); } +} +if (!function_exists('mb_decode_mimeheader')) { + function mb_decode_mimeheader(?string $string): string { return p\Mbstring::mb_decode_mimeheader((string) $string); } +} +if (!function_exists('mb_encode_mimeheader')) { + function mb_encode_mimeheader(?string $string, ?string $charset = null, ?string $transfer_encoding = null, ?string $newline = "\r\n", ?int $indent = 0): string { return p\Mbstring::mb_encode_mimeheader((string) $string, $charset, $transfer_encoding, (string) $newline, (int) $indent); } +} +if (!function_exists('mb_decode_numericentity')) { + function mb_decode_numericentity(?string $string, array $map, ?string $encoding = null): string { return p\Mbstring::mb_decode_numericentity((string) $string, $map, $encoding); } +} +if (!function_exists('mb_encode_numericentity')) { + function mb_encode_numericentity(?string $string, array $map, ?string $encoding = null, ?bool $hex = false): string { return p\Mbstring::mb_encode_numericentity((string) $string, $map, $encoding, (bool) $hex); } +} +if (!function_exists('mb_convert_case')) { + function mb_convert_case(?string $string, ?int $mode, ?string $encoding = null): string { return p\Mbstring::mb_convert_case((string) $string, (int) $mode, $encoding); } +} +if (!function_exists('mb_internal_encoding')) { + function mb_internal_encoding(?string $encoding = null): string|bool { return p\Mbstring::mb_internal_encoding($encoding); } +} +if (!function_exists('mb_language')) { + function mb_language(?string $language = null): string|bool { return p\Mbstring::mb_language($language); } +} +if (!function_exists('mb_list_encodings')) { + function mb_list_encodings(): array { return p\Mbstring::mb_list_encodings(); } +} +if (!function_exists('mb_encoding_aliases')) { + function mb_encoding_aliases(?string $encoding): array { return p\Mbstring::mb_encoding_aliases((string) $encoding); } +} +if (!function_exists('mb_check_encoding')) { + function mb_check_encoding(array|string|null $value = null, ?string $encoding = null): bool { return p\Mbstring::mb_check_encoding($value, $encoding); } +} +if (!function_exists('mb_detect_encoding')) { + function mb_detect_encoding(?string $string, array|string|null $encodings = null, ?bool $strict = false): string|false { return p\Mbstring::mb_detect_encoding((string) $string, $encodings, (bool) $strict); } +} +if (!function_exists('mb_detect_order')) { + function mb_detect_order(array|string|null $encoding = null): array|bool { return p\Mbstring::mb_detect_order($encoding); } +} +if (!function_exists('mb_parse_str')) { + function mb_parse_str(?string $string, &$result = []): bool { parse_str((string) $string, $result); return (bool) $result; } +} +if (!function_exists('mb_strlen')) { + function mb_strlen(?string $string, ?string $encoding = null): int { return p\Mbstring::mb_strlen((string) $string, $encoding); } +} +if (!function_exists('mb_strpos')) { + function mb_strpos(?string $haystack, ?string $needle, ?int $offset = 0, ?string $encoding = null): int|false { return p\Mbstring::mb_strpos((string) $haystack, (string) $needle, (int) $offset, $encoding); } +} +if (!function_exists('mb_strtolower')) { + function mb_strtolower(?string $string, ?string $encoding = null): string { return p\Mbstring::mb_strtolower((string) $string, $encoding); } +} +if (!function_exists('mb_strtoupper')) { + function mb_strtoupper(?string $string, ?string $encoding = null): string { return p\Mbstring::mb_strtoupper((string) $string, $encoding); } +} +if (!function_exists('mb_substitute_character')) { + function mb_substitute_character(string|int|null $substitute_character = null): string|int|bool { return p\Mbstring::mb_substitute_character($substitute_character); } +} +if (!function_exists('mb_substr')) { + function mb_substr(?string $string, ?int $start, ?int $length = null, ?string $encoding = null): string { return p\Mbstring::mb_substr((string) $string, (int) $start, $length, $encoding); } +} +if (!function_exists('mb_stripos')) { + function mb_stripos(?string $haystack, ?string $needle, ?int $offset = 0, ?string $encoding = null): int|false { return p\Mbstring::mb_stripos((string) $haystack, (string) $needle, (int) $offset, $encoding); } +} +if (!function_exists('mb_stristr')) { + function mb_stristr(?string $haystack, ?string $needle, ?bool $before_needle = false, ?string $encoding = null): string|false { return p\Mbstring::mb_stristr((string) $haystack, (string) $needle, (bool) $before_needle, $encoding); } +} +if (!function_exists('mb_strrchr')) { + function mb_strrchr(?string $haystack, ?string $needle, ?bool $before_needle = false, ?string $encoding = null): string|false { return p\Mbstring::mb_strrchr((string) $haystack, (string) $needle, (bool) $before_needle, $encoding); } +} +if (!function_exists('mb_strrichr')) { + function mb_strrichr(?string $haystack, ?string $needle, ?bool $before_needle = false, ?string $encoding = null): string|false { return p\Mbstring::mb_strrichr((string) $haystack, (string) $needle, (bool) $before_needle, $encoding); } +} +if (!function_exists('mb_strripos')) { + function mb_strripos(?string $haystack, ?string $needle, ?int $offset = 0, ?string $encoding = null): int|false { return p\Mbstring::mb_strripos((string) $haystack, (string) $needle, (int) $offset, $encoding); } +} +if (!function_exists('mb_strrpos')) { + function mb_strrpos(?string $haystack, ?string $needle, ?int $offset = 0, ?string $encoding = null): int|false { return p\Mbstring::mb_strrpos((string) $haystack, (string) $needle, (int) $offset, $encoding); } +} +if (!function_exists('mb_strstr')) { + function mb_strstr(?string $haystack, ?string $needle, ?bool $before_needle = false, ?string $encoding = null): string|false { return p\Mbstring::mb_strstr((string) $haystack, (string) $needle, (bool) $before_needle, $encoding); } +} +if (!function_exists('mb_get_info')) { + function mb_get_info(?string $type = 'all'): array|string|int|false { return p\Mbstring::mb_get_info((string) $type); } +} +if (!function_exists('mb_http_output')) { + function mb_http_output(?string $encoding = null): string|bool { return p\Mbstring::mb_http_output($encoding); } +} +if (!function_exists('mb_strwidth')) { + function mb_strwidth(?string $string, ?string $encoding = null): int { return p\Mbstring::mb_strwidth((string) $string, $encoding); } +} +if (!function_exists('mb_substr_count')) { + function mb_substr_count(?string $haystack, ?string $needle, ?string $encoding = null): int { return p\Mbstring::mb_substr_count((string) $haystack, (string) $needle, $encoding); } +} +if (!function_exists('mb_output_handler')) { + function mb_output_handler(?string $string, ?int $status): string { return p\Mbstring::mb_output_handler((string) $string, (int) $status); } +} +if (!function_exists('mb_http_input')) { + function mb_http_input(?string $type = null): array|string|false { return p\Mbstring::mb_http_input($type); } +} + +if (!function_exists('mb_convert_variables')) { + function mb_convert_variables(?string $to_encoding, array|string|null $from_encoding, mixed &$var, mixed &...$vars): string|false { return p\Mbstring::mb_convert_variables((string) $to_encoding, $from_encoding ?? '', $var, ...$vars); } +} + +if (!function_exists('mb_ord')) { + function mb_ord(?string $string, ?string $encoding = null): int|false { return p\Mbstring::mb_ord((string) $string, $encoding); } +} +if (!function_exists('mb_chr')) { + function mb_chr(?int $codepoint, ?string $encoding = null): string|false { return p\Mbstring::mb_chr((int) $codepoint, $encoding); } +} +if (!function_exists('mb_scrub')) { + function mb_scrub(?string $string, ?string $encoding = null): string { $encoding ??= mb_internal_encoding(); return mb_convert_encoding((string) $string, $encoding, $encoding); } +} +if (!function_exists('mb_str_split')) { + function mb_str_split(?string $string, ?int $length = 1, ?string $encoding = null): array { return p\Mbstring::mb_str_split((string) $string, (int) $length, $encoding); } +} + +if (!function_exists('mb_str_pad')) { + function mb_str_pad(string $string, int $length, string $pad_string = ' ', int $pad_type = STR_PAD_RIGHT, ?string $encoding = null): string { return p\Mbstring::mb_str_pad($string, $length, $pad_string, $pad_type, $encoding); } +} + +if (extension_loaded('mbstring')) { + return; +} + +if (!defined('MB_CASE_UPPER')) { + define('MB_CASE_UPPER', 0); +} +if (!defined('MB_CASE_LOWER')) { + define('MB_CASE_LOWER', 1); +} +if (!defined('MB_CASE_TITLE')) { + define('MB_CASE_TITLE', 2); +} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/composer.json b/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/composer.json new file mode 100644 index 0000000..943e502 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/composer.json @@ -0,0 +1,41 @@ +{ + "name": "symfony/polyfill-mbstring", + "type": "library", + "description": "Symfony polyfill for the Mbstring extension", + "keywords": ["polyfill", "shim", "compatibility", "portable", "mbstring"], + "homepage": "https://symfony.com", + "license": "MIT", + "authors": [ + { + "name": "Nicolas Grekas", + "email": "p@tchwork.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "require": { + "php": ">=7.1" + }, + "provide": { + "ext-mbstring": "*" + }, + "autoload": { + "psr-4": { "Symfony\\Polyfill\\Mbstring\\": "" }, + "files": [ "bootstrap.php" ] + }, + "suggest": { + "ext-mbstring": "For best performance" + }, + "minimum-stability": "dev", + "extra": { + "branch-alias": { + "dev-main": "1.28-dev" + }, + "thanks": { + "name": "symfony/polyfill", + "url": "https://github.com/symfony/polyfill" + } + } +} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/LICENSE b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/LICENSE new file mode 100644 index 0000000..0ed3a24 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/LICENSE @@ -0,0 +1,19 @@ +Copyright (c) 2020-present Fabien Potencier + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is furnished +to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Php80.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Php80.php new file mode 100644 index 0000000..362dd1a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Php80.php @@ -0,0 +1,115 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Polyfill\Php80; + +/** + * @author Ion Bazan + * @author Nico Oelgart + * @author Nicolas Grekas + * + * @internal + */ +final class Php80 +{ + public static function fdiv(float $dividend, float $divisor): float + { + return @($dividend / $divisor); + } + + public static function get_debug_type($value): string + { + switch (true) { + case null === $value: return 'null'; + case \is_bool($value): return 'bool'; + case \is_string($value): return 'string'; + case \is_array($value): return 'array'; + case \is_int($value): return 'int'; + case \is_float($value): return 'float'; + case \is_object($value): break; + case $value instanceof \__PHP_Incomplete_Class: return '__PHP_Incomplete_Class'; + default: + if (null === $type = @get_resource_type($value)) { + return 'unknown'; + } + + if ('Unknown' === $type) { + $type = 'closed'; + } + + return "resource ($type)"; + } + + $class = \get_class($value); + + if (false === strpos($class, '@')) { + return $class; + } + + return (get_parent_class($class) ?: key(class_implements($class)) ?: 'class').'@anonymous'; + } + + public static function get_resource_id($res): int + { + if (!\is_resource($res) && null === @get_resource_type($res)) { + throw new \TypeError(sprintf('Argument 1 passed to get_resource_id() must be of the type resource, %s given', get_debug_type($res))); + } + + return (int) $res; + } + + public static function preg_last_error_msg(): string + { + switch (preg_last_error()) { + case \PREG_INTERNAL_ERROR: + return 'Internal error'; + case \PREG_BAD_UTF8_ERROR: + return 'Malformed UTF-8 characters, possibly incorrectly encoded'; + case \PREG_BAD_UTF8_OFFSET_ERROR: + return 'The offset did not correspond to the beginning of a valid UTF-8 code point'; + case \PREG_BACKTRACK_LIMIT_ERROR: + return 'Backtrack limit exhausted'; + case \PREG_RECURSION_LIMIT_ERROR: + return 'Recursion limit exhausted'; + case \PREG_JIT_STACKLIMIT_ERROR: + return 'JIT stack limit exhausted'; + case \PREG_NO_ERROR: + return 'No error'; + default: + return 'Unknown error'; + } + } + + public static function str_contains(string $haystack, string $needle): bool + { + return '' === $needle || false !== strpos($haystack, $needle); + } + + public static function str_starts_with(string $haystack, string $needle): bool + { + return 0 === strncmp($haystack, $needle, \strlen($needle)); + } + + public static function str_ends_with(string $haystack, string $needle): bool + { + if ('' === $needle || $needle === $haystack) { + return true; + } + + if ('' === $haystack) { + return false; + } + + $needleLength = \strlen($needle); + + return $needleLength <= \strlen($haystack) && 0 === substr_compare($haystack, $needle, -$needleLength); + } +} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/PhpToken.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/PhpToken.php new file mode 100644 index 0000000..fe6e691 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/PhpToken.php @@ -0,0 +1,103 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Polyfill\Php80; + +/** + * @author Fedonyuk Anton + * + * @internal + */ +class PhpToken implements \Stringable +{ + /** + * @var int + */ + public $id; + + /** + * @var string + */ + public $text; + + /** + * @var int + */ + public $line; + + /** + * @var int + */ + public $pos; + + public function __construct(int $id, string $text, int $line = -1, int $position = -1) + { + $this->id = $id; + $this->text = $text; + $this->line = $line; + $this->pos = $position; + } + + public function getTokenName(): ?string + { + if ('UNKNOWN' === $name = token_name($this->id)) { + $name = \strlen($this->text) > 1 || \ord($this->text) < 32 ? null : $this->text; + } + + return $name; + } + + /** + * @param int|string|array $kind + */ + public function is($kind): bool + { + foreach ((array) $kind as $value) { + if (\in_array($value, [$this->id, $this->text], true)) { + return true; + } + } + + return false; + } + + public function isIgnorable(): bool + { + return \in_array($this->id, [\T_WHITESPACE, \T_COMMENT, \T_DOC_COMMENT, \T_OPEN_TAG], true); + } + + public function __toString(): string + { + return (string) $this->text; + } + + /** + * @return static[] + */ + public static function tokenize(string $code, int $flags = 0): array + { + $line = 1; + $position = 0; + $tokens = token_get_all($code, $flags); + foreach ($tokens as $index => $token) { + if (\is_string($token)) { + $id = \ord($token); + $text = $token; + } else { + [$id, $text, $line] = $token; + } + $tokens[$index] = new static($id, $text, $line, $position); + $position += \strlen($text); + } + + return $tokens; + } +} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/README.md b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/README.md new file mode 100644 index 0000000..3816c55 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/README.md @@ -0,0 +1,25 @@ +Symfony Polyfill / Php80 +======================== + +This component provides features added to PHP 8.0 core: + +- [`Stringable`](https://php.net/stringable) interface +- [`fdiv`](https://php.net/fdiv) +- [`ValueError`](https://php.net/valueerror) class +- [`UnhandledMatchError`](https://php.net/unhandledmatcherror) class +- `FILTER_VALIDATE_BOOL` constant +- [`get_debug_type`](https://php.net/get_debug_type) +- [`PhpToken`](https://php.net/phptoken) class +- [`preg_last_error_msg`](https://php.net/preg_last_error_msg) +- [`str_contains`](https://php.net/str_contains) +- [`str_starts_with`](https://php.net/str_starts_with) +- [`str_ends_with`](https://php.net/str_ends_with) +- [`get_resource_id`](https://php.net/get_resource_id) + +More information can be found in the +[main Polyfill README](https://github.com/symfony/polyfill/blob/main/README.md). + +License +======= + +This library is released under the [MIT license](LICENSE). diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/Attribute.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/Attribute.php new file mode 100644 index 0000000..2b95542 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/Attribute.php @@ -0,0 +1,31 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +#[Attribute(Attribute::TARGET_CLASS)] +final class Attribute +{ + public const TARGET_CLASS = 1; + public const TARGET_FUNCTION = 2; + public const TARGET_METHOD = 4; + public const TARGET_PROPERTY = 8; + public const TARGET_CLASS_CONSTANT = 16; + public const TARGET_PARAMETER = 32; + public const TARGET_ALL = 63; + public const IS_REPEATABLE = 64; + + /** @var int */ + public $flags; + + public function __construct(int $flags = self::TARGET_ALL) + { + $this->flags = $flags; + } +} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/PhpToken.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/PhpToken.php new file mode 100644 index 0000000..bd1212f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/PhpToken.php @@ -0,0 +1,16 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +if (\PHP_VERSION_ID < 80000 && extension_loaded('tokenizer')) { + class PhpToken extends Symfony\Polyfill\Php80\PhpToken + { + } +} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/Stringable.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/Stringable.php new file mode 100644 index 0000000..7c62d75 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/Stringable.php @@ -0,0 +1,20 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +if (\PHP_VERSION_ID < 80000) { + interface Stringable + { + /** + * @return string + */ + public function __toString(); + } +} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/UnhandledMatchError.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/UnhandledMatchError.php new file mode 100644 index 0000000..01c6c6c --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/UnhandledMatchError.php @@ -0,0 +1,16 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +if (\PHP_VERSION_ID < 80000) { + class UnhandledMatchError extends Error + { + } +} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/ValueError.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/ValueError.php new file mode 100644 index 0000000..783dbc2 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/ValueError.php @@ -0,0 +1,16 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +if (\PHP_VERSION_ID < 80000) { + class ValueError extends Error + { + } +} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/bootstrap.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/bootstrap.php new file mode 100644 index 0000000..e5f7dbc --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/bootstrap.php @@ -0,0 +1,42 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +use Symfony\Polyfill\Php80 as p; + +if (\PHP_VERSION_ID >= 80000) { + return; +} + +if (!defined('FILTER_VALIDATE_BOOL') && defined('FILTER_VALIDATE_BOOLEAN')) { + define('FILTER_VALIDATE_BOOL', \FILTER_VALIDATE_BOOLEAN); +} + +if (!function_exists('fdiv')) { + function fdiv(float $num1, float $num2): float { return p\Php80::fdiv($num1, $num2); } +} +if (!function_exists('preg_last_error_msg')) { + function preg_last_error_msg(): string { return p\Php80::preg_last_error_msg(); } +} +if (!function_exists('str_contains')) { + function str_contains(?string $haystack, ?string $needle): bool { return p\Php80::str_contains($haystack ?? '', $needle ?? ''); } +} +if (!function_exists('str_starts_with')) { + function str_starts_with(?string $haystack, ?string $needle): bool { return p\Php80::str_starts_with($haystack ?? '', $needle ?? ''); } +} +if (!function_exists('str_ends_with')) { + function str_ends_with(?string $haystack, ?string $needle): bool { return p\Php80::str_ends_with($haystack ?? '', $needle ?? ''); } +} +if (!function_exists('get_debug_type')) { + function get_debug_type($value): string { return p\Php80::get_debug_type($value); } +} +if (!function_exists('get_resource_id')) { + function get_resource_id($resource): int { return p\Php80::get_resource_id($resource); } +} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/composer.json b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/composer.json new file mode 100644 index 0000000..f1801f4 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/composer.json @@ -0,0 +1,40 @@ +{ + "name": "symfony/polyfill-php80", + "type": "library", + "description": "Symfony polyfill backporting some PHP 8.0+ features to lower PHP versions", + "keywords": ["polyfill", "shim", "compatibility", "portable"], + "homepage": "https://symfony.com", + "license": "MIT", + "authors": [ + { + "name": "Ion Bazan", + "email": "ion.bazan@gmail.com" + }, + { + "name": "Nicolas Grekas", + "email": "p@tchwork.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "require": { + "php": ">=7.1" + }, + "autoload": { + "psr-4": { "Symfony\\Polyfill\\Php80\\": "" }, + "files": [ "bootstrap.php" ], + "classmap": [ "Resources/stubs" ] + }, + "minimum-stability": "dev", + "extra": { + "branch-alias": { + "dev-main": "1.28-dev" + }, + "thanks": { + "name": "symfony/polyfill", + "url": "https://github.com/symfony/polyfill" + } + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/LICENSE b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/LICENSE new file mode 100644 index 0000000..922c552 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/LICENSE @@ -0,0 +1,30 @@ +BSD 3-Clause License + +Copyright (c) 2014, Graham Campbell. +Copyright (c) 2013, Vance Lucas. +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + +1. Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +3. Neither the name of the copyright holder nor the names of its + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/composer.json b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/composer.json new file mode 100644 index 0000000..fb972d7 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/composer.json @@ -0,0 +1,60 @@ +{ + "name": "vlucas/phpdotenv", + "description": "Loads environment variables from `.env` to `getenv()`, `$_ENV` and `$_SERVER` automagically.", + "keywords": ["env", "dotenv", "environment"], + "license": "BSD-3-Clause", + "authors": [ + { + "name": "Graham Campbell", + "email": "hello@gjcampbell.co.uk", + "homepage": "https://github.com/GrahamCampbell" + }, + { + "name": "Vance Lucas", + "email": "vance@vancelucas.com", + "homepage": "https://github.com/vlucas" + } + ], + "require": { + "php": "^7.2.5 || ^8.0", + "ext-pcre": "*", + "graham-campbell/result-type": "^1.1.2", + "phpoption/phpoption": "^1.9.2", + "symfony/polyfill-ctype": "^1.24", + "symfony/polyfill-mbstring": "^1.24", + "symfony/polyfill-php80": "^1.24" + }, + "require-dev": { + "ext-filter": "*", + "bamarni/composer-bin-plugin": "^1.8.2", + "phpunit/phpunit":"^8.5.34 || ^9.6.13 || ^10.4.2" + }, + "autoload": { + "psr-4": { + "Dotenv\\": "src/" + } + }, + "autoload-dev": { + "psr-4": { + "Dotenv\\Tests\\": "tests/Dotenv/" + } + }, + "suggest": { + "ext-filter": "Required to use the boolean validator." + }, + "config": { + "allow-plugins": { + "bamarni/composer-bin-plugin": true + }, + "preferred-install": "dist" + }, + "extra": { + "bamarni-bin": { + "bin-links": true, + "forward-command": true + }, + "branch-alias": { + "dev-master": "5.6-dev" + } + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Dotenv.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Dotenv.php new file mode 100644 index 0000000..0460ced --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Dotenv.php @@ -0,0 +1,267 @@ +store = $store; + $this->parser = $parser; + $this->loader = $loader; + $this->repository = $repository; + } + + /** + * Create a new dotenv instance. + * + * @param \Dotenv\Repository\RepositoryInterface $repository + * @param string|string[] $paths + * @param string|string[]|null $names + * @param bool $shortCircuit + * @param string|null $fileEncoding + * + * @return \Dotenv\Dotenv + */ + public static function create(RepositoryInterface $repository, $paths, $names = null, bool $shortCircuit = true, string $fileEncoding = null) + { + $builder = $names === null ? StoreBuilder::createWithDefaultName() : StoreBuilder::createWithNoNames(); + + foreach ((array) $paths as $path) { + $builder = $builder->addPath($path); + } + + foreach ((array) $names as $name) { + $builder = $builder->addName($name); + } + + if ($shortCircuit) { + $builder = $builder->shortCircuit(); + } + + return new self($builder->fileEncoding($fileEncoding)->make(), new Parser(), new Loader(), $repository); + } + + /** + * Create a new mutable dotenv instance with default repository. + * + * @param string|string[] $paths + * @param string|string[]|null $names + * @param bool $shortCircuit + * @param string|null $fileEncoding + * + * @return \Dotenv\Dotenv + */ + public static function createMutable($paths, $names = null, bool $shortCircuit = true, string $fileEncoding = null) + { + $repository = RepositoryBuilder::createWithDefaultAdapters()->make(); + + return self::create($repository, $paths, $names, $shortCircuit, $fileEncoding); + } + + /** + * Create a new mutable dotenv instance with default repository with the putenv adapter. + * + * @param string|string[] $paths + * @param string|string[]|null $names + * @param bool $shortCircuit + * @param string|null $fileEncoding + * + * @return \Dotenv\Dotenv + */ + public static function createUnsafeMutable($paths, $names = null, bool $shortCircuit = true, string $fileEncoding = null) + { + $repository = RepositoryBuilder::createWithDefaultAdapters() + ->addAdapter(PutenvAdapter::class) + ->make(); + + return self::create($repository, $paths, $names, $shortCircuit, $fileEncoding); + } + + /** + * Create a new immutable dotenv instance with default repository. + * + * @param string|string[] $paths + * @param string|string[]|null $names + * @param bool $shortCircuit + * @param string|null $fileEncoding + * + * @return \Dotenv\Dotenv + */ + public static function createImmutable($paths, $names = null, bool $shortCircuit = true, string $fileEncoding = null) + { + $repository = RepositoryBuilder::createWithDefaultAdapters()->immutable()->make(); + + return self::create($repository, $paths, $names, $shortCircuit, $fileEncoding); + } + + /** + * Create a new immutable dotenv instance with default repository with the putenv adapter. + * + * @param string|string[] $paths + * @param string|string[]|null $names + * @param bool $shortCircuit + * @param string|null $fileEncoding + * + * @return \Dotenv\Dotenv + */ + public static function createUnsafeImmutable($paths, $names = null, bool $shortCircuit = true, string $fileEncoding = null) + { + $repository = RepositoryBuilder::createWithDefaultAdapters() + ->addAdapter(PutenvAdapter::class) + ->immutable() + ->make(); + + return self::create($repository, $paths, $names, $shortCircuit, $fileEncoding); + } + + /** + * Create a new dotenv instance with an array backed repository. + * + * @param string|string[] $paths + * @param string|string[]|null $names + * @param bool $shortCircuit + * @param string|null $fileEncoding + * + * @return \Dotenv\Dotenv + */ + public static function createArrayBacked($paths, $names = null, bool $shortCircuit = true, string $fileEncoding = null) + { + $repository = RepositoryBuilder::createWithNoAdapters()->addAdapter(ArrayAdapter::class)->make(); + + return self::create($repository, $paths, $names, $shortCircuit, $fileEncoding); + } + + /** + * Parse the given content and resolve nested variables. + * + * This method behaves just like load(), only without mutating your actual + * environment. We do this by using an array backed repository. + * + * @param string $content + * + * @throws \Dotenv\Exception\InvalidFileException + * + * @return array + */ + public static function parse(string $content) + { + $repository = RepositoryBuilder::createWithNoAdapters()->addAdapter(ArrayAdapter::class)->make(); + + $phpdotenv = new self(new StringStore($content), new Parser(), new Loader(), $repository); + + return $phpdotenv->load(); + } + + /** + * Read and load environment file(s). + * + * @throws \Dotenv\Exception\InvalidPathException|\Dotenv\Exception\InvalidEncodingException|\Dotenv\Exception\InvalidFileException + * + * @return array + */ + public function load() + { + $entries = $this->parser->parse($this->store->read()); + + return $this->loader->load($this->repository, $entries); + } + + /** + * Read and load environment file(s), silently failing if no files can be read. + * + * @throws \Dotenv\Exception\InvalidEncodingException|\Dotenv\Exception\InvalidFileException + * + * @return array + */ + public function safeLoad() + { + try { + return $this->load(); + } catch (InvalidPathException $e) { + // suppressing exception + return []; + } + } + + /** + * Required ensures that the specified variables exist, and returns a new validator object. + * + * @param string|string[] $variables + * + * @return \Dotenv\Validator + */ + public function required($variables) + { + return (new Validator($this->repository, (array) $variables))->required(); + } + + /** + * Returns a new validator object that won't check if the specified variables exist. + * + * @param string|string[] $variables + * + * @return \Dotenv\Validator + */ + public function ifPresent($variables) + { + return new Validator($this->repository, (array) $variables); + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Exception/ExceptionInterface.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Exception/ExceptionInterface.php new file mode 100644 index 0000000..1e80f53 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Exception/ExceptionInterface.php @@ -0,0 +1,12 @@ + + */ + public function load(RepositoryInterface $repository, array $entries) + { + return \array_reduce($entries, static function (array $vars, Entry $entry) use ($repository) { + $name = $entry->getName(); + + $value = $entry->getValue()->map(static function (Value $value) use ($repository) { + return Resolver::resolve($repository, $value); + }); + + if ($value->isDefined()) { + $inner = $value->get(); + if ($repository->set($name, $inner)) { + return \array_merge($vars, [$name => $inner]); + } + } else { + if ($repository->clear($name)) { + return \array_merge($vars, [$name => null]); + } + } + + return $vars; + }, []); + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Loader/LoaderInterface.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Loader/LoaderInterface.php new file mode 100644 index 0000000..275d98e --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Loader/LoaderInterface.php @@ -0,0 +1,20 @@ + + */ + public function load(RepositoryInterface $repository, array $entries); +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Loader/Resolver.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Loader/Resolver.php new file mode 100644 index 0000000..36d7a4b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Loader/Resolver.php @@ -0,0 +1,65 @@ +getVars(), static function (string $s, int $i) use ($repository) { + return Str::substr($s, 0, $i).self::resolveVariable($repository, Str::substr($s, $i)); + }, $value->getChars()); + } + + /** + * Resolve a single nested variable. + * + * @param \Dotenv\Repository\RepositoryInterface $repository + * @param string $str + * + * @return string + */ + private static function resolveVariable(RepositoryInterface $repository, string $str) + { + return Regex::replaceCallback( + '/\A\${([a-zA-Z0-9_.]+)}/', + static function (array $matches) use ($repository) { + return Option::fromValue($repository->get($matches[1])) + ->getOrElse($matches[0]); + }, + $str, + 1 + )->success()->getOrElse($str); + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Entry.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Entry.php new file mode 100644 index 0000000..7570f58 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Entry.php @@ -0,0 +1,59 @@ +name = $name; + $this->value = $value; + } + + /** + * Get the entry name. + * + * @return string + */ + public function getName() + { + return $this->name; + } + + /** + * Get the entry value. + * + * @return \PhpOption\Option<\Dotenv\Parser\Value> + */ + public function getValue() + { + /** @var \PhpOption\Option<\Dotenv\Parser\Value> */ + return Option::fromValue($this->value); + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/EntryParser.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/EntryParser.php new file mode 100644 index 0000000..e286840 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/EntryParser.php @@ -0,0 +1,300 @@ + + */ + public static function parse(string $entry) + { + return self::splitStringIntoParts($entry)->flatMap(static function (array $parts) { + [$name, $value] = $parts; + + return self::parseName($name)->flatMap(static function (string $name) use ($value) { + /** @var Result */ + $parsedValue = $value === null ? Success::create(null) : self::parseValue($value); + + return $parsedValue->map(static function (?Value $value) use ($name) { + return new Entry($name, $value); + }); + }); + }); + } + + /** + * Split the compound string into parts. + * + * @param string $line + * + * @return \GrahamCampbell\ResultType\Result + */ + private static function splitStringIntoParts(string $line) + { + /** @var array{string,string|null} */ + $result = Str::pos($line, '=')->map(static function () use ($line) { + return \array_map('trim', \explode('=', $line, 2)); + })->getOrElse([$line, null]); + + if ($result[0] === '') { + /** @var \GrahamCampbell\ResultType\Result */ + return Error::create(self::getErrorMessage('an unexpected equals', $line)); + } + + /** @var \GrahamCampbell\ResultType\Result */ + return Success::create($result); + } + + /** + * Parse the given variable name. + * + * That is, strip the optional quotes and leading "export" from the + * variable name. We wrap the answer in a result type. + * + * @param string $name + * + * @return \GrahamCampbell\ResultType\Result + */ + private static function parseName(string $name) + { + if (Str::len($name) > 8 && Str::substr($name, 0, 6) === 'export' && \ctype_space(Str::substr($name, 6, 1))) { + $name = \ltrim(Str::substr($name, 6)); + } + + if (self::isQuotedName($name)) { + $name = Str::substr($name, 1, -1); + } + + if (!self::isValidName($name)) { + /** @var \GrahamCampbell\ResultType\Result */ + return Error::create(self::getErrorMessage('an invalid name', $name)); + } + + /** @var \GrahamCampbell\ResultType\Result */ + return Success::create($name); + } + + /** + * Is the given variable name quoted? + * + * @param string $name + * + * @return bool + */ + private static function isQuotedName(string $name) + { + if (Str::len($name) < 3) { + return false; + } + + $first = Str::substr($name, 0, 1); + $last = Str::substr($name, -1, 1); + + return ($first === '"' && $last === '"') || ($first === '\'' && $last === '\''); + } + + /** + * Is the given variable name valid? + * + * @param string $name + * + * @return bool + */ + private static function isValidName(string $name) + { + return Regex::matches('~(*UTF8)\A[\p{Ll}\p{Lu}\p{M}\p{N}_.]+\z~', $name)->success()->getOrElse(false); + } + + /** + * Parse the given variable value. + * + * This has the effect of stripping quotes and comments, dealing with + * special characters, and locating nested variables, but not resolving + * them. Formally, we run a finite state automaton with an output tape: a + * transducer. We wrap the answer in a result type. + * + * @param string $value + * + * @return \GrahamCampbell\ResultType\Result<\Dotenv\Parser\Value,string> + */ + private static function parseValue(string $value) + { + if (\trim($value) === '') { + /** @var \GrahamCampbell\ResultType\Result<\Dotenv\Parser\Value,string> */ + return Success::create(Value::blank()); + } + + return \array_reduce(\iterator_to_array(Lexer::lex($value)), static function (Result $data, string $token) { + return $data->flatMap(static function (array $data) use ($token) { + return self::processToken($data[1], $token)->map(static function (array $val) use ($data) { + return [$data[0]->append($val[0], $val[1]), $val[2]]; + }); + }); + }, Success::create([Value::blank(), self::INITIAL_STATE]))->flatMap(static function (array $result) { + /** @psalm-suppress DocblockTypeContradiction */ + if (in_array($result[1], self::REJECT_STATES, true)) { + /** @var \GrahamCampbell\ResultType\Result<\Dotenv\Parser\Value,string> */ + return Error::create('a missing closing quote'); + } + + /** @var \GrahamCampbell\ResultType\Result<\Dotenv\Parser\Value,string> */ + return Success::create($result[0]); + })->mapError(static function (string $err) use ($value) { + return self::getErrorMessage($err, $value); + }); + } + + /** + * Process the given token. + * + * @param int $state + * @param string $token + * + * @return \GrahamCampbell\ResultType\Result + */ + private static function processToken(int $state, string $token) + { + switch ($state) { + case self::INITIAL_STATE: + if ($token === '\'') { + /** @var \GrahamCampbell\ResultType\Result */ + return Success::create(['', false, self::SINGLE_QUOTED_STATE]); + } elseif ($token === '"') { + /** @var \GrahamCampbell\ResultType\Result */ + return Success::create(['', false, self::DOUBLE_QUOTED_STATE]); + } elseif ($token === '#') { + /** @var \GrahamCampbell\ResultType\Result */ + return Success::create(['', false, self::COMMENT_STATE]); + } elseif ($token === '$') { + /** @var \GrahamCampbell\ResultType\Result */ + return Success::create([$token, true, self::UNQUOTED_STATE]); + } else { + /** @var \GrahamCampbell\ResultType\Result */ + return Success::create([$token, false, self::UNQUOTED_STATE]); + } + case self::UNQUOTED_STATE: + if ($token === '#') { + /** @var \GrahamCampbell\ResultType\Result */ + return Success::create(['', false, self::COMMENT_STATE]); + } elseif (\ctype_space($token)) { + /** @var \GrahamCampbell\ResultType\Result */ + return Success::create(['', false, self::WHITESPACE_STATE]); + } elseif ($token === '$') { + /** @var \GrahamCampbell\ResultType\Result */ + return Success::create([$token, true, self::UNQUOTED_STATE]); + } else { + /** @var \GrahamCampbell\ResultType\Result */ + return Success::create([$token, false, self::UNQUOTED_STATE]); + } + case self::SINGLE_QUOTED_STATE: + if ($token === '\'') { + /** @var \GrahamCampbell\ResultType\Result */ + return Success::create(['', false, self::WHITESPACE_STATE]); + } else { + /** @var \GrahamCampbell\ResultType\Result */ + return Success::create([$token, false, self::SINGLE_QUOTED_STATE]); + } + case self::DOUBLE_QUOTED_STATE: + if ($token === '"') { + /** @var \GrahamCampbell\ResultType\Result */ + return Success::create(['', false, self::WHITESPACE_STATE]); + } elseif ($token === '\\') { + /** @var \GrahamCampbell\ResultType\Result */ + return Success::create(['', false, self::ESCAPE_SEQUENCE_STATE]); + } elseif ($token === '$') { + /** @var \GrahamCampbell\ResultType\Result */ + return Success::create([$token, true, self::DOUBLE_QUOTED_STATE]); + } else { + /** @var \GrahamCampbell\ResultType\Result */ + return Success::create([$token, false, self::DOUBLE_QUOTED_STATE]); + } + case self::ESCAPE_SEQUENCE_STATE: + if ($token === '"' || $token === '\\') { + /** @var \GrahamCampbell\ResultType\Result */ + return Success::create([$token, false, self::DOUBLE_QUOTED_STATE]); + } elseif ($token === '$') { + /** @var \GrahamCampbell\ResultType\Result */ + return Success::create([$token, false, self::DOUBLE_QUOTED_STATE]); + } else { + $first = Str::substr($token, 0, 1); + if (\in_array($first, ['f', 'n', 'r', 't', 'v'], true)) { + /** @var \GrahamCampbell\ResultType\Result */ + return Success::create([\stripcslashes('\\'.$first).Str::substr($token, 1), false, self::DOUBLE_QUOTED_STATE]); + } else { + /** @var \GrahamCampbell\ResultType\Result */ + return Error::create('an unexpected escape sequence'); + } + } + case self::WHITESPACE_STATE: + if ($token === '#') { + /** @var \GrahamCampbell\ResultType\Result */ + return Success::create(['', false, self::COMMENT_STATE]); + } elseif (!\ctype_space($token)) { + /** @var \GrahamCampbell\ResultType\Result */ + return Error::create('unexpected whitespace'); + } else { + /** @var \GrahamCampbell\ResultType\Result */ + return Success::create(['', false, self::WHITESPACE_STATE]); + } + case self::COMMENT_STATE: + /** @var \GrahamCampbell\ResultType\Result */ + return Success::create(['', false, self::COMMENT_STATE]); + default: + throw new \Error('Parser entered invalid state.'); + } + } + + /** + * Generate a friendly error message. + * + * @param string $cause + * @param string $subject + * + * @return string + */ + private static function getErrorMessage(string $cause, string $subject) + { + return \sprintf( + 'Encountered %s at [%s].', + $cause, + \strtok($subject, "\n") + ); + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Lexer.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Lexer.php new file mode 100644 index 0000000..981af24 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Lexer.php @@ -0,0 +1,58 @@ + + */ + public static function lex(string $content) + { + static $regex; + + if ($regex === null) { + $regex = '(('.\implode(')|(', self::PATTERNS).'))A'; + } + + $offset = 0; + + while (isset($content[$offset])) { + if (!\preg_match($regex, $content, $matches, 0, $offset)) { + throw new \Error(\sprintf('Lexer encountered unexpected character [%s].', $content[$offset])); + } + + $offset += \strlen($matches[0]); + + yield $matches[0]; + } + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Lines.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Lines.php new file mode 100644 index 0000000..6497993 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Lines.php @@ -0,0 +1,127 @@ +map(static function () use ($line) { + return self::looksLikeMultilineStop($line, true) === false; + })->getOrElse(false); + } + + /** + * Determine if the given line can be the start of a multiline variable. + * + * @param string $line + * @param bool $started + * + * @return bool + */ + private static function looksLikeMultilineStop(string $line, bool $started) + { + if ($line === '"') { + return true; + } + + return Regex::occurrences('/(?=([^\\\\]"))/', \str_replace('\\\\', '', $line))->map(static function (int $count) use ($started) { + return $started ? $count > 1 : $count >= 1; + })->success()->getOrElse(false); + } + + /** + * Determine if the line in the file is a comment or whitespace. + * + * @param string $line + * + * @return bool + */ + private static function isCommentOrWhitespace(string $line) + { + $line = \trim($line); + + return $line === '' || (isset($line[0]) && $line[0] === '#'); + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Parser.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Parser.php new file mode 100644 index 0000000..2d30dfd --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Parser.php @@ -0,0 +1,53 @@ +mapError(static function () { + return 'Could not split into separate lines.'; + })->flatMap(static function (array $lines) { + return self::process(Lines::process($lines)); + })->mapError(static function (string $error) { + throw new InvalidFileException(\sprintf('Failed to parse dotenv file. %s', $error)); + })->success()->get(); + } + + /** + * Convert the raw entries into proper entries. + * + * @param string[] $entries + * + * @return \GrahamCampbell\ResultType\Result<\Dotenv\Parser\Entry[],string> + */ + private static function process(array $entries) + { + /** @var \GrahamCampbell\ResultType\Result<\Dotenv\Parser\Entry[],string> */ + return \array_reduce($entries, static function (Result $result, string $raw) { + return $result->flatMap(static function (array $entries) use ($raw) { + return EntryParser::parse($raw)->map(static function (Entry $entry) use ($entries) { + /** @var \Dotenv\Parser\Entry[] */ + return \array_merge($entries, [$entry]); + }); + }); + }, Success::create([])); + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/ParserInterface.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/ParserInterface.php new file mode 100644 index 0000000..17cc42a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/ParserInterface.php @@ -0,0 +1,19 @@ +chars = $chars; + $this->vars = $vars; + } + + /** + * Create an empty value instance. + * + * @return \Dotenv\Parser\Value + */ + public static function blank() + { + return new self('', []); + } + + /** + * Create a new value instance, appending the characters. + * + * @param string $chars + * @param bool $var + * + * @return \Dotenv\Parser\Value + */ + public function append(string $chars, bool $var) + { + return new self( + $this->chars.$chars, + $var ? \array_merge($this->vars, [Str::len($this->chars)]) : $this->vars + ); + } + + /** + * Get the string representation of the parsed value. + * + * @return string + */ + public function getChars() + { + return $this->chars; + } + + /** + * Get the locations of the variables in the value. + * + * @return int[] + */ + public function getVars() + { + $vars = $this->vars; + + \rsort($vars); + + return $vars; + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/AdapterInterface.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/AdapterInterface.php new file mode 100644 index 0000000..5604398 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/AdapterInterface.php @@ -0,0 +1,15 @@ + + */ + public static function create(); +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ApacheAdapter.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ApacheAdapter.php new file mode 100644 index 0000000..af0aae1 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ApacheAdapter.php @@ -0,0 +1,89 @@ + + */ + public static function create() + { + if (self::isSupported()) { + /** @var \PhpOption\Option */ + return Some::create(new self()); + } + + return None::create(); + } + + /** + * Determines if the adapter is supported. + * + * This happens if PHP is running as an Apache module. + * + * @return bool + */ + private static function isSupported() + { + return \function_exists('apache_getenv') && \function_exists('apache_setenv'); + } + + /** + * Read an environment variable, if it exists. + * + * @param non-empty-string $name + * + * @return \PhpOption\Option + */ + public function read(string $name) + { + /** @var \PhpOption\Option */ + return Option::fromValue(apache_getenv($name))->filter(static function ($value) { + return \is_string($value) && $value !== ''; + }); + } + + /** + * Write to an environment variable, if possible. + * + * @param non-empty-string $name + * @param string $value + * + * @return bool + */ + public function write(string $name, string $value) + { + return apache_setenv($name, $value); + } + + /** + * Delete an environment variable, if possible. + * + * @param non-empty-string $name + * + * @return bool + */ + public function delete(string $name) + { + return apache_setenv($name, ''); + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ArrayAdapter.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ArrayAdapter.php new file mode 100644 index 0000000..df64cf6 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ArrayAdapter.php @@ -0,0 +1,80 @@ + + */ + private $variables; + + /** + * Create a new array adapter instance. + * + * @return void + */ + private function __construct() + { + $this->variables = []; + } + + /** + * Create a new instance of the adapter, if it is available. + * + * @return \PhpOption\Option<\Dotenv\Repository\Adapter\AdapterInterface> + */ + public static function create() + { + /** @var \PhpOption\Option */ + return Some::create(new self()); + } + + /** + * Read an environment variable, if it exists. + * + * @param non-empty-string $name + * + * @return \PhpOption\Option + */ + public function read(string $name) + { + return Option::fromArraysValue($this->variables, $name); + } + + /** + * Write to an environment variable, if possible. + * + * @param non-empty-string $name + * @param string $value + * + * @return bool + */ + public function write(string $name, string $value) + { + $this->variables[$name] = $value; + + return true; + } + + /** + * Delete an environment variable, if possible. + * + * @param non-empty-string $name + * + * @return bool + */ + public function delete(string $name) + { + unset($this->variables[$name]); + + return true; + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/EnvConstAdapter.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/EnvConstAdapter.php new file mode 100644 index 0000000..9eb1947 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/EnvConstAdapter.php @@ -0,0 +1,89 @@ + + */ + public static function create() + { + /** @var \PhpOption\Option */ + return Some::create(new self()); + } + + /** + * Read an environment variable, if it exists. + * + * @param non-empty-string $name + * + * @return \PhpOption\Option + */ + public function read(string $name) + { + /** @var \PhpOption\Option */ + return Option::fromArraysValue($_ENV, $name) + ->filter(static function ($value) { + return \is_scalar($value); + }) + ->map(static function ($value) { + if ($value === false) { + return 'false'; + } + + if ($value === true) { + return 'true'; + } + + /** @psalm-suppress PossiblyInvalidCast */ + return (string) $value; + }); + } + + /** + * Write to an environment variable, if possible. + * + * @param non-empty-string $name + * @param string $value + * + * @return bool + */ + public function write(string $name, string $value) + { + $_ENV[$name] = $value; + + return true; + } + + /** + * Delete an environment variable, if possible. + * + * @param non-empty-string $name + * + * @return bool + */ + public function delete(string $name) + { + unset($_ENV[$name]); + + return true; + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/GuardedWriter.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/GuardedWriter.php new file mode 100644 index 0000000..fed8b9b --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/GuardedWriter.php @@ -0,0 +1,85 @@ +writer = $writer; + $this->allowList = $allowList; + } + + /** + * Write to an environment variable, if possible. + * + * @param non-empty-string $name + * @param string $value + * + * @return bool + */ + public function write(string $name, string $value) + { + // Don't set non-allowed variables + if (!$this->isAllowed($name)) { + return false; + } + + // Set the value on the inner writer + return $this->writer->write($name, $value); + } + + /** + * Delete an environment variable, if possible. + * + * @param non-empty-string $name + * + * @return bool + */ + public function delete(string $name) + { + // Don't clear non-allowed variables + if (!$this->isAllowed($name)) { + return false; + } + + // Set the value on the inner writer + return $this->writer->delete($name); + } + + /** + * Determine if the given variable is allowed. + * + * @param non-empty-string $name + * + * @return bool + */ + private function isAllowed(string $name) + { + return \in_array($name, $this->allowList, true); + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ImmutableWriter.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ImmutableWriter.php new file mode 100644 index 0000000..399e6f9 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ImmutableWriter.php @@ -0,0 +1,110 @@ + + */ + private $loaded; + + /** + * Create a new immutable writer instance. + * + * @param \Dotenv\Repository\Adapter\WriterInterface $writer + * @param \Dotenv\Repository\Adapter\ReaderInterface $reader + * + * @return void + */ + public function __construct(WriterInterface $writer, ReaderInterface $reader) + { + $this->writer = $writer; + $this->reader = $reader; + $this->loaded = []; + } + + /** + * Write to an environment variable, if possible. + * + * @param non-empty-string $name + * @param string $value + * + * @return bool + */ + public function write(string $name, string $value) + { + // Don't overwrite existing environment variables + // Ruby's dotenv does this with `ENV[key] ||= value` + if ($this->isExternallyDefined($name)) { + return false; + } + + // Set the value on the inner writer + if (!$this->writer->write($name, $value)) { + return false; + } + + // Record that we have loaded the variable + $this->loaded[$name] = ''; + + return true; + } + + /** + * Delete an environment variable, if possible. + * + * @param non-empty-string $name + * + * @return bool + */ + public function delete(string $name) + { + // Don't clear existing environment variables + if ($this->isExternallyDefined($name)) { + return false; + } + + // Clear the value on the inner writer + if (!$this->writer->delete($name)) { + return false; + } + + // Leave the variable as fair game + unset($this->loaded[$name]); + + return true; + } + + /** + * Determine if the given variable is externally defined. + * + * That is, is it an "existing" variable. + * + * @param non-empty-string $name + * + * @return bool + */ + private function isExternallyDefined(string $name) + { + return $this->reader->read($name)->isDefined() && !isset($this->loaded[$name]); + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/MultiReader.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/MultiReader.php new file mode 100644 index 0000000..0cfda6f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/MultiReader.php @@ -0,0 +1,48 @@ +readers = $readers; + } + + /** + * Read an environment variable, if it exists. + * + * @param non-empty-string $name + * + * @return \PhpOption\Option + */ + public function read(string $name) + { + foreach ($this->readers as $reader) { + $result = $reader->read($name); + if ($result->isDefined()) { + return $result; + } + } + + return None::create(); + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/MultiWriter.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/MultiWriter.php new file mode 100644 index 0000000..15a9d8f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/MultiWriter.php @@ -0,0 +1,64 @@ +writers = $writers; + } + + /** + * Write to an environment variable, if possible. + * + * @param non-empty-string $name + * @param string $value + * + * @return bool + */ + public function write(string $name, string $value) + { + foreach ($this->writers as $writers) { + if (!$writers->write($name, $value)) { + return false; + } + } + + return true; + } + + /** + * Delete an environment variable, if possible. + * + * @param non-empty-string $name + * + * @return bool + */ + public function delete(string $name) + { + foreach ($this->writers as $writers) { + if (!$writers->delete($name)) { + return false; + } + } + + return true; + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/PutenvAdapter.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/PutenvAdapter.php new file mode 100644 index 0000000..6d017cd --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/PutenvAdapter.php @@ -0,0 +1,91 @@ + + */ + public static function create() + { + if (self::isSupported()) { + /** @var \PhpOption\Option */ + return Some::create(new self()); + } + + return None::create(); + } + + /** + * Determines if the adapter is supported. + * + * @return bool + */ + private static function isSupported() + { + return \function_exists('getenv') && \function_exists('putenv'); + } + + /** + * Read an environment variable, if it exists. + * + * @param non-empty-string $name + * + * @return \PhpOption\Option + */ + public function read(string $name) + { + /** @var \PhpOption\Option */ + return Option::fromValue(\getenv($name), false)->filter(static function ($value) { + return \is_string($value); + }); + } + + /** + * Write to an environment variable, if possible. + * + * @param non-empty-string $name + * @param string $value + * + * @return bool + */ + public function write(string $name, string $value) + { + \putenv("$name=$value"); + + return true; + } + + /** + * Delete an environment variable, if possible. + * + * @param non-empty-string $name + * + * @return bool + */ + public function delete(string $name) + { + \putenv($name); + + return true; + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ReaderInterface.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ReaderInterface.php new file mode 100644 index 0000000..306a63f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ReaderInterface.php @@ -0,0 +1,17 @@ + + */ + public function read(string $name); +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ReplacingWriter.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ReplacingWriter.php new file mode 100644 index 0000000..98c0f04 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ReplacingWriter.php @@ -0,0 +1,104 @@ + + */ + private $seen; + + /** + * Create a new replacement writer instance. + * + * @param \Dotenv\Repository\Adapter\WriterInterface $writer + * @param \Dotenv\Repository\Adapter\ReaderInterface $reader + * + * @return void + */ + public function __construct(WriterInterface $writer, ReaderInterface $reader) + { + $this->writer = $writer; + $this->reader = $reader; + $this->seen = []; + } + + /** + * Write to an environment variable, if possible. + * + * @param non-empty-string $name + * @param string $value + * + * @return bool + */ + public function write(string $name, string $value) + { + if ($this->exists($name)) { + return $this->writer->write($name, $value); + } + + // succeed if nothing to do + return true; + } + + /** + * Delete an environment variable, if possible. + * + * @param non-empty-string $name + * + * @return bool + */ + public function delete(string $name) + { + if ($this->exists($name)) { + return $this->writer->delete($name); + } + + // succeed if nothing to do + return true; + } + + /** + * Does the given environment variable exist. + * + * Returns true if it currently exists, or existed at any point in the past + * that we are aware of. + * + * @param non-empty-string $name + * + * @return bool + */ + private function exists(string $name) + { + if (isset($this->seen[$name])) { + return true; + } + + if ($this->reader->read($name)->isDefined()) { + $this->seen[$name] = ''; + + return true; + } + + return false; + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ServerConstAdapter.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ServerConstAdapter.php new file mode 100644 index 0000000..f93b6e5 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ServerConstAdapter.php @@ -0,0 +1,89 @@ + + */ + public static function create() + { + /** @var \PhpOption\Option */ + return Some::create(new self()); + } + + /** + * Read an environment variable, if it exists. + * + * @param non-empty-string $name + * + * @return \PhpOption\Option + */ + public function read(string $name) + { + /** @var \PhpOption\Option */ + return Option::fromArraysValue($_SERVER, $name) + ->filter(static function ($value) { + return \is_scalar($value); + }) + ->map(static function ($value) { + if ($value === false) { + return 'false'; + } + + if ($value === true) { + return 'true'; + } + + /** @psalm-suppress PossiblyInvalidCast */ + return (string) $value; + }); + } + + /** + * Write to an environment variable, if possible. + * + * @param non-empty-string $name + * @param string $value + * + * @return bool + */ + public function write(string $name, string $value) + { + $_SERVER[$name] = $value; + + return true; + } + + /** + * Delete an environment variable, if possible. + * + * @param non-empty-string $name + * + * @return bool + */ + public function delete(string $name) + { + unset($_SERVER[$name]); + + return true; + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/WriterInterface.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/WriterInterface.php new file mode 100644 index 0000000..4cb3d61 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/WriterInterface.php @@ -0,0 +1,27 @@ +reader = $reader; + $this->writer = $writer; + } + + /** + * Determine if the given environment variable is defined. + * + * @param string $name + * + * @return bool + */ + public function has(string $name) + { + return '' !== $name && $this->reader->read($name)->isDefined(); + } + + /** + * Get an environment variable. + * + * @param string $name + * + * @throws \InvalidArgumentException + * + * @return string|null + */ + public function get(string $name) + { + if ('' === $name) { + throw new InvalidArgumentException('Expected name to be a non-empty string.'); + } + + return $this->reader->read($name)->getOrElse(null); + } + + /** + * Set an environment variable. + * + * @param string $name + * @param string $value + * + * @throws \InvalidArgumentException + * + * @return bool + */ + public function set(string $name, string $value) + { + if ('' === $name) { + throw new InvalidArgumentException('Expected name to be a non-empty string.'); + } + + return $this->writer->write($name, $value); + } + + /** + * Clear an environment variable. + * + * @param string $name + * + * @throws \InvalidArgumentException + * + * @return bool + */ + public function clear(string $name) + { + if ('' === $name) { + throw new InvalidArgumentException('Expected name to be a non-empty string.'); + } + + return $this->writer->delete($name); + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/RepositoryBuilder.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/RepositoryBuilder.php new file mode 100644 index 0000000..a042f9a --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/RepositoryBuilder.php @@ -0,0 +1,272 @@ +readers = $readers; + $this->writers = $writers; + $this->immutable = $immutable; + $this->allowList = $allowList; + } + + /** + * Create a new repository builder instance with no adapters added. + * + * @return \Dotenv\Repository\RepositoryBuilder + */ + public static function createWithNoAdapters() + { + return new self(); + } + + /** + * Create a new repository builder instance with the default adapters added. + * + * @return \Dotenv\Repository\RepositoryBuilder + */ + public static function createWithDefaultAdapters() + { + $adapters = \iterator_to_array(self::defaultAdapters()); + + return new self($adapters, $adapters); + } + + /** + * Return the array of default adapters. + * + * @return \Generator<\Dotenv\Repository\Adapter\AdapterInterface> + */ + private static function defaultAdapters() + { + foreach (self::DEFAULT_ADAPTERS as $adapter) { + $instance = $adapter::create(); + if ($instance->isDefined()) { + yield $instance->get(); + } + } + } + + /** + * Determine if the given name if of an adapterclass. + * + * @param string $name + * + * @return bool + */ + private static function isAnAdapterClass(string $name) + { + if (!\class_exists($name)) { + return false; + } + + return (new ReflectionClass($name))->implementsInterface(AdapterInterface::class); + } + + /** + * Creates a repository builder with the given reader added. + * + * Accepts either a reader instance, or a class-string for an adapter. If + * the adapter is not supported, then we silently skip adding it. + * + * @param \Dotenv\Repository\Adapter\ReaderInterface|string $reader + * + * @throws \InvalidArgumentException + * + * @return \Dotenv\Repository\RepositoryBuilder + */ + public function addReader($reader) + { + if (!(\is_string($reader) && self::isAnAdapterClass($reader)) && !($reader instanceof ReaderInterface)) { + throw new InvalidArgumentException( + \sprintf( + 'Expected either an instance of %s or a class-string implementing %s', + ReaderInterface::class, + AdapterInterface::class + ) + ); + } + + $optional = Some::create($reader)->flatMap(static function ($reader) { + return \is_string($reader) ? $reader::create() : Some::create($reader); + }); + + $readers = \array_merge($this->readers, \iterator_to_array($optional)); + + return new self($readers, $this->writers, $this->immutable, $this->allowList); + } + + /** + * Creates a repository builder with the given writer added. + * + * Accepts either a writer instance, or a class-string for an adapter. If + * the adapter is not supported, then we silently skip adding it. + * + * @param \Dotenv\Repository\Adapter\WriterInterface|string $writer + * + * @throws \InvalidArgumentException + * + * @return \Dotenv\Repository\RepositoryBuilder + */ + public function addWriter($writer) + { + if (!(\is_string($writer) && self::isAnAdapterClass($writer)) && !($writer instanceof WriterInterface)) { + throw new InvalidArgumentException( + \sprintf( + 'Expected either an instance of %s or a class-string implementing %s', + WriterInterface::class, + AdapterInterface::class + ) + ); + } + + $optional = Some::create($writer)->flatMap(static function ($writer) { + return \is_string($writer) ? $writer::create() : Some::create($writer); + }); + + $writers = \array_merge($this->writers, \iterator_to_array($optional)); + + return new self($this->readers, $writers, $this->immutable, $this->allowList); + } + + /** + * Creates a repository builder with the given adapter added. + * + * Accepts either an adapter instance, or a class-string for an adapter. If + * the adapter is not supported, then we silently skip adding it. We will + * add the adapter as both a reader and a writer. + * + * @param \Dotenv\Repository\Adapter\WriterInterface|string $adapter + * + * @throws \InvalidArgumentException + * + * @return \Dotenv\Repository\RepositoryBuilder + */ + public function addAdapter($adapter) + { + if (!(\is_string($adapter) && self::isAnAdapterClass($adapter)) && !($adapter instanceof AdapterInterface)) { + throw new InvalidArgumentException( + \sprintf( + 'Expected either an instance of %s or a class-string implementing %s', + WriterInterface::class, + AdapterInterface::class + ) + ); + } + + $optional = Some::create($adapter)->flatMap(static function ($adapter) { + return \is_string($adapter) ? $adapter::create() : Some::create($adapter); + }); + + $readers = \array_merge($this->readers, \iterator_to_array($optional)); + $writers = \array_merge($this->writers, \iterator_to_array($optional)); + + return new self($readers, $writers, $this->immutable, $this->allowList); + } + + /** + * Creates a repository builder with mutability enabled. + * + * @return \Dotenv\Repository\RepositoryBuilder + */ + public function immutable() + { + return new self($this->readers, $this->writers, true, $this->allowList); + } + + /** + * Creates a repository builder with the given allow list. + * + * @param string[]|null $allowList + * + * @return \Dotenv\Repository\RepositoryBuilder + */ + public function allowList(array $allowList = null) + { + return new self($this->readers, $this->writers, $this->immutable, $allowList); + } + + /** + * Creates a new repository instance. + * + * @return \Dotenv\Repository\RepositoryInterface + */ + public function make() + { + $reader = new MultiReader($this->readers); + $writer = new MultiWriter($this->writers); + + if ($this->immutable) { + $writer = new ImmutableWriter($writer, $reader); + } + + if ($this->allowList !== null) { + $writer = new GuardedWriter($writer, $this->allowList); + } + + return new AdapterRepository($reader, $writer); + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/RepositoryInterface.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/RepositoryInterface.php new file mode 100644 index 0000000..d9b18a4 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/RepositoryInterface.php @@ -0,0 +1,51 @@ + + */ + public static function read(array $filePaths, bool $shortCircuit = true, string $fileEncoding = null) + { + $output = []; + + foreach ($filePaths as $filePath) { + $content = self::readFromFile($filePath, $fileEncoding); + if ($content->isDefined()) { + $output[$filePath] = $content->get(); + if ($shortCircuit) { + break; + } + } + } + + return $output; + } + + /** + * Read the given file. + * + * @param string $path + * @param string|null $encoding + * + * @throws \Dotenv\Exception\InvalidEncodingException + * + * @return \PhpOption\Option + */ + private static function readFromFile(string $path, string $encoding = null) + { + /** @var Option */ + $content = Option::fromValue(@\file_get_contents($path), false); + + return $content->flatMap(static function (string $content) use ($encoding) { + return Str::utf8($content, $encoding)->mapError(static function (string $error) { + throw new InvalidEncodingException($error); + })->success(); + }); + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/FileStore.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/FileStore.php new file mode 100644 index 0000000..43f6135 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/FileStore.php @@ -0,0 +1,72 @@ +filePaths = $filePaths; + $this->shortCircuit = $shortCircuit; + $this->fileEncoding = $fileEncoding; + } + + /** + * Read the content of the environment file(s). + * + * @throws \Dotenv\Exception\InvalidEncodingException|\Dotenv\Exception\InvalidPathException + * + * @return string + */ + public function read() + { + if ($this->filePaths === []) { + throw new InvalidPathException('At least one environment file path must be provided.'); + } + + $contents = Reader::read($this->filePaths, $this->shortCircuit, $this->fileEncoding); + + if (\count($contents) > 0) { + return \implode("\n", $contents); + } + + throw new InvalidPathException( + \sprintf('Unable to read any of the environment file(s) at [%s].', \implode(', ', $this->filePaths)) + ); + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/StoreBuilder.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/StoreBuilder.php new file mode 100644 index 0000000..304117f --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/StoreBuilder.php @@ -0,0 +1,141 @@ +paths = $paths; + $this->names = $names; + $this->shortCircuit = $shortCircuit; + $this->fileEncoding = $fileEncoding; + } + + /** + * Create a new store builder instance with no names. + * + * @return \Dotenv\Store\StoreBuilder + */ + public static function createWithNoNames() + { + return new self(); + } + + /** + * Create a new store builder instance with the default name. + * + * @return \Dotenv\Store\StoreBuilder + */ + public static function createWithDefaultName() + { + return new self([], [self::DEFAULT_NAME]); + } + + /** + * Creates a store builder with the given path added. + * + * @param string $path + * + * @return \Dotenv\Store\StoreBuilder + */ + public function addPath(string $path) + { + return new self(\array_merge($this->paths, [$path]), $this->names, $this->shortCircuit, $this->fileEncoding); + } + + /** + * Creates a store builder with the given name added. + * + * @param string $name + * + * @return \Dotenv\Store\StoreBuilder + */ + public function addName(string $name) + { + return new self($this->paths, \array_merge($this->names, [$name]), $this->shortCircuit, $this->fileEncoding); + } + + /** + * Creates a store builder with short circuit mode enabled. + * + * @return \Dotenv\Store\StoreBuilder + */ + public function shortCircuit() + { + return new self($this->paths, $this->names, true, $this->fileEncoding); + } + + /** + * Creates a store builder with the specified file encoding. + * + * @param string|null $fileEncoding + * + * @return \Dotenv\Store\StoreBuilder + */ + public function fileEncoding(string $fileEncoding = null) + { + return new self($this->paths, $this->names, $this->shortCircuit, $fileEncoding); + } + + /** + * Creates a new store instance. + * + * @return \Dotenv\Store\StoreInterface + */ + public function make() + { + return new FileStore( + Paths::filePaths($this->paths, $this->names), + $this->shortCircuit, + $this->fileEncoding + ); + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/StoreInterface.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/StoreInterface.php new file mode 100644 index 0000000..6f5b986 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/StoreInterface.php @@ -0,0 +1,17 @@ +content = $content; + } + + /** + * Read the content of the environment file(s). + * + * @return string + */ + public function read() + { + return $this->content; + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Util/Regex.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Util/Regex.php new file mode 100644 index 0000000..52c1578 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Util/Regex.php @@ -0,0 +1,112 @@ + + */ + public static function matches(string $pattern, string $subject) + { + return self::pregAndWrap(static function (string $subject) use ($pattern) { + return @\preg_match($pattern, $subject) === 1; + }, $subject); + } + + /** + * Perform a preg match all, wrapping up the result. + * + * @param string $pattern + * @param string $subject + * + * @return \GrahamCampbell\ResultType\Result + */ + public static function occurrences(string $pattern, string $subject) + { + return self::pregAndWrap(static function (string $subject) use ($pattern) { + return (int) @\preg_match_all($pattern, $subject); + }, $subject); + } + + /** + * Perform a preg replace callback, wrapping up the result. + * + * @param string $pattern + * @param callable $callback + * @param string $subject + * @param int|null $limit + * + * @return \GrahamCampbell\ResultType\Result + */ + public static function replaceCallback(string $pattern, callable $callback, string $subject, int $limit = null) + { + return self::pregAndWrap(static function (string $subject) use ($pattern, $callback, $limit) { + return (string) @\preg_replace_callback($pattern, $callback, $subject, $limit ?? -1); + }, $subject); + } + + /** + * Perform a preg split, wrapping up the result. + * + * @param string $pattern + * @param string $subject + * + * @return \GrahamCampbell\ResultType\Result + */ + public static function split(string $pattern, string $subject) + { + return self::pregAndWrap(static function (string $subject) use ($pattern) { + /** @var string[] */ + return (array) @\preg_split($pattern, $subject); + }, $subject); + } + + /** + * Perform a preg operation, wrapping up the result. + * + * @template V + * + * @param callable(string):V $operation + * @param string $subject + * + * @return \GrahamCampbell\ResultType\Result + */ + private static function pregAndWrap(callable $operation, string $subject) + { + $result = $operation($subject); + + if (\preg_last_error() !== \PREG_NO_ERROR) { + /** @var \GrahamCampbell\ResultType\Result */ + return Error::create(\preg_last_error_msg()); + } + + /** @var \GrahamCampbell\ResultType\Result */ + return Success::create($result); + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Util/Str.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Util/Str.php new file mode 100644 index 0000000..087e236 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Util/Str.php @@ -0,0 +1,98 @@ + + */ + public static function utf8(string $input, string $encoding = null) + { + if ($encoding !== null && !\in_array($encoding, \mb_list_encodings(), true)) { + /** @var \GrahamCampbell\ResultType\Result */ + return Error::create( + \sprintf('Illegal character encoding [%s] specified.', $encoding) + ); + } + $converted = $encoding === null ? + @\mb_convert_encoding($input, 'UTF-8') : + @\mb_convert_encoding($input, 'UTF-8', $encoding); + /** + * this is for support UTF-8 with BOM encoding + * @see https://en.wikipedia.org/wiki/Byte_order_mark + * @see https://github.com/vlucas/phpdotenv/issues/500 + */ + if (\substr($converted, 0, 3) == "\xEF\xBB\xBF") { + $converted = \substr($converted, 3); + } + /** @var \GrahamCampbell\ResultType\Result */ + return Success::create($converted); + } + + /** + * Search for a given substring of the input. + * + * @param string $haystack + * @param string $needle + * + * @return \PhpOption\Option + */ + public static function pos(string $haystack, string $needle) + { + /** @var \PhpOption\Option */ + return Option::fromValue(\mb_strpos($haystack, $needle, 0, 'UTF-8'), false); + } + + /** + * Grab the specified substring of the input. + * + * @param string $input + * @param int $start + * @param int|null $length + * + * @return string + */ + public static function substr(string $input, int $start, int $length = null) + { + return \mb_substr($input, $start, $length, 'UTF-8'); + } + + /** + * Compute the length of the given string. + * + * @param string $input + * + * @return int + */ + public static function len(string $input) + { + return \mb_strlen($input, 'UTF-8'); + } +} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Validator.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Validator.php new file mode 100644 index 0000000..0c04ab6 --- /dev/null +++ b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Validator.php @@ -0,0 +1,209 @@ +repository = $repository; + $this->variables = $variables; + } + + /** + * Assert that each variable is present. + * + * @throws \Dotenv\Exception\ValidationException + * + * @return \Dotenv\Validator + */ + public function required() + { + return $this->assert( + static function (?string $value) { + return $value !== null; + }, + 'is missing' + ); + } + + /** + * Assert that each variable is not empty. + * + * @throws \Dotenv\Exception\ValidationException + * + * @return \Dotenv\Validator + */ + public function notEmpty() + { + return $this->assertNullable( + static function (string $value) { + return Str::len(\trim($value)) > 0; + }, + 'is empty' + ); + } + + /** + * Assert that each specified variable is an integer. + * + * @throws \Dotenv\Exception\ValidationException + * + * @return \Dotenv\Validator + */ + public function isInteger() + { + return $this->assertNullable( + static function (string $value) { + return \ctype_digit($value); + }, + 'is not an integer' + ); + } + + /** + * Assert that each specified variable is a boolean. + * + * @throws \Dotenv\Exception\ValidationException + * + * @return \Dotenv\Validator + */ + public function isBoolean() + { + return $this->assertNullable( + static function (string $value) { + if ($value === '') { + return false; + } + + return \filter_var($value, \FILTER_VALIDATE_BOOLEAN, \FILTER_NULL_ON_FAILURE) !== null; + }, + 'is not a boolean' + ); + } + + /** + * Assert that each variable is amongst the given choices. + * + * @param string[] $choices + * + * @throws \Dotenv\Exception\ValidationException + * + * @return \Dotenv\Validator + */ + public function allowedValues(array $choices) + { + return $this->assertNullable( + static function (string $value) use ($choices) { + return \in_array($value, $choices, true); + }, + \sprintf('is not one of [%s]', \implode(', ', $choices)) + ); + } + + /** + * Assert that each variable matches the given regular expression. + * + * @param string $regex + * + * @throws \Dotenv\Exception\ValidationException + * + * @return \Dotenv\Validator + */ + public function allowedRegexValues(string $regex) + { + return $this->assertNullable( + static function (string $value) use ($regex) { + return Regex::matches($regex, $value)->success()->getOrElse(false); + }, + \sprintf('does not match "%s"', $regex) + ); + } + + /** + * Assert that the callback returns true for each variable. + * + * @param callable(?string):bool $callback + * @param string $message + * + * @throws \Dotenv\Exception\ValidationException + * + * @return \Dotenv\Validator + */ + public function assert(callable $callback, string $message) + { + $failing = []; + + foreach ($this->variables as $variable) { + if ($callback($this->repository->get($variable)) === false) { + $failing[] = \sprintf('%s %s', $variable, $message); + } + } + + if (\count($failing) > 0) { + throw new ValidationException(\sprintf( + 'One or more environment variables failed assertions: %s.', + \implode(', ', $failing) + )); + } + + return $this; + } + + /** + * Assert that the callback returns true for each variable. + * + * Skip checking null variable values. + * + * @param callable(string):bool $callback + * @param string $message + * + * @throws \Dotenv\Exception\ValidationException + * + * @return \Dotenv\Validator + */ + public function assertNullable(callable $callback, string $message) + { + return $this->assert( + static function (?string $value) use ($callback) { + if ($value === null) { + return true; + } + + return $callback($value); + }, + $message + ); + } +} From 988fc65ddcb6b9587b48538b522112be221f283f Mon Sep 17 00:00:00 2001 From: Charanpreet Date: Fri, 2 Feb 2024 15:07:45 +0530 Subject: [PATCH 2/4] fix: added .gitignore --- .../signing_and_verification/php/.gitignore | 473 ++++++++++++++++++ 1 file changed, 473 insertions(+) diff --git a/utilities/signing_and_verification/php/.gitignore b/utilities/signing_and_verification/php/.gitignore index e69de29..546d906 100644 --- a/utilities/signing_and_verification/php/.gitignore +++ b/utilities/signing_and_verification/php/.gitignore @@ -0,0 +1,473 @@ +##### Windows +# Windows thumbnail cache files +Thumbs.db +Thumbs.db:encryptable +ehthumbs.db +ehthumbs_vista.db + +# Dump file +*.stackdump + +# Folder config file +[Dd]esktop.ini + +# Recycle Bin used on file shares +$RECYCLE.BIN/ + +# Windows Installer files +*.cab +*.msi +*.msix +*.msm +*.msp + +# Windows shortcuts +*.lnk + +##### Linux +*~ + +# temporary files which can be created if a process still has a handle open of a deleted file +.fuse_hidden* + +# KDE directory preferences +.directory + +# Linux trash folder which might appear on any partition or disk +.Trash-* + +# .nfs files are created when an open file is removed but is still being accessed +.nfs* + +##### MacOS +# General +.DS_Store +.AppleDouble +.LSOverride + +# Icon must end with two \r +Icon + +# Thumbnails +._* + +# Files that might appear in the root of a volume +.DocumentRevisions-V100 +.fseventsd +.Spotlight-V100 +.TemporaryItems +.Trashes +.VolumeIcon.icns +.com.apple.timemachine.donotpresent + +# Directories potentially created on remote AFP share +.AppleDB +.AppleDesktop +Network Trash Folder +Temporary Items +.apdisk + +##### Backup +*.bak +*.gho +*.ori +*.orig +*.tmp + +##### GPG +secring.* + +##### Dropbox +# Dropbox settings and caches +.dropbox +.dropbox.attr +.dropbox.cache + +##### SynopsysVCS +# Waveform formats +*.vcd +*.vpd +*.evcd +*.fsdb + +# Default name of the simulation executable. A different name can be +# specified with this switch (the associated daidir database name is +# also taken from here): -o / +simv + +# Generated for Verilog and VHDL top configs +simv.daidir/ +simv.db.dir/ + +# Infrastructure necessary to co-simulate SystemC models with +# Verilog/VHDL models. An alternate directory may be specified with this +# switch: -Mdir= +csrc/ + +# Log file - the following switch allows to specify the file that will be +# used to write all messages from simulation: -l +*.log + +# Coverage results (generated with urg) and database location. The +# following switch can also be used: urg -dir .vdb +simv.vdb/ +urgReport/ + +# DVE and UCLI related files. +DVEfiles/ +ucli.key + +# When the design is elaborated for DirectC, the following file is created +# with declarations for C/C++ functions. +vc_hdrs.h + +##### SVN +.svn/ + +##### Mercurial +.hg/ +.hgignore +.hgsigs +.hgsub +.hgsubstate +.hgtags + +##### Bazaar +.bzr/ +.bzrignore + +##### CVS +/CVS/* +**/CVS/* +.cvsignore +*/.cvsignore + +##### TortoiseGit +# Project-level settings +/.tgitconfig + +##### PuTTY +# Private key +*.ppk + +##### Vim +# Swap +[._]*.s[a-v][a-z] +!*.svg # comment out if you don't need vector files +[._]*.sw[a-p] +[._]s[a-rt-v][a-z] +[._]ss[a-gi-z] +[._]sw[a-p] + +# Session +Session.vim +Sessionx.vim + +# Temporary +.netrwhist +*~ +# Auto-generated tag files +tags +# Persistent undo +[._]*.un~ + +##### Emacs +# -*- mode: gitignore; -*- +*~ +\#*\# +/.emacs.desktop +/.emacs.desktop.lock +*.elc +auto-save-list +tramp +.\#* + +# Org-mode +.org-id-locations +*_archive + +# flymake-mode +*_flymake.* + +# eshell files +/eshell/history +/eshell/lastdir + +# elpa packages +/elpa/ + +# reftex files +*.rel + +# AUCTeX auto folder +/auto/ + +# cask packages +.cask/ +dist/ + +# Flycheck +flycheck_*.el + +# server auth directory +/server/ + +# projectiles files +.projectile + +# directory configuration +.dir-locals.el + +# network security +/network-security.data + +##### SublimeText +# Cache files for Sublime Text +*.tmlanguage.cache +*.tmPreferences.cache +*.stTheme.cache + +# Workspace files are user-specific +*.sublime-workspace + +# Project files should be checked into the repository, unless a significant +# proportion of contributors will probably not be using Sublime Text +# *.sublime-project + +# SFTP configuration file +sftp-config.json +sftp-config-alt*.json + +# Package control specific files +Package Control.last-run +Package Control.ca-list +Package Control.ca-bundle +Package Control.system-ca-bundle +Package Control.cache/ +Package Control.ca-certs/ +Package Control.merged-ca-bundle +Package Control.user-ca-bundle +oscrypto-ca-bundle.crt +bh_unicode_properties.cache + +# Sublime-github package stores a github token in this file +# https://packagecontrol.io/packages/sublime-github +GitHub.sublime-settings + +##### Notepad++ +# Notepad++ backups # +*.bak + +##### TextMate +*.tmproj +*.tmproject +tmtags + +##### VisualStudioCode +.vscode/* +!.vscode/settings.json +!.vscode/tasks.json +!.vscode/launch.json +!.vscode/extensions.json +*.code-workspace + +# Local History for Visual Studio Code +.history/ + +##### NetBeans +**/nbproject/private/ +**/nbproject/Makefile-*.mk +**/nbproject/Package-*.bash +build/ +nbbuild/ +dist/ +nbdist/ +.nb-gradle/ + +##### JetBrains +# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio, WebStorm and Rider +# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839 + +# User-specific stuff +.idea/**/workspace.xml +.idea/**/tasks.xml +.idea/**/usage.statistics.xml +.idea/**/dictionaries +.idea/**/shelf + +# Generated files +.idea/**/contentModel.xml + +# Sensitive or high-churn files +.idea/**/dataSources/ +.idea/**/dataSources.ids +.idea/**/dataSources.local.xml +.idea/**/sqlDataSources.xml +.idea/**/dynamic.xml +.idea/**/uiDesigner.xml +.idea/**/dbnavigator.xml + +# Gradle +.idea/**/gradle.xml +.idea/**/libraries + +# Gradle and Maven with auto-import +# When using Gradle or Maven with auto-import, you should exclude module files, +# since they will be recreated, and may cause churn. Uncomment if using +# auto-import. +# .idea/artifacts +# .idea/compiler.xml +# .idea/jarRepositories.xml +# .idea/modules.xml +# .idea/*.iml +# .idea/modules +# *.iml +# *.ipr + +# CMake +cmake-build-*/ + +# Mongo Explorer plugin +.idea/**/mongoSettings.xml + +# File-based project format +*.iws + +# IntelliJ +out/ + +# mpeltonen/sbt-idea plugin +.idea_modules/ + +# JIRA plugin +atlassian-ide-plugin.xml + +# Cursive Clojure plugin +.idea/replstate.xml + +# Crashlytics plugin (for Android Studio and IntelliJ) +com_crashlytics_export_strings.xml +crashlytics.properties +crashlytics-build.properties +fabric.properties + +# Editor-based Rest Client +.idea/httpRequests + +# Android studio 3.1+ serialized cache file +.idea/caches/build_file_checksums.ser + +##### Eclipse +.metadata +bin/ +tmp/ +*.tmp +*.bak +*.swp +*~.nib +local.properties +.settings/ +.loadpath +.recommenders + +# External tool builders +.externalToolBuilders/ + +# Locally stored "Eclipse launch configurations" +*.launch + +# PyDev specific (Python IDE for Eclipse) +*.pydevproject + +# CDT-specific (C/C++ Development Tooling) +.cproject + +# CDT- autotools +.autotools + +# Java annotation processor (APT) +.factorypath + +# PDT-specific (PHP Development Tools) +.buildpath + +# sbteclipse plugin +.target + +# Tern plugin +.tern-project + +# TeXlipse plugin +.texlipse + +# STS (Spring Tool Suite) +.springBeans + +# Code Recommenders +.recommenders/ + +# Annotation Processing +.apt_generated/ +.apt_generated_test/ + +# Scala IDE specific (Scala & Java development for Eclipse) +.cache-main +.scala_dependencies +.worksheet + +# Uncomment this line if you wish to ignore the project description file. +# Typically, this file would be tracked if it contains build/dependency configurations: +#.project + +##### Dreamweaver +# DW Dreamweaver added files +_notes +_compareTemp +configs/ +dwsync.xml +dw_php_codehinting.config +*.mno + +##### CodeKit +# General CodeKit files to ignore +config.codekit +config.codekit3 +/min + +##### Gradle +.gradle +**/build/ +!src/**/build/ + +# Ignore Gradle GUI config +gradle-app.setting + +# Avoid ignoring Gradle wrapper jar file (.jar files are usually ignored) +!gradle-wrapper.jar + +# Cache of project +.gradletasknamecache + +# # Work around https://youtrack.jetbrains.com/issue/IDEA-116898 +# gradle/wrapper/gradle-wrapper.properties + +##### Composer +composer.phar +/vendor/ + +# Commit your application's lock file https://getcomposer.org/doc/01-basic-usage.md#commit-your-composer-lock-file-to-version-control +# You may choose to ignore a library lock file http://getcomposer.org/doc/02-libraries.md#lock-file +composer.lock + +##### PHP CodeSniffer +# gitignore for the PHP Codesniffer framework +# website: https://github.com/squizlabs/PHP_CodeSniffer +# +# Recommended template: PHP.gitignore + +/wpcs/* + +##### SASS +.sass-cache/ +*.css.map +*.sass.map \ No newline at end of file From 4b558f46ad4a966fd70ae2f14696e69863361141 Mon Sep 17 00:00:00 2001 From: Charanpreet Date: Fri, 2 Feb 2024 15:09:48 +0530 Subject: [PATCH 3/4] fix: removed vendor --- .../php/composer.lock | 940 --- .../php/vendor/autoload.php | 25 - .../php/vendor/composer/ClassLoader.php | 579 -- .../php/vendor/composer/InstalledVersions.php | 359 -- .../php/vendor/composer/LICENSE | 21 - .../php/vendor/composer/autoload_classmap.php | 15 - .../php/vendor/composer/autoload_files.php | 13 - .../vendor/composer/autoload_namespaces.php | 9 - .../php/vendor/composer/autoload_psr4.php | 22 - .../php/vendor/composer/autoload_real.php | 50 - .../php/vendor/composer/autoload_static.php | 123 - .../php/vendor/composer/installed.json | 964 --- .../php/vendor/composer/installed.php | 142 - .../php/vendor/composer/platform_check.php | 26 - .../graham-campbell/result-type/LICENSE | 21 - .../graham-campbell/result-type/composer.json | 33 - .../graham-campbell/result-type/src/Error.php | 121 - .../result-type/src/Result.php | 69 - .../result-type/src/Success.php | 120 - .../constant_time_encoding/LICENSE.txt | 48 - .../constant_time_encoding/README.md | 84 - .../constant_time_encoding/composer.json | 56 - .../constant_time_encoding/src/Base32.php | 519 -- .../constant_time_encoding/src/Base32Hex.php | 111 - .../constant_time_encoding/src/Base64.php | 314 - .../src/Base64DotSlash.php | 88 - .../src/Base64DotSlashOrdered.php | 82 - .../src/Base64UrlSafe.php | 95 - .../constant_time_encoding/src/Binary.php | 90 - .../src/EncoderInterface.php | 52 - .../constant_time_encoding/src/Encoding.php | 262 - .../constant_time_encoding/src/Hex.php | 146 - .../constant_time_encoding/src/RFC4648.php | 186 - .../vendor/paragonie/random_compat/LICENSE | 22 - .../paragonie/random_compat/build-phar.sh | 5 - .../paragonie/random_compat/composer.json | 34 - .../dist/random_compat.phar.pubkey | 5 - .../dist/random_compat.phar.pubkey.asc | 11 - .../paragonie/random_compat/lib/random.php | 32 - .../random_compat/other/build_phar.php | 57 - .../random_compat/psalm-autoload.php | 9 - .../vendor/paragonie/random_compat/psalm.xml | 19 - .../php/vendor/phpoption/phpoption/LICENSE | 201 - .../vendor/phpoption/phpoption/composer.json | 52 - .../phpoption/src/PhpOption/LazyOption.php | 175 - .../phpoption/src/PhpOption/None.php | 136 - .../phpoption/src/PhpOption/Option.php | 434 -- .../phpoption/src/PhpOption/Some.php | 169 - .../php/vendor/phpseclib/phpseclib/AUTHORS | 7 - .../php/vendor/phpseclib/phpseclib/BACKERS.md | 16 - .../php/vendor/phpseclib/phpseclib/LICENSE | 20 - .../php/vendor/phpseclib/phpseclib/README.md | 97 - .../vendor/phpseclib/phpseclib/composer.json | 84 - .../phpseclib/Common/Functions/Strings.php | 505 -- .../phpseclib/phpseclib/Crypt/AES.php | 116 - .../phpseclib/phpseclib/Crypt/Blowfish.php | 918 --- .../phpseclib/phpseclib/Crypt/ChaCha20.php | 799 --- .../phpseclib/Crypt/Common/AsymmetricKey.php | 581 -- .../phpseclib/Crypt/Common/BlockCipher.php | 24 - .../Crypt/Common/Formats/Keys/JWK.php | 69 - .../Crypt/Common/Formats/Keys/OpenSSH.php | 220 - .../Crypt/Common/Formats/Keys/PKCS.php | 72 - .../Crypt/Common/Formats/Keys/PKCS1.php | 209 - .../Crypt/Common/Formats/Keys/PKCS8.php | 725 --- .../Crypt/Common/Formats/Keys/PuTTY.php | 374 -- .../Crypt/Common/Formats/Signature/Raw.php | 60 - .../phpseclib/Crypt/Common/PrivateKey.php | 31 - .../phpseclib/Crypt/Common/PublicKey.php | 25 - .../phpseclib/Crypt/Common/StreamCipher.php | 54 - .../phpseclib/Crypt/Common/SymmetricKey.php | 3398 ----------- .../Crypt/Common/Traits/Fingerprint.php | 57 - .../Crypt/Common/Traits/PasswordProtected.php | 46 - .../phpseclib/phpseclib/Crypt/DES.php | 1392 ----- .../phpseclib/phpseclib/Crypt/DH.php | 405 -- .../phpseclib/Crypt/DH/Formats/Keys/PKCS1.php | 77 - .../phpseclib/Crypt/DH/Formats/Keys/PKCS8.php | 132 - .../phpseclib/Crypt/DH/Parameters.php | 36 - .../phpseclib/Crypt/DH/PrivateKey.php | 75 - .../phpseclib/Crypt/DH/PublicKey.php | 49 - .../phpseclib/phpseclib/Crypt/DSA.php | 337 - .../Crypt/DSA/Formats/Keys/OpenSSH.php | 118 - .../Crypt/DSA/Formats/Keys/PKCS1.php | 143 - .../Crypt/DSA/Formats/Keys/PKCS8.php | 146 - .../Crypt/DSA/Formats/Keys/PuTTY.php | 109 - .../phpseclib/Crypt/DSA/Formats/Keys/Raw.php | 85 - .../phpseclib/Crypt/DSA/Formats/Keys/XML.php | 132 - .../Crypt/DSA/Formats/Signature/ASN1.php | 62 - .../Crypt/DSA/Formats/Signature/Raw.php | 25 - .../Crypt/DSA/Formats/Signature/SSH2.php | 74 - .../phpseclib/Crypt/DSA/Parameters.php | 36 - .../phpseclib/Crypt/DSA/PrivateKey.php | 152 - .../phpseclib/Crypt/DSA/PublicKey.php | 86 - .../phpseclib/phpseclib/Crypt/EC.php | 480 -- .../phpseclib/Crypt/EC/BaseCurves/Base.php | 218 - .../phpseclib/Crypt/EC/BaseCurves/Binary.php | 373 -- .../Crypt/EC/BaseCurves/KoblitzPrime.php | 335 - .../Crypt/EC/BaseCurves/Montgomery.php | 279 - .../phpseclib/Crypt/EC/BaseCurves/Prime.php | 785 --- .../Crypt/EC/BaseCurves/TwistedEdwards.php | 215 - .../phpseclib/Crypt/EC/Curves/Curve25519.php | 81 - .../phpseclib/Crypt/EC/Curves/Curve448.php | 92 - .../phpseclib/Crypt/EC/Curves/Ed25519.php | 333 - .../phpseclib/Crypt/EC/Curves/Ed448.php | 273 - .../Crypt/EC/Curves/brainpoolP160r1.php | 34 - .../Crypt/EC/Curves/brainpoolP160t1.php | 47 - .../Crypt/EC/Curves/brainpoolP192r1.php | 34 - .../Crypt/EC/Curves/brainpoolP192t1.php | 34 - .../Crypt/EC/Curves/brainpoolP224r1.php | 34 - .../Crypt/EC/Curves/brainpoolP224t1.php | 34 - .../Crypt/EC/Curves/brainpoolP256r1.php | 34 - .../Crypt/EC/Curves/brainpoolP256t1.php | 34 - .../Crypt/EC/Curves/brainpoolP320r1.php | 40 - .../Crypt/EC/Curves/brainpoolP320t1.php | 40 - .../Crypt/EC/Curves/brainpoolP384r1.php | 58 - .../Crypt/EC/Curves/brainpoolP384t1.php | 58 - .../Crypt/EC/Curves/brainpoolP512r1.php | 58 - .../Crypt/EC/Curves/brainpoolP512t1.php | 58 - .../phpseclib/Crypt/EC/Curves/nistb233.php | 18 - .../phpseclib/Crypt/EC/Curves/nistb409.php | 18 - .../phpseclib/Crypt/EC/Curves/nistk163.php | 18 - .../phpseclib/Crypt/EC/Curves/nistk233.php | 18 - .../phpseclib/Crypt/EC/Curves/nistk283.php | 18 - .../phpseclib/Crypt/EC/Curves/nistk409.php | 18 - .../phpseclib/Crypt/EC/Curves/nistp192.php | 18 - .../phpseclib/Crypt/EC/Curves/nistp224.php | 18 - .../phpseclib/Crypt/EC/Curves/nistp256.php | 18 - .../phpseclib/Crypt/EC/Curves/nistp384.php | 18 - .../phpseclib/Crypt/EC/Curves/nistp521.php | 18 - .../phpseclib/Crypt/EC/Curves/nistt571.php | 18 - .../phpseclib/Crypt/EC/Curves/prime192v1.php | 18 - .../phpseclib/Crypt/EC/Curves/prime192v2.php | 34 - .../phpseclib/Crypt/EC/Curves/prime192v3.php | 34 - .../phpseclib/Crypt/EC/Curves/prime239v1.php | 34 - .../phpseclib/Crypt/EC/Curves/prime239v2.php | 34 - .../phpseclib/Crypt/EC/Curves/prime239v3.php | 34 - .../phpseclib/Crypt/EC/Curves/prime256v1.php | 18 - .../phpseclib/Crypt/EC/Curves/secp112r1.php | 34 - .../phpseclib/Crypt/EC/Curves/secp112r2.php | 35 - .../phpseclib/Crypt/EC/Curves/secp128r1.php | 34 - .../phpseclib/Crypt/EC/Curves/secp128r2.php | 35 - .../phpseclib/Crypt/EC/Curves/secp160k1.php | 46 - .../phpseclib/Crypt/EC/Curves/secp160r1.php | 34 - .../phpseclib/Crypt/EC/Curves/secp160r2.php | 35 - .../phpseclib/Crypt/EC/Curves/secp192k1.php | 45 - .../phpseclib/Crypt/EC/Curves/secp192r1.php | 78 - .../phpseclib/Crypt/EC/Curves/secp224k1.php | 45 - .../phpseclib/Crypt/EC/Curves/secp224r1.php | 34 - .../phpseclib/Crypt/EC/Curves/secp256k1.php | 49 - .../phpseclib/Crypt/EC/Curves/secp256r1.php | 34 - .../phpseclib/Crypt/EC/Curves/secp384r1.php | 52 - .../phpseclib/Crypt/EC/Curves/secp521r1.php | 46 - .../phpseclib/Crypt/EC/Curves/sect113r1.php | 34 - .../phpseclib/Crypt/EC/Curves/sect113r2.php | 34 - .../phpseclib/Crypt/EC/Curves/sect131r1.php | 34 - .../phpseclib/Crypt/EC/Curves/sect131r2.php | 34 - .../phpseclib/Crypt/EC/Curves/sect163k1.php | 34 - .../phpseclib/Crypt/EC/Curves/sect163r1.php | 34 - .../phpseclib/Crypt/EC/Curves/sect163r2.php | 34 - .../phpseclib/Crypt/EC/Curves/sect193r1.php | 34 - .../phpseclib/Crypt/EC/Curves/sect193r2.php | 34 - .../phpseclib/Crypt/EC/Curves/sect233k1.php | 34 - .../phpseclib/Crypt/EC/Curves/sect233r1.php | 34 - .../phpseclib/Crypt/EC/Curves/sect239k1.php | 34 - .../phpseclib/Crypt/EC/Curves/sect283k1.php | 34 - .../phpseclib/Crypt/EC/Curves/sect283r1.php | 34 - .../phpseclib/Crypt/EC/Curves/sect409k1.php | 38 - .../phpseclib/Crypt/EC/Curves/sect409r1.php | 38 - .../phpseclib/Crypt/EC/Curves/sect571k1.php | 42 - .../phpseclib/Crypt/EC/Curves/sect571r1.php | 42 - .../Crypt/EC/Formats/Keys/Common.php | 549 -- .../phpseclib/Crypt/EC/Formats/Keys/JWK.php | 189 - .../EC/Formats/Keys/MontgomeryPrivate.php | 101 - .../EC/Formats/Keys/MontgomeryPublic.php | 71 - .../Crypt/EC/Formats/Keys/OpenSSH.php | 209 - .../phpseclib/Crypt/EC/Formats/Keys/PKCS1.php | 194 - .../phpseclib/Crypt/EC/Formats/Keys/PKCS8.php | 234 - .../phpseclib/Crypt/EC/Formats/Keys/PuTTY.php | 138 - .../phpseclib/Crypt/EC/Formats/Keys/XML.php | 485 -- .../Crypt/EC/Formats/Keys/libsodium.php | 116 - .../Crypt/EC/Formats/Signature/ASN1.php | 62 - .../Crypt/EC/Formats/Signature/IEEE.php | 66 - .../Crypt/EC/Formats/Signature/Raw.php | 25 - .../Crypt/EC/Formats/Signature/SSH2.php | 94 - .../phpseclib/Crypt/EC/Parameters.php | 36 - .../phpseclib/Crypt/EC/PrivateKey.php | 256 - .../phpseclib/Crypt/EC/PublicKey.php | 172 - .../phpseclib/phpseclib/Crypt/Hash.php | 1455 ----- .../phpseclib/Crypt/PublicKeyLoader.php | 111 - .../phpseclib/phpseclib/Crypt/RC2.php | 640 -- .../phpseclib/phpseclib/Crypt/RC4.php | 280 - .../phpseclib/phpseclib/Crypt/RSA.php | 934 --- .../phpseclib/Crypt/RSA/Formats/Keys/JWK.php | 142 - .../Crypt/RSA/Formats/Keys/MSBLOB.php | 228 - .../Crypt/RSA/Formats/Keys/OpenSSH.php | 132 - .../Crypt/RSA/Formats/Keys/PKCS1.php | 160 - .../Crypt/RSA/Formats/Keys/PKCS8.php | 122 - .../phpseclib/Crypt/RSA/Formats/Keys/PSS.php | 238 - .../Crypt/RSA/Formats/Keys/PuTTY.php | 121 - .../phpseclib/Crypt/RSA/Formats/Keys/Raw.php | 184 - .../phpseclib/Crypt/RSA/Formats/Keys/XML.php | 171 - .../phpseclib/Crypt/RSA/PrivateKey.php | 530 -- .../phpseclib/Crypt/RSA/PublicKey.php | 513 -- .../phpseclib/phpseclib/Crypt/Random.php | 222 - .../phpseclib/phpseclib/Crypt/Rijndael.php | 1036 ---- .../phpseclib/phpseclib/Crypt/Salsa20.php | 526 -- .../phpseclib/phpseclib/Crypt/TripleDES.php | 436 -- .../phpseclib/phpseclib/Crypt/Twofish.php | 816 --- .../Exception/BadConfigurationException.php | 23 - .../Exception/BadDecryptionException.php | 23 - .../phpseclib/Exception/BadModeException.php | 23 - .../Exception/ConnectionClosedException.php | 23 - .../Exception/FileNotFoundException.php | 23 - .../Exception/InconsistentSetupException.php | 23 - .../Exception/InsufficientSetupException.php | 23 - .../Exception/NoKeyLoadedException.php | 23 - .../NoSupportedAlgorithmsException.php | 23 - .../Exception/UnableToConnectException.php | 23 - .../UnsupportedAlgorithmException.php | 23 - .../Exception/UnsupportedCurveException.php | 23 - .../Exception/UnsupportedFormatException.php | 23 - .../UnsupportedOperationException.php | 23 - .../phpseclib/phpseclib/File/ANSI.php | 551 -- .../phpseclib/phpseclib/File/ASN1.php | 1508 ----- .../phpseclib/phpseclib/File/ASN1/Element.php | 43 - .../File/ASN1/Maps/AccessDescription.php | 32 - .../ASN1/Maps/AdministrationDomainName.php | 36 - .../File/ASN1/Maps/AlgorithmIdentifier.php | 35 - .../phpseclib/File/ASN1/Maps/AnotherName.php | 37 - .../phpseclib/File/ASN1/Maps/Attribute.php | 37 - .../File/ASN1/Maps/AttributeType.php | 26 - .../File/ASN1/Maps/AttributeTypeAndValue.php | 32 - .../File/ASN1/Maps/AttributeValue.php | 26 - .../phpseclib/File/ASN1/Maps/Attributes.php | 31 - .../ASN1/Maps/AuthorityInfoAccessSyntax.php | 31 - .../File/ASN1/Maps/AuthorityKeyIdentifier.php | 45 - .../phpseclib/File/ASN1/Maps/BaseDistance.php | 26 - .../File/ASN1/Maps/BasicConstraints.php | 39 - .../Maps/BuiltInDomainDefinedAttribute.php | 32 - .../Maps/BuiltInDomainDefinedAttributes.php | 31 - .../ASN1/Maps/BuiltInStandardAttributes.php | 67 - .../phpseclib/File/ASN1/Maps/CPSuri.php | 26 - .../File/ASN1/Maps/CRLDistributionPoints.php | 31 - .../phpseclib/File/ASN1/Maps/CRLNumber.php | 26 - .../phpseclib/File/ASN1/Maps/CRLReason.php | 41 - .../phpseclib/File/ASN1/Maps/CertPolicyId.php | 26 - .../phpseclib/File/ASN1/Maps/Certificate.php | 33 - .../File/ASN1/Maps/CertificateIssuer.php | 24 - .../File/ASN1/Maps/CertificateList.php | 33 - .../File/ASN1/Maps/CertificatePolicies.php | 31 - .../ASN1/Maps/CertificateSerialNumber.php | 26 - .../File/ASN1/Maps/CertificationRequest.php | 33 - .../ASN1/Maps/CertificationRequestInfo.php | 41 - .../File/ASN1/Maps/Characteristic_two.php | 36 - .../phpseclib/File/ASN1/Maps/CountryName.php | 36 - .../phpseclib/File/ASN1/Maps/Curve.php | 36 - .../phpseclib/File/ASN1/Maps/DHParameter.php | 38 - .../phpseclib/File/ASN1/Maps/DSAParams.php | 33 - .../File/ASN1/Maps/DSAPrivateKey.php | 36 - .../phpseclib/File/ASN1/Maps/DSAPublicKey.php | 26 - .../phpseclib/File/ASN1/Maps/DigestInfo.php | 34 - .../File/ASN1/Maps/DirectoryString.php | 35 - .../phpseclib/File/ASN1/Maps/DisplayText.php | 34 - .../File/ASN1/Maps/DistributionPoint.php | 45 - .../File/ASN1/Maps/DistributionPointName.php | 40 - .../phpseclib/File/ASN1/Maps/DssSigValue.php | 32 - .../phpseclib/File/ASN1/Maps/ECParameters.php | 45 - .../phpseclib/File/ASN1/Maps/ECPoint.php | 26 - .../phpseclib/File/ASN1/Maps/ECPrivateKey.php | 48 - .../phpseclib/File/ASN1/Maps/EDIPartyName.php | 42 - .../File/ASN1/Maps/EcdsaSigValue.php | 32 - .../File/ASN1/Maps/EncryptedData.php | 26 - .../ASN1/Maps/EncryptedPrivateKeyInfo.php | 32 - .../File/ASN1/Maps/ExtKeyUsageSyntax.php | 31 - .../phpseclib/File/ASN1/Maps/Extension.php | 43 - .../File/ASN1/Maps/ExtensionAttribute.php | 42 - .../File/ASN1/Maps/ExtensionAttributes.php | 31 - .../phpseclib/File/ASN1/Maps/Extensions.php | 33 - .../phpseclib/File/ASN1/Maps/FieldElement.php | 26 - .../phpseclib/File/ASN1/Maps/FieldID.php | 35 - .../phpseclib/File/ASN1/Maps/GeneralName.php | 80 - .../phpseclib/File/ASN1/Maps/GeneralNames.php | 31 - .../File/ASN1/Maps/GeneralSubtree.php | 42 - .../File/ASN1/Maps/GeneralSubtrees.php | 31 - .../File/ASN1/Maps/HashAlgorithm.php | 24 - .../File/ASN1/Maps/HoldInstructionCode.php | 26 - .../File/ASN1/Maps/InvalidityDate.php | 26 - .../File/ASN1/Maps/IssuerAltName.php | 24 - .../ASN1/Maps/IssuingDistributionPoint.php | 68 - .../File/ASN1/Maps/KeyIdentifier.php | 26 - .../phpseclib/File/ASN1/Maps/KeyPurposeId.php | 26 - .../phpseclib/File/ASN1/Maps/KeyUsage.php | 39 - .../File/ASN1/Maps/MaskGenAlgorithm.php | 24 - .../phpseclib/File/ASN1/Maps/Name.php | 31 - .../File/ASN1/Maps/NameConstraints.php | 40 - .../File/ASN1/Maps/NetworkAddress.php | 26 - .../File/ASN1/Maps/NoticeReference.php | 37 - .../File/ASN1/Maps/NumericUserIdentifier.php | 26 - .../phpseclib/File/ASN1/Maps/ORAddress.php | 33 - .../File/ASN1/Maps/OneAsymmetricKey.php | 48 - .../File/ASN1/Maps/OrganizationName.php | 26 - .../ASN1/Maps/OrganizationalUnitNames.php | 31 - .../File/ASN1/Maps/OtherPrimeInfo.php | 34 - .../File/ASN1/Maps/OtherPrimeInfos.php | 32 - .../phpseclib/File/ASN1/Maps/PBEParameter.php | 34 - .../phpseclib/File/ASN1/Maps/PBES2params.php | 34 - .../phpseclib/File/ASN1/Maps/PBKDF2params.php | 41 - .../phpseclib/File/ASN1/Maps/PBMAC1params.php | 34 - .../phpseclib/File/ASN1/Maps/PKCS9String.php | 32 - .../phpseclib/File/ASN1/Maps/Pentanomial.php | 33 - .../phpseclib/File/ASN1/Maps/PersonalName.php | 54 - .../File/ASN1/Maps/PolicyInformation.php | 38 - .../File/ASN1/Maps/PolicyMappings.php | 37 - .../File/ASN1/Maps/PolicyQualifierId.php | 26 - .../File/ASN1/Maps/PolicyQualifierInfo.php | 32 - .../File/ASN1/Maps/PostalAddress.php | 32 - .../phpseclib/File/ASN1/Maps/Prime_p.php | 26 - .../File/ASN1/Maps/PrivateDomainName.php | 32 - .../phpseclib/File/ASN1/Maps/PrivateKey.php | 26 - .../File/ASN1/Maps/PrivateKeyInfo.php | 41 - .../File/ASN1/Maps/PrivateKeyUsagePeriod.php | 40 - .../phpseclib/File/ASN1/Maps/PublicKey.php | 26 - .../File/ASN1/Maps/PublicKeyAndChallenge.php | 32 - .../File/ASN1/Maps/PublicKeyInfo.php | 35 - .../File/ASN1/Maps/RC2CBCParameter.php | 37 - .../phpseclib/File/ASN1/Maps/RDNSequence.php | 38 - .../File/ASN1/Maps/RSAPrivateKey.php | 44 - .../phpseclib/File/ASN1/Maps/RSAPublicKey.php | 32 - .../File/ASN1/Maps/RSASSA_PSS_params.php | 58 - .../phpseclib/File/ASN1/Maps/ReasonFlags.php | 39 - .../ASN1/Maps/RelativeDistinguishedName.php | 37 - .../File/ASN1/Maps/RevokedCertificate.php | 35 - .../ASN1/Maps/SignedPublicKeyAndChallenge.php | 33 - .../File/ASN1/Maps/SpecifiedECDomain.php | 45 - .../File/ASN1/Maps/SubjectAltName.php | 24 - .../ASN1/Maps/SubjectDirectoryAttributes.php | 31 - .../ASN1/Maps/SubjectInfoAccessSyntax.php | 31 - .../File/ASN1/Maps/SubjectPublicKeyInfo.php | 32 - .../phpseclib/File/ASN1/Maps/TBSCertList.php | 54 - .../File/ASN1/Maps/TBSCertificate.php | 65 - .../File/ASN1/Maps/TerminalIdentifier.php | 26 - .../phpseclib/File/ASN1/Maps/Time.php | 32 - .../phpseclib/File/ASN1/Maps/Trinomial.php | 26 - .../File/ASN1/Maps/UniqueIdentifier.php | 26 - .../phpseclib/File/ASN1/Maps/UserNotice.php | 38 - .../phpseclib/File/ASN1/Maps/Validity.php | 32 - .../File/ASN1/Maps/netscape_ca_policy_url.php | 26 - .../File/ASN1/Maps/netscape_cert_type.php | 40 - .../File/ASN1/Maps/netscape_comment.php | 26 - .../phpseclib/phpseclib/File/X509.php | 4006 ------------ .../phpseclib/phpseclib/Math/BigInteger.php | 892 --- .../Math/BigInteger/Engines/BCMath.php | 697 --- .../Math/BigInteger/Engines/BCMath/Base.php | 110 - .../BigInteger/Engines/BCMath/BuiltIn.php | 40 - .../Engines/BCMath/DefaultEngine.php | 25 - .../BigInteger/Engines/BCMath/OpenSSL.php | 25 - .../Engines/BCMath/Reductions/Barrett.php | 187 - .../Engines/BCMath/Reductions/EvalBarrett.php | 108 - .../Math/BigInteger/Engines/Engine.php | 1285 ---- .../phpseclib/Math/BigInteger/Engines/GMP.php | 694 --- .../BigInteger/Engines/GMP/DefaultEngine.php | 40 - .../Math/BigInteger/Engines/OpenSSL.php | 68 - .../phpseclib/Math/BigInteger/Engines/PHP.php | 1344 ---- .../Math/BigInteger/Engines/PHP/Base.php | 143 - .../BigInteger/Engines/PHP/DefaultEngine.php | 25 - .../BigInteger/Engines/PHP/Montgomery.php | 89 - .../Math/BigInteger/Engines/PHP/OpenSSL.php | 25 - .../Engines/PHP/Reductions/Barrett.php | 281 - .../Engines/PHP/Reductions/Classic.php | 42 - .../Engines/PHP/Reductions/EvalBarrett.php | 484 -- .../Engines/PHP/Reductions/Montgomery.php | 126 - .../Engines/PHP/Reductions/MontgomeryMult.php | 76 - .../Engines/PHP/Reductions/PowerOfTwo.php | 59 - .../Math/BigInteger/Engines/PHP32.php | 371 -- .../Math/BigInteger/Engines/PHP64.php | 372 -- .../phpseclib/phpseclib/Math/BinaryField.php | 203 - .../phpseclib/Math/BinaryField/Integer.php | 516 -- .../phpseclib/Math/Common/FiniteField.php | 22 - .../Math/Common/FiniteField/Integer.php | 44 - .../phpseclib/phpseclib/Math/PrimeField.php | 118 - .../phpseclib/Math/PrimeField/Integer.php | 419 -- .../phpseclib/phpseclib/Net/SFTP.php | 3547 ----------- .../phpseclib/phpseclib/Net/SFTP/Stream.php | 756 --- .../phpseclib/phpseclib/Net/SSH2.php | 5397 ----------------- .../phpseclib/phpseclib/System/SSH/Agent.php | 286 - .../phpseclib/System/SSH/Agent/Identity.php | 320 - .../System/SSH/Common/Traits/ReadBytes.php | 37 - .../phpseclib/phpseclib/bootstrap.php | 22 - .../phpseclib/phpseclib/phpseclib/openssl.cnf | 6 - .../php/vendor/sop/asn1/LICENSE | 21 - .../php/vendor/sop/asn1/README.md | 103 - .../php/vendor/sop/asn1/composer.json | 34 - .../asn1/lib/ASN1/Component/Identifier.php | 290 - .../sop/asn1/lib/ASN1/Component/Length.php | 225 - .../php/vendor/sop/asn1/lib/ASN1/DERData.php | 89 - .../php/vendor/sop/asn1/lib/ASN1/Element.php | 465 -- .../lib/ASN1/Exception/DecodeException.php | 12 - .../sop/asn1/lib/ASN1/Feature/ElementBase.php | 84 - .../sop/asn1/lib/ASN1/Feature/Encodable.php | 16 - .../sop/asn1/lib/ASN1/Feature/Stringable.php | 21 - .../sop/asn1/lib/ASN1/Type/BaseString.php | 59 - .../sop/asn1/lib/ASN1/Type/BaseTime.php | 107 - .../Type/Constructed/ConstructedString.php | 131 - .../lib/ASN1/Type/Constructed/Sequence.php | 25 - .../asn1/lib/ASN1/Type/Constructed/Set.php | 63 - .../lib/ASN1/Type/Primitive/BMPString.php | 40 - .../lib/ASN1/Type/Primitive/BitString.php | 201 - .../asn1/lib/ASN1/Type/Primitive/Boolean.php | 73 - .../ASN1/Type/Primitive/CharacterString.php | 25 - .../sop/asn1/lib/ASN1/Type/Primitive/EOC.php | 54 - .../lib/ASN1/Type/Primitive/Enumerated.php | 22 - .../lib/ASN1/Type/Primitive/GeneralString.php | 34 - .../ASN1/Type/Primitive/GeneralizedTime.php | 125 - .../lib/ASN1/Type/Primitive/GraphicString.php | 34 - .../lib/ASN1/Type/Primitive/IA5String.php | 33 - .../asn1/lib/ASN1/Type/Primitive/Integer.php | 105 - .../asn1/lib/ASN1/Type/Primitive/NullType.php | 54 - .../lib/ASN1/Type/Primitive/NumericString.php | 33 - .../ASN1/Type/Primitive/ObjectDescriptor.php | 33 - .../ASN1/Type/Primitive/ObjectIdentifier.php | 207 - .../lib/ASN1/Type/Primitive/OctetString.php | 25 - .../ASN1/Type/Primitive/PrintableString.php | 34 - .../sop/asn1/lib/ASN1/Type/Primitive/Real.php | 698 --- .../lib/ASN1/Type/Primitive/RelativeOID.php | 48 - .../lib/ASN1/Type/Primitive/T61String.php | 35 - .../asn1/lib/ASN1/Type/Primitive/UTCTime.php | 83 - .../lib/ASN1/Type/Primitive/UTF8String.php | 35 - .../ASN1/Type/Primitive/UniversalString.php | 39 - .../ASN1/Type/Primitive/VideotexString.php | 34 - .../lib/ASN1/Type/Primitive/VisibleString.php | 33 - .../asn1/lib/ASN1/Type/PrimitiveString.php | 53 - .../sop/asn1/lib/ASN1/Type/PrimitiveType.php | 19 - .../sop/asn1/lib/ASN1/Type/StringType.php | 16 - .../sop/asn1/lib/ASN1/Type/Structure.php | 384 -- .../lib/ASN1/Type/Tagged/ApplicationType.php | 12 - .../ASN1/Type/Tagged/ContextSpecificType.php | 12 - .../lib/ASN1/Type/Tagged/DERTaggedType.php | 156 - .../lib/ASN1/Type/Tagged/ExplicitTagging.php | 19 - .../ASN1/Type/Tagged/ExplicitlyTaggedType.php | 58 - .../lib/ASN1/Type/Tagged/ImplicitTagging.php | 25 - .../ASN1/Type/Tagged/ImplicitlyTaggedType.php | 68 - .../asn1/lib/ASN1/Type/Tagged/PrivateType.php | 12 - .../lib/ASN1/Type/Tagged/TaggedTypeWrap.php | 35 - .../sop/asn1/lib/ASN1/Type/TaggedType.php | 84 - .../sop/asn1/lib/ASN1/Type/TimeType.php | 16 - .../sop/asn1/lib/ASN1/Type/UniversalClass.php | 21 - .../asn1/lib/ASN1/Type/UnspecifiedType.php | 674 -- .../vendor/sop/asn1/lib/ASN1/Util/BigInt.php | 218 - .../vendor/sop/asn1/lib/ASN1/Util/Flags.php | 144 - .../php/vendor/sop/crypto-encoding/LICENSE | 21 - .../php/vendor/sop/crypto-encoding/README.md | 24 - .../vendor/sop/crypto-encoding/composer.json | 31 - .../lib/CryptoEncoding/PEM.php | 145 - .../lib/CryptoEncoding/PEMBundle.php | 173 - .../php/vendor/sop/crypto-types/LICENSE | 21 - .../php/vendor/sop/crypto-types/README.md | 42 - .../php/vendor/sop/crypto-types/composer.json | 39 - .../AlgorithmIdentifier.php | 116 - .../AlgorithmIdentifierFactory.php | 119 - .../AlgorithmIdentifierProvider.php | 35 - .../ECPublicKeyAlgorithmIdentifier.php | 303 - .../Asymmetric/Ed25519AlgorithmIdentifier.php | 44 - .../Asymmetric/Ed448AlgorithmIdentifier.php | 44 - .../RFC8410EdAlgorithmIdentifier.php | 59 - .../RFC8410XAlgorithmIdentifier.php | 53 - .../RSAEncryptionAlgorithmIdentifier.php | 68 - .../Asymmetric/X25519AlgorithmIdentifier.php | 29 - .../Asymmetric/X448AlgorithmIdentifier.php | 29 - .../Cipher/AES128CBCAlgorithmIdentifier.php | 42 - .../Cipher/AES192CBCAlgorithmIdentifier.php | 42 - .../Cipher/AES256CBCAlgorithmIdentifier.php | 42 - .../Cipher/AESCBCAlgorithmIdentifier.php | 82 - .../Cipher/BlockCipherAlgorithmIdentifier.php | 16 - .../Cipher/CipherAlgorithmIdentifier.php | 65 - .../Cipher/DESCBCAlgorithmIdentifier.php | 98 - .../Cipher/DESEDE3CBCAlgorithmIdentifier.php | 99 - .../Cipher/RC2CBCAlgorithmIdentifier.php | 215 - .../Feature/AlgorithmIdentifierType.php | 30 - .../AsymmetricCryptoAlgorithmIdentifier.php | 12 - .../Feature/EncryptionAlgorithmIdentifier.php | 12 - .../Feature/HashAlgorithmIdentifier.php | 12 - .../Feature/PRFAlgorithmIdentifier.php | 12 - .../Feature/SignatureAlgorithmIdentifier.php | 18 - .../GenericAlgorithmIdentifier.php | 57 - .../Hash/HMACWithSHA1AlgorithmIdentifier.php | 66 - .../HMACWithSHA224AlgorithmIdentifier.php | 29 - .../HMACWithSHA256AlgorithmIdentifier.php | 29 - .../HMACWithSHA384AlgorithmIdentifier.php | 29 - .../HMACWithSHA512AlgorithmIdentifier.php | 29 - .../Hash/MD5AlgorithmIdentifier.php | 85 - .../Hash/RFC4231HMACAlgorithmIdentifier.php | 56 - .../Hash/SHA1AlgorithmIdentifier.php | 81 - .../Hash/SHA224AlgorithmIdentifier.php | 33 - .../Hash/SHA256AlgorithmIdentifier.php | 32 - .../Hash/SHA2AlgorithmIdentifier.php | 71 - .../Hash/SHA384AlgorithmIdentifier.php | 32 - .../Hash/SHA512AlgorithmIdentifier.php | 32 - .../ECDSAWithSHA1AlgorithmIdentifier.php | 29 - .../ECDSAWithSHA224AlgorithmIdentifier.php | 29 - .../ECDSAWithSHA256AlgorithmIdentifier.php | 29 - .../ECDSAWithSHA384AlgorithmIdentifier.php | 29 - .../ECDSAWithSHA512AlgorithmIdentifier.php | 29 - .../ECSignatureAlgorithmIdentifier.php | 59 - ...D2WithRSAEncryptionAlgorithmIdentifier.php | 29 - ...D4WithRSAEncryptionAlgorithmIdentifier.php | 29 - ...D5WithRSAEncryptionAlgorithmIdentifier.php | 29 - ...RFC3279RSASignatureAlgorithmIdentifier.php | 51 - ...RFC4055RSASignatureAlgorithmIdentifier.php | 65 - .../RSASignatureAlgorithmIdentifier.php | 23 - ...A1WithRSAEncryptionAlgorithmIdentifier.php | 29 - ...24WithRSAEncryptionAlgorithmIdentifier.php | 30 - ...56WithRSAEncryptionAlgorithmIdentifier.php | 30 - ...84WithRSAEncryptionAlgorithmIdentifier.php | 30 - ...12WithRSAEncryptionAlgorithmIdentifier.php | 30 - .../SignatureAlgorithmIdentifierFactory.php | 105 - .../SpecificAlgorithmIdentifier.php | 30 - .../Attribute/OneAsymmetricKeyAttributes.php | 15 - .../Asymmetric/EC/ECConversion.php | 112 - .../Asymmetric/EC/ECPrivateKey.php | 223 - .../CryptoTypes/Asymmetric/EC/ECPublicKey.php | 222 - .../Asymmetric/OneAsymmetricKey.php | 359 -- .../lib/CryptoTypes/Asymmetric/PrivateKey.php | 74 - .../CryptoTypes/Asymmetric/PrivateKeyInfo.php | 33 - .../lib/CryptoTypes/Asymmetric/PublicKey.php | 60 - .../CryptoTypes/Asymmetric/PublicKeyInfo.php | 197 - .../Curve25519/Curve25519PrivateKey.php | 34 - .../Curve25519/Curve25519PublicKey.php | 29 - .../RFC8410/Curve25519/Ed25519PrivateKey.php | 36 - .../RFC8410/Curve25519/Ed25519PublicKey.php | 24 - .../RFC8410/Curve25519/X25519PrivateKey.php | 36 - .../RFC8410/Curve25519/X25519PublicKey.php | 24 - .../RFC8410/Curve448/Ed448PrivateKey.php | 56 - .../RFC8410/Curve448/Ed448PublicKey.php | 39 - .../RFC8410/Curve448/X448PrivateKey.php | 56 - .../RFC8410/Curve448/X448PublicKey.php | 39 - .../Asymmetric/RFC8410/RFC8410PrivateKey.php | 142 - .../Asymmetric/RFC8410/RFC8410PublicKey.php | 52 - .../Asymmetric/RSA/RSAPrivateKey.php | 286 - .../Asymmetric/RSA/RSAPublicKey.php | 147 - .../lib/CryptoTypes/Signature/ECSignature.php | 108 - .../Signature/Ed25519Signature.php | 44 - .../CryptoTypes/Signature/Ed448Signature.php | 44 - .../Signature/GenericSignature.php | 56 - .../CryptoTypes/Signature/RSASignature.php | 58 - .../lib/CryptoTypes/Signature/Signature.php | 49 - .../php/vendor/sop/x501/LICENSE | 21 - .../php/vendor/sop/x501/README.md | 26 - .../php/vendor/sop/x501/composer.json | 38 - .../sop/x501/lib/X501/ASN1/Attribute.php | 176 - .../sop/x501/lib/X501/ASN1/AttributeType.php | 457 -- .../lib/X501/ASN1/AttributeTypeAndValue.php | 128 - .../ASN1/AttributeValue/AttributeValue.php | 174 - .../ASN1/AttributeValue/CommonNameValue.php | 29 - .../ASN1/AttributeValue/CountryNameValue.php | 27 - .../ASN1/AttributeValue/DescriptionValue.php | 29 - .../Feature/DirectoryString.php | 179 - .../Feature/PrintableStringValue.php | 88 - .../ASN1/AttributeValue/GivenNameValue.php | 29 - .../ASN1/AttributeValue/LocalityNameValue.php | 29 - .../X501/ASN1/AttributeValue/NameValue.php | 29 - .../AttributeValue/OrganizationNameValue.php | 29 - .../OrganizationalUnitNameValue.php | 29 - .../ASN1/AttributeValue/PseudonymValue.php | 29 - .../ASN1/AttributeValue/SerialNumberValue.php | 27 - .../StateOrProvinceNameValue.php | 29 - .../X501/ASN1/AttributeValue/SurnameValue.php | 29 - .../X501/ASN1/AttributeValue/TitleValue.php | 29 - .../AttributeValue/UnknownAttributeValue.php | 75 - .../ASN1/Collection/AttributeCollection.php | 221 - .../ASN1/Collection/SequenceOfAttributes.php | 44 - .../X501/ASN1/Collection/SetOfAttributes.php | 45 - .../lib/X501/ASN1/Feature/TypedAttribute.php | 40 - .../vendor/sop/x501/lib/X501/ASN1/Name.php | 227 - .../php/vendor/sop/x501/lib/X501/ASN1/RDN.php | 187 - .../vendor/sop/x501/lib/X501/DN/DNParser.php | 428 -- .../lib/X501/MatchingRule/BinaryMatch.php | 21 - .../lib/X501/MatchingRule/CaseExactMatch.php | 25 - .../lib/X501/MatchingRule/CaseIgnoreMatch.php | 26 - .../lib/X501/MatchingRule/MatchingRule.php | 24 - .../MatchingRule/StringPrepMatchingRule.php | 40 - .../lib/X501/StringPrep/CheckBidiStep.php | 25 - .../InsignificantNonSubstringSpaceStep.php | 35 - .../sop/x501/lib/X501/StringPrep/MapStep.php | 45 - .../lib/X501/StringPrep/NormalizeStep.php | 24 - .../x501/lib/X501/StringPrep/PrepareStep.php | 23 - .../x501/lib/X501/StringPrep/ProhibitStep.php | 27 - .../lib/X501/StringPrep/StringPreparer.php | 87 - .../lib/X501/StringPrep/TranscodeStep.php | 66 - .../vendor/symfony/polyfill-ctype/Ctype.php | 232 - .../php/vendor/symfony/polyfill-ctype/LICENSE | 19 - .../vendor/symfony/polyfill-ctype/README.md | 12 - .../symfony/polyfill-ctype/bootstrap.php | 50 - .../symfony/polyfill-ctype/bootstrap80.php | 46 - .../symfony/polyfill-ctype/composer.json | 41 - .../vendor/symfony/polyfill-mbstring/LICENSE | 19 - .../symfony/polyfill-mbstring/Mbstring.php | 947 --- .../symfony/polyfill-mbstring/README.md | 13 - .../Resources/unidata/caseFolding.php | 119 - .../Resources/unidata/lowerCase.php | 1397 ----- .../Resources/unidata/titleCaseRegexp.php | 5 - .../Resources/unidata/upperCase.php | 1489 ----- .../symfony/polyfill-mbstring/bootstrap.php | 151 - .../symfony/polyfill-mbstring/bootstrap80.php | 147 - .../symfony/polyfill-mbstring/composer.json | 41 - .../php/vendor/symfony/polyfill-php80/LICENSE | 19 - .../vendor/symfony/polyfill-php80/Php80.php | 115 - .../symfony/polyfill-php80/PhpToken.php | 103 - .../vendor/symfony/polyfill-php80/README.md | 25 - .../Resources/stubs/Attribute.php | 31 - .../Resources/stubs/PhpToken.php | 16 - .../Resources/stubs/Stringable.php | 20 - .../Resources/stubs/UnhandledMatchError.php | 16 - .../Resources/stubs/ValueError.php | 16 - .../symfony/polyfill-php80/bootstrap.php | 42 - .../symfony/polyfill-php80/composer.json | 40 - .../php/vendor/vlucas/phpdotenv/LICENSE | 30 - .../php/vendor/vlucas/phpdotenv/composer.json | 60 - .../vendor/vlucas/phpdotenv/src/Dotenv.php | 267 - .../src/Exception/ExceptionInterface.php | 12 - .../Exception/InvalidEncodingException.php | 12 - .../src/Exception/InvalidFileException.php | 12 - .../src/Exception/InvalidPathException.php | 12 - .../src/Exception/ValidationException.php | 12 - .../vlucas/phpdotenv/src/Loader/Loader.php | 47 - .../phpdotenv/src/Loader/LoaderInterface.php | 20 - .../vlucas/phpdotenv/src/Loader/Resolver.php | 65 - .../vlucas/phpdotenv/src/Parser/Entry.php | 59 - .../phpdotenv/src/Parser/EntryParser.php | 300 - .../vlucas/phpdotenv/src/Parser/Lexer.php | 58 - .../vlucas/phpdotenv/src/Parser/Lines.php | 127 - .../vlucas/phpdotenv/src/Parser/Parser.php | 53 - .../phpdotenv/src/Parser/ParserInterface.php | 19 - .../vlucas/phpdotenv/src/Parser/Value.php | 88 - .../Repository/Adapter/AdapterInterface.php | 15 - .../src/Repository/Adapter/ApacheAdapter.php | 89 - .../src/Repository/Adapter/ArrayAdapter.php | 80 - .../Repository/Adapter/EnvConstAdapter.php | 89 - .../src/Repository/Adapter/GuardedWriter.php | 85 - .../Repository/Adapter/ImmutableWriter.php | 110 - .../src/Repository/Adapter/MultiReader.php | 48 - .../src/Repository/Adapter/MultiWriter.php | 64 - .../src/Repository/Adapter/PutenvAdapter.php | 91 - .../Repository/Adapter/ReaderInterface.php | 17 - .../Repository/Adapter/ReplacingWriter.php | 104 - .../Repository/Adapter/ServerConstAdapter.php | 89 - .../Repository/Adapter/WriterInterface.php | 27 - .../src/Repository/AdapterRepository.php | 107 - .../src/Repository/RepositoryBuilder.php | 272 - .../src/Repository/RepositoryInterface.php | 51 - .../vlucas/phpdotenv/src/Store/File/Paths.php | 44 - .../phpdotenv/src/Store/File/Reader.php | 81 - .../vlucas/phpdotenv/src/Store/FileStore.php | 72 - .../phpdotenv/src/Store/StoreBuilder.php | 141 - .../phpdotenv/src/Store/StoreInterface.php | 17 - .../phpdotenv/src/Store/StringStore.php | 37 - .../vlucas/phpdotenv/src/Util/Regex.php | 112 - .../vendor/vlucas/phpdotenv/src/Util/Str.php | 98 - .../vendor/vlucas/phpdotenv/src/Validator.php | 209 - 657 files changed, 91211 deletions(-) delete mode 100644 utilities/signing_and_verification/php/composer.lock delete mode 100644 utilities/signing_and_verification/php/vendor/autoload.php delete mode 100644 utilities/signing_and_verification/php/vendor/composer/ClassLoader.php delete mode 100644 utilities/signing_and_verification/php/vendor/composer/InstalledVersions.php delete mode 100644 utilities/signing_and_verification/php/vendor/composer/LICENSE delete mode 100644 utilities/signing_and_verification/php/vendor/composer/autoload_classmap.php delete mode 100644 utilities/signing_and_verification/php/vendor/composer/autoload_files.php delete mode 100644 utilities/signing_and_verification/php/vendor/composer/autoload_namespaces.php delete mode 100644 utilities/signing_and_verification/php/vendor/composer/autoload_psr4.php delete mode 100644 utilities/signing_and_verification/php/vendor/composer/autoload_real.php delete mode 100644 utilities/signing_and_verification/php/vendor/composer/autoload_static.php delete mode 100644 utilities/signing_and_verification/php/vendor/composer/installed.json delete mode 100644 utilities/signing_and_verification/php/vendor/composer/installed.php delete mode 100644 utilities/signing_and_verification/php/vendor/composer/platform_check.php delete mode 100644 utilities/signing_and_verification/php/vendor/graham-campbell/result-type/LICENSE delete mode 100644 utilities/signing_and_verification/php/vendor/graham-campbell/result-type/composer.json delete mode 100644 utilities/signing_and_verification/php/vendor/graham-campbell/result-type/src/Error.php delete mode 100644 utilities/signing_and_verification/php/vendor/graham-campbell/result-type/src/Result.php delete mode 100644 utilities/signing_and_verification/php/vendor/graham-campbell/result-type/src/Success.php delete mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/LICENSE.txt delete mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/README.md delete mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/composer.json delete mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base32.php delete mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base32Hex.php delete mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64.php delete mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64DotSlash.php delete mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64DotSlashOrdered.php delete mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64UrlSafe.php delete mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Binary.php delete mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/EncoderInterface.php delete mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Encoding.php delete mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Hex.php delete mode 100644 utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/RFC4648.php delete mode 100644 utilities/signing_and_verification/php/vendor/paragonie/random_compat/LICENSE delete mode 100755 utilities/signing_and_verification/php/vendor/paragonie/random_compat/build-phar.sh delete mode 100644 utilities/signing_and_verification/php/vendor/paragonie/random_compat/composer.json delete mode 100644 utilities/signing_and_verification/php/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey delete mode 100644 utilities/signing_and_verification/php/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey.asc delete mode 100644 utilities/signing_and_verification/php/vendor/paragonie/random_compat/lib/random.php delete mode 100644 utilities/signing_and_verification/php/vendor/paragonie/random_compat/other/build_phar.php delete mode 100644 utilities/signing_and_verification/php/vendor/paragonie/random_compat/psalm-autoload.php delete mode 100644 utilities/signing_and_verification/php/vendor/paragonie/random_compat/psalm.xml delete mode 100644 utilities/signing_and_verification/php/vendor/phpoption/phpoption/LICENSE delete mode 100644 utilities/signing_and_verification/php/vendor/phpoption/phpoption/composer.json delete mode 100644 utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/LazyOption.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/None.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/Option.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/Some.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/AUTHORS delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/BACKERS.md delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/LICENSE delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/README.md delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/composer.json delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Common/Functions/Strings.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/AES.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Blowfish.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/ChaCha20.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/AsymmetricKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/BlockCipher.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/JWK.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/OpenSSH.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PuTTY.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Signature/Raw.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/PrivateKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/PublicKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/StreamCipher.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/SymmetricKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Traits/Fingerprint.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Traits/PasswordProtected.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DES.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/Formats/Keys/PKCS1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/Formats/Keys/PKCS8.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/Parameters.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/PrivateKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/PublicKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/OpenSSH.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PKCS1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PKCS8.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PuTTY.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/Raw.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/XML.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/ASN1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/Raw.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/SSH2.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Parameters.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/PrivateKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/PublicKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Base.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Binary.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/KoblitzPrime.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Montgomery.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Prime.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/TwistedEdwards.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Curve25519.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Curve448.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Ed25519.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Ed448.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP160r1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP160t1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP192r1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP192t1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP224r1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP224t1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP256r1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP256t1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP320r1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP320t1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP384r1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP384t1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP512r1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP512t1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistb233.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistb409.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk163.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk233.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk283.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk409.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp192.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp224.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp256.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp384.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp521.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistt571.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime192v1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime192v2.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime192v3.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime239v1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime239v2.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime239v3.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime256v1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp112r1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp112r2.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp128r1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp128r2.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp160k1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp160r1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp160r2.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp192k1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp192r1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp224k1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp224r1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp256k1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp256r1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp384r1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp521r1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect113r1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect113r2.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect131r1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect131r2.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect163k1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect163r1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect163r2.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect193r1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect193r2.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect233k1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect233r1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect239k1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect283k1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect283r1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect409k1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect409r1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/Common.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/JWK.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPrivate.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPublic.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/OpenSSH.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS8.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PuTTY.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/XML.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/libsodium.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/ASN1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/IEEE.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/Raw.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/SSH2.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Parameters.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/PrivateKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/PublicKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Hash.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/PublicKeyLoader.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RC2.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RC4.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/JWK.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/MSBLOB.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/OpenSSH.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PKCS1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PKCS8.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PSS.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PuTTY.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/Raw.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/XML.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/PrivateKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/PublicKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Random.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Rijndael.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Salsa20.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/TripleDES.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Twofish.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/BadConfigurationException.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/BadDecryptionException.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/BadModeException.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/ConnectionClosedException.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/FileNotFoundException.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/InconsistentSetupException.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/InsufficientSetupException.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/NoKeyLoadedException.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/NoSupportedAlgorithmsException.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnableToConnectException.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedAlgorithmException.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedCurveException.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedFormatException.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedOperationException.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ANSI.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Element.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AccessDescription.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AdministrationDomainName.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AnotherName.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Attribute.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AttributeType.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AttributeTypeAndValue.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AttributeValue.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Attributes.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AuthorityInfoAccessSyntax.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AuthorityKeyIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BaseDistance.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BasicConstraints.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BuiltInDomainDefinedAttribute.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BuiltInDomainDefinedAttributes.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BuiltInStandardAttributes.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CPSuri.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CRLDistributionPoints.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CRLNumber.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CRLReason.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertPolicyId.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Certificate.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificateIssuer.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificateList.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificatePolicies.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificateSerialNumber.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificationRequest.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificationRequestInfo.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Characteristic_two.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CountryName.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Curve.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DHParameter.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DSAParams.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DSAPrivateKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DSAPublicKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DigestInfo.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DirectoryString.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DisplayText.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DistributionPoint.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DistributionPointName.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DssSigValue.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ECParameters.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ECPoint.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ECPrivateKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EDIPartyName.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EcdsaSigValue.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EncryptedData.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EncryptedPrivateKeyInfo.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ExtKeyUsageSyntax.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Extension.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ExtensionAttribute.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ExtensionAttributes.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Extensions.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/FieldElement.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/FieldID.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralName.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralNames.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralSubtree.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralSubtrees.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/HashAlgorithm.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/HoldInstructionCode.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/InvalidityDate.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/IssuerAltName.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/IssuingDistributionPoint.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/KeyIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/KeyPurposeId.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/KeyUsage.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/MaskGenAlgorithm.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Name.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NameConstraints.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NetworkAddress.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NoticeReference.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NumericUserIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ORAddress.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OneAsymmetricKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OrganizationName.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OrganizationalUnitNames.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OtherPrimeInfo.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OtherPrimeInfos.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBEParameter.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBES2params.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBKDF2params.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBMAC1params.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PKCS9String.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Pentanomial.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PersonalName.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyInformation.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyMappings.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyQualifierId.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyQualifierInfo.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PostalAddress.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Prime_p.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateDomainName.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateKeyInfo.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateKeyUsagePeriod.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PublicKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PublicKeyAndChallenge.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PublicKeyInfo.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RC2CBCParameter.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RDNSequence.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RSAPrivateKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RSAPublicKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RSASSA_PSS_params.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ReasonFlags.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RelativeDistinguishedName.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RevokedCertificate.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SignedPublicKeyAndChallenge.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SpecifiedECDomain.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectAltName.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectDirectoryAttributes.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectInfoAccessSyntax.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectPublicKeyInfo.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TBSCertList.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TBSCertificate.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TerminalIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Time.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Trinomial.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/UniqueIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/UserNotice.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Validity.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/netscape_ca_policy_url.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/netscape_cert_type.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/netscape_comment.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/X509.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Base.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/BuiltIn.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/DefaultEngine.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/OpenSSL.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/Barrett.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/EvalBarrett.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/Engine.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/GMP.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/GMP/DefaultEngine.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/OpenSSL.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Base.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/DefaultEngine.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Montgomery.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/OpenSSL.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Barrett.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Classic.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/EvalBarrett.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Montgomery.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/MontgomeryMult.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/PowerOfTwo.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP32.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP64.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BinaryField.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BinaryField/Integer.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/Common/FiniteField.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/Common/FiniteField/Integer.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/PrimeField.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/PrimeField/Integer.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Net/SFTP.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Net/SFTP/Stream.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Net/SSH2.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Agent.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Agent/Identity.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Common/Traits/ReadBytes.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/bootstrap.php delete mode 100644 utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/openssl.cnf delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/LICENSE delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/README.md delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/composer.json delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Component/Identifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Component/Length.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/DERData.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Element.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Exception/DecodeException.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Feature/ElementBase.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Feature/Encodable.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Feature/Stringable.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/BaseString.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/BaseTime.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Constructed/ConstructedString.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Constructed/Sequence.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Constructed/Set.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/BMPString.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/BitString.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Boolean.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/CharacterString.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/EOC.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Enumerated.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/GeneralString.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/GeneralizedTime.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/GraphicString.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/IA5String.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Integer.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/NullType.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/NumericString.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/ObjectDescriptor.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/ObjectIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/OctetString.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/PrintableString.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Real.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/RelativeOID.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/T61String.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/UTCTime.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/UTF8String.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/UniversalString.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/VideotexString.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/VisibleString.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/PrimitiveString.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/PrimitiveType.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/StringType.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Structure.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ApplicationType.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ContextSpecificType.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/DERTaggedType.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ExplicitTagging.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ExplicitlyTaggedType.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ImplicitTagging.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ImplicitlyTaggedType.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/PrivateType.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/TaggedTypeWrap.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/TaggedType.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/TimeType.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/UniversalClass.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/UnspecifiedType.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Util/BigInt.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Util/Flags.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-encoding/LICENSE delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-encoding/README.md delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-encoding/composer.json delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-encoding/lib/CryptoEncoding/PEM.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-encoding/lib/CryptoEncoding/PEMBundle.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/LICENSE delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/README.md delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/composer.json delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/AlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/AlgorithmIdentifierFactory.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/AlgorithmIdentifierProvider.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/ECPublicKeyAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/Ed25519AlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/Ed448AlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/RFC8410EdAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/RFC8410XAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/RSAEncryptionAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/X25519AlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/X448AlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AES128CBCAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AES192CBCAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AES256CBCAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AESCBCAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/BlockCipherAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/CipherAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/DESCBCAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/DESEDE3CBCAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/RC2CBCAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Feature/AlgorithmIdentifierType.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Feature/AsymmetricCryptoAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Feature/EncryptionAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Feature/HashAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Feature/PRFAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Feature/SignatureAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/GenericAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA1AlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA224AlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA256AlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA384AlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA512AlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/MD5AlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/RFC4231HMACAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA1AlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA224AlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA256AlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA2AlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA384AlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA512AlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA1AlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA224AlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA256AlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA384AlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA512AlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECSignatureAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/MD2WithRSAEncryptionAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/MD4WithRSAEncryptionAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/MD5WithRSAEncryptionAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/RFC3279RSASignatureAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/RFC4055RSASignatureAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/RSASignatureAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA1WithRSAEncryptionAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA224WithRSAEncryptionAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA256WithRSAEncryptionAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA384WithRSAEncryptionAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA512WithRSAEncryptionAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SignatureAlgorithmIdentifierFactory.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/SpecificAlgorithmIdentifier.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/Attribute/OneAsymmetricKeyAttributes.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/EC/ECConversion.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/EC/ECPrivateKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/EC/ECPublicKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/OneAsymmetricKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PrivateKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PrivateKeyInfo.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PublicKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PublicKeyInfo.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/Curve25519PrivateKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/Curve25519PublicKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/Ed25519PrivateKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/Ed25519PublicKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/X25519PrivateKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/X25519PublicKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve448/Ed448PrivateKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve448/Ed448PublicKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve448/X448PrivateKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve448/X448PublicKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/RFC8410PrivateKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/RFC8410PublicKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RSA/RSAPrivateKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RSA/RSAPublicKey.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/ECSignature.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/Ed25519Signature.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/Ed448Signature.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/GenericSignature.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/RSASignature.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/Signature.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/LICENSE delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/README.md delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/composer.json delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Attribute.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeType.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeTypeAndValue.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/AttributeValue.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/CommonNameValue.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/CountryNameValue.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/DescriptionValue.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/Feature/DirectoryString.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/Feature/PrintableStringValue.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/GivenNameValue.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/LocalityNameValue.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/NameValue.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/OrganizationNameValue.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/OrganizationalUnitNameValue.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/PseudonymValue.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/SerialNumberValue.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/StateOrProvinceNameValue.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/SurnameValue.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/TitleValue.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/UnknownAttributeValue.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Collection/AttributeCollection.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Collection/SequenceOfAttributes.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Collection/SetOfAttributes.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Feature/TypedAttribute.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Name.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/RDN.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/DN/DNParser.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/MatchingRule/BinaryMatch.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/MatchingRule/CaseExactMatch.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/MatchingRule/CaseIgnoreMatch.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/MatchingRule/MatchingRule.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/MatchingRule/StringPrepMatchingRule.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/CheckBidiStep.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/InsignificantNonSubstringSpaceStep.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/MapStep.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/NormalizeStep.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/PrepareStep.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/ProhibitStep.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/StringPreparer.php delete mode 100644 utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/TranscodeStep.php delete mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/Ctype.php delete mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/LICENSE delete mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/README.md delete mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/bootstrap.php delete mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/bootstrap80.php delete mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/composer.json delete mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/LICENSE delete mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Mbstring.php delete mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/README.md delete mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Resources/unidata/caseFolding.php delete mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Resources/unidata/lowerCase.php delete mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Resources/unidata/titleCaseRegexp.php delete mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Resources/unidata/upperCase.php delete mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/bootstrap.php delete mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/bootstrap80.php delete mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/composer.json delete mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/LICENSE delete mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Php80.php delete mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/PhpToken.php delete mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/README.md delete mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/Attribute.php delete mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/PhpToken.php delete mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/Stringable.php delete mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/UnhandledMatchError.php delete mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/ValueError.php delete mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/bootstrap.php delete mode 100644 utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/composer.json delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/LICENSE delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/composer.json delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Dotenv.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Exception/ExceptionInterface.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Exception/InvalidEncodingException.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Exception/InvalidFileException.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Exception/InvalidPathException.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Exception/ValidationException.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Loader/Loader.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Loader/LoaderInterface.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Loader/Resolver.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Entry.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/EntryParser.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Lexer.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Lines.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Parser.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/ParserInterface.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Value.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/AdapterInterface.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ApacheAdapter.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ArrayAdapter.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/EnvConstAdapter.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/GuardedWriter.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ImmutableWriter.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/MultiReader.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/MultiWriter.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/PutenvAdapter.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ReaderInterface.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ReplacingWriter.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ServerConstAdapter.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/WriterInterface.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/AdapterRepository.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/RepositoryBuilder.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/RepositoryInterface.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/File/Paths.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/File/Reader.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/FileStore.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/StoreBuilder.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/StoreInterface.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/StringStore.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Util/Regex.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Util/Str.php delete mode 100644 utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Validator.php diff --git a/utilities/signing_and_verification/php/composer.lock b/utilities/signing_and_verification/php/composer.lock deleted file mode 100644 index 1b0e924..0000000 --- a/utilities/signing_and_verification/php/composer.lock +++ /dev/null @@ -1,940 +0,0 @@ -{ - "_readme": [ - "This file locks the dependencies of your project to a known state", - "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", - "This file is @generated automatically" - ], - "content-hash": "eec5a6c56eb5dcc64208c9c65fac635b", - "packages": [ - { - "name": "graham-campbell/result-type", - "version": "v1.1.2", - "source": { - "type": "git", - "url": "https://github.com/GrahamCampbell/Result-Type.git", - "reference": "fbd48bce38f73f8a4ec8583362e732e4095e5862" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/GrahamCampbell/Result-Type/zipball/fbd48bce38f73f8a4ec8583362e732e4095e5862", - "reference": "fbd48bce38f73f8a4ec8583362e732e4095e5862", - "shasum": "" - }, - "require": { - "php": "^7.2.5 || ^8.0", - "phpoption/phpoption": "^1.9.2" - }, - "require-dev": { - "phpunit/phpunit": "^8.5.34 || ^9.6.13 || ^10.4.2" - }, - "type": "library", - "autoload": { - "psr-4": { - "GrahamCampbell\\ResultType\\": "src/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Graham Campbell", - "email": "hello@gjcampbell.co.uk", - "homepage": "https://github.com/GrahamCampbell" - } - ], - "description": "An Implementation Of The Result Type", - "keywords": [ - "Graham Campbell", - "GrahamCampbell", - "Result Type", - "Result-Type", - "result" - ], - "support": { - "issues": "https://github.com/GrahamCampbell/Result-Type/issues", - "source": "https://github.com/GrahamCampbell/Result-Type/tree/v1.1.2" - }, - "funding": [ - { - "url": "https://github.com/GrahamCampbell", - "type": "github" - }, - { - "url": "https://tidelift.com/funding/github/packagist/graham-campbell/result-type", - "type": "tidelift" - } - ], - "time": "2023-11-12T22:16:48+00:00" - }, - { - "name": "paragonie/constant_time_encoding", - "version": "v2.6.3", - "source": { - "type": "git", - "url": "https://github.com/paragonie/constant_time_encoding.git", - "reference": "58c3f47f650c94ec05a151692652a868995d2938" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/paragonie/constant_time_encoding/zipball/58c3f47f650c94ec05a151692652a868995d2938", - "reference": "58c3f47f650c94ec05a151692652a868995d2938", - "shasum": "" - }, - "require": { - "php": "^7|^8" - }, - "require-dev": { - "phpunit/phpunit": "^6|^7|^8|^9", - "vimeo/psalm": "^1|^2|^3|^4" - }, - "type": "library", - "autoload": { - "psr-4": { - "ParagonIE\\ConstantTime\\": "src/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Paragon Initiative Enterprises", - "email": "security@paragonie.com", - "homepage": "https://paragonie.com", - "role": "Maintainer" - }, - { - "name": "Steve 'Sc00bz' Thomas", - "email": "steve@tobtu.com", - "homepage": "https://www.tobtu.com", - "role": "Original Developer" - } - ], - "description": "Constant-time Implementations of RFC 4648 Encoding (Base-64, Base-32, Base-16)", - "keywords": [ - "base16", - "base32", - "base32_decode", - "base32_encode", - "base64", - "base64_decode", - "base64_encode", - "bin2hex", - "encoding", - "hex", - "hex2bin", - "rfc4648" - ], - "support": { - "email": "info@paragonie.com", - "issues": "https://github.com/paragonie/constant_time_encoding/issues", - "source": "https://github.com/paragonie/constant_time_encoding" - }, - "time": "2022-06-14T06:56:20+00:00" - }, - { - "name": "paragonie/random_compat", - "version": "v9.99.100", - "source": { - "type": "git", - "url": "https://github.com/paragonie/random_compat.git", - "reference": "996434e5492cb4c3edcb9168db6fbb1359ef965a" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/paragonie/random_compat/zipball/996434e5492cb4c3edcb9168db6fbb1359ef965a", - "reference": "996434e5492cb4c3edcb9168db6fbb1359ef965a", - "shasum": "" - }, - "require": { - "php": ">= 7" - }, - "require-dev": { - "phpunit/phpunit": "4.*|5.*", - "vimeo/psalm": "^1" - }, - "suggest": { - "ext-libsodium": "Provides a modern crypto API that can be used to generate random bytes." - }, - "type": "library", - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Paragon Initiative Enterprises", - "email": "security@paragonie.com", - "homepage": "https://paragonie.com" - } - ], - "description": "PHP 5.x polyfill for random_bytes() and random_int() from PHP 7", - "keywords": [ - "csprng", - "polyfill", - "pseudorandom", - "random" - ], - "support": { - "email": "info@paragonie.com", - "issues": "https://github.com/paragonie/random_compat/issues", - "source": "https://github.com/paragonie/random_compat" - }, - "time": "2020-10-15T08:29:30+00:00" - }, - { - "name": "phpoption/phpoption", - "version": "1.9.2", - "source": { - "type": "git", - "url": "https://github.com/schmittjoh/php-option.git", - "reference": "80735db690fe4fc5c76dfa7f9b770634285fa820" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/schmittjoh/php-option/zipball/80735db690fe4fc5c76dfa7f9b770634285fa820", - "reference": "80735db690fe4fc5c76dfa7f9b770634285fa820", - "shasum": "" - }, - "require": { - "php": "^7.2.5 || ^8.0" - }, - "require-dev": { - "bamarni/composer-bin-plugin": "^1.8.2", - "phpunit/phpunit": "^8.5.34 || ^9.6.13 || ^10.4.2" - }, - "type": "library", - "extra": { - "bamarni-bin": { - "bin-links": true, - "forward-command": true - }, - "branch-alias": { - "dev-master": "1.9-dev" - } - }, - "autoload": { - "psr-4": { - "PhpOption\\": "src/PhpOption/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "Apache-2.0" - ], - "authors": [ - { - "name": "Johannes M. Schmitt", - "email": "schmittjoh@gmail.com", - "homepage": "https://github.com/schmittjoh" - }, - { - "name": "Graham Campbell", - "email": "hello@gjcampbell.co.uk", - "homepage": "https://github.com/GrahamCampbell" - } - ], - "description": "Option Type for PHP", - "keywords": [ - "language", - "option", - "php", - "type" - ], - "support": { - "issues": "https://github.com/schmittjoh/php-option/issues", - "source": "https://github.com/schmittjoh/php-option/tree/1.9.2" - }, - "funding": [ - { - "url": "https://github.com/GrahamCampbell", - "type": "github" - }, - { - "url": "https://tidelift.com/funding/github/packagist/phpoption/phpoption", - "type": "tidelift" - } - ], - "time": "2023-11-12T21:59:55+00:00" - }, - { - "name": "phpseclib/phpseclib", - "version": "3.0.35", - "source": { - "type": "git", - "url": "https://github.com/phpseclib/phpseclib.git", - "reference": "4b1827beabce71953ca479485c0ae9c51287f2fe" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/4b1827beabce71953ca479485c0ae9c51287f2fe", - "reference": "4b1827beabce71953ca479485c0ae9c51287f2fe", - "shasum": "" - }, - "require": { - "paragonie/constant_time_encoding": "^1|^2", - "paragonie/random_compat": "^1.4|^2.0|^9.99.99", - "php": ">=5.6.1" - }, - "require-dev": { - "phpunit/phpunit": "*" - }, - "suggest": { - "ext-dom": "Install the DOM extension to load XML formatted public keys.", - "ext-gmp": "Install the GMP (GNU Multiple Precision) extension in order to speed up arbitrary precision integer arithmetic operations.", - "ext-libsodium": "SSH2/SFTP can make use of some algorithms provided by the libsodium-php extension.", - "ext-mcrypt": "Install the Mcrypt extension in order to speed up a few other cryptographic operations.", - "ext-openssl": "Install the OpenSSL extension in order to speed up a wide variety of cryptographic operations." - }, - "type": "library", - "autoload": { - "files": [ - "phpseclib/bootstrap.php" - ], - "psr-4": { - "phpseclib3\\": "phpseclib/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Jim Wigginton", - "email": "terrafrost@php.net", - "role": "Lead Developer" - }, - { - "name": "Patrick Monnerat", - "email": "pm@datasphere.ch", - "role": "Developer" - }, - { - "name": "Andreas Fischer", - "email": "bantu@phpbb.com", - "role": "Developer" - }, - { - "name": "Hans-Jürgen Petrich", - "email": "petrich@tronic-media.com", - "role": "Developer" - }, - { - "name": "Graham Campbell", - "email": "graham@alt-three.com", - "role": "Developer" - } - ], - "description": "PHP Secure Communications Library - Pure-PHP implementations of RSA, AES, SSH2, SFTP, X.509 etc.", - "homepage": "http://phpseclib.sourceforge.net", - "keywords": [ - "BigInteger", - "aes", - "asn.1", - "asn1", - "blowfish", - "crypto", - "cryptography", - "encryption", - "rsa", - "security", - "sftp", - "signature", - "signing", - "ssh", - "twofish", - "x.509", - "x509" - ], - "support": { - "issues": "https://github.com/phpseclib/phpseclib/issues", - "source": "https://github.com/phpseclib/phpseclib/tree/3.0.35" - }, - "funding": [ - { - "url": "https://github.com/terrafrost", - "type": "github" - }, - { - "url": "https://www.patreon.com/phpseclib", - "type": "patreon" - }, - { - "url": "https://tidelift.com/funding/github/packagist/phpseclib/phpseclib", - "type": "tidelift" - } - ], - "time": "2023-12-29T01:59:53+00:00" - }, - { - "name": "sop/asn1", - "version": "4.1.1", - "source": { - "type": "git", - "url": "https://github.com/sop/asn1.git", - "reference": "074efe8f7c353c54edc809ac3d74efda83edd776" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/sop/asn1/zipball/074efe8f7c353c54edc809ac3d74efda83edd776", - "reference": "074efe8f7c353c54edc809ac3d74efda83edd776", - "shasum": "" - }, - "require": { - "ext-gmp": "*", - "ext-mbstring": "*", - "php": ">=7.2" - }, - "require-dev": { - "phpunit/phpunit": "^8.1" - }, - "type": "library", - "autoload": { - "psr-4": { - "Sop\\ASN1\\": "lib/ASN1/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Joni Eskelinen", - "email": "jonieske@gmail.com", - "role": "Developer" - } - ], - "description": "A PHP library for X.690 ASN.1 DER encoding and decoding.", - "homepage": "https://github.com/sop/asn1", - "keywords": [ - "DER", - "asn.1", - "asn1", - "x.690", - "x690" - ], - "support": { - "issues": "https://github.com/sop/asn1/issues", - "source": "https://github.com/sop/asn1/tree/4.1.1" - }, - "time": "2022-02-17T07:08:51+00:00" - }, - { - "name": "sop/crypto-encoding", - "version": "0.3.0", - "source": { - "type": "git", - "url": "https://github.com/sop/crypto-encoding.git", - "reference": "07537353e1b0e76c382a58a9c6e041b7c7dc9052" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/sop/crypto-encoding/zipball/07537353e1b0e76c382a58a9c6e041b7c7dc9052", - "reference": "07537353e1b0e76c382a58a9c6e041b7c7dc9052", - "shasum": "" - }, - "require": { - "php": ">=7.2" - }, - "require-dev": { - "phpunit/phpunit": "^8.1" - }, - "type": "library", - "autoload": { - "psr-4": { - "Sop\\CryptoEncoding\\": "lib/CryptoEncoding/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Joni Eskelinen", - "email": "jonieske@gmail.com", - "role": "Developer" - } - ], - "description": "A PHP implementation of textual encodings of cryptographic structures.", - "homepage": "https://github.com/sop/crypto-encoding", - "keywords": [ - "Private Key", - "certificate", - "pem", - "public key" - ], - "support": { - "issues": "https://github.com/sop/crypto-encoding/issues", - "source": "https://github.com/sop/crypto-encoding/tree/master" - }, - "time": "2019-05-22T11:46:12+00:00" - }, - { - "name": "sop/crypto-types", - "version": "dev-master", - "source": { - "type": "git", - "url": "https://github.com/sop/crypto-types.git", - "reference": "92fd19ebd5d9aecdaef919e08296a2ef79a2e80f" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/sop/crypto-types/zipball/92fd19ebd5d9aecdaef919e08296a2ef79a2e80f", - "reference": "92fd19ebd5d9aecdaef919e08296a2ef79a2e80f", - "shasum": "" - }, - "require": { - "ext-gmp": "*", - "php": ">=7.2", - "sop/asn1": "^4.0.0", - "sop/crypto-encoding": "^0.3.0", - "sop/x501": "0.6.1" - }, - "require-dev": { - "phpunit/phpunit": "^8.1" - }, - "default-branch": true, - "type": "library", - "autoload": { - "psr-4": { - "Sop\\CryptoTypes\\": "lib/CryptoTypes/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Joni Eskelinen", - "email": "jonieske@gmail.com", - "role": "Developer" - } - ], - "description": "A PHP library of various ASN.1 types for cryptographic applications.", - "homepage": "https://github.com/sop/crypto-types", - "keywords": [ - "Private Key", - "algorithm identifier", - "asn1", - "cryptography", - "ec", - "public key", - "rsa", - "signature" - ], - "support": { - "issues": "https://github.com/sop/crypto-types/issues", - "source": "https://github.com/sop/crypto-types/tree/master" - }, - "time": "2021-08-11T06:56:21+00:00" - }, - { - "name": "sop/x501", - "version": "0.6.1", - "source": { - "type": "git", - "url": "https://github.com/sop/x501.git", - "reference": "7978bfac25ff73c4c20bed0794d4d88cca8f6895" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/sop/x501/zipball/7978bfac25ff73c4c20bed0794d4d88cca8f6895", - "reference": "7978bfac25ff73c4c20bed0794d4d88cca8f6895", - "shasum": "" - }, - "require": { - "ext-intl": "*", - "ext-mbstring": "*", - "php": ">=7.2", - "sop/asn1": "^4.0.0" - }, - "require-dev": { - "phpunit/phpunit": "^8.1" - }, - "type": "library", - "autoload": { - "psr-4": { - "Sop\\X501\\": "lib/X501/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Joni Eskelinen", - "email": "jonieske@gmail.com", - "role": "Developer" - } - ], - "description": "A PHP library for X.501 ASN.1 types, X.520 attributes and DN parsing.", - "homepage": "https://github.com/sop/x501", - "keywords": [ - "attribute", - "dn", - "ldap", - "rdn", - "x.501", - "x.520", - "x501", - "x520" - ], - "support": { - "issues": "https://github.com/sop/x501/issues", - "source": "https://github.com/sop/x501/tree/0.6.1" - }, - "time": "2019-06-27T10:30:28+00:00" - }, - { - "name": "symfony/polyfill-ctype", - "version": "v1.28.0", - "source": { - "type": "git", - "url": "https://github.com/symfony/polyfill-ctype.git", - "reference": "ea208ce43cbb04af6867b4fdddb1bdbf84cc28cb" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/ea208ce43cbb04af6867b4fdddb1bdbf84cc28cb", - "reference": "ea208ce43cbb04af6867b4fdddb1bdbf84cc28cb", - "shasum": "" - }, - "require": { - "php": ">=7.1" - }, - "provide": { - "ext-ctype": "*" - }, - "suggest": { - "ext-ctype": "For best performance" - }, - "type": "library", - "extra": { - "branch-alias": { - "dev-main": "1.28-dev" - }, - "thanks": { - "name": "symfony/polyfill", - "url": "https://github.com/symfony/polyfill" - } - }, - "autoload": { - "files": [ - "bootstrap.php" - ], - "psr-4": { - "Symfony\\Polyfill\\Ctype\\": "" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Gert de Pagter", - "email": "BackEndTea@gmail.com" - }, - { - "name": "Symfony Community", - "homepage": "https://symfony.com/contributors" - } - ], - "description": "Symfony polyfill for ctype functions", - "homepage": "https://symfony.com", - "keywords": [ - "compatibility", - "ctype", - "polyfill", - "portable" - ], - "support": { - "source": "https://github.com/symfony/polyfill-ctype/tree/v1.28.0" - }, - "funding": [ - { - "url": "https://symfony.com/sponsor", - "type": "custom" - }, - { - "url": "https://github.com/fabpot", - "type": "github" - }, - { - "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", - "type": "tidelift" - } - ], - "time": "2023-01-26T09:26:14+00:00" - }, - { - "name": "symfony/polyfill-mbstring", - "version": "v1.28.0", - "source": { - "type": "git", - "url": "https://github.com/symfony/polyfill-mbstring.git", - "reference": "42292d99c55abe617799667f454222c54c60e229" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/42292d99c55abe617799667f454222c54c60e229", - "reference": "42292d99c55abe617799667f454222c54c60e229", - "shasum": "" - }, - "require": { - "php": ">=7.1" - }, - "provide": { - "ext-mbstring": "*" - }, - "suggest": { - "ext-mbstring": "For best performance" - }, - "type": "library", - "extra": { - "branch-alias": { - "dev-main": "1.28-dev" - }, - "thanks": { - "name": "symfony/polyfill", - "url": "https://github.com/symfony/polyfill" - } - }, - "autoload": { - "files": [ - "bootstrap.php" - ], - "psr-4": { - "Symfony\\Polyfill\\Mbstring\\": "" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Nicolas Grekas", - "email": "p@tchwork.com" - }, - { - "name": "Symfony Community", - "homepage": "https://symfony.com/contributors" - } - ], - "description": "Symfony polyfill for the Mbstring extension", - "homepage": "https://symfony.com", - "keywords": [ - "compatibility", - "mbstring", - "polyfill", - "portable", - "shim" - ], - "support": { - "source": "https://github.com/symfony/polyfill-mbstring/tree/v1.28.0" - }, - "funding": [ - { - "url": "https://symfony.com/sponsor", - "type": "custom" - }, - { - "url": "https://github.com/fabpot", - "type": "github" - }, - { - "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", - "type": "tidelift" - } - ], - "time": "2023-07-28T09:04:16+00:00" - }, - { - "name": "symfony/polyfill-php80", - "version": "v1.28.0", - "source": { - "type": "git", - "url": "https://github.com/symfony/polyfill-php80.git", - "reference": "6caa57379c4aec19c0a12a38b59b26487dcfe4b5" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/6caa57379c4aec19c0a12a38b59b26487dcfe4b5", - "reference": "6caa57379c4aec19c0a12a38b59b26487dcfe4b5", - "shasum": "" - }, - "require": { - "php": ">=7.1" - }, - "type": "library", - "extra": { - "branch-alias": { - "dev-main": "1.28-dev" - }, - "thanks": { - "name": "symfony/polyfill", - "url": "https://github.com/symfony/polyfill" - } - }, - "autoload": { - "files": [ - "bootstrap.php" - ], - "psr-4": { - "Symfony\\Polyfill\\Php80\\": "" - }, - "classmap": [ - "Resources/stubs" - ] - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Ion Bazan", - "email": "ion.bazan@gmail.com" - }, - { - "name": "Nicolas Grekas", - "email": "p@tchwork.com" - }, - { - "name": "Symfony Community", - "homepage": "https://symfony.com/contributors" - } - ], - "description": "Symfony polyfill backporting some PHP 8.0+ features to lower PHP versions", - "homepage": "https://symfony.com", - "keywords": [ - "compatibility", - "polyfill", - "portable", - "shim" - ], - "support": { - "source": "https://github.com/symfony/polyfill-php80/tree/v1.28.0" - }, - "funding": [ - { - "url": "https://symfony.com/sponsor", - "type": "custom" - }, - { - "url": "https://github.com/fabpot", - "type": "github" - }, - { - "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", - "type": "tidelift" - } - ], - "time": "2023-01-26T09:26:14+00:00" - }, - { - "name": "vlucas/phpdotenv", - "version": "v5.6.0", - "source": { - "type": "git", - "url": "https://github.com/vlucas/phpdotenv.git", - "reference": "2cf9fb6054c2bb1d59d1f3817706ecdb9d2934c4" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/vlucas/phpdotenv/zipball/2cf9fb6054c2bb1d59d1f3817706ecdb9d2934c4", - "reference": "2cf9fb6054c2bb1d59d1f3817706ecdb9d2934c4", - "shasum": "" - }, - "require": { - "ext-pcre": "*", - "graham-campbell/result-type": "^1.1.2", - "php": "^7.2.5 || ^8.0", - "phpoption/phpoption": "^1.9.2", - "symfony/polyfill-ctype": "^1.24", - "symfony/polyfill-mbstring": "^1.24", - "symfony/polyfill-php80": "^1.24" - }, - "require-dev": { - "bamarni/composer-bin-plugin": "^1.8.2", - "ext-filter": "*", - "phpunit/phpunit": "^8.5.34 || ^9.6.13 || ^10.4.2" - }, - "suggest": { - "ext-filter": "Required to use the boolean validator." - }, - "type": "library", - "extra": { - "bamarni-bin": { - "bin-links": true, - "forward-command": true - }, - "branch-alias": { - "dev-master": "5.6-dev" - } - }, - "autoload": { - "psr-4": { - "Dotenv\\": "src/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "BSD-3-Clause" - ], - "authors": [ - { - "name": "Graham Campbell", - "email": "hello@gjcampbell.co.uk", - "homepage": "https://github.com/GrahamCampbell" - }, - { - "name": "Vance Lucas", - "email": "vance@vancelucas.com", - "homepage": "https://github.com/vlucas" - } - ], - "description": "Loads environment variables from `.env` to `getenv()`, `$_ENV` and `$_SERVER` automagically.", - "keywords": [ - "dotenv", - "env", - "environment" - ], - "support": { - "issues": "https://github.com/vlucas/phpdotenv/issues", - "source": "https://github.com/vlucas/phpdotenv/tree/v5.6.0" - }, - "funding": [ - { - "url": "https://github.com/GrahamCampbell", - "type": "github" - }, - { - "url": "https://tidelift.com/funding/github/packagist/vlucas/phpdotenv", - "type": "tidelift" - } - ], - "time": "2023-11-12T22:43:29+00:00" - } - ], - "packages-dev": [], - "aliases": [], - "minimum-stability": "stable", - "stability-flags": { - "sop/crypto-types": 20 - }, - "prefer-stable": false, - "prefer-lowest": false, - "platform": [], - "platform-dev": [], - "plugin-api-version": "2.6.0" -} diff --git a/utilities/signing_and_verification/php/vendor/autoload.php b/utilities/signing_and_verification/php/vendor/autoload.php deleted file mode 100644 index e8ac887..0000000 --- a/utilities/signing_and_verification/php/vendor/autoload.php +++ /dev/null @@ -1,25 +0,0 @@ - - * Jordi Boggiano - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Composer\Autoload; - -/** - * ClassLoader implements a PSR-0, PSR-4 and classmap class loader. - * - * $loader = new \Composer\Autoload\ClassLoader(); - * - * // register classes with namespaces - * $loader->add('Symfony\Component', __DIR__.'/component'); - * $loader->add('Symfony', __DIR__.'/framework'); - * - * // activate the autoloader - * $loader->register(); - * - * // to enable searching the include path (eg. for PEAR packages) - * $loader->setUseIncludePath(true); - * - * In this example, if you try to use a class in the Symfony\Component - * namespace or one of its children (Symfony\Component\Console for instance), - * the autoloader will first look for the class under the component/ - * directory, and it will then fallback to the framework/ directory if not - * found before giving up. - * - * This class is loosely based on the Symfony UniversalClassLoader. - * - * @author Fabien Potencier - * @author Jordi Boggiano - * @see https://www.php-fig.org/psr/psr-0/ - * @see https://www.php-fig.org/psr/psr-4/ - */ -class ClassLoader -{ - /** @var \Closure(string):void */ - private static $includeFile; - - /** @var string|null */ - private $vendorDir; - - // PSR-4 - /** - * @var array> - */ - private $prefixLengthsPsr4 = array(); - /** - * @var array> - */ - private $prefixDirsPsr4 = array(); - /** - * @var list - */ - private $fallbackDirsPsr4 = array(); - - // PSR-0 - /** - * List of PSR-0 prefixes - * - * Structured as array('F (first letter)' => array('Foo\Bar (full prefix)' => array('path', 'path2'))) - * - * @var array>> - */ - private $prefixesPsr0 = array(); - /** - * @var list - */ - private $fallbackDirsPsr0 = array(); - - /** @var bool */ - private $useIncludePath = false; - - /** - * @var array - */ - private $classMap = array(); - - /** @var bool */ - private $classMapAuthoritative = false; - - /** - * @var array - */ - private $missingClasses = array(); - - /** @var string|null */ - private $apcuPrefix; - - /** - * @var array - */ - private static $registeredLoaders = array(); - - /** - * @param string|null $vendorDir - */ - public function __construct($vendorDir = null) - { - $this->vendorDir = $vendorDir; - self::initializeIncludeClosure(); - } - - /** - * @return array> - */ - public function getPrefixes() - { - if (!empty($this->prefixesPsr0)) { - return call_user_func_array('array_merge', array_values($this->prefixesPsr0)); - } - - return array(); - } - - /** - * @return array> - */ - public function getPrefixesPsr4() - { - return $this->prefixDirsPsr4; - } - - /** - * @return list - */ - public function getFallbackDirs() - { - return $this->fallbackDirsPsr0; - } - - /** - * @return list - */ - public function getFallbackDirsPsr4() - { - return $this->fallbackDirsPsr4; - } - - /** - * @return array Array of classname => path - */ - public function getClassMap() - { - return $this->classMap; - } - - /** - * @param array $classMap Class to filename map - * - * @return void - */ - public function addClassMap(array $classMap) - { - if ($this->classMap) { - $this->classMap = array_merge($this->classMap, $classMap); - } else { - $this->classMap = $classMap; - } - } - - /** - * Registers a set of PSR-0 directories for a given prefix, either - * appending or prepending to the ones previously set for this prefix. - * - * @param string $prefix The prefix - * @param list|string $paths The PSR-0 root directories - * @param bool $prepend Whether to prepend the directories - * - * @return void - */ - public function add($prefix, $paths, $prepend = false) - { - $paths = (array) $paths; - if (!$prefix) { - if ($prepend) { - $this->fallbackDirsPsr0 = array_merge( - $paths, - $this->fallbackDirsPsr0 - ); - } else { - $this->fallbackDirsPsr0 = array_merge( - $this->fallbackDirsPsr0, - $paths - ); - } - - return; - } - - $first = $prefix[0]; - if (!isset($this->prefixesPsr0[$first][$prefix])) { - $this->prefixesPsr0[$first][$prefix] = $paths; - - return; - } - if ($prepend) { - $this->prefixesPsr0[$first][$prefix] = array_merge( - $paths, - $this->prefixesPsr0[$first][$prefix] - ); - } else { - $this->prefixesPsr0[$first][$prefix] = array_merge( - $this->prefixesPsr0[$first][$prefix], - $paths - ); - } - } - - /** - * Registers a set of PSR-4 directories for a given namespace, either - * appending or prepending to the ones previously set for this namespace. - * - * @param string $prefix The prefix/namespace, with trailing '\\' - * @param list|string $paths The PSR-4 base directories - * @param bool $prepend Whether to prepend the directories - * - * @throws \InvalidArgumentException - * - * @return void - */ - public function addPsr4($prefix, $paths, $prepend = false) - { - $paths = (array) $paths; - if (!$prefix) { - // Register directories for the root namespace. - if ($prepend) { - $this->fallbackDirsPsr4 = array_merge( - $paths, - $this->fallbackDirsPsr4 - ); - } else { - $this->fallbackDirsPsr4 = array_merge( - $this->fallbackDirsPsr4, - $paths - ); - } - } elseif (!isset($this->prefixDirsPsr4[$prefix])) { - // Register directories for a new namespace. - $length = strlen($prefix); - if ('\\' !== $prefix[$length - 1]) { - throw new \InvalidArgumentException("A non-empty PSR-4 prefix must end with a namespace separator."); - } - $this->prefixLengthsPsr4[$prefix[0]][$prefix] = $length; - $this->prefixDirsPsr4[$prefix] = $paths; - } elseif ($prepend) { - // Prepend directories for an already registered namespace. - $this->prefixDirsPsr4[$prefix] = array_merge( - $paths, - $this->prefixDirsPsr4[$prefix] - ); - } else { - // Append directories for an already registered namespace. - $this->prefixDirsPsr4[$prefix] = array_merge( - $this->prefixDirsPsr4[$prefix], - $paths - ); - } - } - - /** - * Registers a set of PSR-0 directories for a given prefix, - * replacing any others previously set for this prefix. - * - * @param string $prefix The prefix - * @param list|string $paths The PSR-0 base directories - * - * @return void - */ - public function set($prefix, $paths) - { - if (!$prefix) { - $this->fallbackDirsPsr0 = (array) $paths; - } else { - $this->prefixesPsr0[$prefix[0]][$prefix] = (array) $paths; - } - } - - /** - * Registers a set of PSR-4 directories for a given namespace, - * replacing any others previously set for this namespace. - * - * @param string $prefix The prefix/namespace, with trailing '\\' - * @param list|string $paths The PSR-4 base directories - * - * @throws \InvalidArgumentException - * - * @return void - */ - public function setPsr4($prefix, $paths) - { - if (!$prefix) { - $this->fallbackDirsPsr4 = (array) $paths; - } else { - $length = strlen($prefix); - if ('\\' !== $prefix[$length - 1]) { - throw new \InvalidArgumentException("A non-empty PSR-4 prefix must end with a namespace separator."); - } - $this->prefixLengthsPsr4[$prefix[0]][$prefix] = $length; - $this->prefixDirsPsr4[$prefix] = (array) $paths; - } - } - - /** - * Turns on searching the include path for class files. - * - * @param bool $useIncludePath - * - * @return void - */ - public function setUseIncludePath($useIncludePath) - { - $this->useIncludePath = $useIncludePath; - } - - /** - * Can be used to check if the autoloader uses the include path to check - * for classes. - * - * @return bool - */ - public function getUseIncludePath() - { - return $this->useIncludePath; - } - - /** - * Turns off searching the prefix and fallback directories for classes - * that have not been registered with the class map. - * - * @param bool $classMapAuthoritative - * - * @return void - */ - public function setClassMapAuthoritative($classMapAuthoritative) - { - $this->classMapAuthoritative = $classMapAuthoritative; - } - - /** - * Should class lookup fail if not found in the current class map? - * - * @return bool - */ - public function isClassMapAuthoritative() - { - return $this->classMapAuthoritative; - } - - /** - * APCu prefix to use to cache found/not-found classes, if the extension is enabled. - * - * @param string|null $apcuPrefix - * - * @return void - */ - public function setApcuPrefix($apcuPrefix) - { - $this->apcuPrefix = function_exists('apcu_fetch') && filter_var(ini_get('apc.enabled'), FILTER_VALIDATE_BOOLEAN) ? $apcuPrefix : null; - } - - /** - * The APCu prefix in use, or null if APCu caching is not enabled. - * - * @return string|null - */ - public function getApcuPrefix() - { - return $this->apcuPrefix; - } - - /** - * Registers this instance as an autoloader. - * - * @param bool $prepend Whether to prepend the autoloader or not - * - * @return void - */ - public function register($prepend = false) - { - spl_autoload_register(array($this, 'loadClass'), true, $prepend); - - if (null === $this->vendorDir) { - return; - } - - if ($prepend) { - self::$registeredLoaders = array($this->vendorDir => $this) + self::$registeredLoaders; - } else { - unset(self::$registeredLoaders[$this->vendorDir]); - self::$registeredLoaders[$this->vendorDir] = $this; - } - } - - /** - * Unregisters this instance as an autoloader. - * - * @return void - */ - public function unregister() - { - spl_autoload_unregister(array($this, 'loadClass')); - - if (null !== $this->vendorDir) { - unset(self::$registeredLoaders[$this->vendorDir]); - } - } - - /** - * Loads the given class or interface. - * - * @param string $class The name of the class - * @return true|null True if loaded, null otherwise - */ - public function loadClass($class) - { - if ($file = $this->findFile($class)) { - $includeFile = self::$includeFile; - $includeFile($file); - - return true; - } - - return null; - } - - /** - * Finds the path to the file where the class is defined. - * - * @param string $class The name of the class - * - * @return string|false The path if found, false otherwise - */ - public function findFile($class) - { - // class map lookup - if (isset($this->classMap[$class])) { - return $this->classMap[$class]; - } - if ($this->classMapAuthoritative || isset($this->missingClasses[$class])) { - return false; - } - if (null !== $this->apcuPrefix) { - $file = apcu_fetch($this->apcuPrefix.$class, $hit); - if ($hit) { - return $file; - } - } - - $file = $this->findFileWithExtension($class, '.php'); - - // Search for Hack files if we are running on HHVM - if (false === $file && defined('HHVM_VERSION')) { - $file = $this->findFileWithExtension($class, '.hh'); - } - - if (null !== $this->apcuPrefix) { - apcu_add($this->apcuPrefix.$class, $file); - } - - if (false === $file) { - // Remember that this class does not exist. - $this->missingClasses[$class] = true; - } - - return $file; - } - - /** - * Returns the currently registered loaders keyed by their corresponding vendor directories. - * - * @return array - */ - public static function getRegisteredLoaders() - { - return self::$registeredLoaders; - } - - /** - * @param string $class - * @param string $ext - * @return string|false - */ - private function findFileWithExtension($class, $ext) - { - // PSR-4 lookup - $logicalPathPsr4 = strtr($class, '\\', DIRECTORY_SEPARATOR) . $ext; - - $first = $class[0]; - if (isset($this->prefixLengthsPsr4[$first])) { - $subPath = $class; - while (false !== $lastPos = strrpos($subPath, '\\')) { - $subPath = substr($subPath, 0, $lastPos); - $search = $subPath . '\\'; - if (isset($this->prefixDirsPsr4[$search])) { - $pathEnd = DIRECTORY_SEPARATOR . substr($logicalPathPsr4, $lastPos + 1); - foreach ($this->prefixDirsPsr4[$search] as $dir) { - if (file_exists($file = $dir . $pathEnd)) { - return $file; - } - } - } - } - } - - // PSR-4 fallback dirs - foreach ($this->fallbackDirsPsr4 as $dir) { - if (file_exists($file = $dir . DIRECTORY_SEPARATOR . $logicalPathPsr4)) { - return $file; - } - } - - // PSR-0 lookup - if (false !== $pos = strrpos($class, '\\')) { - // namespaced class name - $logicalPathPsr0 = substr($logicalPathPsr4, 0, $pos + 1) - . strtr(substr($logicalPathPsr4, $pos + 1), '_', DIRECTORY_SEPARATOR); - } else { - // PEAR-like class name - $logicalPathPsr0 = strtr($class, '_', DIRECTORY_SEPARATOR) . $ext; - } - - if (isset($this->prefixesPsr0[$first])) { - foreach ($this->prefixesPsr0[$first] as $prefix => $dirs) { - if (0 === strpos($class, $prefix)) { - foreach ($dirs as $dir) { - if (file_exists($file = $dir . DIRECTORY_SEPARATOR . $logicalPathPsr0)) { - return $file; - } - } - } - } - } - - // PSR-0 fallback dirs - foreach ($this->fallbackDirsPsr0 as $dir) { - if (file_exists($file = $dir . DIRECTORY_SEPARATOR . $logicalPathPsr0)) { - return $file; - } - } - - // PSR-0 include paths. - if ($this->useIncludePath && $file = stream_resolve_include_path($logicalPathPsr0)) { - return $file; - } - - return false; - } - - /** - * @return void - */ - private static function initializeIncludeClosure() - { - if (self::$includeFile !== null) { - return; - } - - /** - * Scope isolated include. - * - * Prevents access to $this/self from included files. - * - * @param string $file - * @return void - */ - self::$includeFile = \Closure::bind(static function($file) { - include $file; - }, null, null); - } -} diff --git a/utilities/signing_and_verification/php/vendor/composer/InstalledVersions.php b/utilities/signing_and_verification/php/vendor/composer/InstalledVersions.php deleted file mode 100644 index 51e734a..0000000 --- a/utilities/signing_and_verification/php/vendor/composer/InstalledVersions.php +++ /dev/null @@ -1,359 +0,0 @@ - - * Jordi Boggiano - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Composer; - -use Composer\Autoload\ClassLoader; -use Composer\Semver\VersionParser; - -/** - * This class is copied in every Composer installed project and available to all - * - * See also https://getcomposer.org/doc/07-runtime.md#installed-versions - * - * To require its presence, you can require `composer-runtime-api ^2.0` - * - * @final - */ -class InstalledVersions -{ - /** - * @var mixed[]|null - * @psalm-var array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array}|array{}|null - */ - private static $installed; - - /** - * @var bool|null - */ - private static $canGetVendors; - - /** - * @var array[] - * @psalm-var array}> - */ - private static $installedByVendor = array(); - - /** - * Returns a list of all package names which are present, either by being installed, replaced or provided - * - * @return string[] - * @psalm-return list - */ - public static function getInstalledPackages() - { - $packages = array(); - foreach (self::getInstalled() as $installed) { - $packages[] = array_keys($installed['versions']); - } - - if (1 === \count($packages)) { - return $packages[0]; - } - - return array_keys(array_flip(\call_user_func_array('array_merge', $packages))); - } - - /** - * Returns a list of all package names with a specific type e.g. 'library' - * - * @param string $type - * @return string[] - * @psalm-return list - */ - public static function getInstalledPackagesByType($type) - { - $packagesByType = array(); - - foreach (self::getInstalled() as $installed) { - foreach ($installed['versions'] as $name => $package) { - if (isset($package['type']) && $package['type'] === $type) { - $packagesByType[] = $name; - } - } - } - - return $packagesByType; - } - - /** - * Checks whether the given package is installed - * - * This also returns true if the package name is provided or replaced by another package - * - * @param string $packageName - * @param bool $includeDevRequirements - * @return bool - */ - public static function isInstalled($packageName, $includeDevRequirements = true) - { - foreach (self::getInstalled() as $installed) { - if (isset($installed['versions'][$packageName])) { - return $includeDevRequirements || !isset($installed['versions'][$packageName]['dev_requirement']) || $installed['versions'][$packageName]['dev_requirement'] === false; - } - } - - return false; - } - - /** - * Checks whether the given package satisfies a version constraint - * - * e.g. If you want to know whether version 2.3+ of package foo/bar is installed, you would call: - * - * Composer\InstalledVersions::satisfies(new VersionParser, 'foo/bar', '^2.3') - * - * @param VersionParser $parser Install composer/semver to have access to this class and functionality - * @param string $packageName - * @param string|null $constraint A version constraint to check for, if you pass one you have to make sure composer/semver is required by your package - * @return bool - */ - public static function satisfies(VersionParser $parser, $packageName, $constraint) - { - $constraint = $parser->parseConstraints((string) $constraint); - $provided = $parser->parseConstraints(self::getVersionRanges($packageName)); - - return $provided->matches($constraint); - } - - /** - * Returns a version constraint representing all the range(s) which are installed for a given package - * - * It is easier to use this via isInstalled() with the $constraint argument if you need to check - * whether a given version of a package is installed, and not just whether it exists - * - * @param string $packageName - * @return string Version constraint usable with composer/semver - */ - public static function getVersionRanges($packageName) - { - foreach (self::getInstalled() as $installed) { - if (!isset($installed['versions'][$packageName])) { - continue; - } - - $ranges = array(); - if (isset($installed['versions'][$packageName]['pretty_version'])) { - $ranges[] = $installed['versions'][$packageName]['pretty_version']; - } - if (array_key_exists('aliases', $installed['versions'][$packageName])) { - $ranges = array_merge($ranges, $installed['versions'][$packageName]['aliases']); - } - if (array_key_exists('replaced', $installed['versions'][$packageName])) { - $ranges = array_merge($ranges, $installed['versions'][$packageName]['replaced']); - } - if (array_key_exists('provided', $installed['versions'][$packageName])) { - $ranges = array_merge($ranges, $installed['versions'][$packageName]['provided']); - } - - return implode(' || ', $ranges); - } - - throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed'); - } - - /** - * @param string $packageName - * @return string|null If the package is being replaced or provided but is not really installed, null will be returned as version, use satisfies or getVersionRanges if you need to know if a given version is present - */ - public static function getVersion($packageName) - { - foreach (self::getInstalled() as $installed) { - if (!isset($installed['versions'][$packageName])) { - continue; - } - - if (!isset($installed['versions'][$packageName]['version'])) { - return null; - } - - return $installed['versions'][$packageName]['version']; - } - - throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed'); - } - - /** - * @param string $packageName - * @return string|null If the package is being replaced or provided but is not really installed, null will be returned as version, use satisfies or getVersionRanges if you need to know if a given version is present - */ - public static function getPrettyVersion($packageName) - { - foreach (self::getInstalled() as $installed) { - if (!isset($installed['versions'][$packageName])) { - continue; - } - - if (!isset($installed['versions'][$packageName]['pretty_version'])) { - return null; - } - - return $installed['versions'][$packageName]['pretty_version']; - } - - throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed'); - } - - /** - * @param string $packageName - * @return string|null If the package is being replaced or provided but is not really installed, null will be returned as reference - */ - public static function getReference($packageName) - { - foreach (self::getInstalled() as $installed) { - if (!isset($installed['versions'][$packageName])) { - continue; - } - - if (!isset($installed['versions'][$packageName]['reference'])) { - return null; - } - - return $installed['versions'][$packageName]['reference']; - } - - throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed'); - } - - /** - * @param string $packageName - * @return string|null If the package is being replaced or provided but is not really installed, null will be returned as install path. Packages of type metapackages also have a null install path. - */ - public static function getInstallPath($packageName) - { - foreach (self::getInstalled() as $installed) { - if (!isset($installed['versions'][$packageName])) { - continue; - } - - return isset($installed['versions'][$packageName]['install_path']) ? $installed['versions'][$packageName]['install_path'] : null; - } - - throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed'); - } - - /** - * @return array - * @psalm-return array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool} - */ - public static function getRootPackage() - { - $installed = self::getInstalled(); - - return $installed[0]['root']; - } - - /** - * Returns the raw installed.php data for custom implementations - * - * @deprecated Use getAllRawData() instead which returns all datasets for all autoloaders present in the process. getRawData only returns the first dataset loaded, which may not be what you expect. - * @return array[] - * @psalm-return array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array} - */ - public static function getRawData() - { - @trigger_error('getRawData only returns the first dataset loaded, which may not be what you expect. Use getAllRawData() instead which returns all datasets for all autoloaders present in the process.', E_USER_DEPRECATED); - - if (null === self::$installed) { - // only require the installed.php file if this file is loaded from its dumped location, - // and not from its source location in the composer/composer package, see https://github.com/composer/composer/issues/9937 - if (substr(__DIR__, -8, 1) !== 'C') { - self::$installed = include __DIR__ . '/installed.php'; - } else { - self::$installed = array(); - } - } - - return self::$installed; - } - - /** - * Returns the raw data of all installed.php which are currently loaded for custom implementations - * - * @return array[] - * @psalm-return list}> - */ - public static function getAllRawData() - { - return self::getInstalled(); - } - - /** - * Lets you reload the static array from another file - * - * This is only useful for complex integrations in which a project needs to use - * this class but then also needs to execute another project's autoloader in process, - * and wants to ensure both projects have access to their version of installed.php. - * - * A typical case would be PHPUnit, where it would need to make sure it reads all - * the data it needs from this class, then call reload() with - * `require $CWD/vendor/composer/installed.php` (or similar) as input to make sure - * the project in which it runs can then also use this class safely, without - * interference between PHPUnit's dependencies and the project's dependencies. - * - * @param array[] $data A vendor/composer/installed.php data set - * @return void - * - * @psalm-param array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array} $data - */ - public static function reload($data) - { - self::$installed = $data; - self::$installedByVendor = array(); - } - - /** - * @return array[] - * @psalm-return list}> - */ - private static function getInstalled() - { - if (null === self::$canGetVendors) { - self::$canGetVendors = method_exists('Composer\Autoload\ClassLoader', 'getRegisteredLoaders'); - } - - $installed = array(); - - if (self::$canGetVendors) { - foreach (ClassLoader::getRegisteredLoaders() as $vendorDir => $loader) { - if (isset(self::$installedByVendor[$vendorDir])) { - $installed[] = self::$installedByVendor[$vendorDir]; - } elseif (is_file($vendorDir.'/composer/installed.php')) { - /** @var array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array} $required */ - $required = require $vendorDir.'/composer/installed.php'; - $installed[] = self::$installedByVendor[$vendorDir] = $required; - if (null === self::$installed && strtr($vendorDir.'/composer', '\\', '/') === strtr(__DIR__, '\\', '/')) { - self::$installed = $installed[count($installed) - 1]; - } - } - } - } - - if (null === self::$installed) { - // only require the installed.php file if this file is loaded from its dumped location, - // and not from its source location in the composer/composer package, see https://github.com/composer/composer/issues/9937 - if (substr(__DIR__, -8, 1) !== 'C') { - /** @var array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array} $required */ - $required = require __DIR__ . '/installed.php'; - self::$installed = $required; - } else { - self::$installed = array(); - } - } - - if (self::$installed !== array()) { - $installed[] = self::$installed; - } - - return $installed; - } -} diff --git a/utilities/signing_and_verification/php/vendor/composer/LICENSE b/utilities/signing_and_verification/php/vendor/composer/LICENSE deleted file mode 100644 index f27399a..0000000 --- a/utilities/signing_and_verification/php/vendor/composer/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ - -Copyright (c) Nils Adermann, Jordi Boggiano - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is furnished -to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. - diff --git a/utilities/signing_and_verification/php/vendor/composer/autoload_classmap.php b/utilities/signing_and_verification/php/vendor/composer/autoload_classmap.php deleted file mode 100644 index 5490b88..0000000 --- a/utilities/signing_and_verification/php/vendor/composer/autoload_classmap.php +++ /dev/null @@ -1,15 +0,0 @@ - $vendorDir . '/symfony/polyfill-php80/Resources/stubs/Attribute.php', - 'Composer\\InstalledVersions' => $vendorDir . '/composer/InstalledVersions.php', - 'PhpToken' => $vendorDir . '/symfony/polyfill-php80/Resources/stubs/PhpToken.php', - 'Stringable' => $vendorDir . '/symfony/polyfill-php80/Resources/stubs/Stringable.php', - 'UnhandledMatchError' => $vendorDir . '/symfony/polyfill-php80/Resources/stubs/UnhandledMatchError.php', - 'ValueError' => $vendorDir . '/symfony/polyfill-php80/Resources/stubs/ValueError.php', -); diff --git a/utilities/signing_and_verification/php/vendor/composer/autoload_files.php b/utilities/signing_and_verification/php/vendor/composer/autoload_files.php deleted file mode 100644 index 0ad6121..0000000 --- a/utilities/signing_and_verification/php/vendor/composer/autoload_files.php +++ /dev/null @@ -1,13 +0,0 @@ - $vendorDir . '/symfony/polyfill-ctype/bootstrap.php', - '0e6d7bf4a5811bfa5cf40c5ccd6fae6a' => $vendorDir . '/symfony/polyfill-mbstring/bootstrap.php', - 'a4a119a56e50fbb293281d9a48007e0e' => $vendorDir . '/symfony/polyfill-php80/bootstrap.php', - 'decc78cc4436b1292c6c0d151b19445c' => $vendorDir . '/phpseclib/phpseclib/phpseclib/bootstrap.php', -); diff --git a/utilities/signing_and_verification/php/vendor/composer/autoload_namespaces.php b/utilities/signing_and_verification/php/vendor/composer/autoload_namespaces.php deleted file mode 100644 index 15a2ff3..0000000 --- a/utilities/signing_and_verification/php/vendor/composer/autoload_namespaces.php +++ /dev/null @@ -1,9 +0,0 @@ - array($vendorDir . '/phpseclib/phpseclib/phpseclib'), - 'Symfony\\Polyfill\\Php80\\' => array($vendorDir . '/symfony/polyfill-php80'), - 'Symfony\\Polyfill\\Mbstring\\' => array($vendorDir . '/symfony/polyfill-mbstring'), - 'Symfony\\Polyfill\\Ctype\\' => array($vendorDir . '/symfony/polyfill-ctype'), - 'Sop\\X501\\' => array($vendorDir . '/sop/x501/lib/X501'), - 'Sop\\CryptoTypes\\' => array($vendorDir . '/sop/crypto-types/lib/CryptoTypes'), - 'Sop\\CryptoEncoding\\' => array($vendorDir . '/sop/crypto-encoding/lib/CryptoEncoding'), - 'Sop\\ASN1\\' => array($vendorDir . '/sop/asn1/lib/ASN1'), - 'PhpOption\\' => array($vendorDir . '/phpoption/phpoption/src/PhpOption'), - 'ParagonIE\\ConstantTime\\' => array($vendorDir . '/paragonie/constant_time_encoding/src'), - 'GrahamCampbell\\ResultType\\' => array($vendorDir . '/graham-campbell/result-type/src'), - 'Dotenv\\' => array($vendorDir . '/vlucas/phpdotenv/src'), - 'Charnpreet\\Signver\\' => array($baseDir . '/src'), -); diff --git a/utilities/signing_and_verification/php/vendor/composer/autoload_real.php b/utilities/signing_and_verification/php/vendor/composer/autoload_real.php deleted file mode 100644 index a97b0eb..0000000 --- a/utilities/signing_and_verification/php/vendor/composer/autoload_real.php +++ /dev/null @@ -1,50 +0,0 @@ -register(true); - - $filesToLoad = \Composer\Autoload\ComposerStaticInitf7682c1514c4862053b25ac22e268c1b::$files; - $requireFile = \Closure::bind(static function ($fileIdentifier, $file) { - if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) { - $GLOBALS['__composer_autoload_files'][$fileIdentifier] = true; - - require $file; - } - }, null, null); - foreach ($filesToLoad as $fileIdentifier => $file) { - $requireFile($fileIdentifier, $file); - } - - return $loader; - } -} diff --git a/utilities/signing_and_verification/php/vendor/composer/autoload_static.php b/utilities/signing_and_verification/php/vendor/composer/autoload_static.php deleted file mode 100644 index d811dba..0000000 --- a/utilities/signing_and_verification/php/vendor/composer/autoload_static.php +++ /dev/null @@ -1,123 +0,0 @@ - __DIR__ . '/..' . '/symfony/polyfill-ctype/bootstrap.php', - '0e6d7bf4a5811bfa5cf40c5ccd6fae6a' => __DIR__ . '/..' . '/symfony/polyfill-mbstring/bootstrap.php', - 'a4a119a56e50fbb293281d9a48007e0e' => __DIR__ . '/..' . '/symfony/polyfill-php80/bootstrap.php', - 'decc78cc4436b1292c6c0d151b19445c' => __DIR__ . '/..' . '/phpseclib/phpseclib/phpseclib/bootstrap.php', - ); - - public static $prefixLengthsPsr4 = array ( - 'p' => - array ( - 'phpseclib3\\' => 11, - ), - 'S' => - array ( - 'Symfony\\Polyfill\\Php80\\' => 23, - 'Symfony\\Polyfill\\Mbstring\\' => 26, - 'Symfony\\Polyfill\\Ctype\\' => 23, - 'Sop\\X501\\' => 9, - 'Sop\\CryptoTypes\\' => 16, - 'Sop\\CryptoEncoding\\' => 19, - 'Sop\\ASN1\\' => 9, - ), - 'P' => - array ( - 'PhpOption\\' => 10, - 'ParagonIE\\ConstantTime\\' => 23, - ), - 'G' => - array ( - 'GrahamCampbell\\ResultType\\' => 26, - ), - 'D' => - array ( - 'Dotenv\\' => 7, - ), - 'C' => - array ( - 'Charnpreet\\Signver\\' => 19, - ), - ); - - public static $prefixDirsPsr4 = array ( - 'phpseclib3\\' => - array ( - 0 => __DIR__ . '/..' . '/phpseclib/phpseclib/phpseclib', - ), - 'Symfony\\Polyfill\\Php80\\' => - array ( - 0 => __DIR__ . '/..' . '/symfony/polyfill-php80', - ), - 'Symfony\\Polyfill\\Mbstring\\' => - array ( - 0 => __DIR__ . '/..' . '/symfony/polyfill-mbstring', - ), - 'Symfony\\Polyfill\\Ctype\\' => - array ( - 0 => __DIR__ . '/..' . '/symfony/polyfill-ctype', - ), - 'Sop\\X501\\' => - array ( - 0 => __DIR__ . '/..' . '/sop/x501/lib/X501', - ), - 'Sop\\CryptoTypes\\' => - array ( - 0 => __DIR__ . '/..' . '/sop/crypto-types/lib/CryptoTypes', - ), - 'Sop\\CryptoEncoding\\' => - array ( - 0 => __DIR__ . '/..' . '/sop/crypto-encoding/lib/CryptoEncoding', - ), - 'Sop\\ASN1\\' => - array ( - 0 => __DIR__ . '/..' . '/sop/asn1/lib/ASN1', - ), - 'PhpOption\\' => - array ( - 0 => __DIR__ . '/..' . '/phpoption/phpoption/src/PhpOption', - ), - 'ParagonIE\\ConstantTime\\' => - array ( - 0 => __DIR__ . '/..' . '/paragonie/constant_time_encoding/src', - ), - 'GrahamCampbell\\ResultType\\' => - array ( - 0 => __DIR__ . '/..' . '/graham-campbell/result-type/src', - ), - 'Dotenv\\' => - array ( - 0 => __DIR__ . '/..' . '/vlucas/phpdotenv/src', - ), - 'Charnpreet\\Signver\\' => - array ( - 0 => __DIR__ . '/../..' . '/src', - ), - ); - - public static $classMap = array ( - 'Attribute' => __DIR__ . '/..' . '/symfony/polyfill-php80/Resources/stubs/Attribute.php', - 'Composer\\InstalledVersions' => __DIR__ . '/..' . '/composer/InstalledVersions.php', - 'PhpToken' => __DIR__ . '/..' . '/symfony/polyfill-php80/Resources/stubs/PhpToken.php', - 'Stringable' => __DIR__ . '/..' . '/symfony/polyfill-php80/Resources/stubs/Stringable.php', - 'UnhandledMatchError' => __DIR__ . '/..' . '/symfony/polyfill-php80/Resources/stubs/UnhandledMatchError.php', - 'ValueError' => __DIR__ . '/..' . '/symfony/polyfill-php80/Resources/stubs/ValueError.php', - ); - - public static function getInitializer(ClassLoader $loader) - { - return \Closure::bind(function () use ($loader) { - $loader->prefixLengthsPsr4 = ComposerStaticInitf7682c1514c4862053b25ac22e268c1b::$prefixLengthsPsr4; - $loader->prefixDirsPsr4 = ComposerStaticInitf7682c1514c4862053b25ac22e268c1b::$prefixDirsPsr4; - $loader->classMap = ComposerStaticInitf7682c1514c4862053b25ac22e268c1b::$classMap; - - }, null, ClassLoader::class); - } -} diff --git a/utilities/signing_and_verification/php/vendor/composer/installed.json b/utilities/signing_and_verification/php/vendor/composer/installed.json deleted file mode 100644 index a462cb6..0000000 --- a/utilities/signing_and_verification/php/vendor/composer/installed.json +++ /dev/null @@ -1,964 +0,0 @@ -{ - "packages": [ - { - "name": "graham-campbell/result-type", - "version": "v1.1.2", - "version_normalized": "1.1.2.0", - "source": { - "type": "git", - "url": "https://github.com/GrahamCampbell/Result-Type.git", - "reference": "fbd48bce38f73f8a4ec8583362e732e4095e5862" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/GrahamCampbell/Result-Type/zipball/fbd48bce38f73f8a4ec8583362e732e4095e5862", - "reference": "fbd48bce38f73f8a4ec8583362e732e4095e5862", - "shasum": "" - }, - "require": { - "php": "^7.2.5 || ^8.0", - "phpoption/phpoption": "^1.9.2" - }, - "require-dev": { - "phpunit/phpunit": "^8.5.34 || ^9.6.13 || ^10.4.2" - }, - "time": "2023-11-12T22:16:48+00:00", - "type": "library", - "installation-source": "dist", - "autoload": { - "psr-4": { - "GrahamCampbell\\ResultType\\": "src/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Graham Campbell", - "email": "hello@gjcampbell.co.uk", - "homepage": "https://github.com/GrahamCampbell" - } - ], - "description": "An Implementation Of The Result Type", - "keywords": [ - "Graham Campbell", - "GrahamCampbell", - "Result Type", - "Result-Type", - "result" - ], - "support": { - "issues": "https://github.com/GrahamCampbell/Result-Type/issues", - "source": "https://github.com/GrahamCampbell/Result-Type/tree/v1.1.2" - }, - "funding": [ - { - "url": "https://github.com/GrahamCampbell", - "type": "github" - }, - { - "url": "https://tidelift.com/funding/github/packagist/graham-campbell/result-type", - "type": "tidelift" - } - ], - "install-path": "../graham-campbell/result-type" - }, - { - "name": "paragonie/constant_time_encoding", - "version": "v2.6.3", - "version_normalized": "2.6.3.0", - "source": { - "type": "git", - "url": "https://github.com/paragonie/constant_time_encoding.git", - "reference": "58c3f47f650c94ec05a151692652a868995d2938" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/paragonie/constant_time_encoding/zipball/58c3f47f650c94ec05a151692652a868995d2938", - "reference": "58c3f47f650c94ec05a151692652a868995d2938", - "shasum": "" - }, - "require": { - "php": "^7|^8" - }, - "require-dev": { - "phpunit/phpunit": "^6|^7|^8|^9", - "vimeo/psalm": "^1|^2|^3|^4" - }, - "time": "2022-06-14T06:56:20+00:00", - "type": "library", - "installation-source": "dist", - "autoload": { - "psr-4": { - "ParagonIE\\ConstantTime\\": "src/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Paragon Initiative Enterprises", - "email": "security@paragonie.com", - "homepage": "https://paragonie.com", - "role": "Maintainer" - }, - { - "name": "Steve 'Sc00bz' Thomas", - "email": "steve@tobtu.com", - "homepage": "https://www.tobtu.com", - "role": "Original Developer" - } - ], - "description": "Constant-time Implementations of RFC 4648 Encoding (Base-64, Base-32, Base-16)", - "keywords": [ - "base16", - "base32", - "base32_decode", - "base32_encode", - "base64", - "base64_decode", - "base64_encode", - "bin2hex", - "encoding", - "hex", - "hex2bin", - "rfc4648" - ], - "support": { - "email": "info@paragonie.com", - "issues": "https://github.com/paragonie/constant_time_encoding/issues", - "source": "https://github.com/paragonie/constant_time_encoding" - }, - "install-path": "../paragonie/constant_time_encoding" - }, - { - "name": "paragonie/random_compat", - "version": "v9.99.100", - "version_normalized": "9.99.100.0", - "source": { - "type": "git", - "url": "https://github.com/paragonie/random_compat.git", - "reference": "996434e5492cb4c3edcb9168db6fbb1359ef965a" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/paragonie/random_compat/zipball/996434e5492cb4c3edcb9168db6fbb1359ef965a", - "reference": "996434e5492cb4c3edcb9168db6fbb1359ef965a", - "shasum": "" - }, - "require": { - "php": ">= 7" - }, - "require-dev": { - "phpunit/phpunit": "4.*|5.*", - "vimeo/psalm": "^1" - }, - "suggest": { - "ext-libsodium": "Provides a modern crypto API that can be used to generate random bytes." - }, - "time": "2020-10-15T08:29:30+00:00", - "type": "library", - "installation-source": "dist", - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Paragon Initiative Enterprises", - "email": "security@paragonie.com", - "homepage": "https://paragonie.com" - } - ], - "description": "PHP 5.x polyfill for random_bytes() and random_int() from PHP 7", - "keywords": [ - "csprng", - "polyfill", - "pseudorandom", - "random" - ], - "support": { - "email": "info@paragonie.com", - "issues": "https://github.com/paragonie/random_compat/issues", - "source": "https://github.com/paragonie/random_compat" - }, - "install-path": "../paragonie/random_compat" - }, - { - "name": "phpoption/phpoption", - "version": "1.9.2", - "version_normalized": "1.9.2.0", - "source": { - "type": "git", - "url": "https://github.com/schmittjoh/php-option.git", - "reference": "80735db690fe4fc5c76dfa7f9b770634285fa820" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/schmittjoh/php-option/zipball/80735db690fe4fc5c76dfa7f9b770634285fa820", - "reference": "80735db690fe4fc5c76dfa7f9b770634285fa820", - "shasum": "" - }, - "require": { - "php": "^7.2.5 || ^8.0" - }, - "require-dev": { - "bamarni/composer-bin-plugin": "^1.8.2", - "phpunit/phpunit": "^8.5.34 || ^9.6.13 || ^10.4.2" - }, - "time": "2023-11-12T21:59:55+00:00", - "type": "library", - "extra": { - "bamarni-bin": { - "bin-links": true, - "forward-command": true - }, - "branch-alias": { - "dev-master": "1.9-dev" - } - }, - "installation-source": "dist", - "autoload": { - "psr-4": { - "PhpOption\\": "src/PhpOption/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "Apache-2.0" - ], - "authors": [ - { - "name": "Johannes M. Schmitt", - "email": "schmittjoh@gmail.com", - "homepage": "https://github.com/schmittjoh" - }, - { - "name": "Graham Campbell", - "email": "hello@gjcampbell.co.uk", - "homepage": "https://github.com/GrahamCampbell" - } - ], - "description": "Option Type for PHP", - "keywords": [ - "language", - "option", - "php", - "type" - ], - "support": { - "issues": "https://github.com/schmittjoh/php-option/issues", - "source": "https://github.com/schmittjoh/php-option/tree/1.9.2" - }, - "funding": [ - { - "url": "https://github.com/GrahamCampbell", - "type": "github" - }, - { - "url": "https://tidelift.com/funding/github/packagist/phpoption/phpoption", - "type": "tidelift" - } - ], - "install-path": "../phpoption/phpoption" - }, - { - "name": "phpseclib/phpseclib", - "version": "3.0.35", - "version_normalized": "3.0.35.0", - "source": { - "type": "git", - "url": "https://github.com/phpseclib/phpseclib.git", - "reference": "4b1827beabce71953ca479485c0ae9c51287f2fe" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/4b1827beabce71953ca479485c0ae9c51287f2fe", - "reference": "4b1827beabce71953ca479485c0ae9c51287f2fe", - "shasum": "" - }, - "require": { - "paragonie/constant_time_encoding": "^1|^2", - "paragonie/random_compat": "^1.4|^2.0|^9.99.99", - "php": ">=5.6.1" - }, - "require-dev": { - "phpunit/phpunit": "*" - }, - "suggest": { - "ext-dom": "Install the DOM extension to load XML formatted public keys.", - "ext-gmp": "Install the GMP (GNU Multiple Precision) extension in order to speed up arbitrary precision integer arithmetic operations.", - "ext-libsodium": "SSH2/SFTP can make use of some algorithms provided by the libsodium-php extension.", - "ext-mcrypt": "Install the Mcrypt extension in order to speed up a few other cryptographic operations.", - "ext-openssl": "Install the OpenSSL extension in order to speed up a wide variety of cryptographic operations." - }, - "time": "2023-12-29T01:59:53+00:00", - "type": "library", - "installation-source": "dist", - "autoload": { - "files": [ - "phpseclib/bootstrap.php" - ], - "psr-4": { - "phpseclib3\\": "phpseclib/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Jim Wigginton", - "email": "terrafrost@php.net", - "role": "Lead Developer" - }, - { - "name": "Patrick Monnerat", - "email": "pm@datasphere.ch", - "role": "Developer" - }, - { - "name": "Andreas Fischer", - "email": "bantu@phpbb.com", - "role": "Developer" - }, - { - "name": "Hans-Jürgen Petrich", - "email": "petrich@tronic-media.com", - "role": "Developer" - }, - { - "name": "Graham Campbell", - "email": "graham@alt-three.com", - "role": "Developer" - } - ], - "description": "PHP Secure Communications Library - Pure-PHP implementations of RSA, AES, SSH2, SFTP, X.509 etc.", - "homepage": "http://phpseclib.sourceforge.net", - "keywords": [ - "BigInteger", - "aes", - "asn.1", - "asn1", - "blowfish", - "crypto", - "cryptography", - "encryption", - "rsa", - "security", - "sftp", - "signature", - "signing", - "ssh", - "twofish", - "x.509", - "x509" - ], - "support": { - "issues": "https://github.com/phpseclib/phpseclib/issues", - "source": "https://github.com/phpseclib/phpseclib/tree/3.0.35" - }, - "funding": [ - { - "url": "https://github.com/terrafrost", - "type": "github" - }, - { - "url": "https://www.patreon.com/phpseclib", - "type": "patreon" - }, - { - "url": "https://tidelift.com/funding/github/packagist/phpseclib/phpseclib", - "type": "tidelift" - } - ], - "install-path": "../phpseclib/phpseclib" - }, - { - "name": "sop/asn1", - "version": "4.1.1", - "version_normalized": "4.1.1.0", - "source": { - "type": "git", - "url": "https://github.com/sop/asn1.git", - "reference": "074efe8f7c353c54edc809ac3d74efda83edd776" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/sop/asn1/zipball/074efe8f7c353c54edc809ac3d74efda83edd776", - "reference": "074efe8f7c353c54edc809ac3d74efda83edd776", - "shasum": "" - }, - "require": { - "ext-gmp": "*", - "ext-mbstring": "*", - "php": ">=7.2" - }, - "require-dev": { - "phpunit/phpunit": "^8.1" - }, - "time": "2022-02-17T07:08:51+00:00", - "type": "library", - "installation-source": "dist", - "autoload": { - "psr-4": { - "Sop\\ASN1\\": "lib/ASN1/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Joni Eskelinen", - "email": "jonieske@gmail.com", - "role": "Developer" - } - ], - "description": "A PHP library for X.690 ASN.1 DER encoding and decoding.", - "homepage": "https://github.com/sop/asn1", - "keywords": [ - "DER", - "asn.1", - "asn1", - "x.690", - "x690" - ], - "support": { - "issues": "https://github.com/sop/asn1/issues", - "source": "https://github.com/sop/asn1/tree/4.1.1" - }, - "install-path": "../sop/asn1" - }, - { - "name": "sop/crypto-encoding", - "version": "0.3.0", - "version_normalized": "0.3.0.0", - "source": { - "type": "git", - "url": "https://github.com/sop/crypto-encoding.git", - "reference": "07537353e1b0e76c382a58a9c6e041b7c7dc9052" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/sop/crypto-encoding/zipball/07537353e1b0e76c382a58a9c6e041b7c7dc9052", - "reference": "07537353e1b0e76c382a58a9c6e041b7c7dc9052", - "shasum": "" - }, - "require": { - "php": ">=7.2" - }, - "require-dev": { - "phpunit/phpunit": "^8.1" - }, - "time": "2019-05-22T11:46:12+00:00", - "type": "library", - "installation-source": "dist", - "autoload": { - "psr-4": { - "Sop\\CryptoEncoding\\": "lib/CryptoEncoding/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Joni Eskelinen", - "email": "jonieske@gmail.com", - "role": "Developer" - } - ], - "description": "A PHP implementation of textual encodings of cryptographic structures.", - "homepage": "https://github.com/sop/crypto-encoding", - "keywords": [ - "Private Key", - "certificate", - "pem", - "public key" - ], - "support": { - "issues": "https://github.com/sop/crypto-encoding/issues", - "source": "https://github.com/sop/crypto-encoding/tree/master" - }, - "install-path": "../sop/crypto-encoding" - }, - { - "name": "sop/crypto-types", - "version": "dev-master", - "version_normalized": "dev-master", - "source": { - "type": "git", - "url": "https://github.com/sop/crypto-types.git", - "reference": "92fd19ebd5d9aecdaef919e08296a2ef79a2e80f" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/sop/crypto-types/zipball/92fd19ebd5d9aecdaef919e08296a2ef79a2e80f", - "reference": "92fd19ebd5d9aecdaef919e08296a2ef79a2e80f", - "shasum": "" - }, - "require": { - "ext-gmp": "*", - "php": ">=7.2", - "sop/asn1": "^4.0.0", - "sop/crypto-encoding": "^0.3.0", - "sop/x501": "0.6.1" - }, - "require-dev": { - "phpunit/phpunit": "^8.1" - }, - "time": "2021-08-11T06:56:21+00:00", - "default-branch": true, - "type": "library", - "installation-source": "dist", - "autoload": { - "psr-4": { - "Sop\\CryptoTypes\\": "lib/CryptoTypes/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Joni Eskelinen", - "email": "jonieske@gmail.com", - "role": "Developer" - } - ], - "description": "A PHP library of various ASN.1 types for cryptographic applications.", - "homepage": "https://github.com/sop/crypto-types", - "keywords": [ - "Private Key", - "algorithm identifier", - "asn1", - "cryptography", - "ec", - "public key", - "rsa", - "signature" - ], - "support": { - "issues": "https://github.com/sop/crypto-types/issues", - "source": "https://github.com/sop/crypto-types/tree/master" - }, - "install-path": "../sop/crypto-types" - }, - { - "name": "sop/x501", - "version": "0.6.1", - "version_normalized": "0.6.1.0", - "source": { - "type": "git", - "url": "https://github.com/sop/x501.git", - "reference": "7978bfac25ff73c4c20bed0794d4d88cca8f6895" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/sop/x501/zipball/7978bfac25ff73c4c20bed0794d4d88cca8f6895", - "reference": "7978bfac25ff73c4c20bed0794d4d88cca8f6895", - "shasum": "" - }, - "require": { - "ext-intl": "*", - "ext-mbstring": "*", - "php": ">=7.2", - "sop/asn1": "^4.0.0" - }, - "require-dev": { - "phpunit/phpunit": "^8.1" - }, - "time": "2019-06-27T10:30:28+00:00", - "type": "library", - "installation-source": "dist", - "autoload": { - "psr-4": { - "Sop\\X501\\": "lib/X501/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Joni Eskelinen", - "email": "jonieske@gmail.com", - "role": "Developer" - } - ], - "description": "A PHP library for X.501 ASN.1 types, X.520 attributes and DN parsing.", - "homepage": "https://github.com/sop/x501", - "keywords": [ - "attribute", - "dn", - "ldap", - "rdn", - "x.501", - "x.520", - "x501", - "x520" - ], - "support": { - "issues": "https://github.com/sop/x501/issues", - "source": "https://github.com/sop/x501/tree/0.6.1" - }, - "install-path": "../sop/x501" - }, - { - "name": "symfony/polyfill-ctype", - "version": "v1.28.0", - "version_normalized": "1.28.0.0", - "source": { - "type": "git", - "url": "https://github.com/symfony/polyfill-ctype.git", - "reference": "ea208ce43cbb04af6867b4fdddb1bdbf84cc28cb" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/ea208ce43cbb04af6867b4fdddb1bdbf84cc28cb", - "reference": "ea208ce43cbb04af6867b4fdddb1bdbf84cc28cb", - "shasum": "" - }, - "require": { - "php": ">=7.1" - }, - "provide": { - "ext-ctype": "*" - }, - "suggest": { - "ext-ctype": "For best performance" - }, - "time": "2023-01-26T09:26:14+00:00", - "type": "library", - "extra": { - "branch-alias": { - "dev-main": "1.28-dev" - }, - "thanks": { - "name": "symfony/polyfill", - "url": "https://github.com/symfony/polyfill" - } - }, - "installation-source": "dist", - "autoload": { - "files": [ - "bootstrap.php" - ], - "psr-4": { - "Symfony\\Polyfill\\Ctype\\": "" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Gert de Pagter", - "email": "BackEndTea@gmail.com" - }, - { - "name": "Symfony Community", - "homepage": "https://symfony.com/contributors" - } - ], - "description": "Symfony polyfill for ctype functions", - "homepage": "https://symfony.com", - "keywords": [ - "compatibility", - "ctype", - "polyfill", - "portable" - ], - "support": { - "source": "https://github.com/symfony/polyfill-ctype/tree/v1.28.0" - }, - "funding": [ - { - "url": "https://symfony.com/sponsor", - "type": "custom" - }, - { - "url": "https://github.com/fabpot", - "type": "github" - }, - { - "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", - "type": "tidelift" - } - ], - "install-path": "../symfony/polyfill-ctype" - }, - { - "name": "symfony/polyfill-mbstring", - "version": "v1.28.0", - "version_normalized": "1.28.0.0", - "source": { - "type": "git", - "url": "https://github.com/symfony/polyfill-mbstring.git", - "reference": "42292d99c55abe617799667f454222c54c60e229" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/42292d99c55abe617799667f454222c54c60e229", - "reference": "42292d99c55abe617799667f454222c54c60e229", - "shasum": "" - }, - "require": { - "php": ">=7.1" - }, - "provide": { - "ext-mbstring": "*" - }, - "suggest": { - "ext-mbstring": "For best performance" - }, - "time": "2023-07-28T09:04:16+00:00", - "type": "library", - "extra": { - "branch-alias": { - "dev-main": "1.28-dev" - }, - "thanks": { - "name": "symfony/polyfill", - "url": "https://github.com/symfony/polyfill" - } - }, - "installation-source": "dist", - "autoload": { - "files": [ - "bootstrap.php" - ], - "psr-4": { - "Symfony\\Polyfill\\Mbstring\\": "" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Nicolas Grekas", - "email": "p@tchwork.com" - }, - { - "name": "Symfony Community", - "homepage": "https://symfony.com/contributors" - } - ], - "description": "Symfony polyfill for the Mbstring extension", - "homepage": "https://symfony.com", - "keywords": [ - "compatibility", - "mbstring", - "polyfill", - "portable", - "shim" - ], - "support": { - "source": "https://github.com/symfony/polyfill-mbstring/tree/v1.28.0" - }, - "funding": [ - { - "url": "https://symfony.com/sponsor", - "type": "custom" - }, - { - "url": "https://github.com/fabpot", - "type": "github" - }, - { - "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", - "type": "tidelift" - } - ], - "install-path": "../symfony/polyfill-mbstring" - }, - { - "name": "symfony/polyfill-php80", - "version": "v1.28.0", - "version_normalized": "1.28.0.0", - "source": { - "type": "git", - "url": "https://github.com/symfony/polyfill-php80.git", - "reference": "6caa57379c4aec19c0a12a38b59b26487dcfe4b5" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/6caa57379c4aec19c0a12a38b59b26487dcfe4b5", - "reference": "6caa57379c4aec19c0a12a38b59b26487dcfe4b5", - "shasum": "" - }, - "require": { - "php": ">=7.1" - }, - "time": "2023-01-26T09:26:14+00:00", - "type": "library", - "extra": { - "branch-alias": { - "dev-main": "1.28-dev" - }, - "thanks": { - "name": "symfony/polyfill", - "url": "https://github.com/symfony/polyfill" - } - }, - "installation-source": "dist", - "autoload": { - "files": [ - "bootstrap.php" - ], - "psr-4": { - "Symfony\\Polyfill\\Php80\\": "" - }, - "classmap": [ - "Resources/stubs" - ] - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Ion Bazan", - "email": "ion.bazan@gmail.com" - }, - { - "name": "Nicolas Grekas", - "email": "p@tchwork.com" - }, - { - "name": "Symfony Community", - "homepage": "https://symfony.com/contributors" - } - ], - "description": "Symfony polyfill backporting some PHP 8.0+ features to lower PHP versions", - "homepage": "https://symfony.com", - "keywords": [ - "compatibility", - "polyfill", - "portable", - "shim" - ], - "support": { - "source": "https://github.com/symfony/polyfill-php80/tree/v1.28.0" - }, - "funding": [ - { - "url": "https://symfony.com/sponsor", - "type": "custom" - }, - { - "url": "https://github.com/fabpot", - "type": "github" - }, - { - "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", - "type": "tidelift" - } - ], - "install-path": "../symfony/polyfill-php80" - }, - { - "name": "vlucas/phpdotenv", - "version": "v5.6.0", - "version_normalized": "5.6.0.0", - "source": { - "type": "git", - "url": "https://github.com/vlucas/phpdotenv.git", - "reference": "2cf9fb6054c2bb1d59d1f3817706ecdb9d2934c4" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/vlucas/phpdotenv/zipball/2cf9fb6054c2bb1d59d1f3817706ecdb9d2934c4", - "reference": "2cf9fb6054c2bb1d59d1f3817706ecdb9d2934c4", - "shasum": "" - }, - "require": { - "ext-pcre": "*", - "graham-campbell/result-type": "^1.1.2", - "php": "^7.2.5 || ^8.0", - "phpoption/phpoption": "^1.9.2", - "symfony/polyfill-ctype": "^1.24", - "symfony/polyfill-mbstring": "^1.24", - "symfony/polyfill-php80": "^1.24" - }, - "require-dev": { - "bamarni/composer-bin-plugin": "^1.8.2", - "ext-filter": "*", - "phpunit/phpunit": "^8.5.34 || ^9.6.13 || ^10.4.2" - }, - "suggest": { - "ext-filter": "Required to use the boolean validator." - }, - "time": "2023-11-12T22:43:29+00:00", - "type": "library", - "extra": { - "bamarni-bin": { - "bin-links": true, - "forward-command": true - }, - "branch-alias": { - "dev-master": "5.6-dev" - } - }, - "installation-source": "dist", - "autoload": { - "psr-4": { - "Dotenv\\": "src/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "BSD-3-Clause" - ], - "authors": [ - { - "name": "Graham Campbell", - "email": "hello@gjcampbell.co.uk", - "homepage": "https://github.com/GrahamCampbell" - }, - { - "name": "Vance Lucas", - "email": "vance@vancelucas.com", - "homepage": "https://github.com/vlucas" - } - ], - "description": "Loads environment variables from `.env` to `getenv()`, `$_ENV` and `$_SERVER` automagically.", - "keywords": [ - "dotenv", - "env", - "environment" - ], - "support": { - "issues": "https://github.com/vlucas/phpdotenv/issues", - "source": "https://github.com/vlucas/phpdotenv/tree/v5.6.0" - }, - "funding": [ - { - "url": "https://github.com/GrahamCampbell", - "type": "github" - }, - { - "url": "https://tidelift.com/funding/github/packagist/vlucas/phpdotenv", - "type": "tidelift" - } - ], - "install-path": "../vlucas/phpdotenv" - } - ], - "dev": true, - "dev-package-names": [] -} diff --git a/utilities/signing_and_verification/php/vendor/composer/installed.php b/utilities/signing_and_verification/php/vendor/composer/installed.php deleted file mode 100644 index 0b0a521..0000000 --- a/utilities/signing_and_verification/php/vendor/composer/installed.php +++ /dev/null @@ -1,142 +0,0 @@ - array( - 'name' => 'charnpreet/signver', - 'pretty_version' => '1.0.0+no-version-set', - 'version' => '1.0.0.0', - 'reference' => NULL, - 'type' => 'project', - 'install_path' => __DIR__ . '/../../', - 'aliases' => array(), - 'dev' => true, - ), - 'versions' => array( - 'charnpreet/signver' => array( - 'pretty_version' => '1.0.0+no-version-set', - 'version' => '1.0.0.0', - 'reference' => NULL, - 'type' => 'project', - 'install_path' => __DIR__ . '/../../', - 'aliases' => array(), - 'dev_requirement' => false, - ), - 'graham-campbell/result-type' => array( - 'pretty_version' => 'v1.1.2', - 'version' => '1.1.2.0', - 'reference' => 'fbd48bce38f73f8a4ec8583362e732e4095e5862', - 'type' => 'library', - 'install_path' => __DIR__ . '/../graham-campbell/result-type', - 'aliases' => array(), - 'dev_requirement' => false, - ), - 'paragonie/constant_time_encoding' => array( - 'pretty_version' => 'v2.6.3', - 'version' => '2.6.3.0', - 'reference' => '58c3f47f650c94ec05a151692652a868995d2938', - 'type' => 'library', - 'install_path' => __DIR__ . '/../paragonie/constant_time_encoding', - 'aliases' => array(), - 'dev_requirement' => false, - ), - 'paragonie/random_compat' => array( - 'pretty_version' => 'v9.99.100', - 'version' => '9.99.100.0', - 'reference' => '996434e5492cb4c3edcb9168db6fbb1359ef965a', - 'type' => 'library', - 'install_path' => __DIR__ . '/../paragonie/random_compat', - 'aliases' => array(), - 'dev_requirement' => false, - ), - 'phpoption/phpoption' => array( - 'pretty_version' => '1.9.2', - 'version' => '1.9.2.0', - 'reference' => '80735db690fe4fc5c76dfa7f9b770634285fa820', - 'type' => 'library', - 'install_path' => __DIR__ . '/../phpoption/phpoption', - 'aliases' => array(), - 'dev_requirement' => false, - ), - 'phpseclib/phpseclib' => array( - 'pretty_version' => '3.0.35', - 'version' => '3.0.35.0', - 'reference' => '4b1827beabce71953ca479485c0ae9c51287f2fe', - 'type' => 'library', - 'install_path' => __DIR__ . '/../phpseclib/phpseclib', - 'aliases' => array(), - 'dev_requirement' => false, - ), - 'sop/asn1' => array( - 'pretty_version' => '4.1.1', - 'version' => '4.1.1.0', - 'reference' => '074efe8f7c353c54edc809ac3d74efda83edd776', - 'type' => 'library', - 'install_path' => __DIR__ . '/../sop/asn1', - 'aliases' => array(), - 'dev_requirement' => false, - ), - 'sop/crypto-encoding' => array( - 'pretty_version' => '0.3.0', - 'version' => '0.3.0.0', - 'reference' => '07537353e1b0e76c382a58a9c6e041b7c7dc9052', - 'type' => 'library', - 'install_path' => __DIR__ . '/../sop/crypto-encoding', - 'aliases' => array(), - 'dev_requirement' => false, - ), - 'sop/crypto-types' => array( - 'pretty_version' => 'dev-master', - 'version' => 'dev-master', - 'reference' => '92fd19ebd5d9aecdaef919e08296a2ef79a2e80f', - 'type' => 'library', - 'install_path' => __DIR__ . '/../sop/crypto-types', - 'aliases' => array( - 0 => '9999999-dev', - ), - 'dev_requirement' => false, - ), - 'sop/x501' => array( - 'pretty_version' => '0.6.1', - 'version' => '0.6.1.0', - 'reference' => '7978bfac25ff73c4c20bed0794d4d88cca8f6895', - 'type' => 'library', - 'install_path' => __DIR__ . '/../sop/x501', - 'aliases' => array(), - 'dev_requirement' => false, - ), - 'symfony/polyfill-ctype' => array( - 'pretty_version' => 'v1.28.0', - 'version' => '1.28.0.0', - 'reference' => 'ea208ce43cbb04af6867b4fdddb1bdbf84cc28cb', - 'type' => 'library', - 'install_path' => __DIR__ . '/../symfony/polyfill-ctype', - 'aliases' => array(), - 'dev_requirement' => false, - ), - 'symfony/polyfill-mbstring' => array( - 'pretty_version' => 'v1.28.0', - 'version' => '1.28.0.0', - 'reference' => '42292d99c55abe617799667f454222c54c60e229', - 'type' => 'library', - 'install_path' => __DIR__ . '/../symfony/polyfill-mbstring', - 'aliases' => array(), - 'dev_requirement' => false, - ), - 'symfony/polyfill-php80' => array( - 'pretty_version' => 'v1.28.0', - 'version' => '1.28.0.0', - 'reference' => '6caa57379c4aec19c0a12a38b59b26487dcfe4b5', - 'type' => 'library', - 'install_path' => __DIR__ . '/../symfony/polyfill-php80', - 'aliases' => array(), - 'dev_requirement' => false, - ), - 'vlucas/phpdotenv' => array( - 'pretty_version' => 'v5.6.0', - 'version' => '5.6.0.0', - 'reference' => '2cf9fb6054c2bb1d59d1f3817706ecdb9d2934c4', - 'type' => 'library', - 'install_path' => __DIR__ . '/../vlucas/phpdotenv', - 'aliases' => array(), - 'dev_requirement' => false, - ), - ), -); diff --git a/utilities/signing_and_verification/php/vendor/composer/platform_check.php b/utilities/signing_and_verification/php/vendor/composer/platform_check.php deleted file mode 100644 index a8b98d5..0000000 --- a/utilities/signing_and_verification/php/vendor/composer/platform_check.php +++ /dev/null @@ -1,26 +0,0 @@ -= 70205)) { - $issues[] = 'Your Composer dependencies require a PHP version ">= 7.2.5". You are running ' . PHP_VERSION . '.'; -} - -if ($issues) { - if (!headers_sent()) { - header('HTTP/1.1 500 Internal Server Error'); - } - if (!ini_get('display_errors')) { - if (PHP_SAPI === 'cli' || PHP_SAPI === 'phpdbg') { - fwrite(STDERR, 'Composer detected issues in your platform:' . PHP_EOL.PHP_EOL . implode(PHP_EOL, $issues) . PHP_EOL.PHP_EOL); - } elseif (!headers_sent()) { - echo 'Composer detected issues in your platform:' . PHP_EOL.PHP_EOL . str_replace('You are running '.PHP_VERSION.'.', '', implode(PHP_EOL, $issues)) . PHP_EOL.PHP_EOL; - } - } - trigger_error( - 'Composer detected issues in your platform: ' . implode(' ', $issues), - E_USER_ERROR - ); -} diff --git a/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/LICENSE b/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/LICENSE deleted file mode 100644 index bbd75d1..0000000 --- a/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2020-2023 Graham Campbell - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. diff --git a/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/composer.json b/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/composer.json deleted file mode 100644 index b1ba15a..0000000 --- a/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/composer.json +++ /dev/null @@ -1,33 +0,0 @@ -{ - "name": "graham-campbell/result-type", - "description": "An Implementation Of The Result Type", - "keywords": ["result", "result-type", "Result", "Result Type", "Result-Type", "Graham Campbell", "GrahamCampbell"], - "license": "MIT", - "authors": [ - { - "name": "Graham Campbell", - "email": "hello@gjcampbell.co.uk", - "homepage": "https://github.com/GrahamCampbell" - } - ], - "require": { - "php": "^7.2.5 || ^8.0", - "phpoption/phpoption": "^1.9.2" - }, - "require-dev": { - "phpunit/phpunit": "^8.5.34 || ^9.6.13 || ^10.4.2" - }, - "autoload": { - "psr-4": { - "GrahamCampbell\\ResultType\\": "src/" - } - }, - "autoload-dev": { - "psr-4": { - "GrahamCampbell\\Tests\\ResultType\\": "tests/" - } - }, - "config": { - "preferred-install": "dist" - } -} diff --git a/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/src/Error.php b/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/src/Error.php deleted file mode 100644 index 2c37c3e..0000000 --- a/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/src/Error.php +++ /dev/null @@ -1,121 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace GrahamCampbell\ResultType; - -use PhpOption\None; -use PhpOption\Some; - -/** - * @template T - * @template E - * - * @extends \GrahamCampbell\ResultType\Result - */ -final class Error extends Result -{ - /** - * @var E - */ - private $value; - - /** - * Internal constructor for an error value. - * - * @param E $value - * - * @return void - */ - private function __construct($value) - { - $this->value = $value; - } - - /** - * Create a new error value. - * - * @template F - * - * @param F $value - * - * @return \GrahamCampbell\ResultType\Result - */ - public static function create($value) - { - return new self($value); - } - - /** - * Get the success option value. - * - * @return \PhpOption\Option - */ - public function success() - { - return None::create(); - } - - /** - * Map over the success value. - * - * @template S - * - * @param callable(T):S $f - * - * @return \GrahamCampbell\ResultType\Result - */ - public function map(callable $f) - { - return self::create($this->value); - } - - /** - * Flat map over the success value. - * - * @template S - * @template F - * - * @param callable(T):\GrahamCampbell\ResultType\Result $f - * - * @return \GrahamCampbell\ResultType\Result - */ - public function flatMap(callable $f) - { - /** @var \GrahamCampbell\ResultType\Result */ - return self::create($this->value); - } - - /** - * Get the error option value. - * - * @return \PhpOption\Option - */ - public function error() - { - return Some::create($this->value); - } - - /** - * Map over the error value. - * - * @template F - * - * @param callable(E):F $f - * - * @return \GrahamCampbell\ResultType\Result - */ - public function mapError(callable $f) - { - return self::create($f($this->value)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/src/Result.php b/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/src/Result.php deleted file mode 100644 index 8c67bcd..0000000 --- a/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/src/Result.php +++ /dev/null @@ -1,69 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace GrahamCampbell\ResultType; - -/** - * @template T - * @template E - */ -abstract class Result -{ - /** - * Get the success option value. - * - * @return \PhpOption\Option - */ - abstract public function success(); - - /** - * Map over the success value. - * - * @template S - * - * @param callable(T):S $f - * - * @return \GrahamCampbell\ResultType\Result - */ - abstract public function map(callable $f); - - /** - * Flat map over the success value. - * - * @template S - * @template F - * - * @param callable(T):\GrahamCampbell\ResultType\Result $f - * - * @return \GrahamCampbell\ResultType\Result - */ - abstract public function flatMap(callable $f); - - /** - * Get the error option value. - * - * @return \PhpOption\Option - */ - abstract public function error(); - - /** - * Map over the error value. - * - * @template F - * - * @param callable(E):F $f - * - * @return \GrahamCampbell\ResultType\Result - */ - abstract public function mapError(callable $f); -} diff --git a/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/src/Success.php b/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/src/Success.php deleted file mode 100644 index 27cd85e..0000000 --- a/utilities/signing_and_verification/php/vendor/graham-campbell/result-type/src/Success.php +++ /dev/null @@ -1,120 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace GrahamCampbell\ResultType; - -use PhpOption\None; -use PhpOption\Some; - -/** - * @template T - * @template E - * - * @extends \GrahamCampbell\ResultType\Result - */ -final class Success extends Result -{ - /** - * @var T - */ - private $value; - - /** - * Internal constructor for a success value. - * - * @param T $value - * - * @return void - */ - private function __construct($value) - { - $this->value = $value; - } - - /** - * Create a new error value. - * - * @template S - * - * @param S $value - * - * @return \GrahamCampbell\ResultType\Result - */ - public static function create($value) - { - return new self($value); - } - - /** - * Get the success option value. - * - * @return \PhpOption\Option - */ - public function success() - { - return Some::create($this->value); - } - - /** - * Map over the success value. - * - * @template S - * - * @param callable(T):S $f - * - * @return \GrahamCampbell\ResultType\Result - */ - public function map(callable $f) - { - return self::create($f($this->value)); - } - - /** - * Flat map over the success value. - * - * @template S - * @template F - * - * @param callable(T):\GrahamCampbell\ResultType\Result $f - * - * @return \GrahamCampbell\ResultType\Result - */ - public function flatMap(callable $f) - { - return $f($this->value); - } - - /** - * Get the error option value. - * - * @return \PhpOption\Option - */ - public function error() - { - return None::create(); - } - - /** - * Map over the error value. - * - * @template F - * - * @param callable(E):F $f - * - * @return \GrahamCampbell\ResultType\Result - */ - public function mapError(callable $f) - { - return self::create($this->value); - } -} diff --git a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/LICENSE.txt b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/LICENSE.txt deleted file mode 100644 index 91acaca..0000000 --- a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/LICENSE.txt +++ /dev/null @@ -1,48 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2016 - 2022 Paragon Initiative Enterprises - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. - ------------------------------------------------------------------------------- -This library was based on the work of Steve "Sc00bz" Thomas. ------------------------------------------------------------------------------- - -The MIT License (MIT) - -Copyright (c) 2014 Steve Thomas - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. - diff --git a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/README.md b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/README.md deleted file mode 100644 index cedddd8..0000000 --- a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/README.md +++ /dev/null @@ -1,84 +0,0 @@ -# Constant-Time Encoding - -[![Build Status](https://github.com/paragonie/constant_time_encoding/actions/workflows/ci.yml/badge.svg)](https://github.com/paragonie/constant_time_encoding/actions) -[![Latest Stable Version](https://poser.pugx.org/paragonie/constant_time_encoding/v/stable)](https://packagist.org/packages/paragonie/constant_time_encoding) -[![Latest Unstable Version](https://poser.pugx.org/paragonie/constant_time_encoding/v/unstable)](https://packagist.org/packages/paragonie/constant_time_encoding) -[![License](https://poser.pugx.org/paragonie/constant_time_encoding/license)](https://packagist.org/packages/paragonie/constant_time_encoding) -[![Downloads](https://img.shields.io/packagist/dt/paragonie/constant_time_encoding.svg)](https://packagist.org/packages/paragonie/constant_time_encoding) - -Based on the [constant-time base64 implementation made by Steve "Sc00bz" Thomas](https://github.com/Sc00bz/ConstTimeEncoding), -this library aims to offer character encoding functions that do not leak -information about what you are encoding/decoding via processor cache -misses. Further reading on [cache-timing attacks](http://blog.ircmaxell.com/2014/11/its-all-about-time.html). - -Our fork offers the following enchancements: - -* `mbstring.func_overload` resistance -* Unit tests -* Composer- and Packagist-ready -* Base16 encoding -* Base32 encoding -* Uses `pack()` and `unpack()` instead of `chr()` and `ord()` - -## PHP Version Requirements - -Version 2 of this library should work on **PHP 7** or newer. For PHP 5 -support, see [the v1.x branch](https://github.com/paragonie/constant_time_encoding/tree/v1.x). - -If you are adding this as a dependency to a project intended to work on both PHP 5 and PHP 7, please set the required version to `^1|^2` instead of just `^1` or `^2`. - -## How to Install - -```sh -composer require paragonie/constant_time_encoding -``` - -## How to Use - -```php -use ParagonIE\ConstantTime\Encoding; - -// possibly (if applicable): -// require 'vendor/autoload.php'; - -$data = random_bytes(32); -echo Encoding::base64Encode($data), "\n"; -echo Encoding::base32EncodeUpper($data), "\n"; -echo Encoding::base32Encode($data), "\n"; -echo Encoding::hexEncode($data), "\n"; -echo Encoding::hexEncodeUpper($data), "\n"; -``` - -Example output: - -``` -1VilPkeVqirlPifk5scbzcTTbMT2clp+Zkyv9VFFasE= -2VMKKPSHSWVCVZJ6E7SONRY3ZXCNG3GE6ZZFU7TGJSX7KUKFNLAQ==== -2vmkkpshswvcvzj6e7sonry3zxcng3ge6zzfu7tgjsx7kukfnlaq==== -d558a53e4795aa2ae53e27e4e6c71bcdc4d36cc4f6725a7e664caff551456ac1 -D558A53E4795AA2AE53E27E4E6C71BDCC4D36CC4F6725A7E664CAFF551456AC1 -``` - -If you only need a particular variant, you can just reference the -required class like so: - -```php -use ParagonIE\ConstantTime\Base64; -use ParagonIE\ConstantTime\Base32; - -$data = random_bytes(32); -echo Base64::encode($data), "\n"; -echo Base32::encode($data), "\n"; -``` - -Example output: - -``` -1VilPkeVqirlPifk5scbzcTTbMT2clp+Zkyv9VFFasE= -2vmkkpshswvcvzj6e7sonry3zxcng3ge6zzfu7tgjsx7kukfnlaq==== -``` - -## Support Contracts - -If your company uses this library in their products or services, you may be -interested in [purchasing a support contract from Paragon Initiative Enterprises](https://paragonie.com/enterprise). diff --git a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/composer.json b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/composer.json deleted file mode 100644 index 2fe9717..0000000 --- a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/composer.json +++ /dev/null @@ -1,56 +0,0 @@ -{ - "name": "paragonie/constant_time_encoding", - "description": "Constant-time Implementations of RFC 4648 Encoding (Base-64, Base-32, Base-16)", - "keywords": [ - "base64", - "encoding", - "rfc4648", - "base32", - "base16", - "hex", - "bin2hex", - "hex2bin", - "base64_encode", - "base64_decode", - "base32_encode", - "base32_decode" - ], - "license": "MIT", - "type": "library", - "authors": [ - { - "name": "Paragon Initiative Enterprises", - "email": "security@paragonie.com", - "homepage": "https://paragonie.com", - "role": "Maintainer" - }, - { - "name": "Steve 'Sc00bz' Thomas", - "email": "steve@tobtu.com", - "homepage": "https://www.tobtu.com", - "role": "Original Developer" - } - ], - "support": { - "issues": "https://github.com/paragonie/constant_time_encoding/issues", - "email": "info@paragonie.com", - "source": "https://github.com/paragonie/constant_time_encoding" - }, - "require": { - "php": "^7|^8" - }, - "require-dev": { - "phpunit/phpunit": "^6|^7|^8|^9", - "vimeo/psalm": "^1|^2|^3|^4" - }, - "autoload": { - "psr-4": { - "ParagonIE\\ConstantTime\\": "src/" - } - }, - "autoload-dev": { - "psr-4": { - "ParagonIE\\ConstantTime\\Tests\\": "tests/" - } - } -} diff --git a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base32.php b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base32.php deleted file mode 100644 index 7508b3d..0000000 --- a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base32.php +++ /dev/null @@ -1,519 +0,0 @@ - 96 && $src < 123) $ret += $src - 97 + 1; // -64 - $ret += (((0x60 - $src) & ($src - 0x7b)) >> 8) & ($src - 96); - - // if ($src > 0x31 && $src < 0x38) $ret += $src - 24 + 1; // -23 - $ret += (((0x31 - $src) & ($src - 0x38)) >> 8) & ($src - 23); - - return $ret; - } - - /** - * Uses bitwise operators instead of table-lookups to turn 5-bit integers - * into 8-bit integers. - * - * Uppercase variant. - * - * @param int $src - * @return int - */ - protected static function decode5BitsUpper(int $src): int - { - $ret = -1; - - // if ($src > 64 && $src < 91) $ret += $src - 65 + 1; // -64 - $ret += (((0x40 - $src) & ($src - 0x5b)) >> 8) & ($src - 64); - - // if ($src > 0x31 && $src < 0x38) $ret += $src - 24 + 1; // -23 - $ret += (((0x31 - $src) & ($src - 0x38)) >> 8) & ($src - 23); - - return $ret; - } - - /** - * Uses bitwise operators instead of table-lookups to turn 8-bit integers - * into 5-bit integers. - * - * @param int $src - * @return string - */ - protected static function encode5Bits(int $src): string - { - $diff = 0x61; - - // if ($src > 25) $ret -= 72; - $diff -= ((25 - $src) >> 8) & 73; - - return \pack('C', $src + $diff); - } - - /** - * Uses bitwise operators instead of table-lookups to turn 8-bit integers - * into 5-bit integers. - * - * Uppercase variant. - * - * @param int $src - * @return string - */ - protected static function encode5BitsUpper(int $src): string - { - $diff = 0x41; - - // if ($src > 25) $ret -= 40; - $diff -= ((25 - $src) >> 8) & 41; - - return \pack('C', $src + $diff); - } - - /** - * @param string $encodedString - * @param bool $upper - * @return string - */ - public static function decodeNoPadding(string $encodedString, bool $upper = false): string - { - $srcLen = Binary::safeStrlen($encodedString); - if ($srcLen === 0) { - return ''; - } - if (($srcLen & 7) === 0) { - for ($j = 0; $j < 7 && $j < $srcLen; ++$j) { - if ($encodedString[$srcLen - $j - 1] === '=') { - throw new InvalidArgumentException( - "decodeNoPadding() doesn't tolerate padding" - ); - } - } - } - return static::doDecode( - $encodedString, - $upper, - true - ); - } - - /** - * Base32 decoding - * - * @param string $src - * @param bool $upper - * @param bool $strictPadding - * @return string - * - * @throws TypeError - * @psalm-suppress RedundantCondition - */ - protected static function doDecode( - string $src, - bool $upper = false, - bool $strictPadding = false - ): string { - // We do this to reduce code duplication: - $method = $upper - ? 'decode5BitsUpper' - : 'decode5Bits'; - - // Remove padding - $srcLen = Binary::safeStrlen($src); - if ($srcLen === 0) { - return ''; - } - if ($strictPadding) { - if (($srcLen & 7) === 0) { - for ($j = 0; $j < 7; ++$j) { - if ($src[$srcLen - 1] === '=') { - $srcLen--; - } else { - break; - } - } - } - if (($srcLen & 7) === 1) { - throw new RangeException( - 'Incorrect padding' - ); - } - } else { - $src = \rtrim($src, '='); - $srcLen = Binary::safeStrlen($src); - } - - $err = 0; - $dest = ''; - // Main loop (no padding): - for ($i = 0; $i + 8 <= $srcLen; $i += 8) { - /** @var array $chunk */ - $chunk = \unpack('C*', Binary::safeSubstr($src, $i, 8)); - /** @var int $c0 */ - $c0 = static::$method($chunk[1]); - /** @var int $c1 */ - $c1 = static::$method($chunk[2]); - /** @var int $c2 */ - $c2 = static::$method($chunk[3]); - /** @var int $c3 */ - $c3 = static::$method($chunk[4]); - /** @var int $c4 */ - $c4 = static::$method($chunk[5]); - /** @var int $c5 */ - $c5 = static::$method($chunk[6]); - /** @var int $c6 */ - $c6 = static::$method($chunk[7]); - /** @var int $c7 */ - $c7 = static::$method($chunk[8]); - - $dest .= \pack( - 'CCCCC', - (($c0 << 3) | ($c1 >> 2) ) & 0xff, - (($c1 << 6) | ($c2 << 1) | ($c3 >> 4)) & 0xff, - (($c3 << 4) | ($c4 >> 1) ) & 0xff, - (($c4 << 7) | ($c5 << 2) | ($c6 >> 3)) & 0xff, - (($c6 << 5) | ($c7 ) ) & 0xff - ); - $err |= ($c0 | $c1 | $c2 | $c3 | $c4 | $c5 | $c6 | $c7) >> 8; - } - // The last chunk, which may have padding: - if ($i < $srcLen) { - /** @var array $chunk */ - $chunk = \unpack('C*', Binary::safeSubstr($src, $i, $srcLen - $i)); - /** @var int $c0 */ - $c0 = static::$method($chunk[1]); - - if ($i + 6 < $srcLen) { - /** @var int $c1 */ - $c1 = static::$method($chunk[2]); - /** @var int $c2 */ - $c2 = static::$method($chunk[3]); - /** @var int $c3 */ - $c3 = static::$method($chunk[4]); - /** @var int $c4 */ - $c4 = static::$method($chunk[5]); - /** @var int $c5 */ - $c5 = static::$method($chunk[6]); - /** @var int $c6 */ - $c6 = static::$method($chunk[7]); - - $dest .= \pack( - 'CCCC', - (($c0 << 3) | ($c1 >> 2) ) & 0xff, - (($c1 << 6) | ($c2 << 1) | ($c3 >> 4)) & 0xff, - (($c3 << 4) | ($c4 >> 1) ) & 0xff, - (($c4 << 7) | ($c5 << 2) | ($c6 >> 3)) & 0xff - ); - $err |= ($c0 | $c1 | $c2 | $c3 | $c4 | $c5 | $c6) >> 8; - if ($strictPadding) { - $err |= ($c6 << 5) & 0xff; - } - } elseif ($i + 5 < $srcLen) { - /** @var int $c1 */ - $c1 = static::$method($chunk[2]); - /** @var int $c2 */ - $c2 = static::$method($chunk[3]); - /** @var int $c3 */ - $c3 = static::$method($chunk[4]); - /** @var int $c4 */ - $c4 = static::$method($chunk[5]); - /** @var int $c5 */ - $c5 = static::$method($chunk[6]); - - $dest .= \pack( - 'CCCC', - (($c0 << 3) | ($c1 >> 2) ) & 0xff, - (($c1 << 6) | ($c2 << 1) | ($c3 >> 4)) & 0xff, - (($c3 << 4) | ($c4 >> 1) ) & 0xff, - (($c4 << 7) | ($c5 << 2) ) & 0xff - ); - $err |= ($c0 | $c1 | $c2 | $c3 | $c4 | $c5) >> 8; - } elseif ($i + 4 < $srcLen) { - /** @var int $c1 */ - $c1 = static::$method($chunk[2]); - /** @var int $c2 */ - $c2 = static::$method($chunk[3]); - /** @var int $c3 */ - $c3 = static::$method($chunk[4]); - /** @var int $c4 */ - $c4 = static::$method($chunk[5]); - - $dest .= \pack( - 'CCC', - (($c0 << 3) | ($c1 >> 2) ) & 0xff, - (($c1 << 6) | ($c2 << 1) | ($c3 >> 4)) & 0xff, - (($c3 << 4) | ($c4 >> 1) ) & 0xff - ); - $err |= ($c0 | $c1 | $c2 | $c3 | $c4) >> 8; - if ($strictPadding) { - $err |= ($c4 << 7) & 0xff; - } - } elseif ($i + 3 < $srcLen) { - /** @var int $c1 */ - $c1 = static::$method($chunk[2]); - /** @var int $c2 */ - $c2 = static::$method($chunk[3]); - /** @var int $c3 */ - $c3 = static::$method($chunk[4]); - - $dest .= \pack( - 'CC', - (($c0 << 3) | ($c1 >> 2) ) & 0xff, - (($c1 << 6) | ($c2 << 1) | ($c3 >> 4)) & 0xff - ); - $err |= ($c0 | $c1 | $c2 | $c3) >> 8; - if ($strictPadding) { - $err |= ($c3 << 4) & 0xff; - } - } elseif ($i + 2 < $srcLen) { - /** @var int $c1 */ - $c1 = static::$method($chunk[2]); - /** @var int $c2 */ - $c2 = static::$method($chunk[3]); - - $dest .= \pack( - 'CC', - (($c0 << 3) | ($c1 >> 2) ) & 0xff, - (($c1 << 6) | ($c2 << 1) ) & 0xff - ); - $err |= ($c0 | $c1 | $c2) >> 8; - if ($strictPadding) { - $err |= ($c2 << 6) & 0xff; - } - } elseif ($i + 1 < $srcLen) { - /** @var int $c1 */ - $c1 = static::$method($chunk[2]); - - $dest .= \pack( - 'C', - (($c0 << 3) | ($c1 >> 2) ) & 0xff - ); - $err |= ($c0 | $c1) >> 8; - if ($strictPadding) { - $err |= ($c1 << 6) & 0xff; - } - } else { - $dest .= \pack( - 'C', - (($c0 << 3) ) & 0xff - ); - $err |= ($c0) >> 8; - } - } - $check = ($err === 0); - if (!$check) { - throw new RangeException( - 'Base32::doDecode() only expects characters in the correct base32 alphabet' - ); - } - return $dest; - } - - /** - * Base32 Encoding - * - * @param string $src - * @param bool $upper - * @param bool $pad - * @return string - * @throws TypeError - */ - protected static function doEncode(string $src, bool $upper = false, $pad = true): string - { - // We do this to reduce code duplication: - $method = $upper - ? 'encode5BitsUpper' - : 'encode5Bits'; - - $dest = ''; - $srcLen = Binary::safeStrlen($src); - - // Main loop (no padding): - for ($i = 0; $i + 5 <= $srcLen; $i += 5) { - /** @var array $chunk */ - $chunk = \unpack('C*', Binary::safeSubstr($src, $i, 5)); - $b0 = $chunk[1]; - $b1 = $chunk[2]; - $b2 = $chunk[3]; - $b3 = $chunk[4]; - $b4 = $chunk[5]; - $dest .= - static::$method( ($b0 >> 3) & 31) . - static::$method((($b0 << 2) | ($b1 >> 6)) & 31) . - static::$method((($b1 >> 1) ) & 31) . - static::$method((($b1 << 4) | ($b2 >> 4)) & 31) . - static::$method((($b2 << 1) | ($b3 >> 7)) & 31) . - static::$method((($b3 >> 2) ) & 31) . - static::$method((($b3 << 3) | ($b4 >> 5)) & 31) . - static::$method( $b4 & 31); - } - // The last chunk, which may have padding: - if ($i < $srcLen) { - /** @var array $chunk */ - $chunk = \unpack('C*', Binary::safeSubstr($src, $i, $srcLen - $i)); - $b0 = $chunk[1]; - if ($i + 3 < $srcLen) { - $b1 = $chunk[2]; - $b2 = $chunk[3]; - $b3 = $chunk[4]; - $dest .= - static::$method( ($b0 >> 3) & 31) . - static::$method((($b0 << 2) | ($b1 >> 6)) & 31) . - static::$method((($b1 >> 1) ) & 31) . - static::$method((($b1 << 4) | ($b2 >> 4)) & 31) . - static::$method((($b2 << 1) | ($b3 >> 7)) & 31) . - static::$method((($b3 >> 2) ) & 31) . - static::$method((($b3 << 3) ) & 31); - if ($pad) { - $dest .= '='; - } - } elseif ($i + 2 < $srcLen) { - $b1 = $chunk[2]; - $b2 = $chunk[3]; - $dest .= - static::$method( ($b0 >> 3) & 31) . - static::$method((($b0 << 2) | ($b1 >> 6)) & 31) . - static::$method((($b1 >> 1) ) & 31) . - static::$method((($b1 << 4) | ($b2 >> 4)) & 31) . - static::$method((($b2 << 1) ) & 31); - if ($pad) { - $dest .= '==='; - } - } elseif ($i + 1 < $srcLen) { - $b1 = $chunk[2]; - $dest .= - static::$method( ($b0 >> 3) & 31) . - static::$method((($b0 << 2) | ($b1 >> 6)) & 31) . - static::$method((($b1 >> 1) ) & 31) . - static::$method((($b1 << 4) ) & 31); - if ($pad) { - $dest .= '===='; - } - } else { - $dest .= - static::$method( ($b0 >> 3) & 31) . - static::$method( ($b0 << 2) & 31); - if ($pad) { - $dest .= '======'; - } - } - } - return $dest; - } -} diff --git a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base32Hex.php b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base32Hex.php deleted file mode 100644 index b868dd0..0000000 --- a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base32Hex.php +++ /dev/null @@ -1,111 +0,0 @@ - 0x30 && $src < 0x3a) ret += $src - 0x2e + 1; // -47 - $ret += (((0x2f - $src) & ($src - 0x3a)) >> 8) & ($src - 47); - - // if ($src > 0x60 && $src < 0x77) ret += $src - 0x61 + 10 + 1; // -86 - $ret += (((0x60 - $src) & ($src - 0x77)) >> 8) & ($src - 86); - - return $ret; - } - - /** - * Uses bitwise operators instead of table-lookups to turn 5-bit integers - * into 8-bit integers. - * - * @param int $src - * @return int - */ - protected static function decode5BitsUpper(int $src): int - { - $ret = -1; - - // if ($src > 0x30 && $src < 0x3a) ret += $src - 0x2e + 1; // -47 - $ret += (((0x2f - $src) & ($src - 0x3a)) >> 8) & ($src - 47); - - // if ($src > 0x40 && $src < 0x57) ret += $src - 0x41 + 10 + 1; // -54 - $ret += (((0x40 - $src) & ($src - 0x57)) >> 8) & ($src - 54); - - return $ret; - } - - /** - * Uses bitwise operators instead of table-lookups to turn 8-bit integers - * into 5-bit integers. - * - * @param int $src - * @return string - */ - protected static function encode5Bits(int $src): string - { - $src += 0x30; - - // if ($src > 0x39) $src += 0x61 - 0x3a; // 39 - $src += ((0x39 - $src) >> 8) & 39; - - return \pack('C', $src); - } - - /** - * Uses bitwise operators instead of table-lookups to turn 8-bit integers - * into 5-bit integers. - * - * Uppercase variant. - * - * @param int $src - * @return string - */ - protected static function encode5BitsUpper(int $src): string - { - $src += 0x30; - - // if ($src > 0x39) $src += 0x41 - 0x3a; // 7 - $src += ((0x39 - $src) >> 8) & 7; - - return \pack('C', $src); - } -} \ No newline at end of file diff --git a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64.php b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64.php deleted file mode 100644 index f571617..0000000 --- a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64.php +++ /dev/null @@ -1,314 +0,0 @@ - $chunk */ - $chunk = \unpack('C*', Binary::safeSubstr($src, $i, 3)); - $b0 = $chunk[1]; - $b1 = $chunk[2]; - $b2 = $chunk[3]; - - $dest .= - static::encode6Bits( $b0 >> 2 ) . - static::encode6Bits((($b0 << 4) | ($b1 >> 4)) & 63) . - static::encode6Bits((($b1 << 2) | ($b2 >> 6)) & 63) . - static::encode6Bits( $b2 & 63); - } - // The last chunk, which may have padding: - if ($i < $srcLen) { - /** @var array $chunk */ - $chunk = \unpack('C*', Binary::safeSubstr($src, $i, $srcLen - $i)); - $b0 = $chunk[1]; - if ($i + 1 < $srcLen) { - $b1 = $chunk[2]; - $dest .= - static::encode6Bits($b0 >> 2) . - static::encode6Bits((($b0 << 4) | ($b1 >> 4)) & 63) . - static::encode6Bits(($b1 << 2) & 63); - if ($pad) { - $dest .= '='; - } - } else { - $dest .= - static::encode6Bits( $b0 >> 2) . - static::encode6Bits(($b0 << 4) & 63); - if ($pad) { - $dest .= '=='; - } - } - } - return $dest; - } - - /** - * decode from base64 into binary - * - * Base64 character set "./[A-Z][a-z][0-9]" - * - * @param string $encodedString - * @param bool $strictPadding - * @return string - * - * @throws RangeException - * @throws TypeError - * @psalm-suppress RedundantCondition - */ - public static function decode(string $encodedString, bool $strictPadding = false): string - { - // Remove padding - $srcLen = Binary::safeStrlen($encodedString); - if ($srcLen === 0) { - return ''; - } - - if ($strictPadding) { - if (($srcLen & 3) === 0) { - if ($encodedString[$srcLen - 1] === '=') { - $srcLen--; - if ($encodedString[$srcLen - 1] === '=') { - $srcLen--; - } - } - } - if (($srcLen & 3) === 1) { - throw new RangeException( - 'Incorrect padding' - ); - } - if ($encodedString[$srcLen - 1] === '=') { - throw new RangeException( - 'Incorrect padding' - ); - } - } else { - $encodedString = \rtrim($encodedString, '='); - $srcLen = Binary::safeStrlen($encodedString); - } - - $err = 0; - $dest = ''; - // Main loop (no padding): - for ($i = 0; $i + 4 <= $srcLen; $i += 4) { - /** @var array $chunk */ - $chunk = \unpack('C*', Binary::safeSubstr($encodedString, $i, 4)); - $c0 = static::decode6Bits($chunk[1]); - $c1 = static::decode6Bits($chunk[2]); - $c2 = static::decode6Bits($chunk[3]); - $c3 = static::decode6Bits($chunk[4]); - - $dest .= \pack( - 'CCC', - ((($c0 << 2) | ($c1 >> 4)) & 0xff), - ((($c1 << 4) | ($c2 >> 2)) & 0xff), - ((($c2 << 6) | $c3 ) & 0xff) - ); - $err |= ($c0 | $c1 | $c2 | $c3) >> 8; - } - // The last chunk, which may have padding: - if ($i < $srcLen) { - /** @var array $chunk */ - $chunk = \unpack('C*', Binary::safeSubstr($encodedString, $i, $srcLen - $i)); - $c0 = static::decode6Bits($chunk[1]); - - if ($i + 2 < $srcLen) { - $c1 = static::decode6Bits($chunk[2]); - $c2 = static::decode6Bits($chunk[3]); - $dest .= \pack( - 'CC', - ((($c0 << 2) | ($c1 >> 4)) & 0xff), - ((($c1 << 4) | ($c2 >> 2)) & 0xff) - ); - $err |= ($c0 | $c1 | $c2) >> 8; - if ($strictPadding) { - $err |= ($c2 << 6) & 0xff; - } - } elseif ($i + 1 < $srcLen) { - $c1 = static::decode6Bits($chunk[2]); - $dest .= \pack( - 'C', - ((($c0 << 2) | ($c1 >> 4)) & 0xff) - ); - $err |= ($c0 | $c1) >> 8; - if ($strictPadding) { - $err |= ($c1 << 4) & 0xff; - } - } elseif ($strictPadding) { - $err |= 1; - } - } - $check = ($err === 0); - if (!$check) { - throw new RangeException( - 'Base64::decode() only expects characters in the correct base64 alphabet' - ); - } - return $dest; - } - - /** - * @param string $encodedString - * @return string - */ - public static function decodeNoPadding(string $encodedString): string - { - $srcLen = Binary::safeStrlen($encodedString); - if ($srcLen === 0) { - return ''; - } - if (($srcLen & 3) === 0) { - if ($encodedString[$srcLen - 1] === '=') { - throw new InvalidArgumentException( - "decodeNoPadding() doesn't tolerate padding" - ); - } - if (($srcLen & 3) > 1) { - if ($encodedString[$srcLen - 2] === '=') { - throw new InvalidArgumentException( - "decodeNoPadding() doesn't tolerate padding" - ); - } - } - } - return static::decode( - $encodedString, - true - ); - } - - /** - * Uses bitwise operators instead of table-lookups to turn 6-bit integers - * into 8-bit integers. - * - * Base64 character set: - * [A-Z] [a-z] [0-9] + / - * 0x41-0x5a, 0x61-0x7a, 0x30-0x39, 0x2b, 0x2f - * - * @param int $src - * @return int - */ - protected static function decode6Bits(int $src): int - { - $ret = -1; - - // if ($src > 0x40 && $src < 0x5b) $ret += $src - 0x41 + 1; // -64 - $ret += (((0x40 - $src) & ($src - 0x5b)) >> 8) & ($src - 64); - - // if ($src > 0x60 && $src < 0x7b) $ret += $src - 0x61 + 26 + 1; // -70 - $ret += (((0x60 - $src) & ($src - 0x7b)) >> 8) & ($src - 70); - - // if ($src > 0x2f && $src < 0x3a) $ret += $src - 0x30 + 52 + 1; // 5 - $ret += (((0x2f - $src) & ($src - 0x3a)) >> 8) & ($src + 5); - - // if ($src == 0x2b) $ret += 62 + 1; - $ret += (((0x2a - $src) & ($src - 0x2c)) >> 8) & 63; - - // if ($src == 0x2f) ret += 63 + 1; - $ret += (((0x2e - $src) & ($src - 0x30)) >> 8) & 64; - - return $ret; - } - - /** - * Uses bitwise operators instead of table-lookups to turn 8-bit integers - * into 6-bit integers. - * - * @param int $src - * @return string - */ - protected static function encode6Bits(int $src): string - { - $diff = 0x41; - - // if ($src > 25) $diff += 0x61 - 0x41 - 26; // 6 - $diff += ((25 - $src) >> 8) & 6; - - // if ($src > 51) $diff += 0x30 - 0x61 - 26; // -75 - $diff -= ((51 - $src) >> 8) & 75; - - // if ($src > 61) $diff += 0x2b - 0x30 - 10; // -15 - $diff -= ((61 - $src) >> 8) & 15; - - // if ($src > 62) $diff += 0x2f - 0x2b - 1; // 3 - $diff += ((62 - $src) >> 8) & 3; - - return \pack('C', $src + $diff); - } -} diff --git a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64DotSlash.php b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64DotSlash.php deleted file mode 100644 index 5e98a8f..0000000 --- a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64DotSlash.php +++ /dev/null @@ -1,88 +0,0 @@ - 0x2d && $src < 0x30) ret += $src - 0x2e + 1; // -45 - $ret += (((0x2d - $src) & ($src - 0x30)) >> 8) & ($src - 45); - - // if ($src > 0x40 && $src < 0x5b) ret += $src - 0x41 + 2 + 1; // -62 - $ret += (((0x40 - $src) & ($src - 0x5b)) >> 8) & ($src - 62); - - // if ($src > 0x60 && $src < 0x7b) ret += $src - 0x61 + 28 + 1; // -68 - $ret += (((0x60 - $src) & ($src - 0x7b)) >> 8) & ($src - 68); - - // if ($src > 0x2f && $src < 0x3a) ret += $src - 0x30 + 54 + 1; // 7 - $ret += (((0x2f - $src) & ($src - 0x3a)) >> 8) & ($src + 7); - - return $ret; - } - - /** - * Uses bitwise operators instead of table-lookups to turn 8-bit integers - * into 6-bit integers. - * - * @param int $src - * @return string - */ - protected static function encode6Bits(int $src): string - { - $src += 0x2e; - - // if ($src > 0x2f) $src += 0x41 - 0x30; // 17 - $src += ((0x2f - $src) >> 8) & 17; - - // if ($src > 0x5a) $src += 0x61 - 0x5b; // 6 - $src += ((0x5a - $src) >> 8) & 6; - - // if ($src > 0x7a) $src += 0x30 - 0x7b; // -75 - $src -= ((0x7a - $src) >> 8) & 75; - - return \pack('C', $src); - } -} diff --git a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64DotSlashOrdered.php b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64DotSlashOrdered.php deleted file mode 100644 index 9780b14..0000000 --- a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64DotSlashOrdered.php +++ /dev/null @@ -1,82 +0,0 @@ - 0x2d && $src < 0x3a) ret += $src - 0x2e + 1; // -45 - $ret += (((0x2d - $src) & ($src - 0x3a)) >> 8) & ($src - 45); - - // if ($src > 0x40 && $src < 0x5b) ret += $src - 0x41 + 12 + 1; // -52 - $ret += (((0x40 - $src) & ($src - 0x5b)) >> 8) & ($src - 52); - - // if ($src > 0x60 && $src < 0x7b) ret += $src - 0x61 + 38 + 1; // -58 - $ret += (((0x60 - $src) & ($src - 0x7b)) >> 8) & ($src - 58); - - return $ret; - } - - /** - * Uses bitwise operators instead of table-lookups to turn 8-bit integers - * into 6-bit integers. - * - * @param int $src - * @return string - */ - protected static function encode6Bits(int $src): string - { - $src += 0x2e; - - // if ($src > 0x39) $src += 0x41 - 0x3a; // 7 - $src += ((0x39 - $src) >> 8) & 7; - - // if ($src > 0x5a) $src += 0x61 - 0x5b; // 6 - $src += ((0x5a - $src) >> 8) & 6; - - return \pack('C', $src); - } -} diff --git a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64UrlSafe.php b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64UrlSafe.php deleted file mode 100644 index 8192c63..0000000 --- a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Base64UrlSafe.php +++ /dev/null @@ -1,95 +0,0 @@ - 0x40 && $src < 0x5b) $ret += $src - 0x41 + 1; // -64 - $ret += (((0x40 - $src) & ($src - 0x5b)) >> 8) & ($src - 64); - - // if ($src > 0x60 && $src < 0x7b) $ret += $src - 0x61 + 26 + 1; // -70 - $ret += (((0x60 - $src) & ($src - 0x7b)) >> 8) & ($src - 70); - - // if ($src > 0x2f && $src < 0x3a) $ret += $src - 0x30 + 52 + 1; // 5 - $ret += (((0x2f - $src) & ($src - 0x3a)) >> 8) & ($src + 5); - - // if ($src == 0x2c) $ret += 62 + 1; - $ret += (((0x2c - $src) & ($src - 0x2e)) >> 8) & 63; - - // if ($src == 0x5f) ret += 63 + 1; - $ret += (((0x5e - $src) & ($src - 0x60)) >> 8) & 64; - - return $ret; - } - - /** - * Uses bitwise operators instead of table-lookups to turn 8-bit integers - * into 6-bit integers. - * - * @param int $src - * @return string - */ - protected static function encode6Bits(int $src): string - { - $diff = 0x41; - - // if ($src > 25) $diff += 0x61 - 0x41 - 26; // 6 - $diff += ((25 - $src) >> 8) & 6; - - // if ($src > 51) $diff += 0x30 - 0x61 - 26; // -75 - $diff -= ((51 - $src) >> 8) & 75; - - // if ($src > 61) $diff += 0x2d - 0x30 - 10; // -13 - $diff -= ((61 - $src) >> 8) & 13; - - // if ($src > 62) $diff += 0x5f - 0x2b - 1; // 3 - $diff += ((62 - $src) >> 8) & 49; - - return \pack('C', $src + $diff); - } -} diff --git a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Binary.php b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Binary.php deleted file mode 100644 index 828f3e0..0000000 --- a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/Binary.php +++ /dev/null @@ -1,90 +0,0 @@ - $chunk */ - $chunk = \unpack('C', $binString[$i]); - $c = $chunk[1] & 0xf; - $b = $chunk[1] >> 4; - - $hex .= \pack( - 'CC', - (87 + $b + ((($b - 10) >> 8) & ~38)), - (87 + $c + ((($c - 10) >> 8) & ~38)) - ); - } - return $hex; - } - - /** - * Convert a binary string into a hexadecimal string without cache-timing - * leaks, returning uppercase letters (as per RFC 4648) - * - * @param string $binString (raw binary) - * @return string - * @throws TypeError - */ - public static function encodeUpper(string $binString): string - { - $hex = ''; - $len = Binary::safeStrlen($binString); - - for ($i = 0; $i < $len; ++$i) { - /** @var array $chunk */ - $chunk = \unpack('C', $binString[$i]); - $c = $chunk[1] & 0xf; - $b = $chunk[1] >> 4; - - $hex .= \pack( - 'CC', - (55 + $b + ((($b - 10) >> 8) & ~6)), - (55 + $c + ((($c - 10) >> 8) & ~6)) - ); - } - return $hex; - } - - /** - * Convert a hexadecimal string into a binary string without cache-timing - * leaks - * - * @param string $encodedString - * @param bool $strictPadding - * @return string (raw binary) - * @throws RangeException - */ - public static function decode( - string $encodedString, - bool $strictPadding = false - ): string { - $hex_pos = 0; - $bin = ''; - $c_acc = 0; - $hex_len = Binary::safeStrlen($encodedString); - $state = 0; - if (($hex_len & 1) !== 0) { - if ($strictPadding) { - throw new RangeException( - 'Expected an even number of hexadecimal characters' - ); - } else { - $encodedString = '0' . $encodedString; - ++$hex_len; - } - } - - /** @var array $chunk */ - $chunk = \unpack('C*', $encodedString); - while ($hex_pos < $hex_len) { - ++$hex_pos; - $c = $chunk[$hex_pos]; - $c_num = $c ^ 48; - $c_num0 = ($c_num - 10) >> 8; - $c_alpha = ($c & ~32) - 55; - $c_alpha0 = (($c_alpha - 10) ^ ($c_alpha - 16)) >> 8; - - if (($c_num0 | $c_alpha0) === 0) { - throw new RangeException( - 'Expected hexadecimal character' - ); - } - $c_val = ($c_num0 & $c_num) | ($c_alpha & $c_alpha0); - if ($state === 0) { - $c_acc = $c_val * 16; - } else { - $bin .= \pack('C', $c_acc | $c_val); - } - $state ^= 1; - } - return $bin; - } -} diff --git a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/RFC4648.php b/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/RFC4648.php deleted file mode 100644 index f124d65..0000000 --- a/utilities/signing_and_verification/php/vendor/paragonie/constant_time_encoding/src/RFC4648.php +++ /dev/null @@ -1,186 +0,0 @@ - "Zm9v" - * - * @param string $str - * @return string - * - * @throws TypeError - */ - public static function base64Encode(string $str): string - { - return Base64::encode($str); - } - - /** - * RFC 4648 Base64 decoding - * - * "Zm9v" -> "foo" - * - * @param string $str - * @return string - * - * @throws TypeError - */ - public static function base64Decode(string $str): string - { - return Base64::decode($str, true); - } - - /** - * RFC 4648 Base64 (URL Safe) encoding - * - * "foo" -> "Zm9v" - * - * @param string $str - * @return string - * - * @throws TypeError - */ - public static function base64UrlSafeEncode(string $str): string - { - return Base64UrlSafe::encode($str); - } - - /** - * RFC 4648 Base64 (URL Safe) decoding - * - * "Zm9v" -> "foo" - * - * @param string $str - * @return string - * - * @throws TypeError - */ - public static function base64UrlSafeDecode(string $str): string - { - return Base64UrlSafe::decode($str, true); - } - - /** - * RFC 4648 Base32 encoding - * - * "foo" -> "MZXW6===" - * - * @param string $str - * @return string - * - * @throws TypeError - */ - public static function base32Encode(string $str): string - { - return Base32::encodeUpper($str); - } - - /** - * RFC 4648 Base32 encoding - * - * "MZXW6===" -> "foo" - * - * @param string $str - * @return string - * - * @throws TypeError - */ - public static function base32Decode(string $str): string - { - return Base32::decodeUpper($str, true); - } - - /** - * RFC 4648 Base32-Hex encoding - * - * "foo" -> "CPNMU===" - * - * @param string $str - * @return string - * - * @throws TypeError - */ - public static function base32HexEncode(string $str): string - { - return Base32::encodeUpper($str); - } - - /** - * RFC 4648 Base32-Hex decoding - * - * "CPNMU===" -> "foo" - * - * @param string $str - * @return string - * - * @throws TypeError - */ - public static function base32HexDecode(string $str): string - { - return Base32::decodeUpper($str, true); - } - - /** - * RFC 4648 Base16 decoding - * - * "foo" -> "666F6F" - * - * @param string $str - * @return string - * - * @throws TypeError - */ - public static function base16Encode(string $str): string - { - return Hex::encodeUpper($str); - } - - /** - * RFC 4648 Base16 decoding - * - * "666F6F" -> "foo" - * - * @param string $str - * @return string - */ - public static function base16Decode(string $str): string - { - return Hex::decode($str, true); - } -} \ No newline at end of file diff --git a/utilities/signing_and_verification/php/vendor/paragonie/random_compat/LICENSE b/utilities/signing_and_verification/php/vendor/paragonie/random_compat/LICENSE deleted file mode 100644 index 45c7017..0000000 --- a/utilities/signing_and_verification/php/vendor/paragonie/random_compat/LICENSE +++ /dev/null @@ -1,22 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2015 Paragon Initiative Enterprises - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. - diff --git a/utilities/signing_and_verification/php/vendor/paragonie/random_compat/build-phar.sh b/utilities/signing_and_verification/php/vendor/paragonie/random_compat/build-phar.sh deleted file mode 100755 index b4a5ba3..0000000 --- a/utilities/signing_and_verification/php/vendor/paragonie/random_compat/build-phar.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/usr/bin/env bash - -basedir=$( dirname $( readlink -f ${BASH_SOURCE[0]} ) ) - -php -dphar.readonly=0 "$basedir/other/build_phar.php" $* \ No newline at end of file diff --git a/utilities/signing_and_verification/php/vendor/paragonie/random_compat/composer.json b/utilities/signing_and_verification/php/vendor/paragonie/random_compat/composer.json deleted file mode 100644 index f2b9c4e..0000000 --- a/utilities/signing_and_verification/php/vendor/paragonie/random_compat/composer.json +++ /dev/null @@ -1,34 +0,0 @@ -{ - "name": "paragonie/random_compat", - "description": "PHP 5.x polyfill for random_bytes() and random_int() from PHP 7", - "keywords": [ - "csprng", - "random", - "polyfill", - "pseudorandom" - ], - "license": "MIT", - "type": "library", - "authors": [ - { - "name": "Paragon Initiative Enterprises", - "email": "security@paragonie.com", - "homepage": "https://paragonie.com" - } - ], - "support": { - "issues": "https://github.com/paragonie/random_compat/issues", - "email": "info@paragonie.com", - "source": "https://github.com/paragonie/random_compat" - }, - "require": { - "php": ">= 7" - }, - "require-dev": { - "vimeo/psalm": "^1", - "phpunit/phpunit": "4.*|5.*" - }, - "suggest": { - "ext-libsodium": "Provides a modern crypto API that can be used to generate random bytes." - } -} diff --git a/utilities/signing_and_verification/php/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey b/utilities/signing_and_verification/php/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey deleted file mode 100644 index eb50ebf..0000000 --- a/utilities/signing_and_verification/php/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey +++ /dev/null @@ -1,5 +0,0 @@ ------BEGIN PUBLIC KEY----- -MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEEd+wCqJDrx5B4OldM0dQE0ZMX+lx1ZWm -pui0SUqD4G29L3NGsz9UhJ/0HjBdbnkhIK5xviT0X5vtjacF6ajgcCArbTB+ds+p -+h7Q084NuSuIpNb6YPfoUFgC/CL9kAoc ------END PUBLIC KEY----- diff --git a/utilities/signing_and_verification/php/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey.asc b/utilities/signing_and_verification/php/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey.asc deleted file mode 100644 index 6a1d7f3..0000000 --- a/utilities/signing_and_verification/php/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey.asc +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.22 (MingW32) - -iQEcBAABAgAGBQJWtW1hAAoJEGuXocKCZATaJf0H+wbZGgskK1dcRTsuVJl9IWip -QwGw/qIKI280SD6/ckoUMxKDCJiFuPR14zmqnS36k7N5UNPnpdTJTS8T11jttSpg -1LCmgpbEIpgaTah+cELDqFCav99fS+bEiAL5lWDAHBTE/XPjGVCqeehyPYref4IW -NDBIEsvnHPHPLsn6X5jq4+Yj5oUixgxaMPiR+bcO4Sh+RzOVB6i2D0upWfRXBFXA -NNnsg9/zjvoC7ZW73y9uSH+dPJTt/Vgfeiv52/v41XliyzbUyLalf02GNPY+9goV -JHG1ulEEBJOCiUD9cE1PUIJwHA/HqyhHIvV350YoEFiHl8iSwm7SiZu5kPjaq74= -=B6+8 ------END PGP SIGNATURE----- diff --git a/utilities/signing_and_verification/php/vendor/paragonie/random_compat/lib/random.php b/utilities/signing_and_verification/php/vendor/paragonie/random_compat/lib/random.php deleted file mode 100644 index c7731a5..0000000 --- a/utilities/signing_and_verification/php/vendor/paragonie/random_compat/lib/random.php +++ /dev/null @@ -1,32 +0,0 @@ -buildFromDirectory(dirname(__DIR__).'/lib'); -rename( - dirname(__DIR__).'/lib/index.php', - dirname(__DIR__).'/lib/random.php' -); - -/** - * If we pass an (optional) path to a private key as a second argument, we will - * sign the Phar with OpenSSL. - * - * If you leave this out, it will produce an unsigned .phar! - */ -if ($argc > 1) { - if (!@is_readable($argv[1])) { - echo 'Could not read the private key file:', $argv[1], "\n"; - exit(255); - } - $pkeyFile = file_get_contents($argv[1]); - - $private = openssl_get_privatekey($pkeyFile); - if ($private !== false) { - $pkey = ''; - openssl_pkey_export($private, $pkey); - $phar->setSignatureAlgorithm(Phar::OPENSSL, $pkey); - - /** - * Save the corresponding public key to the file - */ - if (!@is_readable($dist.'/random_compat.phar.pubkey')) { - $details = openssl_pkey_get_details($private); - file_put_contents( - $dist.'/random_compat.phar.pubkey', - $details['key'] - ); - } - } else { - echo 'An error occurred reading the private key from OpenSSL.', "\n"; - exit(255); - } -} diff --git a/utilities/signing_and_verification/php/vendor/paragonie/random_compat/psalm-autoload.php b/utilities/signing_and_verification/php/vendor/paragonie/random_compat/psalm-autoload.php deleted file mode 100644 index d71d1b8..0000000 --- a/utilities/signing_and_verification/php/vendor/paragonie/random_compat/psalm-autoload.php +++ /dev/null @@ -1,9 +0,0 @@ - - - - - - - - - - - - - - - diff --git a/utilities/signing_and_verification/php/vendor/phpoption/phpoption/LICENSE b/utilities/signing_and_verification/php/vendor/phpoption/phpoption/LICENSE deleted file mode 100644 index f49a4e1..0000000 --- a/utilities/signing_and_verification/php/vendor/phpoption/phpoption/LICENSE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. \ No newline at end of file diff --git a/utilities/signing_and_verification/php/vendor/phpoption/phpoption/composer.json b/utilities/signing_and_verification/php/vendor/phpoption/phpoption/composer.json deleted file mode 100644 index 77f50a3..0000000 --- a/utilities/signing_and_verification/php/vendor/phpoption/phpoption/composer.json +++ /dev/null @@ -1,52 +0,0 @@ -{ - "name": "phpoption/phpoption", - "description": "Option Type for PHP", - "keywords": ["php", "option", "language", "type"], - "license": "Apache-2.0", - "authors": [ - { - "name": "Johannes M. Schmitt", - "email": "schmittjoh@gmail.com", - "homepage": "https://github.com/schmittjoh" - }, - { - "name": "Graham Campbell", - "email": "hello@gjcampbell.co.uk", - "homepage": "https://github.com/GrahamCampbell" - } - ], - "require": { - "php": "^7.2.5 || ^8.0" - }, - "require-dev": { - "bamarni/composer-bin-plugin": "^1.8.2", - "phpunit/phpunit": "^8.5.34 || ^9.6.13 || ^10.4.2" - }, - "autoload": { - "psr-4": { - "PhpOption\\": "src/PhpOption/" - } - }, - "autoload-dev": { - "psr-4": { - "PhpOption\\Tests\\": "tests/PhpOption/Tests/" - } - }, - "config": { - "allow-plugins": { - "bamarni/composer-bin-plugin": true - }, - "preferred-install": "dist" - }, - "extra": { - "bamarni-bin": { - "bin-links": true, - "forward-command": true - }, - "branch-alias": { - "dev-master": "1.9-dev" - } - }, - "minimum-stability": "dev", - "prefer-stable": true -} diff --git a/utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/LazyOption.php b/utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/LazyOption.php deleted file mode 100644 index 9cb77c8..0000000 --- a/utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/LazyOption.php +++ /dev/null @@ -1,175 +0,0 @@ - - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -namespace PhpOption; - -use Traversable; - -/** - * @template T - * - * @extends Option - */ -final class LazyOption extends Option -{ - /** @var callable(mixed...):(Option) */ - private $callback; - - /** @var array */ - private $arguments; - - /** @var Option|null */ - private $option; - - /** - * @template S - * @param callable(mixed...):(Option) $callback - * @param array $arguments - * - * @return LazyOption - */ - public static function create($callback, array $arguments = []): self - { - return new self($callback, $arguments); - } - - /** - * @param callable(mixed...):(Option) $callback - * @param array $arguments - */ - public function __construct($callback, array $arguments = []) - { - if (!is_callable($callback)) { - throw new \InvalidArgumentException('Invalid callback given'); - } - - $this->callback = $callback; - $this->arguments = $arguments; - } - - public function isDefined(): bool - { - return $this->option()->isDefined(); - } - - public function isEmpty(): bool - { - return $this->option()->isEmpty(); - } - - public function get() - { - return $this->option()->get(); - } - - public function getOrElse($default) - { - return $this->option()->getOrElse($default); - } - - public function getOrCall($callable) - { - return $this->option()->getOrCall($callable); - } - - public function getOrThrow(\Exception $ex) - { - return $this->option()->getOrThrow($ex); - } - - public function orElse(Option $else) - { - return $this->option()->orElse($else); - } - - public function ifDefined($callable) - { - $this->option()->forAll($callable); - } - - public function forAll($callable) - { - return $this->option()->forAll($callable); - } - - public function map($callable) - { - return $this->option()->map($callable); - } - - public function flatMap($callable) - { - return $this->option()->flatMap($callable); - } - - public function filter($callable) - { - return $this->option()->filter($callable); - } - - public function filterNot($callable) - { - return $this->option()->filterNot($callable); - } - - public function select($value) - { - return $this->option()->select($value); - } - - public function reject($value) - { - return $this->option()->reject($value); - } - - /** - * @return Traversable - */ - public function getIterator(): Traversable - { - return $this->option()->getIterator(); - } - - public function foldLeft($initialValue, $callable) - { - return $this->option()->foldLeft($initialValue, $callable); - } - - public function foldRight($initialValue, $callable) - { - return $this->option()->foldRight($initialValue, $callable); - } - - /** - * @return Option - */ - private function option(): Option - { - if (null === $this->option) { - /** @var mixed */ - $option = call_user_func_array($this->callback, $this->arguments); - if ($option instanceof Option) { - $this->option = $option; - } else { - throw new \RuntimeException(sprintf('Expected instance of %s', Option::class)); - } - } - - return $this->option; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/None.php b/utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/None.php deleted file mode 100644 index 4b85d22..0000000 --- a/utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/None.php +++ /dev/null @@ -1,136 +0,0 @@ - - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -namespace PhpOption; - -use EmptyIterator; - -/** - * @extends Option - */ -final class None extends Option -{ - /** @var None|null */ - private static $instance; - - /** - * @return None - */ - public static function create(): self - { - if (null === self::$instance) { - self::$instance = new self(); - } - - return self::$instance; - } - - public function get() - { - throw new \RuntimeException('None has no value.'); - } - - public function getOrCall($callable) - { - return $callable(); - } - - public function getOrElse($default) - { - return $default; - } - - public function getOrThrow(\Exception $ex) - { - throw $ex; - } - - public function isEmpty(): bool - { - return true; - } - - public function isDefined(): bool - { - return false; - } - - public function orElse(Option $else) - { - return $else; - } - - public function ifDefined($callable) - { - // Just do nothing in that case. - } - - public function forAll($callable) - { - return $this; - } - - public function map($callable) - { - return $this; - } - - public function flatMap($callable) - { - return $this; - } - - public function filter($callable) - { - return $this; - } - - public function filterNot($callable) - { - return $this; - } - - public function select($value) - { - return $this; - } - - public function reject($value) - { - return $this; - } - - public function getIterator(): EmptyIterator - { - return new EmptyIterator(); - } - - public function foldLeft($initialValue, $callable) - { - return $initialValue; - } - - public function foldRight($initialValue, $callable) - { - return $initialValue; - } - - private function __construct() - { - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/Option.php b/utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/Option.php deleted file mode 100644 index 172924c..0000000 --- a/utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/Option.php +++ /dev/null @@ -1,434 +0,0 @@ - - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -namespace PhpOption; - -use ArrayAccess; -use IteratorAggregate; - -/** - * @template T - * - * @implements IteratorAggregate - */ -abstract class Option implements IteratorAggregate -{ - /** - * Creates an option given a return value. - * - * This is intended for consuming existing APIs and allows you to easily - * convert them to an option. By default, we treat ``null`` as the None - * case, and everything else as Some. - * - * @template S - * - * @param S $value The actual return value. - * @param S $noneValue The value which should be considered "None"; null by - * default. - * - * @return Option - */ - public static function fromValue($value, $noneValue = null) - { - if ($value === $noneValue) { - return None::create(); - } - - return new Some($value); - } - - /** - * Creates an option from an array's value. - * - * If the key does not exist in the array, the array is not actually an - * array, or the array's value at the given key is null, None is returned. - * Otherwise, Some is returned wrapping the value at the given key. - * - * @template S - * - * @param array|ArrayAccess|null $array A potential array or \ArrayAccess value. - * @param string $key The key to check. - * - * @return Option - */ - public static function fromArraysValue($array, $key) - { - if (!(is_array($array) || $array instanceof ArrayAccess) || !isset($array[$key])) { - return None::create(); - } - - return new Some($array[$key]); - } - - /** - * Creates a lazy-option with the given callback. - * - * This is also a helper constructor for lazy-consuming existing APIs where - * the return value is not yet an option. By default, we treat ``null`` as - * None case, and everything else as Some. - * - * @template S - * - * @param callable $callback The callback to evaluate. - * @param array $arguments The arguments for the callback. - * @param S $noneValue The value which should be considered "None"; - * null by default. - * - * @return LazyOption - */ - public static function fromReturn($callback, array $arguments = [], $noneValue = null) - { - return new LazyOption(static function () use ($callback, $arguments, $noneValue) { - /** @var mixed */ - $return = call_user_func_array($callback, $arguments); - - if ($return === $noneValue) { - return None::create(); - } - - return new Some($return); - }); - } - - /** - * Option factory, which creates new option based on passed value. - * - * If value is already an option, it simply returns. If value is callable, - * LazyOption with passed callback created and returned. If Option - * returned from callback, it returns directly. On other case value passed - * to Option::fromValue() method. - * - * @template S - * - * @param Option|callable|S $value - * @param S $noneValue Used when $value is mixed or - * callable, for None-check. - * - * @return Option|LazyOption - */ - public static function ensure($value, $noneValue = null) - { - if ($value instanceof self) { - return $value; - } elseif (is_callable($value)) { - return new LazyOption(static function () use ($value, $noneValue) { - /** @var mixed */ - $return = $value(); - - if ($return instanceof self) { - return $return; - } else { - return self::fromValue($return, $noneValue); - } - }); - } else { - return self::fromValue($value, $noneValue); - } - } - - /** - * Lift a function so that it accepts Option as parameters. - * - * We return a new closure that wraps the original callback. If any of the - * parameters passed to the lifted function is empty, the function will - * return a value of None. Otherwise, we will pass all parameters to the - * original callback and return the value inside a new Option, unless an - * Option is returned from the function, in which case, we use that. - * - * @template S - * - * @param callable $callback - * @param mixed $noneValue - * - * @return callable - */ - public static function lift($callback, $noneValue = null) - { - return static function () use ($callback, $noneValue) { - /** @var array */ - $args = func_get_args(); - - $reduced_args = array_reduce( - $args, - /** @param bool $status */ - static function ($status, self $o) { - return $o->isEmpty() ? true : $status; - }, - false - ); - // if at least one parameter is empty, return None - if ($reduced_args) { - return None::create(); - } - - $args = array_map( - /** @return T */ - static function (self $o) { - // it is safe to do so because the fold above checked - // that all arguments are of type Some - /** @var T */ - return $o->get(); - }, - $args - ); - - return self::ensure(call_user_func_array($callback, $args), $noneValue); - }; - } - - /** - * Returns the value if available, or throws an exception otherwise. - * - * @throws \RuntimeException If value is not available. - * - * @return T - */ - abstract public function get(); - - /** - * Returns the value if available, or the default value if not. - * - * @template S - * - * @param S $default - * - * @return T|S - */ - abstract public function getOrElse($default); - - /** - * Returns the value if available, or the results of the callable. - * - * This is preferable over ``getOrElse`` if the computation of the default - * value is expensive. - * - * @template S - * - * @param callable():S $callable - * - * @return T|S - */ - abstract public function getOrCall($callable); - - /** - * Returns the value if available, or throws the passed exception. - * - * @param \Exception $ex - * - * @return T - */ - abstract public function getOrThrow(\Exception $ex); - - /** - * Returns true if no value is available, false otherwise. - * - * @return bool - */ - abstract public function isEmpty(); - - /** - * Returns true if a value is available, false otherwise. - * - * @return bool - */ - abstract public function isDefined(); - - /** - * Returns this option if non-empty, or the passed option otherwise. - * - * This can be used to try multiple alternatives, and is especially useful - * with lazy evaluating options: - * - * ```php - * $repo->findSomething() - * ->orElse(new LazyOption(array($repo, 'findSomethingElse'))) - * ->orElse(new LazyOption(array($repo, 'createSomething'))); - * ``` - * - * @param Option $else - * - * @return Option - */ - abstract public function orElse(self $else); - - /** - * This is similar to map() below except that the return value has no meaning; - * the passed callable is simply executed if the option is non-empty, and - * ignored if the option is empty. - * - * In all cases, the return value of the callable is discarded. - * - * ```php - * $comment->getMaybeFile()->ifDefined(function($file) { - * // Do something with $file here. - * }); - * ``` - * - * If you're looking for something like ``ifEmpty``, you can use ``getOrCall`` - * and ``getOrElse`` in these cases. - * - * @deprecated Use forAll() instead. - * - * @param callable(T):mixed $callable - * - * @return void - */ - abstract public function ifDefined($callable); - - /** - * This is similar to map() except that the return value of the callable has no meaning. - * - * The passed callable is simply executed if the option is non-empty, and ignored if the - * option is empty. This method is preferred for callables with side-effects, while map() - * is intended for callables without side-effects. - * - * @param callable(T):mixed $callable - * - * @return Option - */ - abstract public function forAll($callable); - - /** - * Applies the callable to the value of the option if it is non-empty, - * and returns the return value of the callable wrapped in Some(). - * - * If the option is empty, then the callable is not applied. - * - * ```php - * (new Some("foo"))->map('strtoupper')->get(); // "FOO" - * ``` - * - * @template S - * - * @param callable(T):S $callable - * - * @return Option - */ - abstract public function map($callable); - - /** - * Applies the callable to the value of the option if it is non-empty, and - * returns the return value of the callable directly. - * - * In contrast to ``map``, the return value of the callable is expected to - * be an Option itself; it is not automatically wrapped in Some(). - * - * @template S - * - * @param callable(T):Option $callable must return an Option - * - * @return Option - */ - abstract public function flatMap($callable); - - /** - * If the option is empty, it is returned immediately without applying the callable. - * - * If the option is non-empty, the callable is applied, and if it returns true, - * the option itself is returned; otherwise, None is returned. - * - * @param callable(T):bool $callable - * - * @return Option - */ - abstract public function filter($callable); - - /** - * If the option is empty, it is returned immediately without applying the callable. - * - * If the option is non-empty, the callable is applied, and if it returns false, - * the option itself is returned; otherwise, None is returned. - * - * @param callable(T):bool $callable - * - * @return Option - */ - abstract public function filterNot($callable); - - /** - * If the option is empty, it is returned immediately. - * - * If the option is non-empty, and its value does not equal the passed value - * (via a shallow comparison ===), then None is returned. Otherwise, the - * Option is returned. - * - * In other words, this will filter all but the passed value. - * - * @param T $value - * - * @return Option - */ - abstract public function select($value); - - /** - * If the option is empty, it is returned immediately. - * - * If the option is non-empty, and its value does equal the passed value (via - * a shallow comparison ===), then None is returned; otherwise, the Option is - * returned. - * - * In other words, this will let all values through except the passed value. - * - * @param T $value - * - * @return Option - */ - abstract public function reject($value); - - /** - * Binary operator for the initial value and the option's value. - * - * If empty, the initial value is returned. If non-empty, the callable - * receives the initial value and the option's value as arguments. - * - * ```php - * - * $some = new Some(5); - * $none = None::create(); - * $result = $some->foldLeft(1, function($a, $b) { return $a + $b; }); // int(6) - * $result = $none->foldLeft(1, function($a, $b) { return $a + $b; }); // int(1) - * - * // This can be used instead of something like the following: - * $option = Option::fromValue($integerOrNull); - * $result = 1; - * if ( ! $option->isEmpty()) { - * $result += $option->get(); - * } - * ``` - * - * @template S - * - * @param S $initialValue - * @param callable(S, T):S $callable - * - * @return S - */ - abstract public function foldLeft($initialValue, $callable); - - /** - * foldLeft() but with reversed arguments for the callable. - * - * @template S - * - * @param S $initialValue - * @param callable(T, S):S $callable - * - * @return S - */ - abstract public function foldRight($initialValue, $callable); -} diff --git a/utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/Some.php b/utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/Some.php deleted file mode 100644 index 032632e..0000000 --- a/utilities/signing_and_verification/php/vendor/phpoption/phpoption/src/PhpOption/Some.php +++ /dev/null @@ -1,169 +0,0 @@ - - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -namespace PhpOption; - -use ArrayIterator; - -/** - * @template T - * - * @extends Option - */ -final class Some extends Option -{ - /** @var T */ - private $value; - - /** - * @param T $value - */ - public function __construct($value) - { - $this->value = $value; - } - - /** - * @template U - * - * @param U $value - * - * @return Some - */ - public static function create($value): self - { - return new self($value); - } - - public function isDefined(): bool - { - return true; - } - - public function isEmpty(): bool - { - return false; - } - - public function get() - { - return $this->value; - } - - public function getOrElse($default) - { - return $this->value; - } - - public function getOrCall($callable) - { - return $this->value; - } - - public function getOrThrow(\Exception $ex) - { - return $this->value; - } - - public function orElse(Option $else) - { - return $this; - } - - public function ifDefined($callable) - { - $this->forAll($callable); - } - - public function forAll($callable) - { - $callable($this->value); - - return $this; - } - - public function map($callable) - { - return new self($callable($this->value)); - } - - public function flatMap($callable) - { - /** @var mixed */ - $rs = $callable($this->value); - if (!$rs instanceof Option) { - throw new \RuntimeException('Callables passed to flatMap() must return an Option. Maybe you should use map() instead?'); - } - - return $rs; - } - - public function filter($callable) - { - if (true === $callable($this->value)) { - return $this; - } - - return None::create(); - } - - public function filterNot($callable) - { - if (false === $callable($this->value)) { - return $this; - } - - return None::create(); - } - - public function select($value) - { - if ($this->value === $value) { - return $this; - } - - return None::create(); - } - - public function reject($value) - { - if ($this->value === $value) { - return None::create(); - } - - return $this; - } - - /** - * @return ArrayIterator - */ - public function getIterator(): ArrayIterator - { - return new ArrayIterator([$this->value]); - } - - public function foldLeft($initialValue, $callable) - { - return $callable($initialValue, $this->value); - } - - public function foldRight($initialValue, $callable) - { - return $callable($this->value, $initialValue); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/AUTHORS b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/AUTHORS deleted file mode 100644 index 9f10d26..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/AUTHORS +++ /dev/null @@ -1,7 +0,0 @@ -phpseclib Lead Developer: TerraFrost (Jim Wigginton) - -phpseclib Developers: monnerat (Patrick Monnerat) - bantu (Andreas Fischer) - petrich (Hans-Jürgen Petrich) - GrahamCampbell (Graham Campbell) - hc-jworman \ No newline at end of file diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/BACKERS.md b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/BACKERS.md deleted file mode 100644 index 4ee6a4f..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/BACKERS.md +++ /dev/null @@ -1,16 +0,0 @@ -# Backers - -phpseclib ongoing development is made possible by [Tidelift](https://tidelift.com/subscription/pkg/packagist-phpseclib-phpseclib?utm_source=packagist-phpseclib-phpseclib&utm_medium=referral&utm_campaign=readme) and by contributions by users like you. Thank you. - -## Backers - -- Allan Simon -- [ChargeOver](https://chargeover.com/) -- Raghu Veer Dendukuri -- Zane Hooper -- [Setasign](https://www.setasign.com/) -- [Charles Severance](https://github.com/csev) -- [Rachel Fish](https://github.com/itsrachelfish) -- Tharyrok -- [cjhaas](https://github.com/cjhaas) -- [istiak-tridip](https://github.com/istiak-tridip) \ No newline at end of file diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/LICENSE b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/LICENSE deleted file mode 100644 index e7214eb..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/LICENSE +++ /dev/null @@ -1,20 +0,0 @@ -Copyright (c) 2011-2019 TerraFrost and other contributors - -Permission is hereby granted, free of charge, to any person obtaining -a copy of this software and associated documentation files (the -"Software"), to deal in the Software without restriction, including -without limitation the rights to use, copy, modify, merge, publish, -distribute, sublicense, and/or sell copies of the Software, and to -permit persons to whom the Software is furnished to do so, subject to -the following conditions: - -The above copyright notice and this permission notice shall be -included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND -NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE -LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION -OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION -WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. \ No newline at end of file diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/README.md b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/README.md deleted file mode 100644 index 98e5796..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/README.md +++ /dev/null @@ -1,97 +0,0 @@ -# phpseclib - PHP Secure Communications Library - -[![CI Status](https://github.com/phpseclib/phpseclib/actions/workflows/ci.yml/badge.svg?branch=3.0&event=push "CI Status")](https://github.com/phpseclib/phpseclib) - -## Supporting phpseclib - -- [Become a backer or sponsor on Patreon](https://www.patreon.com/phpseclib) -- [One-time donation via PayPal or crypto-currencies](http://sourceforge.net/donate/index.php?group_id=198487) -- [Subscribe to Tidelift](https://tidelift.com/subscription/pkg/packagist-phpseclib-phpseclib?utm_source=packagist-phpseclib-phpseclib&utm_medium=referral&utm_campaign=readme) - -## Introduction - -MIT-licensed pure-PHP implementations of the following: - -SSH-2, SFTP, X.509, an arbitrary-precision integer arithmetic library, Ed25519 / Ed449 / Curve25519 / Curve449, ECDSA / ECDH (with support for 66 curves), RSA (PKCS#1 v2.2 compliant), DSA / DH, DES / 3DES / RC4 / Rijndael / AES / Blowfish / Twofish / Salsa20 / ChaCha20, GCM / Poly1305 - -* [Browse Git](https://github.com/phpseclib/phpseclib) - -## Documentation - -* [Documentation / Manual](https://phpseclib.com/) -* [API Documentation](https://api.phpseclib.com/3.0/) (generated by Doctum) - -## Branches - -### master - -* Development Branch -* Unstable API -* Do not use in production - -### 3.0 - -* Long term support (LTS) release -* Major expansion of cryptographic primitives -* Minimum PHP version: 5.6.1 -* PSR-4 autoloading with namespace rooted at `\phpseclib3` -* Install via Composer: `composer require phpseclib/phpseclib:~3.0` - -### 2.0 - -* Long term support (LTS) release -* Modernized version of 1.0 -* Minimum PHP version: 5.3.3 -* PSR-4 autoloading with namespace rooted at `\phpseclib` -* Install via Composer: `composer require phpseclib/phpseclib:~2.0` - -### 1.0 - -* Long term support (LTS) release -* PHP4 compatible -* Composer compatible (PSR-0 autoloading) -* Install using Composer: `composer require phpseclib/phpseclib:~1.0` -* [Download 1.0.22 as ZIP](http://sourceforge.net/projects/phpseclib/files/phpseclib1.0.22.zip/download) - -## Security contact information - -To report a security vulnerability, please use the [Tidelift security contact](https://tidelift.com/security). Tidelift will coordinate the fix and disclosure. - -## Support - -Need Support? - -* [Checkout Questions and Answers on Stack Overflow](http://stackoverflow.com/questions/tagged/phpseclib) -* [Create a Support Ticket on GitHub](https://github.com/phpseclib/phpseclib/issues/new) -* [Browse the Support Forum](http://www.frostjedi.com/phpbb/viewforum.php?f=46) (no longer in use) - -## Special Thanks - -Special Thanks to our $50+ sponsors!: - -- Allan Simon -- [ChargeOver](https://chargeover.com/) - -## Contributing - -1. Fork the Project - -2. Ensure you have Composer installed (see [Composer Download Instructions](https://getcomposer.org/download/)) - -3. Install Development Dependencies - ```sh - composer install - ``` - -4. Create a Feature Branch - -5. Run continuous integration checks: - ```sh - composer global require php:^8.1 squizlabs/php_codesniffer friendsofphp/php-cs-fixer vimeo/psalm - phpcs --standard=build/php_codesniffer.xml - php-cs-fixer fix --config=build/php-cs-fixer.php --diff --dry-run --using-cache=no - psalm --config=build/psalm.xml --no-cache --long-progress --report-show-info=false --output-format=text - vendor/bin/phpunit --verbose --configuration tests/phpunit.xml - ``` - -6. Send us a Pull Request diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/composer.json b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/composer.json deleted file mode 100644 index 5052d5f..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/composer.json +++ /dev/null @@ -1,84 +0,0 @@ -{ - "name": "phpseclib/phpseclib", - "type": "library", - "description": "PHP Secure Communications Library - Pure-PHP implementations of RSA, AES, SSH2, SFTP, X.509 etc.", - "keywords": [ - "security", - "crypto", - "cryptography", - "encryption", - "signature", - "signing", - "rsa", - "aes", - "blowfish", - "twofish", - "ssh", - "sftp", - "x509", - "x.509", - "asn1", - "asn.1", - "BigInteger" - ], - "homepage": "http://phpseclib.sourceforge.net", - "license": "MIT", - "authors": [ - { - "name": "Jim Wigginton", - "email": "terrafrost@php.net", - "role": "Lead Developer" - }, - { - "name": "Patrick Monnerat", - "email": "pm@datasphere.ch", - "role": "Developer" - }, - { - "name": "Andreas Fischer", - "email": "bantu@phpbb.com", - "role": "Developer" - }, - { - "name": "Hans-Jürgen Petrich", - "email": "petrich@tronic-media.com", - "role": "Developer" - }, - { - "name": "Graham Campbell", - "email": "graham@alt-three.com", - "role": "Developer" - } - ], - "require": { - "php": ">=5.6.1", - "paragonie/constant_time_encoding": "^1|^2", - "paragonie/random_compat": "^1.4|^2.0|^9.99.99" - }, - "require-dev": { - "phpunit/phpunit": "*" - }, - "suggest": { - "ext-libsodium": "SSH2/SFTP can make use of some algorithms provided by the libsodium-php extension.", - "ext-openssl": "Install the OpenSSL extension in order to speed up a wide variety of cryptographic operations.", - "ext-mcrypt": "Install the Mcrypt extension in order to speed up a few other cryptographic operations.", - "ext-gmp": "Install the GMP (GNU Multiple Precision) extension in order to speed up arbitrary precision integer arithmetic operations.", - "ext-dom": "Install the DOM extension to load XML formatted public keys." - }, - "autoload": { - "files": [ - "phpseclib/bootstrap.php" - ], - "psr-4": { - "phpseclib3\\": "phpseclib/" - } - }, - "autoload-dev": { - "psr-4": { - "phpseclib3\\Tests\\": "tests/" - } - }, - "config": { - "sort-packages": true - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Common/Functions/Strings.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Common/Functions/Strings.php deleted file mode 100644 index eac793a..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Common/Functions/Strings.php +++ /dev/null @@ -1,505 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Common\Functions; - -use ParagonIE\ConstantTime\Base64; -use ParagonIE\ConstantTime\Base64UrlSafe; -use ParagonIE\ConstantTime\Hex; -use phpseclib3\Math\BigInteger; -use phpseclib3\Math\Common\FiniteField; - -/** - * Common String Functions - * - * @author Jim Wigginton - */ -abstract class Strings -{ - /** - * String Shift - * - * Inspired by array_shift - * - * @param string $string - * @param int $index - * @return string - */ - public static function shift(&$string, $index = 1) - { - $substr = substr($string, 0, $index); - $string = substr($string, $index); - return $substr; - } - - /** - * String Pop - * - * Inspired by array_pop - * - * @param string $string - * @param int $index - * @return string - */ - public static function pop(&$string, $index = 1) - { - $substr = substr($string, -$index); - $string = substr($string, 0, -$index); - return $substr; - } - - /** - * Parse SSH2-style string - * - * Returns either an array or a boolean if $data is malformed. - * - * Valid characters for $format are as follows: - * - * C = byte - * b = boolean (true/false) - * N = uint32 - * Q = uint64 - * s = string - * i = mpint - * L = name-list - * - * uint64 is not supported. - * - * @param string $format - * @param string $data - * @return mixed - */ - public static function unpackSSH2($format, &$data) - { - $format = self::formatPack($format); - $result = []; - for ($i = 0; $i < strlen($format); $i++) { - switch ($format[$i]) { - case 'C': - case 'b': - if (!strlen($data)) { - throw new \LengthException('At least one byte needs to be present for successful C / b decodes'); - } - break; - case 'N': - case 'i': - case 's': - case 'L': - if (strlen($data) < 4) { - throw new \LengthException('At least four byte needs to be present for successful N / i / s / L decodes'); - } - break; - case 'Q': - if (strlen($data) < 8) { - throw new \LengthException('At least eight byte needs to be present for successful N / i / s / L decodes'); - } - break; - - default: - throw new \InvalidArgumentException('$format contains an invalid character'); - } - switch ($format[$i]) { - case 'C': - $result[] = ord(self::shift($data)); - continue 2; - case 'b': - $result[] = ord(self::shift($data)) != 0; - continue 2; - case 'N': - list(, $temp) = unpack('N', self::shift($data, 4)); - $result[] = $temp; - continue 2; - case 'Q': - // pack() added support for Q in PHP 5.6.3 and PHP 5.6 is phpseclib 3's minimum version - // so in theory we could support this BUT, "64-bit format codes are not available for - // 32-bit versions" and phpseclib works on 32-bit installs. on 32-bit installs - // 64-bit floats can be used to get larger numbers then 32-bit signed ints would allow - // for. sure, you're not gonna get the full precision of 64-bit numbers but just because - // you need > 32-bit precision doesn't mean you need the full 64-bit precision - extract(unpack('Nupper/Nlower', self::shift($data, 8))); - $temp = $upper ? 4294967296 * $upper : 0; - $temp += $lower < 0 ? ($lower & 0x7FFFFFFFF) + 0x80000000 : $lower; - // $temp = hexdec(bin2hex(self::shift($data, 8))); - $result[] = $temp; - continue 2; - } - list(, $length) = unpack('N', self::shift($data, 4)); - if (strlen($data) < $length) { - throw new \LengthException("$length bytes needed; " . strlen($data) . ' bytes available'); - } - $temp = self::shift($data, $length); - switch ($format[$i]) { - case 'i': - $result[] = new BigInteger($temp, -256); - break; - case 's': - $result[] = $temp; - break; - case 'L': - $result[] = explode(',', $temp); - } - } - - return $result; - } - - /** - * Create SSH2-style string - * - * @param string $format - * @param string|int|float|array|bool ...$elements - * @return string - */ - public static function packSSH2($format, ...$elements) - { - $format = self::formatPack($format); - if (strlen($format) != count($elements)) { - throw new \InvalidArgumentException('There must be as many arguments as there are characters in the $format string'); - } - $result = ''; - for ($i = 0; $i < strlen($format); $i++) { - $element = $elements[$i]; - switch ($format[$i]) { - case 'C': - if (!is_int($element)) { - throw new \InvalidArgumentException('Bytes must be represented as an integer between 0 and 255, inclusive.'); - } - $result .= pack('C', $element); - break; - case 'b': - if (!is_bool($element)) { - throw new \InvalidArgumentException('A boolean parameter was expected.'); - } - $result .= $element ? "\1" : "\0"; - break; - case 'Q': - if (!is_int($element) && !is_float($element)) { - throw new \InvalidArgumentException('An integer was expected.'); - } - // 4294967296 == 1 << 32 - $result .= pack('NN', $element / 4294967296, $element); - break; - case 'N': - if (is_float($element)) { - $element = (int) $element; - } - if (!is_int($element)) { - throw new \InvalidArgumentException('An integer was expected.'); - } - $result .= pack('N', $element); - break; - case 's': - if (!self::is_stringable($element)) { - throw new \InvalidArgumentException('A string was expected.'); - } - $result .= pack('Na*', strlen($element), $element); - break; - case 'i': - if (!$element instanceof BigInteger && !$element instanceof FiniteField\Integer) { - throw new \InvalidArgumentException('A phpseclib3\Math\BigInteger or phpseclib3\Math\Common\FiniteField\Integer object was expected.'); - } - $element = $element->toBytes(true); - $result .= pack('Na*', strlen($element), $element); - break; - case 'L': - if (!is_array($element)) { - throw new \InvalidArgumentException('An array was expected.'); - } - $element = implode(',', $element); - $result .= pack('Na*', strlen($element), $element); - break; - default: - throw new \InvalidArgumentException('$format contains an invalid character'); - } - } - return $result; - } - - /** - * Expand a pack string - * - * Converts C5 to CCCCC, for example. - * - * @param string $format - * @return string - */ - private static function formatPack($format) - { - $parts = preg_split('#(\d+)#', $format, -1, PREG_SPLIT_DELIM_CAPTURE); - $format = ''; - for ($i = 1; $i < count($parts); $i += 2) { - $format .= substr($parts[$i - 1], 0, -1) . str_repeat(substr($parts[$i - 1], -1), $parts[$i]); - } - $format .= $parts[$i - 1]; - - return $format; - } - - /** - * Convert binary data into bits - * - * bin2hex / hex2bin refer to base-256 encoded data as binary, whilst - * decbin / bindec refer to base-2 encoded data as binary. For the purposes - * of this function, bin refers to base-256 encoded data whilst bits refers - * to base-2 encoded data - * - * @param string $x - * @return string - */ - public static function bits2bin($x) - { - /* - // the pure-PHP approach is faster than the GMP approach - if (function_exists('gmp_export')) { - return strlen($x) ? gmp_export(gmp_init($x, 2)) : gmp_init(0); - } - */ - - if (preg_match('#[^01]#', $x)) { - throw new \RuntimeException('The only valid characters are 0 and 1'); - } - - if (!defined('PHP_INT_MIN')) { - define('PHP_INT_MIN', ~PHP_INT_MAX); - } - - $length = strlen($x); - if (!$length) { - return ''; - } - $block_size = PHP_INT_SIZE << 3; - $pad = $block_size - ($length % $block_size); - if ($pad != $block_size) { - $x = str_repeat('0', $pad) . $x; - } - - $parts = str_split($x, $block_size); - $str = ''; - foreach ($parts as $part) { - $xor = $part[0] == '1' ? PHP_INT_MIN : 0; - $part[0] = '0'; - $str .= pack( - PHP_INT_SIZE == 4 ? 'N' : 'J', - $xor ^ eval('return 0b' . $part . ';') - ); - } - return ltrim($str, "\0"); - } - - /** - * Convert bits to binary data - * - * @param string $x - * @return string - */ - public static function bin2bits($x, $trim = true) - { - /* - // the pure-PHP approach is slower than the GMP approach BUT - // i want to the pure-PHP version to be easily unit tested as well - if (function_exists('gmp_import')) { - return gmp_strval(gmp_import($x), 2); - } - */ - - $len = strlen($x); - $mod = $len % PHP_INT_SIZE; - if ($mod) { - $x = str_pad($x, $len + PHP_INT_SIZE - $mod, "\0", STR_PAD_LEFT); - } - - $bits = ''; - if (PHP_INT_SIZE == 4) { - $digits = unpack('N*', $x); - foreach ($digits as $digit) { - $bits .= sprintf('%032b', $digit); - } - } else { - $digits = unpack('J*', $x); - foreach ($digits as $digit) { - $bits .= sprintf('%064b', $digit); - } - } - - return $trim ? ltrim($bits, '0') : $bits; - } - - /** - * Switch Endianness Bit Order - * - * @param string $x - * @return string - */ - public static function switchEndianness($x) - { - $r = ''; - for ($i = strlen($x) - 1; $i >= 0; $i--) { - $b = ord($x[$i]); - if (PHP_INT_SIZE === 8) { - // 3 operations - // from http://graphics.stanford.edu/~seander/bithacks.html#ReverseByteWith64BitsDiv - $r .= chr((($b * 0x0202020202) & 0x010884422010) % 1023); - } else { - // 7 operations - // from http://graphics.stanford.edu/~seander/bithacks.html#ReverseByteWith32Bits - $p1 = ($b * 0x0802) & 0x22110; - $p2 = ($b * 0x8020) & 0x88440; - $r .= chr( - (($p1 | $p2) * 0x10101) >> 16 - ); - } - } - return $r; - } - - /** - * Increment the current string - * - * @param string $var - * @return string - */ - public static function increment_str(&$var) - { - if (function_exists('sodium_increment')) { - $var = strrev($var); - sodium_increment($var); - $var = strrev($var); - return $var; - } - - for ($i = 4; $i <= strlen($var); $i += 4) { - $temp = substr($var, -$i, 4); - switch ($temp) { - case "\xFF\xFF\xFF\xFF": - $var = substr_replace($var, "\x00\x00\x00\x00", -$i, 4); - break; - case "\x7F\xFF\xFF\xFF": - $var = substr_replace($var, "\x80\x00\x00\x00", -$i, 4); - return $var; - default: - $temp = unpack('Nnum', $temp); - $var = substr_replace($var, pack('N', $temp['num'] + 1), -$i, 4); - return $var; - } - } - - $remainder = strlen($var) % 4; - - if ($remainder == 0) { - return $var; - } - - $temp = unpack('Nnum', str_pad(substr($var, 0, $remainder), 4, "\0", STR_PAD_LEFT)); - $temp = substr(pack('N', $temp['num'] + 1), -$remainder); - $var = substr_replace($var, $temp, 0, $remainder); - - return $var; - } - - /** - * Find whether the type of a variable is string (or could be converted to one) - * - * @param mixed $var - * @return bool - * @psalm-assert-if-true string|\Stringable $var - */ - public static function is_stringable($var) - { - return is_string($var) || (is_object($var) && method_exists($var, '__toString')); - } - - /** - * Constant Time Base64-decoding - * - * ParagoneIE\ConstantTime doesn't use libsodium if it's available so we'll do so - * ourselves. see https://github.com/paragonie/constant_time_encoding/issues/39 - * - * @param string $data - * @return string - */ - public static function base64_decode($data) - { - return function_exists('sodium_base642bin') ? - sodium_base642bin($data, SODIUM_BASE64_VARIANT_ORIGINAL_NO_PADDING, '=') : - Base64::decode($data); - } - - /** - * Constant Time Base64-decoding (URL safe) - * - * @param string $data - * @return string - */ - public static function base64url_decode($data) - { - // return self::base64_decode(str_replace(['-', '_'], ['+', '/'], $data)); - - return function_exists('sodium_base642bin') ? - sodium_base642bin($data, SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING, '=') : - Base64UrlSafe::decode($data); - } - - /** - * Constant Time Base64-encoding - * - * @param string $data - * @return string - */ - public static function base64_encode($data) - { - return function_exists('sodium_bin2base64') ? - sodium_bin2base64($data, SODIUM_BASE64_VARIANT_ORIGINAL) : - Base64::encode($data); - } - - /** - * Constant Time Base64-encoding (URL safe) - * - * @param string $data - * @return string - */ - public static function base64url_encode($data) - { - // return str_replace(['+', '/'], ['-', '_'], self::base64_encode($data)); - - return function_exists('sodium_bin2base64') ? - sodium_bin2base64($data, SODIUM_BASE64_VARIANT_URLSAFE) : - Base64UrlSafe::encode($data); - } - - /** - * Constant Time Hex Decoder - * - * @param string $data - * @return string - */ - public static function hex2bin($data) - { - return function_exists('sodium_hex2bin') ? - sodium_hex2bin($data) : - Hex::decode($data); - } - - /** - * Constant Time Hex Encoder - * - * @param string $data - * @return string - */ - public static function bin2hex($data) - { - return function_exists('sodium_bin2hex') ? - sodium_bin2hex($data) : - Hex::encode($data); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/AES.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/AES.php deleted file mode 100644 index 4038716..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/AES.php +++ /dev/null @@ -1,116 +0,0 @@ - - * setKey('abcdefghijklmnop'); - * - * $size = 10 * 1024; - * $plaintext = ''; - * for ($i = 0; $i < $size; $i++) { - * $plaintext.= 'a'; - * } - * - * echo $aes->decrypt($aes->encrypt($plaintext)); - * ?> - * - * - * @author Jim Wigginton - * @copyright 2008 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt; - -/** - * Pure-PHP implementation of AES. - * - * @author Jim Wigginton - */ -class AES extends Rijndael -{ - /** - * Dummy function - * - * Since \phpseclib3\Crypt\AES extends \phpseclib3\Crypt\Rijndael, this function is, technically, available, but it doesn't do anything. - * - * @see \phpseclib3\Crypt\Rijndael::setBlockLength() - * @param int $length - * @throws \BadMethodCallException anytime it's called - */ - public function setBlockLength($length) - { - throw new \BadMethodCallException('The block length cannot be set for AES.'); - } - - /** - * Sets the key length - * - * Valid key lengths are 128, 192, and 256. Set the link to bool(false) to disable a fixed key length - * - * @see \phpseclib3\Crypt\Rijndael:setKeyLength() - * @param int $length - * @throws \LengthException if the key length isn't supported - */ - public function setKeyLength($length) - { - switch ($length) { - case 128: - case 192: - case 256: - break; - default: - throw new \LengthException('Key of size ' . $length . ' not supported by this algorithm. Only keys of sizes 128, 192 or 256 supported'); - } - parent::setKeyLength($length); - } - - /** - * Sets the key. - * - * Rijndael supports five different key lengths, AES only supports three. - * - * @see \phpseclib3\Crypt\Rijndael:setKey() - * @see setKeyLength() - * @param string $key - * @throws \LengthException if the key length isn't supported - */ - public function setKey($key) - { - switch (strlen($key)) { - case 16: - case 24: - case 32: - break; - default: - throw new \LengthException('Key of size ' . strlen($key) . ' not supported by this algorithm. Only keys of sizes 16, 24 or 32 supported'); - } - - parent::setKey($key); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Blowfish.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Blowfish.php deleted file mode 100644 index 1225070..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Blowfish.php +++ /dev/null @@ -1,918 +0,0 @@ - unpack('N*', $x), $blocks); it jumps up by an additional - * ~90MB, yielding a 106x increase in memory usage. Consequently, it bcrypt calls a different - * _encryptBlock() then the regular Blowfish does. That said, the Blowfish _encryptBlock() is - * basically just a thin wrapper around the bcrypt _encryptBlock(), so there's that. - * - * This explains 3 of the 4 _encryptBlock() implementations. the last _encryptBlock() - * implementation can best be understood by doing Ctrl + F and searching for where - * self::$use_reg_intval is defined. - * - * # phpseclib's three different _setupKey() implementations - * - * Every bcrypt round is the equivalent of encrypting 512KB of data. Since OpenSSH uses 16 - * rounds by default that's ~8MB of data that's essentially being encrypted whenever - * you use bcrypt. That's a lot of data, however, bcrypt operates within tighter constraints - * than regular Blowfish, so we can use that to our advantage. In particular, whereas Blowfish - * supports variable length keys, in bcrypt, the initial "key" is the sha512 hash of the - * password. sha512 hashes are 512 bits or 64 bytes long and thus the bcrypt keys are of a - * fixed length whereas Blowfish keys are not of a fixed length. - * - * bcrypt actually has two different key expansion steps. The first one (expandstate) is - * constantly XOR'ing every _encryptBlock() parameter against the salt prior _encryptBlock()'s - * being called. The second one (expand0state) is more similar to Blowfish's _setupKey() - * but it can still use the fixed length key optimization discussed above and can do away with - * the pack() / unpack() calls. - * - * I suppose _setupKey() could be made to be a thin wrapper around expandstate() but idk it's - * just a lot of work for very marginal benefits as _setupKey() is only called once for - * regular Blowfish vs the 128 times it's called --per round-- with bcrypt. - * - * # blowfish + bcrypt in the same class - * - * Altho there's a lot of Blowfish code that bcrypt doesn't re-use, bcrypt does re-use the - * initial S-boxes, the initial P-array and the int-only _encryptBlock() implementation. - * - * # Credit - * - * phpseclib's bcrypt implementation is based losely off of OpenSSH's implementation: - * - * https://github.com/openssh/openssh-portable/blob/master/openbsd-compat/bcrypt_pbkdf.c - * - * Here's a short example of how to use this library: - * - * setKey('12345678901234567890123456789012'); - * - * $plaintext = str_repeat('a', 1024); - * - * echo $blowfish->decrypt($blowfish->encrypt($plaintext)); - * ?> - * - * - * @author Jim Wigginton - * @author Hans-Juergen Petrich - * @copyright 2007 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt; - -use phpseclib3\Crypt\Common\BlockCipher; - -/** - * Pure-PHP implementation of Blowfish. - * - * @author Jim Wigginton - * @author Hans-Juergen Petrich - */ -class Blowfish extends BlockCipher -{ - /** - * Block Length of the cipher - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::block_size - * @var int - */ - protected $block_size = 8; - - /** - * The mcrypt specific name of the cipher - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::cipher_name_mcrypt - * @var string - */ - protected $cipher_name_mcrypt = 'blowfish'; - - /** - * Optimizing value while CFB-encrypting - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::cfb_init_len - * @var int - */ - protected $cfb_init_len = 500; - - /** - * The fixed subkeys boxes ($sbox0 - $sbox3) with 256 entries each - * - * S-Box 0 - * - * @var array - */ - private static $sbox0 = [ - 0xd1310ba6, 0x98dfb5ac, 0x2ffd72db, 0xd01adfb7, 0xb8e1afed, 0x6a267e96, 0xba7c9045, 0xf12c7f99, - 0x24a19947, 0xb3916cf7, 0x0801f2e2, 0x858efc16, 0x636920d8, 0x71574e69, 0xa458fea3, 0xf4933d7e, - 0x0d95748f, 0x728eb658, 0x718bcd58, 0x82154aee, 0x7b54a41d, 0xc25a59b5, 0x9c30d539, 0x2af26013, - 0xc5d1b023, 0x286085f0, 0xca417918, 0xb8db38ef, 0x8e79dcb0, 0x603a180e, 0x6c9e0e8b, 0xb01e8a3e, - 0xd71577c1, 0xbd314b27, 0x78af2fda, 0x55605c60, 0xe65525f3, 0xaa55ab94, 0x57489862, 0x63e81440, - 0x55ca396a, 0x2aab10b6, 0xb4cc5c34, 0x1141e8ce, 0xa15486af, 0x7c72e993, 0xb3ee1411, 0x636fbc2a, - 0x2ba9c55d, 0x741831f6, 0xce5c3e16, 0x9b87931e, 0xafd6ba33, 0x6c24cf5c, 0x7a325381, 0x28958677, - 0x3b8f4898, 0x6b4bb9af, 0xc4bfe81b, 0x66282193, 0x61d809cc, 0xfb21a991, 0x487cac60, 0x5dec8032, - 0xef845d5d, 0xe98575b1, 0xdc262302, 0xeb651b88, 0x23893e81, 0xd396acc5, 0x0f6d6ff3, 0x83f44239, - 0x2e0b4482, 0xa4842004, 0x69c8f04a, 0x9e1f9b5e, 0x21c66842, 0xf6e96c9a, 0x670c9c61, 0xabd388f0, - 0x6a51a0d2, 0xd8542f68, 0x960fa728, 0xab5133a3, 0x6eef0b6c, 0x137a3be4, 0xba3bf050, 0x7efb2a98, - 0xa1f1651d, 0x39af0176, 0x66ca593e, 0x82430e88, 0x8cee8619, 0x456f9fb4, 0x7d84a5c3, 0x3b8b5ebe, - 0xe06f75d8, 0x85c12073, 0x401a449f, 0x56c16aa6, 0x4ed3aa62, 0x363f7706, 0x1bfedf72, 0x429b023d, - 0x37d0d724, 0xd00a1248, 0xdb0fead3, 0x49f1c09b, 0x075372c9, 0x80991b7b, 0x25d479d8, 0xf6e8def7, - 0xe3fe501a, 0xb6794c3b, 0x976ce0bd, 0x04c006ba, 0xc1a94fb6, 0x409f60c4, 0x5e5c9ec2, 0x196a2463, - 0x68fb6faf, 0x3e6c53b5, 0x1339b2eb, 0x3b52ec6f, 0x6dfc511f, 0x9b30952c, 0xcc814544, 0xaf5ebd09, - 0xbee3d004, 0xde334afd, 0x660f2807, 0x192e4bb3, 0xc0cba857, 0x45c8740f, 0xd20b5f39, 0xb9d3fbdb, - 0x5579c0bd, 0x1a60320a, 0xd6a100c6, 0x402c7279, 0x679f25fe, 0xfb1fa3cc, 0x8ea5e9f8, 0xdb3222f8, - 0x3c7516df, 0xfd616b15, 0x2f501ec8, 0xad0552ab, 0x323db5fa, 0xfd238760, 0x53317b48, 0x3e00df82, - 0x9e5c57bb, 0xca6f8ca0, 0x1a87562e, 0xdf1769db, 0xd542a8f6, 0x287effc3, 0xac6732c6, 0x8c4f5573, - 0x695b27b0, 0xbbca58c8, 0xe1ffa35d, 0xb8f011a0, 0x10fa3d98, 0xfd2183b8, 0x4afcb56c, 0x2dd1d35b, - 0x9a53e479, 0xb6f84565, 0xd28e49bc, 0x4bfb9790, 0xe1ddf2da, 0xa4cb7e33, 0x62fb1341, 0xcee4c6e8, - 0xef20cada, 0x36774c01, 0xd07e9efe, 0x2bf11fb4, 0x95dbda4d, 0xae909198, 0xeaad8e71, 0x6b93d5a0, - 0xd08ed1d0, 0xafc725e0, 0x8e3c5b2f, 0x8e7594b7, 0x8ff6e2fb, 0xf2122b64, 0x8888b812, 0x900df01c, - 0x4fad5ea0, 0x688fc31c, 0xd1cff191, 0xb3a8c1ad, 0x2f2f2218, 0xbe0e1777, 0xea752dfe, 0x8b021fa1, - 0xe5a0cc0f, 0xb56f74e8, 0x18acf3d6, 0xce89e299, 0xb4a84fe0, 0xfd13e0b7, 0x7cc43b81, 0xd2ada8d9, - 0x165fa266, 0x80957705, 0x93cc7314, 0x211a1477, 0xe6ad2065, 0x77b5fa86, 0xc75442f5, 0xfb9d35cf, - 0xebcdaf0c, 0x7b3e89a0, 0xd6411bd3, 0xae1e7e49, 0x00250e2d, 0x2071b35e, 0x226800bb, 0x57b8e0af, - 0x2464369b, 0xf009b91e, 0x5563911d, 0x59dfa6aa, 0x78c14389, 0xd95a537f, 0x207d5ba2, 0x02e5b9c5, - 0x83260376, 0x6295cfa9, 0x11c81968, 0x4e734a41, 0xb3472dca, 0x7b14a94a, 0x1b510052, 0x9a532915, - 0xd60f573f, 0xbc9bc6e4, 0x2b60a476, 0x81e67400, 0x08ba6fb5, 0x571be91f, 0xf296ec6b, 0x2a0dd915, - 0xb6636521, 0xe7b9f9b6, 0xff34052e, 0xc5855664, 0x53b02d5d, 0xa99f8fa1, 0x08ba4799, 0x6e85076a - ]; - - /** - * S-Box 1 - * - * @var array - */ - private static $sbox1 = [ - 0x4b7a70e9, 0xb5b32944, 0xdb75092e, 0xc4192623, 0xad6ea6b0, 0x49a7df7d, 0x9cee60b8, 0x8fedb266, - 0xecaa8c71, 0x699a17ff, 0x5664526c, 0xc2b19ee1, 0x193602a5, 0x75094c29, 0xa0591340, 0xe4183a3e, - 0x3f54989a, 0x5b429d65, 0x6b8fe4d6, 0x99f73fd6, 0xa1d29c07, 0xefe830f5, 0x4d2d38e6, 0xf0255dc1, - 0x4cdd2086, 0x8470eb26, 0x6382e9c6, 0x021ecc5e, 0x09686b3f, 0x3ebaefc9, 0x3c971814, 0x6b6a70a1, - 0x687f3584, 0x52a0e286, 0xb79c5305, 0xaa500737, 0x3e07841c, 0x7fdeae5c, 0x8e7d44ec, 0x5716f2b8, - 0xb03ada37, 0xf0500c0d, 0xf01c1f04, 0x0200b3ff, 0xae0cf51a, 0x3cb574b2, 0x25837a58, 0xdc0921bd, - 0xd19113f9, 0x7ca92ff6, 0x94324773, 0x22f54701, 0x3ae5e581, 0x37c2dadc, 0xc8b57634, 0x9af3dda7, - 0xa9446146, 0x0fd0030e, 0xecc8c73e, 0xa4751e41, 0xe238cd99, 0x3bea0e2f, 0x3280bba1, 0x183eb331, - 0x4e548b38, 0x4f6db908, 0x6f420d03, 0xf60a04bf, 0x2cb81290, 0x24977c79, 0x5679b072, 0xbcaf89af, - 0xde9a771f, 0xd9930810, 0xb38bae12, 0xdccf3f2e, 0x5512721f, 0x2e6b7124, 0x501adde6, 0x9f84cd87, - 0x7a584718, 0x7408da17, 0xbc9f9abc, 0xe94b7d8c, 0xec7aec3a, 0xdb851dfa, 0x63094366, 0xc464c3d2, - 0xef1c1847, 0x3215d908, 0xdd433b37, 0x24c2ba16, 0x12a14d43, 0x2a65c451, 0x50940002, 0x133ae4dd, - 0x71dff89e, 0x10314e55, 0x81ac77d6, 0x5f11199b, 0x043556f1, 0xd7a3c76b, 0x3c11183b, 0x5924a509, - 0xf28fe6ed, 0x97f1fbfa, 0x9ebabf2c, 0x1e153c6e, 0x86e34570, 0xeae96fb1, 0x860e5e0a, 0x5a3e2ab3, - 0x771fe71c, 0x4e3d06fa, 0x2965dcb9, 0x99e71d0f, 0x803e89d6, 0x5266c825, 0x2e4cc978, 0x9c10b36a, - 0xc6150eba, 0x94e2ea78, 0xa5fc3c53, 0x1e0a2df4, 0xf2f74ea7, 0x361d2b3d, 0x1939260f, 0x19c27960, - 0x5223a708, 0xf71312b6, 0xebadfe6e, 0xeac31f66, 0xe3bc4595, 0xa67bc883, 0xb17f37d1, 0x018cff28, - 0xc332ddef, 0xbe6c5aa5, 0x65582185, 0x68ab9802, 0xeecea50f, 0xdb2f953b, 0x2aef7dad, 0x5b6e2f84, - 0x1521b628, 0x29076170, 0xecdd4775, 0x619f1510, 0x13cca830, 0xeb61bd96, 0x0334fe1e, 0xaa0363cf, - 0xb5735c90, 0x4c70a239, 0xd59e9e0b, 0xcbaade14, 0xeecc86bc, 0x60622ca7, 0x9cab5cab, 0xb2f3846e, - 0x648b1eaf, 0x19bdf0ca, 0xa02369b9, 0x655abb50, 0x40685a32, 0x3c2ab4b3, 0x319ee9d5, 0xc021b8f7, - 0x9b540b19, 0x875fa099, 0x95f7997e, 0x623d7da8, 0xf837889a, 0x97e32d77, 0x11ed935f, 0x16681281, - 0x0e358829, 0xc7e61fd6, 0x96dedfa1, 0x7858ba99, 0x57f584a5, 0x1b227263, 0x9b83c3ff, 0x1ac24696, - 0xcdb30aeb, 0x532e3054, 0x8fd948e4, 0x6dbc3128, 0x58ebf2ef, 0x34c6ffea, 0xfe28ed61, 0xee7c3c73, - 0x5d4a14d9, 0xe864b7e3, 0x42105d14, 0x203e13e0, 0x45eee2b6, 0xa3aaabea, 0xdb6c4f15, 0xfacb4fd0, - 0xc742f442, 0xef6abbb5, 0x654f3b1d, 0x41cd2105, 0xd81e799e, 0x86854dc7, 0xe44b476a, 0x3d816250, - 0xcf62a1f2, 0x5b8d2646, 0xfc8883a0, 0xc1c7b6a3, 0x7f1524c3, 0x69cb7492, 0x47848a0b, 0x5692b285, - 0x095bbf00, 0xad19489d, 0x1462b174, 0x23820e00, 0x58428d2a, 0x0c55f5ea, 0x1dadf43e, 0x233f7061, - 0x3372f092, 0x8d937e41, 0xd65fecf1, 0x6c223bdb, 0x7cde3759, 0xcbee7460, 0x4085f2a7, 0xce77326e, - 0xa6078084, 0x19f8509e, 0xe8efd855, 0x61d99735, 0xa969a7aa, 0xc50c06c2, 0x5a04abfc, 0x800bcadc, - 0x9e447a2e, 0xc3453484, 0xfdd56705, 0x0e1e9ec9, 0xdb73dbd3, 0x105588cd, 0x675fda79, 0xe3674340, - 0xc5c43465, 0x713e38d8, 0x3d28f89e, 0xf16dff20, 0x153e21e7, 0x8fb03d4a, 0xe6e39f2b, 0xdb83adf7 - ]; - - /** - * S-Box 2 - * - * @var array - */ - private static $sbox2 = [ - 0xe93d5a68, 0x948140f7, 0xf64c261c, 0x94692934, 0x411520f7, 0x7602d4f7, 0xbcf46b2e, 0xd4a20068, - 0xd4082471, 0x3320f46a, 0x43b7d4b7, 0x500061af, 0x1e39f62e, 0x97244546, 0x14214f74, 0xbf8b8840, - 0x4d95fc1d, 0x96b591af, 0x70f4ddd3, 0x66a02f45, 0xbfbc09ec, 0x03bd9785, 0x7fac6dd0, 0x31cb8504, - 0x96eb27b3, 0x55fd3941, 0xda2547e6, 0xabca0a9a, 0x28507825, 0x530429f4, 0x0a2c86da, 0xe9b66dfb, - 0x68dc1462, 0xd7486900, 0x680ec0a4, 0x27a18dee, 0x4f3ffea2, 0xe887ad8c, 0xb58ce006, 0x7af4d6b6, - 0xaace1e7c, 0xd3375fec, 0xce78a399, 0x406b2a42, 0x20fe9e35, 0xd9f385b9, 0xee39d7ab, 0x3b124e8b, - 0x1dc9faf7, 0x4b6d1856, 0x26a36631, 0xeae397b2, 0x3a6efa74, 0xdd5b4332, 0x6841e7f7, 0xca7820fb, - 0xfb0af54e, 0xd8feb397, 0x454056ac, 0xba489527, 0x55533a3a, 0x20838d87, 0xfe6ba9b7, 0xd096954b, - 0x55a867bc, 0xa1159a58, 0xcca92963, 0x99e1db33, 0xa62a4a56, 0x3f3125f9, 0x5ef47e1c, 0x9029317c, - 0xfdf8e802, 0x04272f70, 0x80bb155c, 0x05282ce3, 0x95c11548, 0xe4c66d22, 0x48c1133f, 0xc70f86dc, - 0x07f9c9ee, 0x41041f0f, 0x404779a4, 0x5d886e17, 0x325f51eb, 0xd59bc0d1, 0xf2bcc18f, 0x41113564, - 0x257b7834, 0x602a9c60, 0xdff8e8a3, 0x1f636c1b, 0x0e12b4c2, 0x02e1329e, 0xaf664fd1, 0xcad18115, - 0x6b2395e0, 0x333e92e1, 0x3b240b62, 0xeebeb922, 0x85b2a20e, 0xe6ba0d99, 0xde720c8c, 0x2da2f728, - 0xd0127845, 0x95b794fd, 0x647d0862, 0xe7ccf5f0, 0x5449a36f, 0x877d48fa, 0xc39dfd27, 0xf33e8d1e, - 0x0a476341, 0x992eff74, 0x3a6f6eab, 0xf4f8fd37, 0xa812dc60, 0xa1ebddf8, 0x991be14c, 0xdb6e6b0d, - 0xc67b5510, 0x6d672c37, 0x2765d43b, 0xdcd0e804, 0xf1290dc7, 0xcc00ffa3, 0xb5390f92, 0x690fed0b, - 0x667b9ffb, 0xcedb7d9c, 0xa091cf0b, 0xd9155ea3, 0xbb132f88, 0x515bad24, 0x7b9479bf, 0x763bd6eb, - 0x37392eb3, 0xcc115979, 0x8026e297, 0xf42e312d, 0x6842ada7, 0xc66a2b3b, 0x12754ccc, 0x782ef11c, - 0x6a124237, 0xb79251e7, 0x06a1bbe6, 0x4bfb6350, 0x1a6b1018, 0x11caedfa, 0x3d25bdd8, 0xe2e1c3c9, - 0x44421659, 0x0a121386, 0xd90cec6e, 0xd5abea2a, 0x64af674e, 0xda86a85f, 0xbebfe988, 0x64e4c3fe, - 0x9dbc8057, 0xf0f7c086, 0x60787bf8, 0x6003604d, 0xd1fd8346, 0xf6381fb0, 0x7745ae04, 0xd736fccc, - 0x83426b33, 0xf01eab71, 0xb0804187, 0x3c005e5f, 0x77a057be, 0xbde8ae24, 0x55464299, 0xbf582e61, - 0x4e58f48f, 0xf2ddfda2, 0xf474ef38, 0x8789bdc2, 0x5366f9c3, 0xc8b38e74, 0xb475f255, 0x46fcd9b9, - 0x7aeb2661, 0x8b1ddf84, 0x846a0e79, 0x915f95e2, 0x466e598e, 0x20b45770, 0x8cd55591, 0xc902de4c, - 0xb90bace1, 0xbb8205d0, 0x11a86248, 0x7574a99e, 0xb77f19b6, 0xe0a9dc09, 0x662d09a1, 0xc4324633, - 0xe85a1f02, 0x09f0be8c, 0x4a99a025, 0x1d6efe10, 0x1ab93d1d, 0x0ba5a4df, 0xa186f20f, 0x2868f169, - 0xdcb7da83, 0x573906fe, 0xa1e2ce9b, 0x4fcd7f52, 0x50115e01, 0xa70683fa, 0xa002b5c4, 0x0de6d027, - 0x9af88c27, 0x773f8641, 0xc3604c06, 0x61a806b5, 0xf0177a28, 0xc0f586e0, 0x006058aa, 0x30dc7d62, - 0x11e69ed7, 0x2338ea63, 0x53c2dd94, 0xc2c21634, 0xbbcbee56, 0x90bcb6de, 0xebfc7da1, 0xce591d76, - 0x6f05e409, 0x4b7c0188, 0x39720a3d, 0x7c927c24, 0x86e3725f, 0x724d9db9, 0x1ac15bb4, 0xd39eb8fc, - 0xed545578, 0x08fca5b5, 0xd83d7cd3, 0x4dad0fc4, 0x1e50ef5e, 0xb161e6f8, 0xa28514d9, 0x6c51133c, - 0x6fd5c7e7, 0x56e14ec4, 0x362abfce, 0xddc6c837, 0xd79a3234, 0x92638212, 0x670efa8e, 0x406000e0 - ]; - - /** - * S-Box 3 - * - * @var array - */ - private static $sbox3 = [ - 0x3a39ce37, 0xd3faf5cf, 0xabc27737, 0x5ac52d1b, 0x5cb0679e, 0x4fa33742, 0xd3822740, 0x99bc9bbe, - 0xd5118e9d, 0xbf0f7315, 0xd62d1c7e, 0xc700c47b, 0xb78c1b6b, 0x21a19045, 0xb26eb1be, 0x6a366eb4, - 0x5748ab2f, 0xbc946e79, 0xc6a376d2, 0x6549c2c8, 0x530ff8ee, 0x468dde7d, 0xd5730a1d, 0x4cd04dc6, - 0x2939bbdb, 0xa9ba4650, 0xac9526e8, 0xbe5ee304, 0xa1fad5f0, 0x6a2d519a, 0x63ef8ce2, 0x9a86ee22, - 0xc089c2b8, 0x43242ef6, 0xa51e03aa, 0x9cf2d0a4, 0x83c061ba, 0x9be96a4d, 0x8fe51550, 0xba645bd6, - 0x2826a2f9, 0xa73a3ae1, 0x4ba99586, 0xef5562e9, 0xc72fefd3, 0xf752f7da, 0x3f046f69, 0x77fa0a59, - 0x80e4a915, 0x87b08601, 0x9b09e6ad, 0x3b3ee593, 0xe990fd5a, 0x9e34d797, 0x2cf0b7d9, 0x022b8b51, - 0x96d5ac3a, 0x017da67d, 0xd1cf3ed6, 0x7c7d2d28, 0x1f9f25cf, 0xadf2b89b, 0x5ad6b472, 0x5a88f54c, - 0xe029ac71, 0xe019a5e6, 0x47b0acfd, 0xed93fa9b, 0xe8d3c48d, 0x283b57cc, 0xf8d56629, 0x79132e28, - 0x785f0191, 0xed756055, 0xf7960e44, 0xe3d35e8c, 0x15056dd4, 0x88f46dba, 0x03a16125, 0x0564f0bd, - 0xc3eb9e15, 0x3c9057a2, 0x97271aec, 0xa93a072a, 0x1b3f6d9b, 0x1e6321f5, 0xf59c66fb, 0x26dcf319, - 0x7533d928, 0xb155fdf5, 0x03563482, 0x8aba3cbb, 0x28517711, 0xc20ad9f8, 0xabcc5167, 0xccad925f, - 0x4de81751, 0x3830dc8e, 0x379d5862, 0x9320f991, 0xea7a90c2, 0xfb3e7bce, 0x5121ce64, 0x774fbe32, - 0xa8b6e37e, 0xc3293d46, 0x48de5369, 0x6413e680, 0xa2ae0810, 0xdd6db224, 0x69852dfd, 0x09072166, - 0xb39a460a, 0x6445c0dd, 0x586cdecf, 0x1c20c8ae, 0x5bbef7dd, 0x1b588d40, 0xccd2017f, 0x6bb4e3bb, - 0xdda26a7e, 0x3a59ff45, 0x3e350a44, 0xbcb4cdd5, 0x72eacea8, 0xfa6484bb, 0x8d6612ae, 0xbf3c6f47, - 0xd29be463, 0x542f5d9e, 0xaec2771b, 0xf64e6370, 0x740e0d8d, 0xe75b1357, 0xf8721671, 0xaf537d5d, - 0x4040cb08, 0x4eb4e2cc, 0x34d2466a, 0x0115af84, 0xe1b00428, 0x95983a1d, 0x06b89fb4, 0xce6ea048, - 0x6f3f3b82, 0x3520ab82, 0x011a1d4b, 0x277227f8, 0x611560b1, 0xe7933fdc, 0xbb3a792b, 0x344525bd, - 0xa08839e1, 0x51ce794b, 0x2f32c9b7, 0xa01fbac9, 0xe01cc87e, 0xbcc7d1f6, 0xcf0111c3, 0xa1e8aac7, - 0x1a908749, 0xd44fbd9a, 0xd0dadecb, 0xd50ada38, 0x0339c32a, 0xc6913667, 0x8df9317c, 0xe0b12b4f, - 0xf79e59b7, 0x43f5bb3a, 0xf2d519ff, 0x27d9459c, 0xbf97222c, 0x15e6fc2a, 0x0f91fc71, 0x9b941525, - 0xfae59361, 0xceb69ceb, 0xc2a86459, 0x12baa8d1, 0xb6c1075e, 0xe3056a0c, 0x10d25065, 0xcb03a442, - 0xe0ec6e0e, 0x1698db3b, 0x4c98a0be, 0x3278e964, 0x9f1f9532, 0xe0d392df, 0xd3a0342b, 0x8971f21e, - 0x1b0a7441, 0x4ba3348c, 0xc5be7120, 0xc37632d8, 0xdf359f8d, 0x9b992f2e, 0xe60b6f47, 0x0fe3f11d, - 0xe54cda54, 0x1edad891, 0xce6279cf, 0xcd3e7e6f, 0x1618b166, 0xfd2c1d05, 0x848fd2c5, 0xf6fb2299, - 0xf523f357, 0xa6327623, 0x93a83531, 0x56cccd02, 0xacf08162, 0x5a75ebb5, 0x6e163697, 0x88d273cc, - 0xde966292, 0x81b949d0, 0x4c50901b, 0x71c65614, 0xe6c6c7bd, 0x327a140a, 0x45e1d006, 0xc3f27b9a, - 0xc9aa53fd, 0x62a80f00, 0xbb25bfe2, 0x35bdd2f6, 0x71126905, 0xb2040222, 0xb6cbcf7c, 0xcd769c2b, - 0x53113ec0, 0x1640e3d3, 0x38abbd60, 0x2547adf0, 0xba38209c, 0xf746ce76, 0x77afa1c5, 0x20756060, - 0x85cbfe4e, 0x8ae88dd8, 0x7aaaf9b0, 0x4cf9aa7e, 0x1948c25c, 0x02fb8a8c, 0x01c36ae4, 0xd6ebe1f9, - 0x90d4f869, 0xa65cdea0, 0x3f09252d, 0xc208e69f, 0xb74e6132, 0xce77e25b, 0x578fdfe3, 0x3ac372e6 - ]; - - /** - * P-Array consists of 18 32-bit subkeys - * - * @var array - */ - private static $parray = [ - 0x243f6a88, 0x85a308d3, 0x13198a2e, 0x03707344, 0xa4093822, 0x299f31d0, - 0x082efa98, 0xec4e6c89, 0x452821e6, 0x38d01377, 0xbe5466cf, 0x34e90c6c, - 0xc0ac29b7, 0xc97c50dd, 0x3f84d5b5, 0xb5470917, 0x9216d5d9, 0x8979fb1b - ]; - - /** - * The BCTX-working Array - * - * Holds the expanded key [p] and the key-depended s-boxes [sb] - * - * @var array - */ - private $bctx; - - /** - * Holds the last used key - * - * @var array - */ - private $kl; - - /** - * The Key Length (in bytes) - * {@internal The max value is 256 / 8 = 32, the min value is 128 / 8 = 16. Exists in conjunction with $Nk - * because the encryption / decryption / key schedule creation requires this number and not $key_length. We could - * derive this from $key_length or vice versa, but that'd mean we'd have to do multiple shift operations, so in lieu - * of that, we'll just precompute it once.} - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::setKeyLength() - * @var int - */ - protected $key_length = 16; - - /** - * Default Constructor. - * - * @param string $mode - * @throws \InvalidArgumentException if an invalid / unsupported mode is provided - */ - public function __construct($mode) - { - parent::__construct($mode); - - if ($this->mode == self::MODE_STREAM) { - throw new \InvalidArgumentException('Block ciphers cannot be ran in stream mode'); - } - } - - /** - * Sets the key length. - * - * Key lengths can be between 32 and 448 bits. - * - * @param int $length - */ - public function setKeyLength($length) - { - if ($length < 32 || $length > 448) { - throw new \LengthException('Key size of ' . $length . ' bits is not supported by this algorithm. Only keys of sizes between 32 and 448 bits are supported'); - } - - $this->key_length = $length >> 3; - - parent::setKeyLength($length); - } - - /** - * Test for engine validity - * - * This is mainly just a wrapper to set things up for \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine() - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine() - * @param int $engine - * @return bool - */ - protected function isValidEngineHelper($engine) - { - if ($engine == self::ENGINE_OPENSSL) { - if ($this->key_length < 16) { - return false; - } - // quoting https://www.openssl.org/news/openssl-3.0-notes.html, OpenSSL 3.0.1 - // "Moved all variations of the EVP ciphers CAST5, BF, IDEA, SEED, RC2, RC4, RC5, and DES to the legacy provider" - // in theory openssl_get_cipher_methods() should catch this but, on GitHub Actions, at least, it does not - if (defined('OPENSSL_VERSION_TEXT') && version_compare(preg_replace('#OpenSSL (\d+\.\d+\.\d+) .*#', '$1', OPENSSL_VERSION_TEXT), '3.0.1', '>=')) { - return false; - } - $this->cipher_name_openssl_ecb = 'bf-ecb'; - $this->cipher_name_openssl = 'bf-' . $this->openssl_translate_mode(); - } - - return parent::isValidEngineHelper($engine); - } - - /** - * Setup the key (expansion) - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::_setupKey() - */ - protected function setupKey() - { - if (isset($this->kl['key']) && $this->key === $this->kl['key']) { - // already expanded - return; - } - $this->kl = ['key' => $this->key]; - - /* key-expanding p[] and S-Box building sb[] */ - $this->bctx = [ - 'p' => [], - 'sb' => [ - self::$sbox0, - self::$sbox1, - self::$sbox2, - self::$sbox3 - ] - ]; - - // unpack binary string in unsigned chars - $key = array_values(unpack('C*', $this->key)); - $keyl = count($key); - // with bcrypt $keyl will always be 16 (because the key is the sha512 of the key you provide) - for ($j = 0, $i = 0; $i < 18; ++$i) { - // xor P1 with the first 32-bits of the key, xor P2 with the second 32-bits ... - for ($data = 0, $k = 0; $k < 4; ++$k) { - $data = ($data << 8) | $key[$j]; - if (++$j >= $keyl) { - $j = 0; - } - } - $this->bctx['p'][] = self::$parray[$i] ^ intval($data); - } - - // encrypt the zero-string, replace P1 and P2 with the encrypted data, - // encrypt P3 and P4 with the new P1 and P2, do it with all P-array and subkeys - $data = "\0\0\0\0\0\0\0\0"; - for ($i = 0; $i < 18; $i += 2) { - list($l, $r) = array_values(unpack('N*', $data = $this->encryptBlock($data))); - $this->bctx['p'][$i ] = $l; - $this->bctx['p'][$i + 1] = $r; - } - for ($i = 0; $i < 4; ++$i) { - for ($j = 0; $j < 256; $j += 2) { - list($l, $r) = array_values(unpack('N*', $data = $this->encryptBlock($data))); - $this->bctx['sb'][$i][$j ] = $l; - $this->bctx['sb'][$i][$j + 1] = $r; - } - } - } - - /** - * Initialize Static Variables - */ - protected static function initialize_static_variables() - { - if (is_float(self::$sbox2[0])) { - self::$sbox0 = array_map('intval', self::$sbox0); - self::$sbox1 = array_map('intval', self::$sbox1); - self::$sbox2 = array_map('intval', self::$sbox2); - self::$sbox3 = array_map('intval', self::$sbox3); - self::$parray = array_map('intval', self::$parray); - } - - parent::initialize_static_variables(); - } - - /** - * bcrypt - * - * @param string $sha2pass - * @param string $sha2salt - * @access private - * @return string - */ - private static function bcrypt_hash($sha2pass, $sha2salt) - { - $p = self::$parray; - $sbox0 = self::$sbox0; - $sbox1 = self::$sbox1; - $sbox2 = self::$sbox2; - $sbox3 = self::$sbox3; - - $cdata = array_values(unpack('N*', 'OxychromaticBlowfishSwatDynamite')); - $sha2pass = array_values(unpack('N*', $sha2pass)); - $sha2salt = array_values(unpack('N*', $sha2salt)); - - self::expandstate($sha2salt, $sha2pass, $sbox0, $sbox1, $sbox2, $sbox3, $p); - for ($i = 0; $i < 64; $i++) { - self::expand0state($sha2salt, $sbox0, $sbox1, $sbox2, $sbox3, $p); - self::expand0state($sha2pass, $sbox0, $sbox1, $sbox2, $sbox3, $p); - } - - for ($i = 0; $i < 64; $i++) { - for ($j = 0; $j < 8; $j += 2) { // count($cdata) == 8 - list($cdata[$j], $cdata[$j + 1]) = self::encryptBlockHelperFast($cdata[$j], $cdata[$j + 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); - } - } - - return pack('L*', ...$cdata); - } - - /** - * Performs OpenSSH-style bcrypt - * - * @param string $pass - * @param string $salt - * @param int $keylen - * @param int $rounds - * @access public - * @return string - */ - public static function bcrypt_pbkdf($pass, $salt, $keylen, $rounds) - { - self::initialize_static_variables(); - - if (PHP_INT_SIZE == 4) { - throw new \RuntimeException('bcrypt is far too slow to be practical on 32-bit versions of PHP'); - } - - $sha2pass = hash('sha512', $pass, true); - $results = []; - $count = 1; - while (32 * count($results) < $keylen) { - $countsalt = $salt . pack('N', $count++); - $sha2salt = hash('sha512', $countsalt, true); - $out = $tmpout = self::bcrypt_hash($sha2pass, $sha2salt); - for ($i = 1; $i < $rounds; $i++) { - $sha2salt = hash('sha512', $tmpout, true); - $tmpout = self::bcrypt_hash($sha2pass, $sha2salt); - $out ^= $tmpout; - } - $results[] = $out; - } - $output = ''; - for ($i = 0; $i < 32; $i++) { - foreach ($results as $result) { - $output .= $result[$i]; - } - } - return substr($output, 0, $keylen); - } - - /** - * Key expansion without salt - * - * @access private - * @param int[] $key - * @param int[] $sbox0 - * @param int[] $sbox1 - * @param int[] $sbox2 - * @param int[] $sbox3 - * @param int[] $p - * @see self::_bcrypt_hash() - */ - private static function expand0state(array $key, array &$sbox0, array &$sbox1, array &$sbox2, array &$sbox3, array &$p) - { - // expand0state is basically the same thing as this: - //return self::expandstate(array_fill(0, 16, 0), $key); - // but this separate function eliminates a bunch of XORs and array lookups - - $p = [ - $p[0] ^ $key[0], - $p[1] ^ $key[1], - $p[2] ^ $key[2], - $p[3] ^ $key[3], - $p[4] ^ $key[4], - $p[5] ^ $key[5], - $p[6] ^ $key[6], - $p[7] ^ $key[7], - $p[8] ^ $key[8], - $p[9] ^ $key[9], - $p[10] ^ $key[10], - $p[11] ^ $key[11], - $p[12] ^ $key[12], - $p[13] ^ $key[13], - $p[14] ^ $key[14], - $p[15] ^ $key[15], - $p[16] ^ $key[0], - $p[17] ^ $key[1] - ]; - - // @codingStandardsIgnoreStart - list( $p[0], $p[1]) = self::encryptBlockHelperFast( 0, 0, $sbox0, $sbox1, $sbox2, $sbox3, $p); - list( $p[2], $p[3]) = self::encryptBlockHelperFast($p[ 0], $p[ 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list( $p[4], $p[5]) = self::encryptBlockHelperFast($p[ 2], $p[ 3], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list( $p[6], $p[7]) = self::encryptBlockHelperFast($p[ 4], $p[ 5], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list( $p[8], $p[9]) = self::encryptBlockHelperFast($p[ 6], $p[ 7], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list($p[10], $p[11]) = self::encryptBlockHelperFast($p[ 8], $p[ 9], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list($p[12], $p[13]) = self::encryptBlockHelperFast($p[10], $p[11], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list($p[14], $p[15]) = self::encryptBlockHelperFast($p[12], $p[13], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list($p[16], $p[17]) = self::encryptBlockHelperFast($p[14], $p[15], $sbox0, $sbox1, $sbox2, $sbox3, $p); - // @codingStandardsIgnoreEnd - - list($sbox0[0], $sbox0[1]) = self::encryptBlockHelperFast($p[16], $p[17], $sbox0, $sbox1, $sbox2, $sbox3, $p); - for ($i = 2; $i < 256; $i += 2) { - list($sbox0[$i], $sbox0[$i + 1]) = self::encryptBlockHelperFast($sbox0[$i - 2], $sbox0[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); - } - - list($sbox1[0], $sbox1[1]) = self::encryptBlockHelperFast($sbox0[254], $sbox0[255], $sbox0, $sbox1, $sbox2, $sbox3, $p); - for ($i = 2; $i < 256; $i += 2) { - list($sbox1[$i], $sbox1[$i + 1]) = self::encryptBlockHelperFast($sbox1[$i - 2], $sbox1[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); - } - - list($sbox2[0], $sbox2[1]) = self::encryptBlockHelperFast($sbox1[254], $sbox1[255], $sbox0, $sbox1, $sbox2, $sbox3, $p); - for ($i = 2; $i < 256; $i += 2) { - list($sbox2[$i], $sbox2[$i + 1]) = self::encryptBlockHelperFast($sbox2[$i - 2], $sbox2[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); - } - - list($sbox3[0], $sbox3[1]) = self::encryptBlockHelperFast($sbox2[254], $sbox2[255], $sbox0, $sbox1, $sbox2, $sbox3, $p); - for ($i = 2; $i < 256; $i += 2) { - list($sbox3[$i], $sbox3[$i + 1]) = self::encryptBlockHelperFast($sbox3[$i - 2], $sbox3[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); - } - } - - /** - * Key expansion with salt - * - * @access private - * @param int[] $data - * @param int[] $key - * @param int[] $sbox0 - * @param int[] $sbox1 - * @param int[] $sbox2 - * @param int[] $sbox3 - * @param int[] $p - * @see self::_bcrypt_hash() - */ - private static function expandstate(array $data, array $key, array &$sbox0, array &$sbox1, array &$sbox2, array &$sbox3, array &$p) - { - $p = [ - $p[0] ^ $key[0], - $p[1] ^ $key[1], - $p[2] ^ $key[2], - $p[3] ^ $key[3], - $p[4] ^ $key[4], - $p[5] ^ $key[5], - $p[6] ^ $key[6], - $p[7] ^ $key[7], - $p[8] ^ $key[8], - $p[9] ^ $key[9], - $p[10] ^ $key[10], - $p[11] ^ $key[11], - $p[12] ^ $key[12], - $p[13] ^ $key[13], - $p[14] ^ $key[14], - $p[15] ^ $key[15], - $p[16] ^ $key[0], - $p[17] ^ $key[1] - ]; - - // @codingStandardsIgnoreStart - list( $p[0], $p[1]) = self::encryptBlockHelperFast($data[ 0] , $data[ 1] , $sbox0, $sbox1, $sbox2, $sbox3, $p); - list( $p[2], $p[3]) = self::encryptBlockHelperFast($data[ 2] ^ $p[ 0], $data[ 3] ^ $p[ 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list( $p[4], $p[5]) = self::encryptBlockHelperFast($data[ 4] ^ $p[ 2], $data[ 5] ^ $p[ 3], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list( $p[6], $p[7]) = self::encryptBlockHelperFast($data[ 6] ^ $p[ 4], $data[ 7] ^ $p[ 5], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list( $p[8], $p[9]) = self::encryptBlockHelperFast($data[ 8] ^ $p[ 6], $data[ 9] ^ $p[ 7], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list($p[10], $p[11]) = self::encryptBlockHelperFast($data[10] ^ $p[ 8], $data[11] ^ $p[ 9], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list($p[12], $p[13]) = self::encryptBlockHelperFast($data[12] ^ $p[10], $data[13] ^ $p[11], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list($p[14], $p[15]) = self::encryptBlockHelperFast($data[14] ^ $p[12], $data[15] ^ $p[13], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list($p[16], $p[17]) = self::encryptBlockHelperFast($data[ 0] ^ $p[14], $data[ 1] ^ $p[15], $sbox0, $sbox1, $sbox2, $sbox3, $p); - // @codingStandardsIgnoreEnd - - list($sbox0[0], $sbox0[1]) = self::encryptBlockHelperFast($data[2] ^ $p[16], $data[3] ^ $p[17], $sbox0, $sbox1, $sbox2, $sbox3, $p); - for ($i = 2, $j = 4; $i < 256; $i += 2, $j = ($j + 2) % 16) { // instead of 16 maybe count($data) would be better? - list($sbox0[$i], $sbox0[$i + 1]) = self::encryptBlockHelperFast($data[$j] ^ $sbox0[$i - 2], $data[$j + 1] ^ $sbox0[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); - } - - list($sbox1[0], $sbox1[1]) = self::encryptBlockHelperFast($data[2] ^ $sbox0[254], $data[3] ^ $sbox0[255], $sbox0, $sbox1, $sbox2, $sbox3, $p); - for ($i = 2, $j = 4; $i < 256; $i += 2, $j = ($j + 2) % 16) { - list($sbox1[$i], $sbox1[$i + 1]) = self::encryptBlockHelperFast($data[$j] ^ $sbox1[$i - 2], $data[$j + 1] ^ $sbox1[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); - } - - list($sbox2[0], $sbox2[1]) = self::encryptBlockHelperFast($data[2] ^ $sbox1[254], $data[3] ^ $sbox1[255], $sbox0, $sbox1, $sbox2, $sbox3, $p); - for ($i = 2, $j = 4; $i < 256; $i += 2, $j = ($j + 2) % 16) { - list($sbox2[$i], $sbox2[$i + 1]) = self::encryptBlockHelperFast($data[$j] ^ $sbox2[$i - 2], $data[$j + 1] ^ $sbox2[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); - } - - list($sbox3[0], $sbox3[1]) = self::encryptBlockHelperFast($data[2] ^ $sbox2[254], $data[3] ^ $sbox2[255], $sbox0, $sbox1, $sbox2, $sbox3, $p); - for ($i = 2, $j = 4; $i < 256; $i += 2, $j = ($j + 2) % 16) { - list($sbox3[$i], $sbox3[$i + 1]) = self::encryptBlockHelperFast($data[$j] ^ $sbox3[$i - 2], $data[$j + 1] ^ $sbox3[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); - } - } - - /** - * Encrypts a block - * - * @param string $in - * @return string - */ - protected function encryptBlock($in) - { - $p = $this->bctx['p']; - // extract($this->bctx['sb'], EXTR_PREFIX_ALL, 'sb'); // slower - $sb_0 = $this->bctx['sb'][0]; - $sb_1 = $this->bctx['sb'][1]; - $sb_2 = $this->bctx['sb'][2]; - $sb_3 = $this->bctx['sb'][3]; - - $in = unpack('N*', $in); - $l = $in[1]; - $r = $in[2]; - - list($r, $l) = PHP_INT_SIZE == 4 ? - self::encryptBlockHelperSlow($l, $r, $sb_0, $sb_1, $sb_2, $sb_3, $p) : - self::encryptBlockHelperFast($l, $r, $sb_0, $sb_1, $sb_2, $sb_3, $p); - - return pack("N*", $r, $l); - } - - /** - * Fast helper function for block encryption - * - * @access private - * @param int $x0 - * @param int $x1 - * @param int[] $sbox0 - * @param int[] $sbox1 - * @param int[] $sbox2 - * @param int[] $sbox3 - * @param int[] $p - * @return int[] - */ - private static function encryptBlockHelperFast($x0, $x1, array $sbox0, array $sbox1, array $sbox2, array $sbox3, array $p) - { - $x0 ^= $p[0]; - $x1 ^= ((($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[1]; - $x0 ^= ((($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[2]; - $x1 ^= ((($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[3]; - $x0 ^= ((($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[4]; - $x1 ^= ((($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[5]; - $x0 ^= ((($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[6]; - $x1 ^= ((($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[7]; - $x0 ^= ((($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[8]; - $x1 ^= ((($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[9]; - $x0 ^= ((($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[10]; - $x1 ^= ((($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[11]; - $x0 ^= ((($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[12]; - $x1 ^= ((($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[13]; - $x0 ^= ((($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[14]; - $x1 ^= ((($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[15]; - $x0 ^= ((($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[16]; - - return [$x1 & 0xFFFFFFFF ^ $p[17], $x0 & 0xFFFFFFFF]; - } - - /** - * Slow helper function for block encryption - * - * @access private - * @param int $x0 - * @param int $x1 - * @param int[] $sbox0 - * @param int[] $sbox1 - * @param int[] $sbox2 - * @param int[] $sbox3 - * @param int[] $p - * @return int[] - */ - private static function encryptBlockHelperSlow($x0, $x1, array $sbox0, array $sbox1, array $sbox2, array $sbox3, array $p) - { - // -16777216 == intval(0xFF000000) on 32-bit PHP installs - $x0 ^= $p[0]; - $x1 ^= self::safe_intval((self::safe_intval($sbox0[(($x0 & -16777216) >> 24) & 0xFF] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[1]; - $x0 ^= self::safe_intval((self::safe_intval($sbox0[(($x1 & -16777216) >> 24) & 0xFF] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[2]; - $x1 ^= self::safe_intval((self::safe_intval($sbox0[(($x0 & -16777216) >> 24) & 0xFF] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[3]; - $x0 ^= self::safe_intval((self::safe_intval($sbox0[(($x1 & -16777216) >> 24) & 0xFF] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[4]; - $x1 ^= self::safe_intval((self::safe_intval($sbox0[(($x0 & -16777216) >> 24) & 0xFF] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[5]; - $x0 ^= self::safe_intval((self::safe_intval($sbox0[(($x1 & -16777216) >> 24) & 0xFF] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[6]; - $x1 ^= self::safe_intval((self::safe_intval($sbox0[(($x0 & -16777216) >> 24) & 0xFF] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[7]; - $x0 ^= self::safe_intval((self::safe_intval($sbox0[(($x1 & -16777216) >> 24) & 0xFF] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[8]; - $x1 ^= self::safe_intval((self::safe_intval($sbox0[(($x0 & -16777216) >> 24) & 0xFF] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[9]; - $x0 ^= self::safe_intval((self::safe_intval($sbox0[(($x1 & -16777216) >> 24) & 0xFF] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[10]; - $x1 ^= self::safe_intval((self::safe_intval($sbox0[(($x0 & -16777216) >> 24) & 0xFF] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[11]; - $x0 ^= self::safe_intval((self::safe_intval($sbox0[(($x1 & -16777216) >> 24) & 0xFF] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[12]; - $x1 ^= self::safe_intval((self::safe_intval($sbox0[(($x0 & -16777216) >> 24) & 0xFF] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[13]; - $x0 ^= self::safe_intval((self::safe_intval($sbox0[(($x1 & -16777216) >> 24) & 0xFF] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[14]; - $x1 ^= self::safe_intval((self::safe_intval($sbox0[(($x0 & -16777216) >> 24) & 0xFF] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[15]; - $x0 ^= self::safe_intval((self::safe_intval($sbox0[(($x1 & -16777216) >> 24) & 0xFF] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[16]; - - return [$x1 ^ $p[17], $x0]; - } - - /** - * Decrypts a block - * - * @param string $in - * @return string - */ - protected function decryptBlock($in) - { - $p = $this->bctx['p']; - $sb_0 = $this->bctx['sb'][0]; - $sb_1 = $this->bctx['sb'][1]; - $sb_2 = $this->bctx['sb'][2]; - $sb_3 = $this->bctx['sb'][3]; - - $in = unpack('N*', $in); - $l = $in[1]; - $r = $in[2]; - - for ($i = 17; $i > 2; $i -= 2) { - $l ^= $p[$i]; - $r ^= self::safe_intval((self::safe_intval($sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff]) ^ - $sb_2[$l >> 8 & 0xff]) + - $sb_3[$l & 0xff]); - - $r ^= $p[$i - 1]; - $l ^= self::safe_intval((self::safe_intval($sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff]) ^ - $sb_2[$r >> 8 & 0xff]) + - $sb_3[$r & 0xff]); - } - return pack('N*', $r ^ $p[0], $l ^ $p[1]); - } - - /** - * Setup the performance-optimized function for de/encrypt() - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::_setupInlineCrypt() - */ - protected function setupInlineCrypt() - { - $p = $this->bctx['p']; - $init_crypt = ' - static $sb_0, $sb_1, $sb_2, $sb_3; - if (!$sb_0) { - $sb_0 = $this->bctx["sb"][0]; - $sb_1 = $this->bctx["sb"][1]; - $sb_2 = $this->bctx["sb"][2]; - $sb_3 = $this->bctx["sb"][3]; - } - '; - - $safeint = self::safe_intval_inline(); - - // Generating encrypt code: - $encrypt_block = ' - $in = unpack("N*", $in); - $l = $in[1]; - $r = $in[2]; - '; - for ($i = 0; $i < 16; $i += 2) { - $encrypt_block .= ' - $l^= ' . $p[$i] . '; - $r^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff]') . ' ^ - $sb_2[$l >> 8 & 0xff]) + - $sb_3[$l & 0xff]') . '; - - $r^= ' . $p[$i + 1] . '; - $l^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff]') . ' ^ - $sb_2[$r >> 8 & 0xff]) + - $sb_3[$r & 0xff]') . '; - '; - } - $encrypt_block .= ' - $in = pack("N*", - $r ^ ' . $p[17] . ', - $l ^ ' . $p[16] . ' - ); - '; - // Generating decrypt code: - $decrypt_block = ' - $in = unpack("N*", $in); - $l = $in[1]; - $r = $in[2]; - '; - - for ($i = 17; $i > 2; $i -= 2) { - $decrypt_block .= ' - $l^= ' . $p[$i] . '; - $r^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff]') . ' ^ - $sb_2[$l >> 8 & 0xff]) + - $sb_3[$l & 0xff]') . '; - - $r^= ' . $p[$i - 1] . '; - $l^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff]') . ' ^ - $sb_2[$r >> 8 & 0xff]) + - $sb_3[$r & 0xff]') . '; - '; - } - - $decrypt_block .= ' - $in = pack("N*", - $r ^ ' . $p[0] . ', - $l ^ ' . $p[1] . ' - ); - '; - - $this->inline_crypt = $this->createInlineCryptFunction( - [ - 'init_crypt' => $init_crypt, - 'init_encrypt' => '', - 'init_decrypt' => '', - 'encrypt_block' => $encrypt_block, - 'decrypt_block' => $decrypt_block - ] - ); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/ChaCha20.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/ChaCha20.php deleted file mode 100644 index b2691b5..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/ChaCha20.php +++ /dev/null @@ -1,799 +0,0 @@ - - * @copyright 2019 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt; - -use phpseclib3\Exception\BadDecryptionException; -use phpseclib3\Exception\InsufficientSetupException; - -/** - * Pure-PHP implementation of ChaCha20. - * - * @author Jim Wigginton - */ -class ChaCha20 extends Salsa20 -{ - /** - * The OpenSSL specific name of the cipher - * - * @var string - */ - protected $cipher_name_openssl = 'chacha20'; - - /** - * Test for engine validity - * - * This is mainly just a wrapper to set things up for \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine() - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() - * @param int $engine - * @return bool - */ - protected function isValidEngineHelper($engine) - { - switch ($engine) { - case self::ENGINE_LIBSODIUM: - // PHP 7.2.0 (30 Nov 2017) added support for libsodium - - // we could probably make it so that if $this->counter == 0 then the first block would be done with either OpenSSL - // or PHP and then subsequent blocks would then be done with libsodium but idk - it's not a high priority atm - - // we could also make it so that if $this->counter == 0 and $this->continuousBuffer then do the first string - // with libsodium and subsequent strings with openssl or pure-PHP but again not a high priority - return function_exists('sodium_crypto_aead_chacha20poly1305_ietf_encrypt') && - $this->key_length == 32 && - (($this->usePoly1305 && !isset($this->poly1305Key) && $this->counter == 0) || $this->counter == 1) && - !$this->continuousBuffer; - case self::ENGINE_OPENSSL: - // OpenSSL 1.1.0 (released 25 Aug 2016) added support for chacha20. - // PHP didn't support OpenSSL 1.1.0 until 7.0.19 (11 May 2017) - - // if you attempt to provide openssl with a 128 bit key (as opposed to a 256 bit key) openssl will null - // pad the key to 256 bits and still use the expansion constant for 256-bit keys. the fact that - // openssl treats the IV as both the counter and nonce, however, let's us use openssl in continuous mode - // whereas libsodium does not - if ($this->key_length != 32) { - return false; - } - } - - return parent::isValidEngineHelper($engine); - } - - /** - * Encrypts a message. - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() - * @see self::crypt() - * @param string $plaintext - * @return string $ciphertext - */ - public function encrypt($plaintext) - { - $this->setup(); - - if ($this->engine == self::ENGINE_LIBSODIUM) { - return $this->encrypt_with_libsodium($plaintext); - } - - return parent::encrypt($plaintext); - } - - /** - * Decrypts a message. - * - * $this->decrypt($this->encrypt($plaintext)) == $this->encrypt($this->encrypt($plaintext)). - * At least if the continuous buffer is disabled. - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() - * @see self::crypt() - * @param string $ciphertext - * @return string $plaintext - */ - public function decrypt($ciphertext) - { - $this->setup(); - - if ($this->engine == self::ENGINE_LIBSODIUM) { - return $this->decrypt_with_libsodium($ciphertext); - } - - return parent::decrypt($ciphertext); - } - - /** - * Encrypts a message with libsodium - * - * @see self::encrypt() - * @param string $plaintext - * @return string $text - */ - private function encrypt_with_libsodium($plaintext) - { - $params = [$plaintext, $this->aad, $this->nonce, $this->key]; - $ciphertext = strlen($this->nonce) == 8 ? - sodium_crypto_aead_chacha20poly1305_encrypt(...$params) : - sodium_crypto_aead_chacha20poly1305_ietf_encrypt(...$params); - if (!$this->usePoly1305) { - return substr($ciphertext, 0, strlen($plaintext)); - } - - $newciphertext = substr($ciphertext, 0, strlen($plaintext)); - - $this->newtag = $this->usingGeneratedPoly1305Key && strlen($this->nonce) == 12 ? - substr($ciphertext, strlen($plaintext)) : - $this->poly1305($newciphertext); - - return $newciphertext; - } - - /** - * Decrypts a message with libsodium - * - * @see self::decrypt() - * @param string $ciphertext - * @return string $text - */ - private function decrypt_with_libsodium($ciphertext) - { - $params = [$ciphertext, $this->aad, $this->nonce, $this->key]; - - if (isset($this->poly1305Key)) { - if ($this->oldtag === false) { - throw new InsufficientSetupException('Authentication Tag has not been set'); - } - if ($this->usingGeneratedPoly1305Key && strlen($this->nonce) == 12) { - $plaintext = sodium_crypto_aead_chacha20poly1305_ietf_decrypt(...$params); - $this->oldtag = false; - if ($plaintext === false) { - throw new BadDecryptionException('Derived authentication tag and supplied authentication tag do not match'); - } - return $plaintext; - } - $newtag = $this->poly1305($ciphertext); - if ($this->oldtag != substr($newtag, 0, strlen($this->oldtag))) { - $this->oldtag = false; - throw new BadDecryptionException('Derived authentication tag and supplied authentication tag do not match'); - } - $this->oldtag = false; - } - - $plaintext = strlen($this->nonce) == 8 ? - sodium_crypto_aead_chacha20poly1305_encrypt(...$params) : - sodium_crypto_aead_chacha20poly1305_ietf_encrypt(...$params); - - return substr($plaintext, 0, strlen($ciphertext)); - } - - /** - * Sets the nonce. - * - * @param string $nonce - */ - public function setNonce($nonce) - { - if (!is_string($nonce)) { - throw new \UnexpectedValueException('The nonce should be a string'); - } - - /* - from https://tools.ietf.org/html/rfc7539#page-7 - - "Note also that the original ChaCha had a 64-bit nonce and 64-bit - block count. We have modified this here to be more consistent with - recommendations in Section 3.2 of [RFC5116]." - */ - switch (strlen($nonce)) { - case 8: // 64 bits - case 12: // 96 bits - break; - default: - throw new \LengthException('Nonce of size ' . strlen($nonce) . ' not supported by this algorithm. Only 64-bit nonces or 96-bit nonces are supported'); - } - - $this->nonce = $nonce; - $this->changed = true; - $this->setEngine(); - } - - /** - * Setup the self::ENGINE_INTERNAL $engine - * - * (re)init, if necessary, the internal cipher $engine - * - * _setup() will be called each time if $changed === true - * typically this happens when using one or more of following public methods: - * - * - setKey() - * - * - setNonce() - * - * - First run of encrypt() / decrypt() with no init-settings - * - * @see self::setKey() - * @see self::setNonce() - * @see self::disableContinuousBuffer() - */ - protected function setup() - { - if (!$this->changed) { - return; - } - - $this->enbuffer = $this->debuffer = ['ciphertext' => '', 'counter' => $this->counter]; - - $this->changed = $this->nonIVChanged = false; - - if ($this->nonce === false) { - throw new InsufficientSetupException('No nonce has been defined'); - } - - if ($this->key === false) { - throw new InsufficientSetupException('No key has been defined'); - } - - if ($this->usePoly1305 && !isset($this->poly1305Key)) { - $this->usingGeneratedPoly1305Key = true; - if ($this->engine == self::ENGINE_LIBSODIUM) { - return; - } - $this->createPoly1305Key(); - } - - $key = $this->key; - if (strlen($key) == 16) { - $constant = 'expand 16-byte k'; - $key .= $key; - } else { - $constant = 'expand 32-byte k'; - } - - $this->p1 = $constant . $key; - $this->p2 = $this->nonce; - if (strlen($this->nonce) == 8) { - $this->p2 = "\0\0\0\0" . $this->p2; - } - } - - /** - * The quarterround function - * - * @param int $a - * @param int $b - * @param int $c - * @param int $d - */ - protected static function quarterRound(&$a, &$b, &$c, &$d) - { - // in https://datatracker.ietf.org/doc/html/rfc7539#section-2.1 the addition, - // xor'ing and rotation are all on the same line so i'm keeping it on the same - // line here as well - // @codingStandardsIgnoreStart - $a+= $b; $d = self::leftRotate(intval($d) ^ intval($a), 16); - $c+= $d; $b = self::leftRotate(intval($b) ^ intval($c), 12); - $a+= $b; $d = self::leftRotate(intval($d) ^ intval($a), 8); - $c+= $d; $b = self::leftRotate(intval($b) ^ intval($c), 7); - // @codingStandardsIgnoreEnd - } - - /** - * The doubleround function - * - * @param int $x0 (by reference) - * @param int $x1 (by reference) - * @param int $x2 (by reference) - * @param int $x3 (by reference) - * @param int $x4 (by reference) - * @param int $x5 (by reference) - * @param int $x6 (by reference) - * @param int $x7 (by reference) - * @param int $x8 (by reference) - * @param int $x9 (by reference) - * @param int $x10 (by reference) - * @param int $x11 (by reference) - * @param int $x12 (by reference) - * @param int $x13 (by reference) - * @param int $x14 (by reference) - * @param int $x15 (by reference) - */ - protected static function doubleRound(&$x0, &$x1, &$x2, &$x3, &$x4, &$x5, &$x6, &$x7, &$x8, &$x9, &$x10, &$x11, &$x12, &$x13, &$x14, &$x15) - { - // columnRound - static::quarterRound($x0, $x4, $x8, $x12); - static::quarterRound($x1, $x5, $x9, $x13); - static::quarterRound($x2, $x6, $x10, $x14); - static::quarterRound($x3, $x7, $x11, $x15); - // rowRound - static::quarterRound($x0, $x5, $x10, $x15); - static::quarterRound($x1, $x6, $x11, $x12); - static::quarterRound($x2, $x7, $x8, $x13); - static::quarterRound($x3, $x4, $x9, $x14); - } - - /** - * The Salsa20 hash function function - * - * On my laptop this loop unrolled / function dereferenced version of parent::salsa20 encrypts 1mb of text in - * 0.65s vs the 0.85s that it takes with the parent method. - * - * If we were free to assume that the host OS would always be 64-bits then the if condition in leftRotate could - * be eliminated and we could knock this done to 0.60s. - * - * For comparison purposes, RC4 takes 0.16s and AES in CTR mode with the Eval engine takes 0.48s. - * AES in CTR mode with the PHP engine takes 1.19s. Salsa20 / ChaCha20 do not benefit as much from the Eval - * approach due to the fact that there are a lot less variables to de-reference, fewer loops to unroll, etc - * - * @param string $x - */ - protected static function salsa20($x) - { - list(, $x0, $x1, $x2, $x3, $x4, $x5, $x6, $x7, $x8, $x9, $x10, $x11, $x12, $x13, $x14, $x15) = unpack('V*', $x); - $z0 = $x0; - $z1 = $x1; - $z2 = $x2; - $z3 = $x3; - $z4 = $x4; - $z5 = $x5; - $z6 = $x6; - $z7 = $x7; - $z8 = $x8; - $z9 = $x9; - $z10 = $x10; - $z11 = $x11; - $z12 = $x12; - $z13 = $x13; - $z14 = $x14; - $z15 = $x15; - - // @codingStandardsIgnoreStart - // columnRound - $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); - $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); - $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); - $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); - - $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); - $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); - $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); - $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); - - $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); - $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); - $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); - $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); - - $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); - $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); - $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); - $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); - - // rowRound - $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); - $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); - $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); - $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); - - $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); - $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); - $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); - $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); - - $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); - $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); - $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); - $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); - - $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); - $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); - $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); - $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); - - // columnRound - $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); - $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); - $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); - $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); - - $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); - $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); - $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); - $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); - - $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); - $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); - $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); - $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); - - $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); - $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); - $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); - $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); - - // rowRound - $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); - $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); - $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); - $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); - - $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); - $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); - $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); - $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); - - $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); - $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); - $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); - $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); - - $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); - $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); - $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); - $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); - - // columnRound - $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); - $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); - $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); - $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); - - $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); - $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); - $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); - $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); - - $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); - $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); - $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); - $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); - - $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); - $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); - $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); - $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); - - // rowRound - $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); - $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); - $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); - $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); - - $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); - $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); - $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); - $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); - - $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); - $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); - $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); - $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); - - $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); - $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); - $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); - $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); - - // columnRound - $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); - $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); - $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); - $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); - - $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); - $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); - $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); - $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); - - $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); - $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); - $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); - $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); - - $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); - $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); - $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); - $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); - - // rowRound - $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); - $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); - $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); - $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); - - $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); - $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); - $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); - $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); - - $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); - $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); - $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); - $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); - - $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); - $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); - $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); - $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); - - // columnRound - $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); - $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); - $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); - $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); - - $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); - $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); - $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); - $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); - - $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); - $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); - $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); - $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); - - $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); - $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); - $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); - $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); - - // rowRound - $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); - $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); - $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); - $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); - - $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); - $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); - $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); - $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); - - $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); - $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); - $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); - $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); - - $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); - $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); - $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); - $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); - - // columnRound - $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); - $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); - $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); - $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); - - $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); - $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); - $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); - $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); - - $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); - $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); - $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); - $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); - - $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); - $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); - $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); - $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); - - // rowRound - $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); - $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); - $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); - $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); - - $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); - $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); - $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); - $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); - - $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); - $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); - $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); - $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); - - $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); - $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); - $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); - $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); - - // columnRound - $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); - $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); - $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); - $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); - - $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); - $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); - $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); - $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); - - $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); - $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); - $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); - $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); - - $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); - $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); - $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); - $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); - - // rowRound - $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); - $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); - $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); - $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); - - $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); - $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); - $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); - $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); - - $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); - $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); - $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); - $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); - - $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); - $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); - $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); - $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); - - // columnRound - $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); - $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); - $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); - $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); - - $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); - $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); - $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); - $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); - - $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); - $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); - $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); - $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); - - $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); - $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); - $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); - $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); - - // rowRound - $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); - $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); - $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); - $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); - - $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); - $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); - $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); - $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); - - $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); - $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); - $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); - $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); - - $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); - $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); - $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); - $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); - - // columnRound - $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); - $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); - $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); - $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); - - $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); - $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); - $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); - $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); - - $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); - $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); - $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); - $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); - - $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); - $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); - $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); - $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); - - // rowRound - $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); - $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); - $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); - $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); - - $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); - $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); - $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); - $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); - - $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); - $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); - $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); - $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); - - $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); - $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); - $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); - $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); - - // columnRound - $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); - $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); - $x0+= $x4; $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); - $x8+= $x12; $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); - - $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); - $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); - $x1+= $x5; $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); - $x9+= $x13; $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); - - $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); - $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); - $x2+= $x6; $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); - $x10+= $x14; $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); - - $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); - $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); - $x3+= $x7; $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); - $x11+= $x15; $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); - - // rowRound - $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); - $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); - $x0+= $x5; $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); - $x10+= $x15; $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); - - $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); - $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); - $x1+= $x6; $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); - $x11+= $x12; $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); - - $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); - $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); - $x2+= $x7; $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); - $x8+= $x13; $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); - - $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); - $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); - $x3+= $x4; $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); - $x9+= $x14; $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); - // @codingStandardsIgnoreEnd - - $x0 += $z0; - $x1 += $z1; - $x2 += $z2; - $x3 += $z3; - $x4 += $z4; - $x5 += $z5; - $x6 += $z6; - $x7 += $z7; - $x8 += $z8; - $x9 += $z9; - $x10 += $z10; - $x11 += $z11; - $x12 += $z12; - $x13 += $z13; - $x14 += $z14; - $x15 += $z15; - - return pack('V*', $x0, $x1, $x2, $x3, $x4, $x5, $x6, $x7, $x8, $x9, $x10, $x11, $x12, $x13, $x14, $x15); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/AsymmetricKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/AsymmetricKey.php deleted file mode 100644 index 09eb5b1..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/AsymmetricKey.php +++ /dev/null @@ -1,581 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\Common; - -use phpseclib3\Crypt\DSA; -use phpseclib3\Crypt\Hash; -use phpseclib3\Crypt\RSA; -use phpseclib3\Exception\NoKeyLoadedException; -use phpseclib3\Exception\UnsupportedFormatException; -use phpseclib3\Math\BigInteger; - -/** - * Base Class for all asymmetric cipher classes - * - * @author Jim Wigginton - */ -abstract class AsymmetricKey -{ - /** - * Precomputed Zero - * - * @var \phpseclib3\Math\BigInteger - */ - protected static $zero; - - /** - * Precomputed One - * - * @var \phpseclib3\Math\BigInteger - */ - protected static $one; - - /** - * Format of the loaded key - * - * @var string - */ - protected $format; - - /** - * Hash function - * - * @var \phpseclib3\Crypt\Hash - */ - protected $hash; - - /** - * HMAC function - * - * @var \phpseclib3\Crypt\Hash - */ - private $hmac; - - /** - * Supported plugins (lower case) - * - * @see self::initialize_static_variables() - * @var array - */ - private static $plugins = []; - - /** - * Invisible plugins - * - * @see self::initialize_static_variables() - * @var array - */ - private static $invisiblePlugins = []; - - /** - * Available Engines - * - * @var boolean[] - */ - protected static $engines = []; - - /** - * Key Comment - * - * @var null|string - */ - private $comment; - - /** - * @param string $type - * @return array|string - */ - abstract public function toString($type, array $options = []); - - /** - * The constructor - */ - protected function __construct() - { - self::initialize_static_variables(); - - $this->hash = new Hash('sha256'); - $this->hmac = new Hash('sha256'); - } - - /** - * Initialize static variables - */ - protected static function initialize_static_variables() - { - if (!isset(self::$zero)) { - self::$zero = new BigInteger(0); - self::$one = new BigInteger(1); - } - - self::loadPlugins('Keys'); - if (static::ALGORITHM != 'RSA' && static::ALGORITHM != 'DH') { - self::loadPlugins('Signature'); - } - } - - /** - * Load the key - * - * @param string $key - * @param string $password optional - * @return \phpseclib3\Crypt\Common\PublicKey|\phpseclib3\Crypt\Common\PrivateKey - */ - public static function load($key, $password = false) - { - self::initialize_static_variables(); - - $class = new \ReflectionClass(static::class); - if ($class->isFinal()) { - throw new \RuntimeException('load() should not be called from final classes (' . static::class . ')'); - } - - $components = false; - foreach (self::$plugins[static::ALGORITHM]['Keys'] as $format) { - if (isset(self::$invisiblePlugins[static::ALGORITHM]) && in_array($format, self::$invisiblePlugins[static::ALGORITHM])) { - continue; - } - try { - $components = $format::load($key, $password); - } catch (\Exception $e) { - $components = false; - } - if ($components !== false) { - break; - } - } - - if ($components === false) { - throw new NoKeyLoadedException('Unable to read key'); - } - - $components['format'] = $format; - $components['secret'] = isset($components['secret']) ? $components['secret'] : ''; - $comment = isset($components['comment']) ? $components['comment'] : null; - $new = static::onLoad($components); - $new->format = $format; - $new->comment = $comment; - return $new instanceof PrivateKey ? - $new->withPassword($password) : - $new; - } - - /** - * Loads a private key - * - * @return PrivateKey - * @param string|array $key - * @param string $password optional - */ - public static function loadPrivateKey($key, $password = '') - { - $key = self::load($key, $password); - if (!$key instanceof PrivateKey) { - throw new NoKeyLoadedException('The key that was loaded was not a private key'); - } - return $key; - } - - /** - * Loads a public key - * - * @return PublicKey - * @param string|array $key - */ - public static function loadPublicKey($key) - { - $key = self::load($key); - if (!$key instanceof PublicKey) { - throw new NoKeyLoadedException('The key that was loaded was not a public key'); - } - return $key; - } - - /** - * Loads parameters - * - * @return AsymmetricKey - * @param string|array $key - */ - public static function loadParameters($key) - { - $key = self::load($key); - if (!$key instanceof PrivateKey && !$key instanceof PublicKey) { - throw new NoKeyLoadedException('The key that was loaded was not a parameter'); - } - return $key; - } - - /** - * Load the key, assuming a specific format - * - * @param string $type - * @param string $key - * @param string $password optional - * @return static - */ - public static function loadFormat($type, $key, $password = false) - { - self::initialize_static_variables(); - - $components = false; - $format = strtolower($type); - if (isset(self::$plugins[static::ALGORITHM]['Keys'][$format])) { - $format = self::$plugins[static::ALGORITHM]['Keys'][$format]; - $components = $format::load($key, $password); - } - - if ($components === false) { - throw new NoKeyLoadedException('Unable to read key'); - } - - $components['format'] = $format; - $components['secret'] = isset($components['secret']) ? $components['secret'] : ''; - - $new = static::onLoad($components); - $new->format = $format; - return $new instanceof PrivateKey ? - $new->withPassword($password) : - $new; - } - - /** - * Loads a private key - * - * @return PrivateKey - * @param string $type - * @param string $key - * @param string $password optional - */ - public static function loadPrivateKeyFormat($type, $key, $password = false) - { - $key = self::loadFormat($type, $key, $password); - if (!$key instanceof PrivateKey) { - throw new NoKeyLoadedException('The key that was loaded was not a private key'); - } - return $key; - } - - /** - * Loads a public key - * - * @return PublicKey - * @param string $type - * @param string $key - */ - public static function loadPublicKeyFormat($type, $key) - { - $key = self::loadFormat($type, $key); - if (!$key instanceof PublicKey) { - throw new NoKeyLoadedException('The key that was loaded was not a public key'); - } - return $key; - } - - /** - * Loads parameters - * - * @return AsymmetricKey - * @param string $type - * @param string|array $key - */ - public static function loadParametersFormat($type, $key) - { - $key = self::loadFormat($type, $key); - if (!$key instanceof PrivateKey && !$key instanceof PublicKey) { - throw new NoKeyLoadedException('The key that was loaded was not a parameter'); - } - return $key; - } - - /** - * Validate Plugin - * - * @param string $format - * @param string $type - * @param string $method optional - * @return mixed - */ - protected static function validatePlugin($format, $type, $method = null) - { - $type = strtolower($type); - if (!isset(self::$plugins[static::ALGORITHM][$format][$type])) { - throw new UnsupportedFormatException("$type is not a supported format"); - } - $type = self::$plugins[static::ALGORITHM][$format][$type]; - if (isset($method) && !method_exists($type, $method)) { - throw new UnsupportedFormatException("$type does not implement $method"); - } - - return $type; - } - - /** - * Load Plugins - * - * @param string $format - */ - private static function loadPlugins($format) - { - if (!isset(self::$plugins[static::ALGORITHM][$format])) { - self::$plugins[static::ALGORITHM][$format] = []; - foreach (new \DirectoryIterator(__DIR__ . '/../' . static::ALGORITHM . '/Formats/' . $format . '/') as $file) { - if ($file->getExtension() != 'php') { - continue; - } - $name = $file->getBasename('.php'); - if ($name[0] == '.') { - continue; - } - $type = 'phpseclib3\Crypt\\' . static::ALGORITHM . '\\Formats\\' . $format . '\\' . $name; - $reflect = new \ReflectionClass($type); - if ($reflect->isTrait()) { - continue; - } - self::$plugins[static::ALGORITHM][$format][strtolower($name)] = $type; - if ($reflect->hasConstant('IS_INVISIBLE')) { - self::$invisiblePlugins[static::ALGORITHM][] = $type; - } - } - } - } - - /** - * Returns a list of supported formats. - * - * @return array - */ - public static function getSupportedKeyFormats() - { - self::initialize_static_variables(); - - return self::$plugins[static::ALGORITHM]['Keys']; - } - - /** - * Add a fileformat plugin - * - * The plugin needs to either already be loaded or be auto-loadable. - * Loading a plugin whose shortname overwrite an existing shortname will overwrite the old plugin. - * - * @see self::load() - * @param string $fullname - * @return bool - */ - public static function addFileFormat($fullname) - { - self::initialize_static_variables(); - - if (class_exists($fullname)) { - $meta = new \ReflectionClass($fullname); - $shortname = $meta->getShortName(); - self::$plugins[static::ALGORITHM]['Keys'][strtolower($shortname)] = $fullname; - if ($meta->hasConstant('IS_INVISIBLE')) { - self::$invisiblePlugins[static::ALGORITHM][] = strtolower($shortname); - } - } - } - - /** - * Returns the format of the loaded key. - * - * If the key that was loaded wasn't in a valid or if the key was auto-generated - * with RSA::createKey() then this will throw an exception. - * - * @see self::load() - * @return mixed - */ - public function getLoadedFormat() - { - if (empty($this->format)) { - throw new NoKeyLoadedException('This key was created with createKey - it was not loaded with load. Therefore there is no "loaded format"'); - } - - $meta = new \ReflectionClass($this->format); - return $meta->getShortName(); - } - - /** - * Returns the key's comment - * - * Not all key formats support comments. If you want to set a comment use toString() - * - * @return null|string - */ - public function getComment() - { - return $this->comment; - } - - /** - * Tests engine validity - * - */ - public static function useBestEngine() - { - static::$engines = [ - 'PHP' => true, - 'OpenSSL' => extension_loaded('openssl'), - // this test can be satisfied by either of the following: - // http://php.net/manual/en/book.sodium.php - // https://github.com/paragonie/sodium_compat - 'libsodium' => function_exists('sodium_crypto_sign_keypair') - ]; - - return static::$engines; - } - - /** - * Flag to use internal engine only (useful for unit testing) - * - */ - public static function useInternalEngine() - { - static::$engines = [ - 'PHP' => true, - 'OpenSSL' => false, - 'libsodium' => false - ]; - } - - /** - * __toString() magic method - * - * @return string - */ - public function __toString() - { - return $this->toString('PKCS8'); - } - - /** - * Determines which hashing function should be used - * - * @param string $hash - */ - public function withHash($hash) - { - $new = clone $this; - - $new->hash = new Hash($hash); - $new->hmac = new Hash($hash); - - return $new; - } - - /** - * Returns the hash algorithm currently being used - * - */ - public function getHash() - { - return clone $this->hash; - } - - /** - * Compute the pseudorandom k for signature generation, - * using the process specified for deterministic DSA. - * - * @param string $h1 - * @return string - */ - protected function computek($h1) - { - $v = str_repeat("\1", strlen($h1)); - - $k = str_repeat("\0", strlen($h1)); - - $x = $this->int2octets($this->x); - $h1 = $this->bits2octets($h1); - - $this->hmac->setKey($k); - $k = $this->hmac->hash($v . "\0" . $x . $h1); - $this->hmac->setKey($k); - $v = $this->hmac->hash($v); - $k = $this->hmac->hash($v . "\1" . $x . $h1); - $this->hmac->setKey($k); - $v = $this->hmac->hash($v); - - $qlen = $this->q->getLengthInBytes(); - - while (true) { - $t = ''; - while (strlen($t) < $qlen) { - $v = $this->hmac->hash($v); - $t = $t . $v; - } - $k = $this->bits2int($t); - - if (!$k->equals(self::$zero) && $k->compare($this->q) < 0) { - break; - } - $k = $this->hmac->hash($v . "\0"); - $this->hmac->setKey($k); - $v = $this->hmac->hash($v); - } - - return $k; - } - - /** - * Integer to Octet String - * - * @param \phpseclib3\Math\BigInteger $v - * @return string - */ - private function int2octets($v) - { - $out = $v->toBytes(); - $rolen = $this->q->getLengthInBytes(); - if (strlen($out) < $rolen) { - return str_pad($out, $rolen, "\0", STR_PAD_LEFT); - } elseif (strlen($out) > $rolen) { - return substr($out, -$rolen); - } else { - return $out; - } - } - - /** - * Bit String to Integer - * - * @param string $in - * @return \phpseclib3\Math\BigInteger - */ - protected function bits2int($in) - { - $v = new BigInteger($in, 256); - $vlen = strlen($in) << 3; - $qlen = $this->q->getLength(); - if ($vlen > $qlen) { - return $v->bitwise_rightShift($vlen - $qlen); - } - return $v; - } - - /** - * Bit String to Octet String - * - * @param string $in - * @return string - */ - private function bits2octets($in) - { - $z1 = $this->bits2int($in); - $z2 = $z1->subtract($this->q); - return $z2->compare(self::$zero) < 0 ? - $this->int2octets($z1) : - $this->int2octets($z2); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/BlockCipher.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/BlockCipher.php deleted file mode 100644 index b2642be..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/BlockCipher.php +++ /dev/null @@ -1,24 +0,0 @@ - - * @author Hans-Juergen Petrich - * @copyright 2007 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\Common; - -/** - * Base Class for all block cipher classes - * - * @author Jim Wigginton - */ -abstract class BlockCipher extends SymmetricKey -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/JWK.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/JWK.php deleted file mode 100644 index 4c761b8..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/JWK.php +++ /dev/null @@ -1,69 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\Common\Formats\Keys; - -use phpseclib3\Common\Functions\Strings; - -/** - * JSON Web Key Formatted Key Handler - * - * @author Jim Wigginton - */ -abstract class JWK -{ - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password - * @return array - */ - public static function load($key, $password = '') - { - if (!Strings::is_stringable($key)) { - throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); - } - - $key = preg_replace('#\s#', '', $key); // remove whitespace - - if (PHP_VERSION_ID >= 73000) { - $key = json_decode($key, null, 512, JSON_THROW_ON_ERROR); - } else { - $key = json_decode($key); - if (!$key) { - throw new \RuntimeException('Unable to decode JSON'); - } - } - - if (isset($key->kty)) { - return $key; - } - - if (count($key->keys) != 1) { - throw new \RuntimeException('Although the JWK key format supports multiple keys phpseclib does not'); - } - - return $key->keys[0]; - } - - /** - * Wrap a key appropriately - * - * @return string - */ - protected static function wrapKey(array $key, array $options) - { - return json_encode(['keys' => [$key + $options]]); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/OpenSSH.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/OpenSSH.php deleted file mode 100644 index fe3d85b..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/OpenSSH.php +++ /dev/null @@ -1,220 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\Common\Formats\Keys; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\AES; -use phpseclib3\Crypt\Random; - -/** - * OpenSSH Formatted RSA Key Handler - * - * @author Jim Wigginton - */ -abstract class OpenSSH -{ - /** - * Default comment - * - * @var string - */ - protected static $comment = 'phpseclib-generated-key'; - - /** - * Binary key flag - * - * @var bool - */ - protected static $binary = false; - - /** - * Sets the default comment - * - * @param string $comment - */ - public static function setComment($comment) - { - self::$comment = str_replace(["\r", "\n"], '', $comment); - } - - /** - * Break a public or private key down into its constituent components - * - * $type can be either ssh-dss or ssh-rsa - * - * @param string $key - * @param string $password - * @return array - */ - public static function load($key, $password = '') - { - if (!Strings::is_stringable($key)) { - throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); - } - - // key format is described here: - // https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.key?annotate=HEAD - - if (strpos($key, 'BEGIN OPENSSH PRIVATE KEY') !== false) { - $key = preg_replace('#(?:^-.*?-[\r\n]*$)|\s#ms', '', $key); - $key = Strings::base64_decode($key); - $magic = Strings::shift($key, 15); - if ($magic != "openssh-key-v1\0") { - throw new \RuntimeException('Expected openssh-key-v1'); - } - list($ciphername, $kdfname, $kdfoptions, $numKeys) = Strings::unpackSSH2('sssN', $key); - if ($numKeys != 1) { - // if we wanted to support multiple keys we could update PublicKeyLoader to preview what the # of keys - // would be; it'd then call Common\Keys\OpenSSH.php::load() and get the paddedKey. it'd then pass - // that to the appropriate key loading parser $numKey times or something - throw new \RuntimeException('Although the OpenSSH private key format supports multiple keys phpseclib does not'); - } - switch ($ciphername) { - case 'none': - break; - case 'aes256-ctr': - if ($kdfname != 'bcrypt') { - throw new \RuntimeException('Only the bcrypt kdf is supported (' . $kdfname . ' encountered)'); - } - list($salt, $rounds) = Strings::unpackSSH2('sN', $kdfoptions); - $crypto = new AES('ctr'); - //$crypto->setKeyLength(256); - //$crypto->disablePadding(); - $crypto->setPassword($password, 'bcrypt', $salt, $rounds, 32); - break; - default: - throw new \RuntimeException('The only supported cipherse are: none, aes256-ctr (' . $ciphername . ' is being used)'); - } - - list($publicKey, $paddedKey) = Strings::unpackSSH2('ss', $key); - list($type) = Strings::unpackSSH2('s', $publicKey); - if (isset($crypto)) { - $paddedKey = $crypto->decrypt($paddedKey); - } - list($checkint1, $checkint2) = Strings::unpackSSH2('NN', $paddedKey); - // any leftover bytes in $paddedKey are for padding? but they should be sequential bytes. eg. 1, 2, 3, etc. - if ($checkint1 != $checkint2) { - throw new \RuntimeException('The two checkints do not match'); - } - self::checkType($type); - - return compact('type', 'publicKey', 'paddedKey'); - } - - $parts = explode(' ', $key, 3); - - if (!isset($parts[1])) { - $key = base64_decode($parts[0]); - $comment = false; - } else { - $asciiType = $parts[0]; - self::checkType($parts[0]); - $key = base64_decode($parts[1]); - $comment = isset($parts[2]) ? $parts[2] : false; - } - if ($key === false) { - throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); - } - - list($type) = Strings::unpackSSH2('s', $key); - self::checkType($type); - if (isset($asciiType) && $asciiType != $type) { - throw new \RuntimeException('Two different types of keys are claimed: ' . $asciiType . ' and ' . $type); - } - if (strlen($key) <= 4) { - throw new \UnexpectedValueException('Key appears to be malformed'); - } - - $publicKey = $key; - - return compact('type', 'publicKey', 'comment'); - } - - /** - * Toggle between binary and printable keys - * - * Printable keys are what are generated by default. These are the ones that go in - * $HOME/.ssh/authorized_key. - * - * @param bool $enabled - */ - public static function setBinaryOutput($enabled) - { - self::$binary = $enabled; - } - - /** - * Checks to see if the type is valid - * - * @param string $candidate - */ - private static function checkType($candidate) - { - if (!in_array($candidate, static::$types)) { - throw new \RuntimeException("The key type ($candidate) is not equal to: " . implode(',', static::$types)); - } - } - - /** - * Wrap a private key appropriately - * - * @param string $publicKey - * @param string $privateKey - * @param string $password - * @param array $options - * @return string - */ - protected static function wrapPrivateKey($publicKey, $privateKey, $password, $options) - { - list(, $checkint) = unpack('N', Random::string(4)); - - $comment = isset($options['comment']) ? $options['comment'] : self::$comment; - $paddedKey = Strings::packSSH2('NN', $checkint, $checkint) . - $privateKey . - Strings::packSSH2('s', $comment); - - $usesEncryption = !empty($password) && is_string($password); - - /* - from http://tools.ietf.org/html/rfc4253#section-6 : - - Note that the length of the concatenation of 'packet_length', - 'padding_length', 'payload', and 'random padding' MUST be a multiple - of the cipher block size or 8, whichever is larger. - */ - $blockSize = $usesEncryption ? 16 : 8; - $paddingLength = (($blockSize - 1) * strlen($paddedKey)) % $blockSize; - for ($i = 1; $i <= $paddingLength; $i++) { - $paddedKey .= chr($i); - } - if (!$usesEncryption) { - $key = Strings::packSSH2('sssNss', 'none', 'none', '', 1, $publicKey, $paddedKey); - } else { - $rounds = isset($options['rounds']) ? $options['rounds'] : 16; - $salt = Random::string(16); - $kdfoptions = Strings::packSSH2('sN', $salt, $rounds); - $crypto = new AES('ctr'); - $crypto->setPassword($password, 'bcrypt', $salt, $rounds, 32); - $paddedKey = $crypto->encrypt($paddedKey); - $key = Strings::packSSH2('sssNss', 'aes256-ctr', 'bcrypt', $kdfoptions, 1, $publicKey, $paddedKey); - } - $key = "openssh-key-v1\0$key"; - - return "-----BEGIN OPENSSH PRIVATE KEY-----\n" . - chunk_split(Strings::base64_encode($key), 70, "\n") . - "-----END OPENSSH PRIVATE KEY-----\n"; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS.php deleted file mode 100644 index 0219400..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS.php +++ /dev/null @@ -1,72 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\Common\Formats\Keys; - -/** - * PKCS1 Formatted Key Handler - * - * @author Jim Wigginton - */ -abstract class PKCS -{ - /** - * Auto-detect the format - */ - const MODE_ANY = 0; - /** - * Require base64-encoded PEM's be supplied - */ - const MODE_PEM = 1; - /** - * Require raw DER's be supplied - */ - const MODE_DER = 2; - /**#@-*/ - - /** - * Is the key a base-64 encoded PEM, DER or should it be auto-detected? - * - * @var int - */ - protected static $format = self::MODE_ANY; - - /** - * Require base64-encoded PEM's be supplied - * - */ - public static function requirePEM() - { - self::$format = self::MODE_PEM; - } - - /** - * Require raw DER's be supplied - * - */ - public static function requireDER() - { - self::$format = self::MODE_DER; - } - - /** - * Accept any format and auto detect the format - * - * This is the default setting - * - */ - public static function requireAny() - { - self::$format = self::MODE_ANY; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS1.php deleted file mode 100644 index 4c639c0..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS1.php +++ /dev/null @@ -1,209 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\Common\Formats\Keys; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\AES; -use phpseclib3\Crypt\DES; -use phpseclib3\Crypt\Random; -use phpseclib3\Crypt\TripleDES; -use phpseclib3\Exception\UnsupportedAlgorithmException; -use phpseclib3\File\ASN1; - -/** - * PKCS1 Formatted Key Handler - * - * @author Jim Wigginton - */ -abstract class PKCS1 extends PKCS -{ - /** - * Default encryption algorithm - * - * @var string - */ - private static $defaultEncryptionAlgorithm = 'AES-128-CBC'; - - /** - * Sets the default encryption algorithm - * - * @param string $algo - */ - public static function setEncryptionAlgorithm($algo) - { - self::$defaultEncryptionAlgorithm = $algo; - } - - /** - * Returns the mode constant corresponding to the mode string - * - * @param string $mode - * @return int - * @throws \UnexpectedValueException if the block cipher mode is unsupported - */ - private static function getEncryptionMode($mode) - { - switch ($mode) { - case 'CBC': - case 'ECB': - case 'CFB': - case 'OFB': - case 'CTR': - return $mode; - } - throw new \UnexpectedValueException('Unsupported block cipher mode of operation'); - } - - /** - * Returns a cipher object corresponding to a string - * - * @param string $algo - * @return string - * @throws \UnexpectedValueException if the encryption algorithm is unsupported - */ - private static function getEncryptionObject($algo) - { - $modes = '(CBC|ECB|CFB|OFB|CTR)'; - switch (true) { - case preg_match("#^AES-(128|192|256)-$modes$#", $algo, $matches): - $cipher = new AES(self::getEncryptionMode($matches[2])); - $cipher->setKeyLength($matches[1]); - return $cipher; - case preg_match("#^DES-EDE3-$modes$#", $algo, $matches): - return new TripleDES(self::getEncryptionMode($matches[1])); - case preg_match("#^DES-$modes$#", $algo, $matches): - return new DES(self::getEncryptionMode($matches[1])); - default: - throw new UnsupportedAlgorithmException($algo . ' is not a supported algorithm'); - } - } - - /** - * Generate a symmetric key for PKCS#1 keys - * - * @param string $password - * @param string $iv - * @param int $length - * @return string - */ - private static function generateSymmetricKey($password, $iv, $length) - { - $symkey = ''; - $iv = substr($iv, 0, 8); - while (strlen($symkey) < $length) { - $symkey .= md5($symkey . $password . $iv, true); - } - return substr($symkey, 0, $length); - } - - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password optional - * @return array - */ - protected static function load($key, $password) - { - if (!Strings::is_stringable($key)) { - throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); - } - - /* Although PKCS#1 proposes a format that public and private keys can use, encrypting them is - "outside the scope" of PKCS#1. PKCS#1 then refers you to PKCS#12 and PKCS#15 if you're wanting to - protect private keys, however, that's not what OpenSSL* does. OpenSSL protects private keys by adding - two new "fields" to the key - DEK-Info and Proc-Type. These fields are discussed here: - - http://tools.ietf.org/html/rfc1421#section-4.6.1.1 - http://tools.ietf.org/html/rfc1421#section-4.6.1.3 - - DES-EDE3-CBC as an algorithm, however, is not discussed anywhere, near as I can tell. - DES-CBC and DES-EDE are discussed in RFC1423, however, DES-EDE3-CBC isn't, nor is its key derivation - function. As is, the definitive authority on this encoding scheme isn't the IETF but rather OpenSSL's - own implementation. ie. the implementation *is* the standard and any bugs that may exist in that - implementation are part of the standard, as well. - - * OpenSSL is the de facto standard. It's utilized by OpenSSH and other projects */ - if (preg_match('#DEK-Info: (.+),(.+)#', $key, $matches)) { - $iv = Strings::hex2bin(trim($matches[2])); - // remove the Proc-Type / DEK-Info sections as they're no longer needed - $key = preg_replace('#^(?:Proc-Type|DEK-Info): .*#m', '', $key); - $ciphertext = ASN1::extractBER($key); - if ($ciphertext === false) { - $ciphertext = $key; - } - $crypto = self::getEncryptionObject($matches[1]); - $crypto->setKey(self::generateSymmetricKey($password, $iv, $crypto->getKeyLength() >> 3)); - $crypto->setIV($iv); - $key = $crypto->decrypt($ciphertext); - } else { - if (self::$format != self::MODE_DER) { - $decoded = ASN1::extractBER($key); - if ($decoded !== false) { - $key = $decoded; - } elseif (self::$format == self::MODE_PEM) { - throw new \UnexpectedValueException('Expected base64-encoded PEM format but was unable to decode base64 text'); - } - } - } - - return $key; - } - - /** - * Wrap a private key appropriately - * - * @param string $key - * @param string $type - * @param string $password - * @param array $options optional - * @return string - */ - protected static function wrapPrivateKey($key, $type, $password, array $options = []) - { - if (empty($password) || !is_string($password)) { - return "-----BEGIN $type PRIVATE KEY-----\r\n" . - chunk_split(Strings::base64_encode($key), 64) . - "-----END $type PRIVATE KEY-----"; - } - - $encryptionAlgorithm = isset($options['encryptionAlgorithm']) ? $options['encryptionAlgorithm'] : self::$defaultEncryptionAlgorithm; - - $cipher = self::getEncryptionObject($encryptionAlgorithm); - $iv = Random::string($cipher->getBlockLength() >> 3); - $cipher->setKey(self::generateSymmetricKey($password, $iv, $cipher->getKeyLength() >> 3)); - $cipher->setIV($iv); - $iv = strtoupper(Strings::bin2hex($iv)); - return "-----BEGIN $type PRIVATE KEY-----\r\n" . - "Proc-Type: 4,ENCRYPTED\r\n" . - "DEK-Info: " . $encryptionAlgorithm . ",$iv\r\n" . - "\r\n" . - chunk_split(Strings::base64_encode($cipher->encrypt($key)), 64) . - "-----END $type PRIVATE KEY-----"; - } - - /** - * Wrap a public key appropriately - * - * @param string $key - * @param string $type - * @return string - */ - protected static function wrapPublicKey($key, $type) - { - return "-----BEGIN $type PUBLIC KEY-----\r\n" . - chunk_split(Strings::base64_encode($key), 64) . - "-----END $type PUBLIC KEY-----"; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php deleted file mode 100644 index 7aa5548..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php +++ /dev/null @@ -1,725 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\Common\Formats\Keys; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\AES; -use phpseclib3\Crypt\DES; -use phpseclib3\Crypt\Random; -use phpseclib3\Crypt\RC2; -use phpseclib3\Crypt\RC4; -use phpseclib3\Crypt\TripleDES; -use phpseclib3\Exception\InsufficientSetupException; -use phpseclib3\Exception\UnsupportedAlgorithmException; -use phpseclib3\File\ASN1; -use phpseclib3\File\ASN1\Maps; - -/** - * PKCS#8 Formatted Key Handler - * - * @author Jim Wigginton - */ -abstract class PKCS8 extends PKCS -{ - /** - * Default encryption algorithm - * - * @var string - */ - private static $defaultEncryptionAlgorithm = 'id-PBES2'; - - /** - * Default encryption scheme - * - * Only used when defaultEncryptionAlgorithm is id-PBES2 - * - * @var string - */ - private static $defaultEncryptionScheme = 'aes128-CBC-PAD'; - - /** - * Default PRF - * - * Only used when defaultEncryptionAlgorithm is id-PBES2 - * - * @var string - */ - private static $defaultPRF = 'id-hmacWithSHA256'; - - /** - * Default Iteration Count - * - * @var int - */ - private static $defaultIterationCount = 2048; - - /** - * OIDs loaded - * - * @var bool - */ - private static $oidsLoaded = false; - - /** - * Sets the default encryption algorithm - * - * @param string $algo - */ - public static function setEncryptionAlgorithm($algo) - { - self::$defaultEncryptionAlgorithm = $algo; - } - - /** - * Sets the default encryption algorithm for PBES2 - * - * @param string $algo - */ - public static function setEncryptionScheme($algo) - { - self::$defaultEncryptionScheme = $algo; - } - - /** - * Sets the iteration count - * - * @param int $count - */ - public static function setIterationCount($count) - { - self::$defaultIterationCount = $count; - } - - /** - * Sets the PRF for PBES2 - * - * @param string $algo - */ - public static function setPRF($algo) - { - self::$defaultPRF = $algo; - } - - /** - * Returns a SymmetricKey object based on a PBES1 $algo - * - * @return \phpseclib3\Crypt\Common\SymmetricKey - * @param string $algo - */ - private static function getPBES1EncryptionObject($algo) - { - $algo = preg_match('#^pbeWith(?:MD2|MD5|SHA1|SHA)And(.*?)-CBC$#', $algo, $matches) ? - $matches[1] : - substr($algo, 13); // strlen('pbeWithSHAAnd') == 13 - - switch ($algo) { - case 'DES': - $cipher = new DES('cbc'); - break; - case 'RC2': - $cipher = new RC2('cbc'); - $cipher->setKeyLength(64); - break; - case '3-KeyTripleDES': - $cipher = new TripleDES('cbc'); - break; - case '2-KeyTripleDES': - $cipher = new TripleDES('cbc'); - $cipher->setKeyLength(128); - break; - case '128BitRC2': - $cipher = new RC2('cbc'); - $cipher->setKeyLength(128); - break; - case '40BitRC2': - $cipher = new RC2('cbc'); - $cipher->setKeyLength(40); - break; - case '128BitRC4': - $cipher = new RC4(); - $cipher->setKeyLength(128); - break; - case '40BitRC4': - $cipher = new RC4(); - $cipher->setKeyLength(40); - break; - default: - throw new UnsupportedAlgorithmException("$algo is not a supported algorithm"); - } - - return $cipher; - } - - /** - * Returns a hash based on a PBES1 $algo - * - * @return string - * @param string $algo - */ - private static function getPBES1Hash($algo) - { - if (preg_match('#^pbeWith(MD2|MD5|SHA1|SHA)And.*?-CBC$#', $algo, $matches)) { - return $matches[1] == 'SHA' ? 'sha1' : $matches[1]; - } - - return 'sha1'; - } - - /** - * Returns a KDF baesd on a PBES1 $algo - * - * @return string - * @param string $algo - */ - private static function getPBES1KDF($algo) - { - switch ($algo) { - case 'pbeWithMD2AndDES-CBC': - case 'pbeWithMD2AndRC2-CBC': - case 'pbeWithMD5AndDES-CBC': - case 'pbeWithMD5AndRC2-CBC': - case 'pbeWithSHA1AndDES-CBC': - case 'pbeWithSHA1AndRC2-CBC': - return 'pbkdf1'; - } - - return 'pkcs12'; - } - - /** - * Returns a SymmetricKey object baesd on a PBES2 $algo - * - * @return SymmetricKey - * @param string $algo - */ - private static function getPBES2EncryptionObject($algo) - { - switch ($algo) { - case 'desCBC': - $cipher = new DES('cbc'); - break; - case 'des-EDE3-CBC': - $cipher = new TripleDES('cbc'); - break; - case 'rc2CBC': - $cipher = new RC2('cbc'); - // in theory this can be changed - $cipher->setKeyLength(128); - break; - case 'rc5-CBC-PAD': - throw new UnsupportedAlgorithmException('rc5-CBC-PAD is not supported for PBES2 PKCS#8 keys'); - case 'aes128-CBC-PAD': - case 'aes192-CBC-PAD': - case 'aes256-CBC-PAD': - $cipher = new AES('cbc'); - $cipher->setKeyLength(substr($algo, 3, 3)); - break; - default: - throw new UnsupportedAlgorithmException("$algo is not supported"); - } - - return $cipher; - } - - /** - * Initialize static variables - * - */ - private static function initialize_static_variables() - { - if (!isset(static::$childOIDsLoaded)) { - throw new InsufficientSetupException('This class should not be called directly'); - } - - if (!static::$childOIDsLoaded) { - ASN1::loadOIDs(is_array(static::OID_NAME) ? - array_combine(static::OID_NAME, static::OID_VALUE) : - [static::OID_NAME => static::OID_VALUE]); - static::$childOIDsLoaded = true; - } - if (!self::$oidsLoaded) { - // from https://tools.ietf.org/html/rfc2898 - ASN1::loadOIDs([ - // PBES1 encryption schemes - 'pbeWithMD2AndDES-CBC' => '1.2.840.113549.1.5.1', - 'pbeWithMD2AndRC2-CBC' => '1.2.840.113549.1.5.4', - 'pbeWithMD5AndDES-CBC' => '1.2.840.113549.1.5.3', - 'pbeWithMD5AndRC2-CBC' => '1.2.840.113549.1.5.6', - 'pbeWithSHA1AndDES-CBC' => '1.2.840.113549.1.5.10', - 'pbeWithSHA1AndRC2-CBC' => '1.2.840.113549.1.5.11', - - // from PKCS#12: - // https://tools.ietf.org/html/rfc7292 - 'pbeWithSHAAnd128BitRC4' => '1.2.840.113549.1.12.1.1', - 'pbeWithSHAAnd40BitRC4' => '1.2.840.113549.1.12.1.2', - 'pbeWithSHAAnd3-KeyTripleDES-CBC' => '1.2.840.113549.1.12.1.3', - 'pbeWithSHAAnd2-KeyTripleDES-CBC' => '1.2.840.113549.1.12.1.4', - 'pbeWithSHAAnd128BitRC2-CBC' => '1.2.840.113549.1.12.1.5', - 'pbeWithSHAAnd40BitRC2-CBC' => '1.2.840.113549.1.12.1.6', - - 'id-PBKDF2' => '1.2.840.113549.1.5.12', - 'id-PBES2' => '1.2.840.113549.1.5.13', - 'id-PBMAC1' => '1.2.840.113549.1.5.14', - - // from PKCS#5 v2.1: - // http://www.rsa.com/rsalabs/pkcs/files/h11302-wp-pkcs5v2-1-password-based-cryptography-standard.pdf - 'id-hmacWithSHA1' => '1.2.840.113549.2.7', - 'id-hmacWithSHA224' => '1.2.840.113549.2.8', - 'id-hmacWithSHA256' => '1.2.840.113549.2.9', - 'id-hmacWithSHA384' => '1.2.840.113549.2.10', - 'id-hmacWithSHA512' => '1.2.840.113549.2.11', - 'id-hmacWithSHA512-224' => '1.2.840.113549.2.12', - 'id-hmacWithSHA512-256' => '1.2.840.113549.2.13', - - 'desCBC' => '1.3.14.3.2.7', - 'des-EDE3-CBC' => '1.2.840.113549.3.7', - 'rc2CBC' => '1.2.840.113549.3.2', - 'rc5-CBC-PAD' => '1.2.840.113549.3.9', - - 'aes128-CBC-PAD' => '2.16.840.1.101.3.4.1.2', - 'aes192-CBC-PAD' => '2.16.840.1.101.3.4.1.22', - 'aes256-CBC-PAD' => '2.16.840.1.101.3.4.1.42' - ]); - self::$oidsLoaded = true; - } - } - - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password optional - * @return array - */ - protected static function load($key, $password = '') - { - if (!Strings::is_stringable($key)) { - throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); - } - - $isPublic = strpos($key, 'PUBLIC') !== false; - $isPrivate = strpos($key, 'PRIVATE') !== false; - - $decoded = self::preParse($key); - - $meta = []; - - $decrypted = ASN1::asn1map($decoded[0], Maps\EncryptedPrivateKeyInfo::MAP); - if (strlen($password) && is_array($decrypted)) { - $algorithm = $decrypted['encryptionAlgorithm']['algorithm']; - switch ($algorithm) { - // PBES1 - case 'pbeWithMD2AndDES-CBC': - case 'pbeWithMD2AndRC2-CBC': - case 'pbeWithMD5AndDES-CBC': - case 'pbeWithMD5AndRC2-CBC': - case 'pbeWithSHA1AndDES-CBC': - case 'pbeWithSHA1AndRC2-CBC': - case 'pbeWithSHAAnd3-KeyTripleDES-CBC': - case 'pbeWithSHAAnd2-KeyTripleDES-CBC': - case 'pbeWithSHAAnd128BitRC2-CBC': - case 'pbeWithSHAAnd40BitRC2-CBC': - case 'pbeWithSHAAnd128BitRC4': - case 'pbeWithSHAAnd40BitRC4': - $cipher = self::getPBES1EncryptionObject($algorithm); - $hash = self::getPBES1Hash($algorithm); - $kdf = self::getPBES1KDF($algorithm); - - $meta['meta']['algorithm'] = $algorithm; - - $temp = ASN1::decodeBER($decrypted['encryptionAlgorithm']['parameters']); - if (!$temp) { - throw new \RuntimeException('Unable to decode BER'); - } - extract(ASN1::asn1map($temp[0], Maps\PBEParameter::MAP)); - $iterationCount = (int) $iterationCount->toString(); - $cipher->setPassword($password, $kdf, $hash, $salt, $iterationCount); - $key = $cipher->decrypt($decrypted['encryptedData']); - $decoded = ASN1::decodeBER($key); - if (!$decoded) { - throw new \RuntimeException('Unable to decode BER 2'); - } - - break; - case 'id-PBES2': - $meta['meta']['algorithm'] = $algorithm; - - $temp = ASN1::decodeBER($decrypted['encryptionAlgorithm']['parameters']); - if (!$temp) { - throw new \RuntimeException('Unable to decode BER'); - } - $temp = ASN1::asn1map($temp[0], Maps\PBES2params::MAP); - extract($temp); - - $cipher = self::getPBES2EncryptionObject($encryptionScheme['algorithm']); - $meta['meta']['cipher'] = $encryptionScheme['algorithm']; - - $temp = ASN1::decodeBER($decrypted['encryptionAlgorithm']['parameters']); - if (!$temp) { - throw new \RuntimeException('Unable to decode BER'); - } - $temp = ASN1::asn1map($temp[0], Maps\PBES2params::MAP); - extract($temp); - - if (!$cipher instanceof RC2) { - $cipher->setIV($encryptionScheme['parameters']['octetString']); - } else { - $temp = ASN1::decodeBER($encryptionScheme['parameters']); - if (!$temp) { - throw new \RuntimeException('Unable to decode BER'); - } - extract(ASN1::asn1map($temp[0], Maps\RC2CBCParameter::MAP)); - $effectiveKeyLength = (int) $rc2ParametersVersion->toString(); - switch ($effectiveKeyLength) { - case 160: - $effectiveKeyLength = 40; - break; - case 120: - $effectiveKeyLength = 64; - break; - case 58: - $effectiveKeyLength = 128; - break; - //default: // should be >= 256 - } - $cipher->setIV($iv); - $cipher->setKeyLength($effectiveKeyLength); - } - - $meta['meta']['keyDerivationFunc'] = $keyDerivationFunc['algorithm']; - switch ($keyDerivationFunc['algorithm']) { - case 'id-PBKDF2': - $temp = ASN1::decodeBER($keyDerivationFunc['parameters']); - if (!$temp) { - throw new \RuntimeException('Unable to decode BER'); - } - $prf = ['algorithm' => 'id-hmacWithSHA1']; - $params = ASN1::asn1map($temp[0], Maps\PBKDF2params::MAP); - extract($params); - $meta['meta']['prf'] = $prf['algorithm']; - $hash = str_replace('-', '/', substr($prf['algorithm'], 11)); - $params = [ - $password, - 'pbkdf2', - $hash, - $salt, - (int) $iterationCount->toString() - ]; - if (isset($keyLength)) { - $params[] = (int) $keyLength->toString(); - } - $cipher->setPassword(...$params); - $key = $cipher->decrypt($decrypted['encryptedData']); - $decoded = ASN1::decodeBER($key); - if (!$decoded) { - throw new \RuntimeException('Unable to decode BER 3'); - } - break; - default: - throw new UnsupportedAlgorithmException('Only PBKDF2 is supported for PBES2 PKCS#8 keys'); - } - break; - case 'id-PBMAC1': - //$temp = ASN1::decodeBER($decrypted['encryptionAlgorithm']['parameters']); - //$value = ASN1::asn1map($temp[0], Maps\PBMAC1params::MAP); - // since i can't find any implementation that does PBMAC1 it is unsupported - throw new UnsupportedAlgorithmException('Only PBES1 and PBES2 PKCS#8 keys are supported.'); - // at this point we'll assume that the key conforms to PublicKeyInfo - } - } - - $private = ASN1::asn1map($decoded[0], Maps\OneAsymmetricKey::MAP); - if (is_array($private)) { - if ($isPublic) { - throw new \UnexpectedValueException('Human readable string claims public key but DER encoded string claims private key'); - } - - if (isset($private['privateKeyAlgorithm']['parameters']) && !$private['privateKeyAlgorithm']['parameters'] instanceof ASN1\Element && isset($decoded[0]['content'][1]['content'][1])) { - $temp = $decoded[0]['content'][1]['content'][1]; - $private['privateKeyAlgorithm']['parameters'] = new ASN1\Element(substr($key, $temp['start'], $temp['length'])); - } - if (is_array(static::OID_NAME)) { - if (!in_array($private['privateKeyAlgorithm']['algorithm'], static::OID_NAME)) { - throw new UnsupportedAlgorithmException($private['privateKeyAlgorithm']['algorithm'] . ' is not a supported key type'); - } - } else { - if ($private['privateKeyAlgorithm']['algorithm'] != static::OID_NAME) { - throw new UnsupportedAlgorithmException('Only ' . static::OID_NAME . ' keys are supported; this is a ' . $private['privateKeyAlgorithm']['algorithm'] . ' key'); - } - } - if (isset($private['publicKey'])) { - if ($private['publicKey'][0] != "\0") { - throw new \UnexpectedValueException('The first byte of the public key should be null - not ' . bin2hex($private['publicKey'][0])); - } - $private['publicKey'] = substr($private['publicKey'], 1); - } - return $private + $meta; - } - - // EncryptedPrivateKeyInfo and PublicKeyInfo have largely identical "signatures". the only difference - // is that the former has an octet string and the later has a bit string. the first byte of a bit - // string represents the number of bits in the last byte that are to be ignored but, currently, - // bit strings wanting a non-zero amount of bits trimmed are not supported - $public = ASN1::asn1map($decoded[0], Maps\PublicKeyInfo::MAP); - - if (is_array($public)) { - if ($isPrivate) { - throw new \UnexpectedValueException('Human readable string claims private key but DER encoded string claims public key'); - } - - if ($public['publicKey'][0] != "\0") { - throw new \UnexpectedValueException('The first byte of the public key should be null - not ' . bin2hex($public['publicKey'][0])); - } - if (is_array(static::OID_NAME)) { - if (!in_array($public['publicKeyAlgorithm']['algorithm'], static::OID_NAME)) { - throw new UnsupportedAlgorithmException($public['publicKeyAlgorithm']['algorithm'] . ' is not a supported key type'); - } - } else { - if ($public['publicKeyAlgorithm']['algorithm'] != static::OID_NAME) { - throw new UnsupportedAlgorithmException('Only ' . static::OID_NAME . ' keys are supported; this is a ' . $public['publicKeyAlgorithm']['algorithm'] . ' key'); - } - } - if (isset($public['publicKeyAlgorithm']['parameters']) && !$public['publicKeyAlgorithm']['parameters'] instanceof ASN1\Element && isset($decoded[0]['content'][0]['content'][1])) { - $temp = $decoded[0]['content'][0]['content'][1]; - $public['publicKeyAlgorithm']['parameters'] = new ASN1\Element(substr($key, $temp['start'], $temp['length'])); - } - $public['publicKey'] = substr($public['publicKey'], 1); - return $public; - } - - throw new \RuntimeException('Unable to parse using either OneAsymmetricKey or PublicKeyInfo ASN1 maps'); - } - - /** - * Wrap a private key appropriately - * - * @param string $key - * @param string $attr - * @param mixed $params - * @param string $password - * @param string $oid optional - * @param string $publicKey optional - * @param array $options optional - * @return string - */ - protected static function wrapPrivateKey($key, $attr, $params, $password, $oid = null, $publicKey = '', array $options = []) - { - self::initialize_static_variables(); - - $key = [ - 'version' => 'v1', - 'privateKeyAlgorithm' => [ - 'algorithm' => is_string(static::OID_NAME) ? static::OID_NAME : $oid - ], - 'privateKey' => $key - ]; - if ($oid != 'id-Ed25519' && $oid != 'id-Ed448') { - $key['privateKeyAlgorithm']['parameters'] = $params; - } - if (!empty($attr)) { - $key['attributes'] = $attr; - } - if (!empty($publicKey)) { - $key['version'] = 'v2'; - $key['publicKey'] = $publicKey; - } - $key = ASN1::encodeDER($key, Maps\OneAsymmetricKey::MAP); - if (!empty($password) && is_string($password)) { - $salt = Random::string(8); - - $iterationCount = isset($options['iterationCount']) ? $options['iterationCount'] : self::$defaultIterationCount; - $encryptionAlgorithm = isset($options['encryptionAlgorithm']) ? $options['encryptionAlgorithm'] : self::$defaultEncryptionAlgorithm; - $encryptionScheme = isset($options['encryptionScheme']) ? $options['encryptionScheme'] : self::$defaultEncryptionScheme; - $prf = isset($options['PRF']) ? $options['PRF'] : self::$defaultPRF; - - if ($encryptionAlgorithm == 'id-PBES2') { - $crypto = self::getPBES2EncryptionObject($encryptionScheme); - $hash = str_replace('-', '/', substr($prf, 11)); - $kdf = 'pbkdf2'; - $iv = Random::string($crypto->getBlockLength() >> 3); - - $PBKDF2params = [ - 'salt' => $salt, - 'iterationCount' => $iterationCount, - 'prf' => ['algorithm' => $prf, 'parameters' => null] - ]; - $PBKDF2params = ASN1::encodeDER($PBKDF2params, Maps\PBKDF2params::MAP); - - if (!$crypto instanceof RC2) { - $params = ['octetString' => $iv]; - } else { - $params = [ - 'rc2ParametersVersion' => 58, - 'iv' => $iv - ]; - $params = ASN1::encodeDER($params, Maps\RC2CBCParameter::MAP); - $params = new ASN1\Element($params); - } - - $params = [ - 'keyDerivationFunc' => [ - 'algorithm' => 'id-PBKDF2', - 'parameters' => new ASN1\Element($PBKDF2params) - ], - 'encryptionScheme' => [ - 'algorithm' => $encryptionScheme, - 'parameters' => $params - ] - ]; - $params = ASN1::encodeDER($params, Maps\PBES2params::MAP); - - $crypto->setIV($iv); - } else { - $crypto = self::getPBES1EncryptionObject($encryptionAlgorithm); - $hash = self::getPBES1Hash($encryptionAlgorithm); - $kdf = self::getPBES1KDF($encryptionAlgorithm); - - $params = [ - 'salt' => $salt, - 'iterationCount' => $iterationCount - ]; - $params = ASN1::encodeDER($params, Maps\PBEParameter::MAP); - } - $crypto->setPassword($password, $kdf, $hash, $salt, $iterationCount); - $key = $crypto->encrypt($key); - - $key = [ - 'encryptionAlgorithm' => [ - 'algorithm' => $encryptionAlgorithm, - 'parameters' => new ASN1\Element($params) - ], - 'encryptedData' => $key - ]; - - $key = ASN1::encodeDER($key, Maps\EncryptedPrivateKeyInfo::MAP); - - return "-----BEGIN ENCRYPTED PRIVATE KEY-----\r\n" . - chunk_split(Strings::base64_encode($key), 64) . - "-----END ENCRYPTED PRIVATE KEY-----"; - } - - return "-----BEGIN PRIVATE KEY-----\r\n" . - chunk_split(Strings::base64_encode($key), 64) . - "-----END PRIVATE KEY-----"; - } - - /** - * Wrap a public key appropriately - * - * @param string $key - * @param mixed $params - * @param string $oid - * @return string - */ - protected static function wrapPublicKey($key, $params, $oid = null) - { - self::initialize_static_variables(); - - $key = [ - 'publicKeyAlgorithm' => [ - 'algorithm' => is_string(static::OID_NAME) ? static::OID_NAME : $oid - ], - 'publicKey' => "\0" . $key - ]; - - if ($oid != 'id-Ed25519' && $oid != 'id-Ed448') { - $key['publicKeyAlgorithm']['parameters'] = $params; - } - - $key = ASN1::encodeDER($key, Maps\PublicKeyInfo::MAP); - - return "-----BEGIN PUBLIC KEY-----\r\n" . - chunk_split(Strings::base64_encode($key), 64) . - "-----END PUBLIC KEY-----"; - } - - /** - * Perform some preliminary parsing of the key - * - * @param string $key - * @return array - */ - private static function preParse(&$key) - { - self::initialize_static_variables(); - - if (self::$format != self::MODE_DER) { - $decoded = ASN1::extractBER($key); - if ($decoded !== false) { - $key = $decoded; - } elseif (self::$format == self::MODE_PEM) { - throw new \UnexpectedValueException('Expected base64-encoded PEM format but was unable to decode base64 text'); - } - } - - $decoded = ASN1::decodeBER($key); - if (!$decoded) { - throw new \RuntimeException('Unable to decode BER'); - } - - return $decoded; - } - - /** - * Returns the encryption parameters used by the key - * - * @param string $key - * @return array - */ - public static function extractEncryptionAlgorithm($key) - { - if (!Strings::is_stringable($key)) { - throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); - } - - $decoded = self::preParse($key); - - $r = ASN1::asn1map($decoded[0], ASN1\Maps\EncryptedPrivateKeyInfo::MAP); - if (!is_array($r)) { - throw new \RuntimeException('Unable to parse using EncryptedPrivateKeyInfo map'); - } - - if ($r['encryptionAlgorithm']['algorithm'] == 'id-PBES2') { - $decoded = ASN1::decodeBER($r['encryptionAlgorithm']['parameters']->element); - if (!$decoded) { - throw new \RuntimeException('Unable to decode BER'); - } - $r['encryptionAlgorithm']['parameters'] = ASN1::asn1map($decoded[0], ASN1\Maps\PBES2params::MAP); - - $kdf = &$r['encryptionAlgorithm']['parameters']['keyDerivationFunc']; - switch ($kdf['algorithm']) { - case 'id-PBKDF2': - $decoded = ASN1::decodeBER($kdf['parameters']->element); - if (!$decoded) { - throw new \RuntimeException('Unable to decode BER'); - } - $kdf['parameters'] = ASN1::asn1map($decoded[0], Maps\PBKDF2params::MAP); - } - } - - return $r['encryptionAlgorithm']; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PuTTY.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PuTTY.php deleted file mode 100644 index 85da83a..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PuTTY.php +++ /dev/null @@ -1,374 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\Common\Formats\Keys; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\AES; -use phpseclib3\Crypt\Hash; -use phpseclib3\Crypt\Random; -use phpseclib3\Exception\UnsupportedAlgorithmException; - -/** - * PuTTY Formatted Key Handler - * - * @author Jim Wigginton - */ -abstract class PuTTY -{ - /** - * Default comment - * - * @var string - */ - private static $comment = 'phpseclib-generated-key'; - - /** - * Default version - * - * @var int - */ - private static $version = 2; - - /** - * Sets the default comment - * - * @param string $comment - */ - public static function setComment($comment) - { - self::$comment = str_replace(["\r", "\n"], '', $comment); - } - - /** - * Sets the default version - * - * @param int $version - */ - public static function setVersion($version) - { - if ($version != 2 && $version != 3) { - throw new \RuntimeException('Only supported versions are 2 and 3'); - } - self::$version = $version; - } - - /** - * Generate a symmetric key for PuTTY v2 keys - * - * @param string $password - * @param int $length - * @return string - */ - private static function generateV2Key($password, $length) - { - $symkey = ''; - $sequence = 0; - while (strlen($symkey) < $length) { - $temp = pack('Na*', $sequence++, $password); - $symkey .= Strings::hex2bin(sha1($temp)); - } - return substr($symkey, 0, $length); - } - - /** - * Generate a symmetric key for PuTTY v3 keys - * - * @param string $password - * @param string $flavour - * @param int $memory - * @param int $passes - * @param string $salt - * @return array - */ - private static function generateV3Key($password, $flavour, $memory, $passes, $salt) - { - if (!function_exists('sodium_crypto_pwhash')) { - throw new \RuntimeException('sodium_crypto_pwhash needs to exist for Argon2 password hasing'); - } - - switch ($flavour) { - case 'Argon2i': - $flavour = SODIUM_CRYPTO_PWHASH_ALG_ARGON2I13; - break; - case 'Argon2id': - $flavour = SODIUM_CRYPTO_PWHASH_ALG_ARGON2ID13; - break; - default: - throw new UnsupportedAlgorithmException('Only Argon2i and Argon2id are supported'); - } - - $length = 80; // keylen + ivlen + mac_keylen - $temp = sodium_crypto_pwhash($length, $password, $salt, $passes, $memory << 10, $flavour); - - $symkey = substr($temp, 0, 32); - $symiv = substr($temp, 32, 16); - $hashkey = substr($temp, -32); - - return compact('symkey', 'symiv', 'hashkey'); - } - - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password - * @return array - */ - public static function load($key, $password) - { - if (!Strings::is_stringable($key)) { - throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); - } - - if (strpos($key, 'BEGIN SSH2 PUBLIC KEY') !== false) { - $lines = preg_split('#[\r\n]+#', $key); - switch (true) { - case $lines[0] != '---- BEGIN SSH2 PUBLIC KEY ----': - throw new \UnexpectedValueException('Key doesn\'t start with ---- BEGIN SSH2 PUBLIC KEY ----'); - case $lines[count($lines) - 1] != '---- END SSH2 PUBLIC KEY ----': - throw new \UnexpectedValueException('Key doesn\'t end with ---- END SSH2 PUBLIC KEY ----'); - } - $lines = array_splice($lines, 1, -1); - $lines = array_map(function ($line) { - return rtrim($line, "\r\n"); - }, $lines); - $data = $current = ''; - $values = []; - $in_value = false; - foreach ($lines as $line) { - switch (true) { - case preg_match('#^(.*?): (.*)#', $line, $match): - $in_value = $line[strlen($line) - 1] == '\\'; - $current = strtolower($match[1]); - $values[$current] = $in_value ? substr($match[2], 0, -1) : $match[2]; - break; - case $in_value: - $in_value = $line[strlen($line) - 1] == '\\'; - $values[$current] .= $in_value ? substr($line, 0, -1) : $line; - break; - default: - $data .= $line; - } - } - - $components = call_user_func([static::PUBLIC_HANDLER, 'load'], $data); - if ($components === false) { - throw new \UnexpectedValueException('Unable to decode public key'); - } - $components += $values; - $components['comment'] = str_replace(['\\\\', '\"'], ['\\', '"'], $values['comment']); - - return $components; - } - - $components = []; - - $key = preg_split('#\r\n|\r|\n#', trim($key)); - if (Strings::shift($key[0], strlen('PuTTY-User-Key-File-')) != 'PuTTY-User-Key-File-') { - return false; - } - $version = (int) Strings::shift($key[0], 3); // should be either "2: " or "3: 0" prior to int casting - if ($version != 2 && $version != 3) { - throw new \RuntimeException('Only v2 and v3 PuTTY private keys are supported'); - } - $components['type'] = $type = rtrim($key[0]); - if (!in_array($type, static::$types)) { - $error = count(static::$types) == 1 ? - 'Only ' . static::$types[0] . ' keys are supported. ' : - ''; - throw new UnsupportedAlgorithmException($error . 'This is an unsupported ' . $type . ' key'); - } - $encryption = trim(preg_replace('#Encryption: (.+)#', '$1', $key[1])); - $components['comment'] = trim(preg_replace('#Comment: (.+)#', '$1', $key[2])); - - $publicLength = trim(preg_replace('#Public-Lines: (\d+)#', '$1', $key[3])); - $public = Strings::base64_decode(implode('', array_map('trim', array_slice($key, 4, $publicLength)))); - - $source = Strings::packSSH2('ssss', $type, $encryption, $components['comment'], $public); - - extract(unpack('Nlength', Strings::shift($public, 4))); - $newtype = Strings::shift($public, $length); - if ($newtype != $type) { - throw new \RuntimeException('The binary type does not match the human readable type field'); - } - - $components['public'] = $public; - - switch ($version) { - case 3: - $hashkey = ''; - break; - case 2: - $hashkey = 'putty-private-key-file-mac-key'; - } - - $offset = $publicLength + 4; - switch ($encryption) { - case 'aes256-cbc': - $crypto = new AES('cbc'); - switch ($version) { - case 3: - $flavour = trim(preg_replace('#Key-Derivation: (.*)#', '$1', $key[$offset++])); - $memory = trim(preg_replace('#Argon2-Memory: (\d+)#', '$1', $key[$offset++])); - $passes = trim(preg_replace('#Argon2-Passes: (\d+)#', '$1', $key[$offset++])); - $parallelism = trim(preg_replace('#Argon2-Parallelism: (\d+)#', '$1', $key[$offset++])); - $salt = Strings::hex2bin(trim(preg_replace('#Argon2-Salt: ([0-9a-f]+)#', '$1', $key[$offset++]))); - - extract(self::generateV3Key($password, $flavour, $memory, $passes, $salt)); - - break; - case 2: - $symkey = self::generateV2Key($password, 32); - $symiv = str_repeat("\0", $crypto->getBlockLength() >> 3); - $hashkey .= $password; - } - } - - switch ($version) { - case 3: - $hash = new Hash('sha256'); - $hash->setKey($hashkey); - break; - case 2: - $hash = new Hash('sha1'); - $hash->setKey(sha1($hashkey, true)); - } - - $privateLength = trim(preg_replace('#Private-Lines: (\d+)#', '$1', $key[$offset++])); - $private = Strings::base64_decode(implode('', array_map('trim', array_slice($key, $offset, $privateLength)))); - - if ($encryption != 'none') { - $crypto->setKey($symkey); - $crypto->setIV($symiv); - $crypto->disablePadding(); - $private = $crypto->decrypt($private); - } - - $source .= Strings::packSSH2('s', $private); - - $hmac = trim(preg_replace('#Private-MAC: (.+)#', '$1', $key[$offset + $privateLength])); - $hmac = Strings::hex2bin($hmac); - - if (!hash_equals($hash->hash($source), $hmac)) { - throw new \UnexpectedValueException('MAC validation error'); - } - - $components['private'] = $private; - - return $components; - } - - /** - * Wrap a private key appropriately - * - * @param string $public - * @param string $private - * @param string $type - * @param string $password - * @param array $options optional - * @return string - */ - protected static function wrapPrivateKey($public, $private, $type, $password, array $options = []) - { - $encryption = (!empty($password) || is_string($password)) ? 'aes256-cbc' : 'none'; - $comment = isset($options['comment']) ? $options['comment'] : self::$comment; - $version = isset($options['version']) ? $options['version'] : self::$version; - - $key = "PuTTY-User-Key-File-$version: $type\r\n"; - $key .= "Encryption: $encryption\r\n"; - $key .= "Comment: $comment\r\n"; - - $public = Strings::packSSH2('s', $type) . $public; - - $source = Strings::packSSH2('ssss', $type, $encryption, $comment, $public); - - $public = Strings::base64_encode($public); - $key .= "Public-Lines: " . ((strlen($public) + 63) >> 6) . "\r\n"; - $key .= chunk_split($public, 64); - - if (empty($password) && !is_string($password)) { - $source .= Strings::packSSH2('s', $private); - switch ($version) { - case 3: - $hash = new Hash('sha256'); - $hash->setKey(''); - break; - case 2: - $hash = new Hash('sha1'); - $hash->setKey(sha1('putty-private-key-file-mac-key', true)); - } - } else { - $private .= Random::string(16 - (strlen($private) & 15)); - $source .= Strings::packSSH2('s', $private); - $crypto = new AES('cbc'); - - switch ($version) { - case 3: - $salt = Random::string(16); - $key .= "Key-Derivation: Argon2id\r\n"; - $key .= "Argon2-Memory: 8192\r\n"; - $key .= "Argon2-Passes: 13\r\n"; - $key .= "Argon2-Parallelism: 1\r\n"; - $key .= "Argon2-Salt: " . Strings::bin2hex($salt) . "\r\n"; - extract(self::generateV3Key($password, 'Argon2id', 8192, 13, $salt)); - - $hash = new Hash('sha256'); - $hash->setKey($hashkey); - - break; - case 2: - $symkey = self::generateV2Key($password, 32); - $symiv = str_repeat("\0", $crypto->getBlockLength() >> 3); - $hashkey = 'putty-private-key-file-mac-key' . $password; - - $hash = new Hash('sha1'); - $hash->setKey(sha1($hashkey, true)); - } - - $crypto->setKey($symkey); - $crypto->setIV($symiv); - $crypto->disablePadding(); - $private = $crypto->encrypt($private); - $mac = $hash->hash($source); - } - - $private = Strings::base64_encode($private); - $key .= 'Private-Lines: ' . ((strlen($private) + 63) >> 6) . "\r\n"; - $key .= chunk_split($private, 64); - $key .= 'Private-MAC: ' . Strings::bin2hex($hash->hash($source)) . "\r\n"; - - return $key; - } - - /** - * Wrap a public key appropriately - * - * This is basically the format described in RFC 4716 (https://tools.ietf.org/html/rfc4716) - * - * @param string $key - * @param string $type - * @return string - */ - protected static function wrapPublicKey($key, $type) - { - $key = pack('Na*a*', strlen($type), $type, $key); - $key = "---- BEGIN SSH2 PUBLIC KEY ----\r\n" . - 'Comment: "' . str_replace(['\\', '"'], ['\\\\', '\"'], self::$comment) . "\"\r\n" . - chunk_split(Strings::base64_encode($key), 64) . - '---- END SSH2 PUBLIC KEY ----'; - return $key; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Signature/Raw.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Signature/Raw.php deleted file mode 100644 index ab8e7e4..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Signature/Raw.php +++ /dev/null @@ -1,60 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\Common\Formats\Signature; - -use phpseclib3\Math\BigInteger; - -/** - * Raw Signature Handler - * - * @author Jim Wigginton - */ -abstract class Raw -{ - /** - * Loads a signature - * - * @param array $sig - * @return array|bool - */ - public static function load($sig) - { - switch (true) { - case !is_array($sig): - case !isset($sig['r']) || !isset($sig['s']): - case !$sig['r'] instanceof BigInteger: - case !$sig['s'] instanceof BigInteger: - return false; - } - - return [ - 'r' => $sig['r'], - 's' => $sig['s'] - ]; - } - - /** - * Returns a signature in the appropriate format - * - * @param \phpseclib3\Math\BigInteger $r - * @param \phpseclib3\Math\BigInteger $s - * @return string - */ - public static function save(BigInteger $r, BigInteger $s) - { - return compact('r', 's'); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/PrivateKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/PrivateKey.php deleted file mode 100644 index a6e1eb0..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/PrivateKey.php +++ /dev/null @@ -1,31 +0,0 @@ - - * @copyright 2009 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\Common; - -/** - * PrivateKey interface - * - * @author Jim Wigginton - */ -interface PrivateKey -{ - public function sign($message); - //public function decrypt($ciphertext); - public function getPublicKey(); - public function toString($type, array $options = []); - - /** - * @param string|false $password - * @return mixed - */ - public function withPassword($password = false); -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/PublicKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/PublicKey.php deleted file mode 100644 index 48a5875..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/PublicKey.php +++ /dev/null @@ -1,25 +0,0 @@ - - * @copyright 2009 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\Common; - -/** - * PublicKey interface - * - * @author Jim Wigginton - */ -interface PublicKey -{ - public function verify($message, $signature); - //public function encrypt($plaintext); - public function toString($type, array $options = []); - public function getFingerprint($algorithm); -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/StreamCipher.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/StreamCipher.php deleted file mode 100644 index 0e2d6f0..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/StreamCipher.php +++ /dev/null @@ -1,54 +0,0 @@ - - * @author Hans-Juergen Petrich - * @copyright 2007 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\Common; - -/** - * Base Class for all stream cipher classes - * - * @author Jim Wigginton - */ -abstract class StreamCipher extends SymmetricKey -{ - /** - * Block Length of the cipher - * - * Stream ciphers do not have a block size - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::block_size - * @var int - */ - protected $block_size = 0; - - /** - * Default Constructor. - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() - * @return \phpseclib3\Crypt\Common\StreamCipher - */ - public function __construct() - { - parent::__construct('stream'); - } - - /** - * Stream ciphers not use an IV - * - * @return bool - */ - public function usesIV() - { - return false; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/SymmetricKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/SymmetricKey.php deleted file mode 100644 index 175508d..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/SymmetricKey.php +++ /dev/null @@ -1,3398 +0,0 @@ - - * @author Hans-Juergen Petrich - * @copyright 2007 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\Common; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\Blowfish; -use phpseclib3\Crypt\Hash; -use phpseclib3\Exception\BadDecryptionException; -use phpseclib3\Exception\BadModeException; -use phpseclib3\Exception\InconsistentSetupException; -use phpseclib3\Exception\InsufficientSetupException; -use phpseclib3\Exception\UnsupportedAlgorithmException; -use phpseclib3\Math\BigInteger; -use phpseclib3\Math\BinaryField; -use phpseclib3\Math\PrimeField; - -/** - * Base Class for all \phpseclib3\Crypt\* cipher classes - * - * @author Jim Wigginton - * @author Hans-Juergen Petrich - */ -abstract class SymmetricKey -{ - /** - * Encrypt / decrypt using the Counter mode. - * - * Set to -1 since that's what Crypt/Random.php uses to index the CTR mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 - * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() - * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() - */ - const MODE_CTR = -1; - /** - * Encrypt / decrypt using the Electronic Code Book mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 - * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() - * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() - */ - const MODE_ECB = 1; - /** - * Encrypt / decrypt using the Code Book Chaining mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 - * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() - * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() - */ - const MODE_CBC = 2; - /** - * Encrypt / decrypt using the Cipher Feedback mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 - * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() - * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() - */ - const MODE_CFB = 3; - /** - * Encrypt / decrypt using the Cipher Feedback mode (8bit) - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() - * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() - */ - const MODE_CFB8 = 7; - /** - * Encrypt / decrypt using the Output Feedback mode (8bit) - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() - * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() - */ - const MODE_OFB8 = 8; - /** - * Encrypt / decrypt using the Output Feedback mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 - * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() - * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() - */ - const MODE_OFB = 4; - /** - * Encrypt / decrypt using Galois/Counter mode. - * - * @link https://en.wikipedia.org/wiki/Galois/Counter_Mode - * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() - * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() - */ - const MODE_GCM = 5; - /** - * Encrypt / decrypt using streaming mode. - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() - * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() - */ - const MODE_STREAM = 6; - - /** - * Mode Map - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() - */ - const MODE_MAP = [ - 'ctr' => self::MODE_CTR, - 'ecb' => self::MODE_ECB, - 'cbc' => self::MODE_CBC, - 'cfb' => self::MODE_CFB, - 'cfb8' => self::MODE_CFB8, - 'ofb' => self::MODE_OFB, - 'ofb8' => self::MODE_OFB8, - 'gcm' => self::MODE_GCM, - 'stream' => self::MODE_STREAM - ]; - - /** - * Base value for the internal implementation $engine switch - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() - */ - const ENGINE_INTERNAL = 1; - /** - * Base value for the eval() implementation $engine switch - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() - */ - const ENGINE_EVAL = 2; - /** - * Base value for the mcrypt implementation $engine switch - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() - */ - const ENGINE_MCRYPT = 3; - /** - * Base value for the openssl implementation $engine switch - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() - */ - const ENGINE_OPENSSL = 4; - /** - * Base value for the libsodium implementation $engine switch - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() - */ - const ENGINE_LIBSODIUM = 5; - /** - * Base value for the openssl / gcm implementation $engine switch - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() - */ - const ENGINE_OPENSSL_GCM = 6; - - /** - * Engine Reverse Map - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::getEngine() - */ - const ENGINE_MAP = [ - self::ENGINE_INTERNAL => 'PHP', - self::ENGINE_EVAL => 'Eval', - self::ENGINE_MCRYPT => 'mcrypt', - self::ENGINE_OPENSSL => 'OpenSSL', - self::ENGINE_LIBSODIUM => 'libsodium', - self::ENGINE_OPENSSL_GCM => 'OpenSSL (GCM)' - ]; - - /** - * The Encryption Mode - * - * @see self::__construct() - * @var int - */ - protected $mode; - - /** - * The Block Length of the block cipher - * - * @var int - */ - protected $block_size = 16; - - /** - * The Key - * - * @see self::setKey() - * @var string - */ - protected $key = false; - - /** - * HMAC Key - * - * @see self::setupGCM() - * @var ?string - */ - protected $hKey = false; - - /** - * The Initialization Vector - * - * @see self::setIV() - * @var string - */ - protected $iv = false; - - /** - * A "sliding" Initialization Vector - * - * @see self::enableContinuousBuffer() - * @see self::clearBuffers() - * @var string - */ - protected $encryptIV; - - /** - * A "sliding" Initialization Vector - * - * @see self::enableContinuousBuffer() - * @see self::clearBuffers() - * @var string - */ - protected $decryptIV; - - /** - * Continuous Buffer status - * - * @see self::enableContinuousBuffer() - * @var bool - */ - protected $continuousBuffer = false; - - /** - * Encryption buffer for CTR, OFB and CFB modes - * - * @see self::encrypt() - * @see self::clearBuffers() - * @var array - */ - protected $enbuffer; - - /** - * Decryption buffer for CTR, OFB and CFB modes - * - * @see self::decrypt() - * @see self::clearBuffers() - * @var array - */ - protected $debuffer; - - /** - * mcrypt resource for encryption - * - * The mcrypt resource can be recreated every time something needs to be created or it can be created just once. - * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode. - * - * @see self::encrypt() - * @var resource - */ - private $enmcrypt; - - /** - * mcrypt resource for decryption - * - * The mcrypt resource can be recreated every time something needs to be created or it can be created just once. - * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode. - * - * @see self::decrypt() - * @var resource - */ - private $demcrypt; - - /** - * Does the enmcrypt resource need to be (re)initialized? - * - * @see \phpseclib3\Crypt\Twofish::setKey() - * @see \phpseclib3\Crypt\Twofish::setIV() - * @var bool - */ - private $enchanged = true; - - /** - * Does the demcrypt resource need to be (re)initialized? - * - * @see \phpseclib3\Crypt\Twofish::setKey() - * @see \phpseclib3\Crypt\Twofish::setIV() - * @var bool - */ - private $dechanged = true; - - /** - * mcrypt resource for CFB mode - * - * mcrypt's CFB mode, in (and only in) buffered context, - * is broken, so phpseclib implements the CFB mode by it self, - * even when the mcrypt php extension is available. - * - * In order to do the CFB-mode work (fast) phpseclib - * use a separate ECB-mode mcrypt resource. - * - * @link http://phpseclib.sourceforge.net/cfb-demo.phps - * @see self::encrypt() - * @see self::decrypt() - * @see self::setupMcrypt() - * @var resource - */ - private $ecb; - - /** - * Optimizing value while CFB-encrypting - * - * Only relevant if $continuousBuffer enabled - * and $engine == self::ENGINE_MCRYPT - * - * It's faster to re-init $enmcrypt if - * $buffer bytes > $cfb_init_len than - * using the $ecb resource furthermore. - * - * This value depends of the chosen cipher - * and the time it would be needed for it's - * initialization [by mcrypt_generic_init()] - * which, typically, depends on the complexity - * on its internaly Key-expanding algorithm. - * - * @see self::encrypt() - * @var int - */ - protected $cfb_init_len = 600; - - /** - * Does internal cipher state need to be (re)initialized? - * - * @see self::setKey() - * @see self::setIV() - * @see self::disableContinuousBuffer() - * @var bool - */ - protected $changed = true; - - /** - * Does Eval engie need to be (re)initialized? - * - * @see self::setup() - * @var bool - */ - protected $nonIVChanged = true; - - /** - * Padding status - * - * @see self::enablePadding() - * @var bool - */ - private $padding = true; - - /** - * Is the mode one that is paddable? - * - * @see self::__construct() - * @var bool - */ - private $paddable = false; - - /** - * Holds which crypt engine internaly should be use, - * which will be determined automatically on __construct() - * - * Currently available $engines are: - * - self::ENGINE_LIBSODIUM (very fast, php-extension: libsodium, extension_loaded('libsodium') required) - * - self::ENGINE_OPENSSL_GCM (very fast, php-extension: openssl, extension_loaded('openssl') required) - * - self::ENGINE_OPENSSL (very fast, php-extension: openssl, extension_loaded('openssl') required) - * - self::ENGINE_MCRYPT (fast, php-extension: mcrypt, extension_loaded('mcrypt') required) - * - self::ENGINE_EVAL (medium, pure php-engine, no php-extension required) - * - self::ENGINE_INTERNAL (slower, pure php-engine, no php-extension required) - * - * @see self::setEngine() - * @see self::encrypt() - * @see self::decrypt() - * @var int - */ - protected $engine; - - /** - * Holds the preferred crypt engine - * - * @see self::setEngine() - * @see self::setPreferredEngine() - * @var int - */ - private $preferredEngine; - - /** - * The mcrypt specific name of the cipher - * - * Only used if $engine == self::ENGINE_MCRYPT - * - * @link http://www.php.net/mcrypt_module_open - * @link http://www.php.net/mcrypt_list_algorithms - * @see self::setupMcrypt() - * @var string - */ - protected $cipher_name_mcrypt; - - /** - * The openssl specific name of the cipher - * - * Only used if $engine == self::ENGINE_OPENSSL - * - * @link http://www.php.net/openssl-get-cipher-methods - * @var string - */ - protected $cipher_name_openssl; - - /** - * The openssl specific name of the cipher in ECB mode - * - * If OpenSSL does not support the mode we're trying to use (CTR) - * it can still be emulated with ECB mode. - * - * @link http://www.php.net/openssl-get-cipher-methods - * @var string - */ - protected $cipher_name_openssl_ecb; - - /** - * The default salt used by setPassword() - * - * @see self::setPassword() - * @var string - */ - private $password_default_salt = 'phpseclib/salt'; - - /** - * The name of the performance-optimized callback function - * - * Used by encrypt() / decrypt() - * only if $engine == self::ENGINE_INTERNAL - * - * @see self::encrypt() - * @see self::decrypt() - * @see self::setupInlineCrypt() - * @var Callback - */ - protected $inline_crypt; - - /** - * If OpenSSL can be used in ECB but not in CTR we can emulate CTR - * - * @see self::openssl_ctr_process() - * @var bool - */ - private $openssl_emulate_ctr = false; - - /** - * Don't truncate / null pad key - * - * @see self::clearBuffers() - * @var bool - */ - private $skip_key_adjustment = false; - - /** - * Has the key length explicitly been set or should it be derived from the key, itself? - * - * @see self::setKeyLength() - * @var bool - */ - protected $explicit_key_length = false; - - /** - * Hash subkey for GHASH - * - * @see self::setupGCM() - * @see self::ghash() - * @var BinaryField\Integer - */ - private $h; - - /** - * Additional authenticated data - * - * @var string - */ - protected $aad = ''; - - /** - * Authentication Tag produced after a round of encryption - * - * @var string - */ - protected $newtag = false; - - /** - * Authentication Tag to be verified during decryption - * - * @var string - */ - protected $oldtag = false; - - /** - * GCM Binary Field - * - * @see self::__construct() - * @see self::ghash() - * @var BinaryField - */ - private static $gcmField; - - /** - * Poly1305 Prime Field - * - * @see self::enablePoly1305() - * @see self::poly1305() - * @var PrimeField - */ - private static $poly1305Field; - - /** - * Flag for using regular vs "safe" intval - * - * @see self::initialize_static_variables() - * @var boolean - */ - protected static $use_reg_intval; - - /** - * Poly1305 Key - * - * @see self::setPoly1305Key() - * @see self::poly1305() - * @var string - */ - protected $poly1305Key; - - /** - * Poly1305 Flag - * - * @see self::setPoly1305Key() - * @see self::enablePoly1305() - * @var boolean - */ - protected $usePoly1305 = false; - - /** - * The Original Initialization Vector - * - * GCM uses the nonce to build the IV but we want to be able to distinguish between nonce-derived - * IV's and user-set IV's - * - * @see self::setIV() - * @var string - */ - private $origIV = false; - - /** - * Nonce - * - * Only used with GCM. We could re-use setIV() but nonce's can be of a different length and - * toggling between GCM and other modes could be more complicated if we re-used setIV() - * - * @see self::setNonce() - * @var string - */ - protected $nonce = false; - - /** - * Default Constructor. - * - * $mode could be: - * - * - ecb - * - * - cbc - * - * - ctr - * - * - cfb - * - * - cfb8 - * - * - ofb - * - * - ofb8 - * - * - gcm - * - * @param string $mode - * @throws BadModeException if an invalid / unsupported mode is provided - */ - public function __construct($mode) - { - $mode = strtolower($mode); - // necessary because of 5.6 compatibility; we can't do isset(self::MODE_MAP[$mode]) in 5.6 - $map = self::MODE_MAP; - if (!isset($map[$mode])) { - throw new BadModeException('No valid mode has been specified'); - } - - $mode = self::MODE_MAP[$mode]; - - // $mode dependent settings - switch ($mode) { - case self::MODE_ECB: - case self::MODE_CBC: - $this->paddable = true; - break; - case self::MODE_CTR: - case self::MODE_CFB: - case self::MODE_CFB8: - case self::MODE_OFB: - case self::MODE_OFB8: - case self::MODE_STREAM: - $this->paddable = false; - break; - case self::MODE_GCM: - if ($this->block_size != 16) { - throw new BadModeException('GCM is only valid for block ciphers with a block size of 128 bits'); - } - if (!isset(self::$gcmField)) { - self::$gcmField = new BinaryField(128, 7, 2, 1, 0); - } - $this->paddable = false; - break; - default: - throw new BadModeException('No valid mode has been specified'); - } - - $this->mode = $mode; - - static::initialize_static_variables(); - } - - /** - * Initialize static variables - */ - protected static function initialize_static_variables() - { - if (!isset(self::$use_reg_intval)) { - switch (true) { - // PHP_OS & "\xDF\xDF\xDF" == strtoupper(substr(PHP_OS, 0, 3)), but a lot faster - case (PHP_OS & "\xDF\xDF\xDF") === 'WIN': - case !function_exists('php_uname'): - case !is_string(php_uname('m')): - case (php_uname('m') & "\xDF\xDF\xDF") != 'ARM': - case defined('PHP_INT_SIZE') && PHP_INT_SIZE == 8: - self::$use_reg_intval = true; - break; - case (php_uname('m') & "\xDF\xDF\xDF") == 'ARM': - switch (true) { - /* PHP 7.0.0 introduced a bug that affected 32-bit ARM processors: - - https://github.com/php/php-src/commit/716da71446ebbd40fa6cf2cea8a4b70f504cc3cd - - altho the changelogs make no mention of it, this bug was fixed with this commit: - - https://github.com/php/php-src/commit/c1729272b17a1fe893d1a54e423d3b71470f3ee8 - - affected versions of PHP are: 7.0.x, 7.1.0 - 7.1.23 and 7.2.0 - 7.2.11 */ - case PHP_VERSION_ID >= 70000 && PHP_VERSION_ID <= 70123: - case PHP_VERSION_ID >= 70200 && PHP_VERSION_ID <= 70211: - self::$use_reg_intval = false; - break; - default: - self::$use_reg_intval = true; - } - } - } - } - - /** - * Sets the initialization vector. - * - * setIV() is not required when ecb or gcm modes are being used. - * - * {@internal Can be overwritten by a sub class, but does not have to be} - * - * @param string $iv - * @throws \LengthException if the IV length isn't equal to the block size - * @throws \BadMethodCallException if an IV is provided when one shouldn't be - */ - public function setIV($iv) - { - if ($this->mode == self::MODE_ECB) { - throw new \BadMethodCallException('This mode does not require an IV.'); - } - - if ($this->mode == self::MODE_GCM) { - throw new \BadMethodCallException('Use setNonce instead'); - } - - if (!$this->usesIV()) { - throw new \BadMethodCallException('This algorithm does not use an IV.'); - } - - if (strlen($iv) != $this->block_size) { - throw new \LengthException('Received initialization vector of size ' . strlen($iv) . ', but size ' . $this->block_size . ' is required'); - } - - $this->iv = $this->origIV = $iv; - $this->changed = true; - } - - /** - * Enables Poly1305 mode. - * - * Once enabled Poly1305 cannot be disabled. - * - * @throws \BadMethodCallException if Poly1305 is enabled whilst in GCM mode - */ - public function enablePoly1305() - { - if ($this->mode == self::MODE_GCM) { - throw new \BadMethodCallException('Poly1305 cannot be used in GCM mode'); - } - - $this->usePoly1305 = true; - } - - /** - * Enables Poly1305 mode. - * - * Once enabled Poly1305 cannot be disabled. If $key is not passed then an attempt to call createPoly1305Key - * will be made. - * - * @param string $key optional - * @throws \LengthException if the key isn't long enough - * @throws \BadMethodCallException if Poly1305 is enabled whilst in GCM mode - */ - public function setPoly1305Key($key = null) - { - if ($this->mode == self::MODE_GCM) { - throw new \BadMethodCallException('Poly1305 cannot be used in GCM mode'); - } - - if (!is_string($key) || strlen($key) != 32) { - throw new \LengthException('The Poly1305 key must be 32 bytes long (256 bits)'); - } - - if (!isset(self::$poly1305Field)) { - // 2^130-5 - self::$poly1305Field = new PrimeField(new BigInteger('3fffffffffffffffffffffffffffffffb', 16)); - } - - $this->poly1305Key = $key; - $this->usePoly1305 = true; - } - - /** - * Sets the nonce. - * - * setNonce() is only required when gcm is used - * - * @param string $nonce - * @throws \BadMethodCallException if an nonce is provided when one shouldn't be - */ - public function setNonce($nonce) - { - if ($this->mode != self::MODE_GCM) { - throw new \BadMethodCallException('Nonces are only used in GCM mode.'); - } - - $this->nonce = $nonce; - $this->setEngine(); - } - - /** - * Sets additional authenticated data - * - * setAAD() is only used by gcm or in poly1305 mode - * - * @param string $aad - * @throws \BadMethodCallException if mode isn't GCM or if poly1305 isn't being utilized - */ - public function setAAD($aad) - { - if ($this->mode != self::MODE_GCM && !$this->usePoly1305) { - throw new \BadMethodCallException('Additional authenticated data is only utilized in GCM mode or with Poly1305'); - } - - $this->aad = $aad; - } - - /** - * Returns whether or not the algorithm uses an IV - * - * @return bool - */ - public function usesIV() - { - return $this->mode != self::MODE_GCM && $this->mode != self::MODE_ECB; - } - - /** - * Returns whether or not the algorithm uses a nonce - * - * @return bool - */ - public function usesNonce() - { - return $this->mode == self::MODE_GCM; - } - - /** - * Returns the current key length in bits - * - * @return int - */ - public function getKeyLength() - { - return $this->key_length << 3; - } - - /** - * Returns the current block length in bits - * - * @return int - */ - public function getBlockLength() - { - return $this->block_size << 3; - } - - /** - * Returns the current block length in bytes - * - * @return int - */ - public function getBlockLengthInBytes() - { - return $this->block_size; - } - - /** - * Sets the key length. - * - * Keys with explicitly set lengths need to be treated accordingly - * - * @param int $length - */ - public function setKeyLength($length) - { - $this->explicit_key_length = $length >> 3; - - if (is_string($this->key) && strlen($this->key) != $this->explicit_key_length) { - $this->key = false; - throw new InconsistentSetupException('Key has already been set and is not ' . $this->explicit_key_length . ' bytes long'); - } - } - - /** - * Sets the key. - * - * The min/max length(s) of the key depends on the cipher which is used. - * If the key not fits the length(s) of the cipher it will paded with null bytes - * up to the closest valid key length. If the key is more than max length, - * we trim the excess bits. - * - * If the key is not explicitly set, it'll be assumed to be all null bytes. - * - * {@internal Could, but not must, extend by the child Crypt_* class} - * - * @param string $key - */ - public function setKey($key) - { - if ($this->explicit_key_length !== false && strlen($key) != $this->explicit_key_length) { - throw new InconsistentSetupException('Key length has already been set to ' . $this->explicit_key_length . ' bytes and this key is ' . strlen($key) . ' bytes'); - } - - $this->key = $key; - $this->key_length = strlen($key); - $this->setEngine(); - } - - /** - * Sets the password. - * - * Depending on what $method is set to, setPassword()'s (optional) parameters are as follows: - * {@link http://en.wikipedia.org/wiki/PBKDF2 pbkdf2} or pbkdf1: - * $hash, $salt, $count, $dkLen - * - * Where $hash (default = sha1) currently supports the following hashes: see: Crypt/Hash.php - * {@link https://en.wikipedia.org/wiki/Bcrypt bcypt}: - * $salt, $rounds, $keylen - * - * This is a modified version of bcrypt used by OpenSSH. - * - * {@internal Could, but not must, extend by the child Crypt_* class} - * - * @see Crypt/Hash.php - * @param string $password - * @param string $method - * @param int|string ...$func_args - * @throws \LengthException if pbkdf1 is being used and the derived key length exceeds the hash length - * @throws \RuntimeException if bcrypt is being used and a salt isn't provided - * @return bool - */ - public function setPassword($password, $method = 'pbkdf2', ...$func_args) - { - $key = ''; - - $method = strtolower($method); - switch ($method) { - case 'bcrypt': - if (!isset($func_args[2])) { - throw new \RuntimeException('A salt must be provided for bcrypt to work'); - } - - $salt = $func_args[0]; - - $rounds = isset($func_args[1]) ? $func_args[1] : 16; - $keylen = isset($func_args[2]) ? $func_args[2] : $this->key_length; - - $key = Blowfish::bcrypt_pbkdf($password, $salt, $keylen + $this->block_size, $rounds); - - $this->setKey(substr($key, 0, $keylen)); - $this->setIV(substr($key, $keylen)); - - return true; - case 'pkcs12': // from https://tools.ietf.org/html/rfc7292#appendix-B.2 - case 'pbkdf1': - case 'pbkdf2': - // Hash function - $hash = isset($func_args[0]) ? strtolower($func_args[0]) : 'sha1'; - $hashObj = new Hash(); - $hashObj->setHash($hash); - - // WPA and WPA2 use the SSID as the salt - $salt = isset($func_args[1]) ? $func_args[1] : $this->password_default_salt; - - // RFC2898#section-4.2 uses 1,000 iterations by default - // WPA and WPA2 use 4,096. - $count = isset($func_args[2]) ? $func_args[2] : 1000; - - // Keylength - if (isset($func_args[3])) { - if ($func_args[3] <= 0) { - throw new \LengthException('Derived key length cannot be longer 0 or less'); - } - $dkLen = $func_args[3]; - } else { - $key_length = $this->explicit_key_length !== false ? $this->explicit_key_length : $this->key_length; - $dkLen = $method == 'pbkdf1' ? 2 * $key_length : $key_length; - } - - switch (true) { - case $method == 'pkcs12': - /* - In this specification, however, all passwords are created from - BMPStrings with a NULL terminator. This means that each character in - the original BMPString is encoded in 2 bytes in big-endian format - (most-significant byte first). There are no Unicode byte order - marks. The 2 bytes produced from the last character in the BMPString - are followed by 2 additional bytes with the value 0x00. - - -- https://tools.ietf.org/html/rfc7292#appendix-B.1 - */ - $password = "\0" . chunk_split($password, 1, "\0") . "\0"; - - /* - This standard specifies 3 different values for the ID byte mentioned - above: - - 1. If ID=1, then the pseudorandom bits being produced are to be used - as key material for performing encryption or decryption. - - 2. If ID=2, then the pseudorandom bits being produced are to be used - as an IV (Initial Value) for encryption or decryption. - - 3. If ID=3, then the pseudorandom bits being produced are to be used - as an integrity key for MACing. - */ - // Construct a string, D (the "diversifier"), by concatenating v/8 - // copies of ID. - $blockLength = $hashObj->getBlockLengthInBytes(); - $d1 = str_repeat(chr(1), $blockLength); - $d2 = str_repeat(chr(2), $blockLength); - $s = ''; - if (strlen($salt)) { - while (strlen($s) < $blockLength) { - $s .= $salt; - } - } - $s = substr($s, 0, $blockLength); - - $p = ''; - if (strlen($password)) { - while (strlen($p) < $blockLength) { - $p .= $password; - } - } - $p = substr($p, 0, $blockLength); - - $i = $s . $p; - - $this->setKey(self::pkcs12helper($dkLen, $hashObj, $i, $d1, $count)); - if ($this->usesIV()) { - $this->setIV(self::pkcs12helper($this->block_size, $hashObj, $i, $d2, $count)); - } - - return true; - case $method == 'pbkdf1': - if ($dkLen > $hashObj->getLengthInBytes()) { - throw new \LengthException('Derived key length cannot be longer than the hash length'); - } - $t = $password . $salt; - for ($i = 0; $i < $count; ++$i) { - $t = $hashObj->hash($t); - } - $key = substr($t, 0, $dkLen); - - $this->setKey(substr($key, 0, $dkLen >> 1)); - if ($this->usesIV()) { - $this->setIV(substr($key, $dkLen >> 1)); - } - - return true; - case !in_array($hash, hash_algos()): - $i = 1; - $hashObj->setKey($password); - while (strlen($key) < $dkLen) { - $f = $u = $hashObj->hash($salt . pack('N', $i++)); - for ($j = 2; $j <= $count; ++$j) { - $u = $hashObj->hash($u); - $f ^= $u; - } - $key .= $f; - } - $key = substr($key, 0, $dkLen); - break; - default: - $key = hash_pbkdf2($hash, $password, $salt, $count, $dkLen, true); - } - break; - default: - throw new UnsupportedAlgorithmException($method . ' is not a supported password hashing method'); - } - - $this->setKey($key); - - return true; - } - - /** - * PKCS#12 KDF Helper Function - * - * As discussed here: - * - * {@link https://tools.ietf.org/html/rfc7292#appendix-B} - * - * @see self::setPassword() - * @param int $n - * @param \phpseclib3\Crypt\Hash $hashObj - * @param string $i - * @param string $d - * @param int $count - * @return string $a - */ - private static function pkcs12helper($n, $hashObj, $i, $d, $count) - { - static $one; - if (!isset($one)) { - $one = new BigInteger(1); - } - - $blockLength = $hashObj->getBlockLength() >> 3; - - $c = ceil($n / $hashObj->getLengthInBytes()); - $a = ''; - for ($j = 1; $j <= $c; $j++) { - $ai = $d . $i; - for ($k = 0; $k < $count; $k++) { - $ai = $hashObj->hash($ai); - } - $b = ''; - while (strlen($b) < $blockLength) { - $b .= $ai; - } - $b = substr($b, 0, $blockLength); - $b = new BigInteger($b, 256); - $newi = ''; - for ($k = 0; $k < strlen($i); $k += $blockLength) { - $temp = substr($i, $k, $blockLength); - $temp = new BigInteger($temp, 256); - $temp->setPrecision($blockLength << 3); - $temp = $temp->add($b); - $temp = $temp->add($one); - $newi .= $temp->toBytes(false); - } - $i = $newi; - $a .= $ai; - } - - return substr($a, 0, $n); - } - - /** - * Encrypts a message. - * - * $plaintext will be padded with additional bytes such that it's length is a multiple of the block size. Other cipher - * implementations may or may not pad in the same manner. Other common approaches to padding and the reasons why it's - * necessary are discussed in the following - * URL: - * - * {@link http://www.di-mgt.com.au/cryptopad.html http://www.di-mgt.com.au/cryptopad.html} - * - * An alternative to padding is to, separately, send the length of the file. This is what SSH, in fact, does. - * strlen($plaintext) will still need to be a multiple of the block size, however, arbitrary values can be added to make it that - * length. - * - * {@internal Could, but not must, extend by the child Crypt_* class} - * - * @see self::decrypt() - * @param string $plaintext - * @return string $ciphertext - */ - public function encrypt($plaintext) - { - if ($this->paddable) { - $plaintext = $this->pad($plaintext); - } - - $this->setup(); - - if ($this->mode == self::MODE_GCM) { - $oldIV = $this->iv; - Strings::increment_str($this->iv); - $cipher = new static('ctr'); - $cipher->setKey($this->key); - $cipher->setIV($this->iv); - $ciphertext = $cipher->encrypt($plaintext); - - $s = $this->ghash( - self::nullPad128($this->aad) . - self::nullPad128($ciphertext) . - self::len64($this->aad) . - self::len64($ciphertext) - ); - $cipher->encryptIV = $this->iv = $this->encryptIV = $this->decryptIV = $oldIV; - $this->newtag = $cipher->encrypt($s); - return $ciphertext; - } - - if (isset($this->poly1305Key)) { - $cipher = clone $this; - unset($cipher->poly1305Key); - $this->usePoly1305 = false; - $ciphertext = $cipher->encrypt($plaintext); - $this->newtag = $this->poly1305($ciphertext); - return $ciphertext; - } - - if ($this->engine === self::ENGINE_OPENSSL) { - switch ($this->mode) { - case self::MODE_STREAM: - return openssl_encrypt($plaintext, $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING); - case self::MODE_ECB: - return openssl_encrypt($plaintext, $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING); - case self::MODE_CBC: - $result = openssl_encrypt($plaintext, $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $this->encryptIV); - if ($this->continuousBuffer) { - $this->encryptIV = substr($result, -$this->block_size); - } - return $result; - case self::MODE_CTR: - return $this->openssl_ctr_process($plaintext, $this->encryptIV, $this->enbuffer); - case self::MODE_CFB: - // cfb loosely routines inspired by openssl's: - // {@link http://cvs.openssl.org/fileview?f=openssl/crypto/modes/cfb128.c&v=1.3.2.2.2.1} - $ciphertext = ''; - if ($this->continuousBuffer) { - $iv = &$this->encryptIV; - $pos = &$this->enbuffer['pos']; - } else { - $iv = $this->encryptIV; - $pos = 0; - } - $len = strlen($plaintext); - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = $this->block_size - $pos; - if ($len >= $max) { - $i = $max; - $len -= $max; - $pos = 0; - } else { - $i = $len; - $pos += $len; - $len = 0; - } - // ie. $i = min($max, $len), $len-= $i, $pos+= $i, $pos%= $blocksize - $ciphertext = substr($iv, $orig_pos) ^ $plaintext; - $iv = substr_replace($iv, $ciphertext, $orig_pos, $i); - $plaintext = substr($plaintext, $i); - } - - $overflow = $len % $this->block_size; - - if ($overflow) { - $ciphertext .= openssl_encrypt(substr($plaintext, 0, -$overflow) . str_repeat("\0", $this->block_size), $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $iv); - $iv = Strings::pop($ciphertext, $this->block_size); - - $size = $len - $overflow; - $block = $iv ^ substr($plaintext, -$overflow); - $iv = substr_replace($iv, $block, 0, $overflow); - $ciphertext .= $block; - $pos = $overflow; - } elseif ($len) { - $ciphertext = openssl_encrypt($plaintext, $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $iv); - $iv = substr($ciphertext, -$this->block_size); - } - - return $ciphertext; - case self::MODE_CFB8: - $ciphertext = openssl_encrypt($plaintext, $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $this->encryptIV); - if ($this->continuousBuffer) { - if (($len = strlen($ciphertext)) >= $this->block_size) { - $this->encryptIV = substr($ciphertext, -$this->block_size); - } else { - $this->encryptIV = substr($this->encryptIV, $len - $this->block_size) . substr($ciphertext, -$len); - } - } - return $ciphertext; - case self::MODE_OFB8: - $ciphertext = ''; - $len = strlen($plaintext); - $iv = $this->encryptIV; - - for ($i = 0; $i < $len; ++$i) { - $xor = openssl_encrypt($iv, $this->cipher_name_openssl_ecb, $this->key, $this->openssl_options, $this->decryptIV); - $ciphertext .= $plaintext[$i] ^ $xor; - $iv = substr($iv, 1) . $xor[0]; - } - - if ($this->continuousBuffer) { - $this->encryptIV = $iv; - } - break; - case self::MODE_OFB: - return $this->openssl_ofb_process($plaintext, $this->encryptIV, $this->enbuffer); - } - } - - if ($this->engine === self::ENGINE_MCRYPT) { - set_error_handler(function () { - }); - if ($this->enchanged) { - mcrypt_generic_init($this->enmcrypt, $this->key, $this->getIV($this->encryptIV)); - $this->enchanged = false; - } - - // re: {@link http://phpseclib.sourceforge.net/cfb-demo.phps} - // using mcrypt's default handing of CFB the above would output two different things. using phpseclib's - // rewritten CFB implementation the above outputs the same thing twice. - if ($this->mode == self::MODE_CFB && $this->continuousBuffer) { - $block_size = $this->block_size; - $iv = &$this->encryptIV; - $pos = &$this->enbuffer['pos']; - $len = strlen($plaintext); - $ciphertext = ''; - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = $block_size - $pos; - if ($len >= $max) { - $i = $max; - $len -= $max; - $pos = 0; - } else { - $i = $len; - $pos += $len; - $len = 0; - } - $ciphertext = substr($iv, $orig_pos) ^ $plaintext; - $iv = substr_replace($iv, $ciphertext, $orig_pos, $i); - $this->enbuffer['enmcrypt_init'] = true; - } - if ($len >= $block_size) { - if ($this->enbuffer['enmcrypt_init'] === false || $len > $this->cfb_init_len) { - if ($this->enbuffer['enmcrypt_init'] === true) { - mcrypt_generic_init($this->enmcrypt, $this->key, $iv); - $this->enbuffer['enmcrypt_init'] = false; - } - $ciphertext .= mcrypt_generic($this->enmcrypt, substr($plaintext, $i, $len - $len % $block_size)); - $iv = substr($ciphertext, -$block_size); - $len %= $block_size; - } else { - while ($len >= $block_size) { - $iv = mcrypt_generic($this->ecb, $iv) ^ substr($plaintext, $i, $block_size); - $ciphertext .= $iv; - $len -= $block_size; - $i += $block_size; - } - } - } - - if ($len) { - $iv = mcrypt_generic($this->ecb, $iv); - $block = $iv ^ substr($plaintext, -$len); - $iv = substr_replace($iv, $block, 0, $len); - $ciphertext .= $block; - $pos = $len; - } - - restore_error_handler(); - - return $ciphertext; - } - - $ciphertext = mcrypt_generic($this->enmcrypt, $plaintext); - - if (!$this->continuousBuffer) { - mcrypt_generic_init($this->enmcrypt, $this->key, $this->getIV($this->encryptIV)); - } - - restore_error_handler(); - - return $ciphertext; - } - - if ($this->engine === self::ENGINE_EVAL) { - $inline = $this->inline_crypt; - return $inline('encrypt', $plaintext); - } - - $buffer = &$this->enbuffer; - $block_size = $this->block_size; - $ciphertext = ''; - switch ($this->mode) { - case self::MODE_ECB: - for ($i = 0; $i < strlen($plaintext); $i += $block_size) { - $ciphertext .= $this->encryptBlock(substr($plaintext, $i, $block_size)); - } - break; - case self::MODE_CBC: - $xor = $this->encryptIV; - for ($i = 0; $i < strlen($plaintext); $i += $block_size) { - $block = substr($plaintext, $i, $block_size); - $block = $this->encryptBlock($block ^ $xor); - $xor = $block; - $ciphertext .= $block; - } - if ($this->continuousBuffer) { - $this->encryptIV = $xor; - } - break; - case self::MODE_CTR: - $xor = $this->encryptIV; - if (strlen($buffer['ciphertext'])) { - for ($i = 0; $i < strlen($plaintext); $i += $block_size) { - $block = substr($plaintext, $i, $block_size); - if (strlen($block) > strlen($buffer['ciphertext'])) { - $buffer['ciphertext'] .= $this->encryptBlock($xor); - Strings::increment_str($xor); - } - $key = Strings::shift($buffer['ciphertext'], $block_size); - $ciphertext .= $block ^ $key; - } - } else { - for ($i = 0; $i < strlen($plaintext); $i += $block_size) { - $block = substr($plaintext, $i, $block_size); - $key = $this->encryptBlock($xor); - Strings::increment_str($xor); - $ciphertext .= $block ^ $key; - } - } - if ($this->continuousBuffer) { - $this->encryptIV = $xor; - if ($start = strlen($plaintext) % $block_size) { - $buffer['ciphertext'] = substr($key, $start) . $buffer['ciphertext']; - } - } - break; - case self::MODE_CFB: - // cfb loosely routines inspired by openssl's: - // {@link http://cvs.openssl.org/fileview?f=openssl/crypto/modes/cfb128.c&v=1.3.2.2.2.1} - if ($this->continuousBuffer) { - $iv = &$this->encryptIV; - $pos = &$buffer['pos']; - } else { - $iv = $this->encryptIV; - $pos = 0; - } - $len = strlen($plaintext); - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = $block_size - $pos; - if ($len >= $max) { - $i = $max; - $len -= $max; - $pos = 0; - } else { - $i = $len; - $pos += $len; - $len = 0; - } - // ie. $i = min($max, $len), $len-= $i, $pos+= $i, $pos%= $blocksize - $ciphertext = substr($iv, $orig_pos) ^ $plaintext; - $iv = substr_replace($iv, $ciphertext, $orig_pos, $i); - } - while ($len >= $block_size) { - $iv = $this->encryptBlock($iv) ^ substr($plaintext, $i, $block_size); - $ciphertext .= $iv; - $len -= $block_size; - $i += $block_size; - } - if ($len) { - $iv = $this->encryptBlock($iv); - $block = $iv ^ substr($plaintext, $i); - $iv = substr_replace($iv, $block, 0, $len); - $ciphertext .= $block; - $pos = $len; - } - break; - case self::MODE_CFB8: - $ciphertext = ''; - $len = strlen($plaintext); - $iv = $this->encryptIV; - - for ($i = 0; $i < $len; ++$i) { - $ciphertext .= ($c = $plaintext[$i] ^ $this->encryptBlock($iv)); - $iv = substr($iv, 1) . $c; - } - - if ($this->continuousBuffer) { - if ($len >= $block_size) { - $this->encryptIV = substr($ciphertext, -$block_size); - } else { - $this->encryptIV = substr($this->encryptIV, $len - $block_size) . substr($ciphertext, -$len); - } - } - break; - case self::MODE_OFB8: - $ciphertext = ''; - $len = strlen($plaintext); - $iv = $this->encryptIV; - - for ($i = 0; $i < $len; ++$i) { - $xor = $this->encryptBlock($iv); - $ciphertext .= $plaintext[$i] ^ $xor; - $iv = substr($iv, 1) . $xor[0]; - } - - if ($this->continuousBuffer) { - $this->encryptIV = $iv; - } - break; - case self::MODE_OFB: - $xor = $this->encryptIV; - if (strlen($buffer['xor'])) { - for ($i = 0; $i < strlen($plaintext); $i += $block_size) { - $block = substr($plaintext, $i, $block_size); - if (strlen($block) > strlen($buffer['xor'])) { - $xor = $this->encryptBlock($xor); - $buffer['xor'] .= $xor; - } - $key = Strings::shift($buffer['xor'], $block_size); - $ciphertext .= $block ^ $key; - } - } else { - for ($i = 0; $i < strlen($plaintext); $i += $block_size) { - $xor = $this->encryptBlock($xor); - $ciphertext .= substr($plaintext, $i, $block_size) ^ $xor; - } - $key = $xor; - } - if ($this->continuousBuffer) { - $this->encryptIV = $xor; - if ($start = strlen($plaintext) % $block_size) { - $buffer['xor'] = substr($key, $start) . $buffer['xor']; - } - } - break; - case self::MODE_STREAM: - $ciphertext = $this->encryptBlock($plaintext); - break; - } - - return $ciphertext; - } - - /** - * Decrypts a message. - * - * If strlen($ciphertext) is not a multiple of the block size, null bytes will be added to the end of the string until - * it is. - * - * {@internal Could, but not must, extend by the child Crypt_* class} - * - * @see self::encrypt() - * @param string $ciphertext - * @return string $plaintext - * @throws \LengthException if we're inside a block cipher and the ciphertext length is not a multiple of the block size - */ - public function decrypt($ciphertext) - { - if ($this->paddable && strlen($ciphertext) % $this->block_size) { - throw new \LengthException('The ciphertext length (' . strlen($ciphertext) . ') needs to be a multiple of the block size (' . $this->block_size . ')'); - } - $this->setup(); - - if ($this->mode == self::MODE_GCM || isset($this->poly1305Key)) { - if ($this->oldtag === false) { - throw new InsufficientSetupException('Authentication Tag has not been set'); - } - - if (isset($this->poly1305Key)) { - $newtag = $this->poly1305($ciphertext); - } else { - $oldIV = $this->iv; - Strings::increment_str($this->iv); - $cipher = new static('ctr'); - $cipher->setKey($this->key); - $cipher->setIV($this->iv); - $plaintext = $cipher->decrypt($ciphertext); - - $s = $this->ghash( - self::nullPad128($this->aad) . - self::nullPad128($ciphertext) . - self::len64($this->aad) . - self::len64($ciphertext) - ); - $cipher->encryptIV = $this->iv = $this->encryptIV = $this->decryptIV = $oldIV; - $newtag = $cipher->encrypt($s); - } - if ($this->oldtag != substr($newtag, 0, strlen($newtag))) { - $cipher = clone $this; - unset($cipher->poly1305Key); - $this->usePoly1305 = false; - $plaintext = $cipher->decrypt($ciphertext); - $this->oldtag = false; - throw new BadDecryptionException('Derived authentication tag and supplied authentication tag do not match'); - } - $this->oldtag = false; - return $plaintext; - } - - if ($this->engine === self::ENGINE_OPENSSL) { - switch ($this->mode) { - case self::MODE_STREAM: - $plaintext = openssl_decrypt($ciphertext, $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING); - break; - case self::MODE_ECB: - $plaintext = openssl_decrypt($ciphertext, $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING); - break; - case self::MODE_CBC: - $offset = $this->block_size; - $plaintext = openssl_decrypt($ciphertext, $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $this->decryptIV); - if ($this->continuousBuffer) { - $this->decryptIV = substr($ciphertext, -$offset, $this->block_size); - } - break; - case self::MODE_CTR: - $plaintext = $this->openssl_ctr_process($ciphertext, $this->decryptIV, $this->debuffer); - break; - case self::MODE_CFB: - // cfb loosely routines inspired by openssl's: - // {@link http://cvs.openssl.org/fileview?f=openssl/crypto/modes/cfb128.c&v=1.3.2.2.2.1} - $plaintext = ''; - if ($this->continuousBuffer) { - $iv = &$this->decryptIV; - $pos = &$this->debuffer['pos']; - } else { - $iv = $this->decryptIV; - $pos = 0; - } - $len = strlen($ciphertext); - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = $this->block_size - $pos; - if ($len >= $max) { - $i = $max; - $len -= $max; - $pos = 0; - } else { - $i = $len; - $pos += $len; - $len = 0; - } - // ie. $i = min($max, $len), $len-= $i, $pos+= $i, $pos%= $this->blocksize - $plaintext = substr($iv, $orig_pos) ^ $ciphertext; - $iv = substr_replace($iv, substr($ciphertext, 0, $i), $orig_pos, $i); - $ciphertext = substr($ciphertext, $i); - } - $overflow = $len % $this->block_size; - if ($overflow) { - $plaintext .= openssl_decrypt(substr($ciphertext, 0, -$overflow), $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $iv); - if ($len - $overflow) { - $iv = substr($ciphertext, -$overflow - $this->block_size, -$overflow); - } - $iv = openssl_encrypt(str_repeat("\0", $this->block_size), $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $iv); - $plaintext .= $iv ^ substr($ciphertext, -$overflow); - $iv = substr_replace($iv, substr($ciphertext, -$overflow), 0, $overflow); - $pos = $overflow; - } elseif ($len) { - $plaintext .= openssl_decrypt($ciphertext, $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $iv); - $iv = substr($ciphertext, -$this->block_size); - } - break; - case self::MODE_CFB8: - $plaintext = openssl_decrypt($ciphertext, $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $this->decryptIV); - if ($this->continuousBuffer) { - if (($len = strlen($ciphertext)) >= $this->block_size) { - $this->decryptIV = substr($ciphertext, -$this->block_size); - } else { - $this->decryptIV = substr($this->decryptIV, $len - $this->block_size) . substr($ciphertext, -$len); - } - } - break; - case self::MODE_OFB8: - $plaintext = ''; - $len = strlen($ciphertext); - $iv = $this->decryptIV; - - for ($i = 0; $i < $len; ++$i) { - $xor = openssl_encrypt($iv, $this->cipher_name_openssl_ecb, $this->key, $this->openssl_options, $this->decryptIV); - $plaintext .= $ciphertext[$i] ^ $xor; - $iv = substr($iv, 1) . $xor[0]; - } - - if ($this->continuousBuffer) { - $this->decryptIV = $iv; - } - break; - case self::MODE_OFB: - $plaintext = $this->openssl_ofb_process($ciphertext, $this->decryptIV, $this->debuffer); - } - - return $this->paddable ? $this->unpad($plaintext) : $plaintext; - } - - if ($this->engine === self::ENGINE_MCRYPT) { - set_error_handler(function () { - }); - $block_size = $this->block_size; - if ($this->dechanged) { - mcrypt_generic_init($this->demcrypt, $this->key, $this->getIV($this->decryptIV)); - $this->dechanged = false; - } - - if ($this->mode == self::MODE_CFB && $this->continuousBuffer) { - $iv = &$this->decryptIV; - $pos = &$this->debuffer['pos']; - $len = strlen($ciphertext); - $plaintext = ''; - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = $block_size - $pos; - if ($len >= $max) { - $i = $max; - $len -= $max; - $pos = 0; - } else { - $i = $len; - $pos += $len; - $len = 0; - } - // ie. $i = min($max, $len), $len-= $i, $pos+= $i, $pos%= $blocksize - $plaintext = substr($iv, $orig_pos) ^ $ciphertext; - $iv = substr_replace($iv, substr($ciphertext, 0, $i), $orig_pos, $i); - } - if ($len >= $block_size) { - $cb = substr($ciphertext, $i, $len - $len % $block_size); - $plaintext .= mcrypt_generic($this->ecb, $iv . $cb) ^ $cb; - $iv = substr($cb, -$block_size); - $len %= $block_size; - } - if ($len) { - $iv = mcrypt_generic($this->ecb, $iv); - $plaintext .= $iv ^ substr($ciphertext, -$len); - $iv = substr_replace($iv, substr($ciphertext, -$len), 0, $len); - $pos = $len; - } - - restore_error_handler(); - - return $plaintext; - } - - $plaintext = mdecrypt_generic($this->demcrypt, $ciphertext); - - if (!$this->continuousBuffer) { - mcrypt_generic_init($this->demcrypt, $this->key, $this->getIV($this->decryptIV)); - } - - restore_error_handler(); - - return $this->paddable ? $this->unpad($plaintext) : $plaintext; - } - - if ($this->engine === self::ENGINE_EVAL) { - $inline = $this->inline_crypt; - return $inline('decrypt', $ciphertext); - } - - $block_size = $this->block_size; - - $buffer = &$this->debuffer; - $plaintext = ''; - switch ($this->mode) { - case self::MODE_ECB: - for ($i = 0; $i < strlen($ciphertext); $i += $block_size) { - $plaintext .= $this->decryptBlock(substr($ciphertext, $i, $block_size)); - } - break; - case self::MODE_CBC: - $xor = $this->decryptIV; - for ($i = 0; $i < strlen($ciphertext); $i += $block_size) { - $block = substr($ciphertext, $i, $block_size); - $plaintext .= $this->decryptBlock($block) ^ $xor; - $xor = $block; - } - if ($this->continuousBuffer) { - $this->decryptIV = $xor; - } - break; - case self::MODE_CTR: - $xor = $this->decryptIV; - if (strlen($buffer['ciphertext'])) { - for ($i = 0; $i < strlen($ciphertext); $i += $block_size) { - $block = substr($ciphertext, $i, $block_size); - if (strlen($block) > strlen($buffer['ciphertext'])) { - $buffer['ciphertext'] .= $this->encryptBlock($xor); - Strings::increment_str($xor); - } - $key = Strings::shift($buffer['ciphertext'], $block_size); - $plaintext .= $block ^ $key; - } - } else { - for ($i = 0; $i < strlen($ciphertext); $i += $block_size) { - $block = substr($ciphertext, $i, $block_size); - $key = $this->encryptBlock($xor); - Strings::increment_str($xor); - $plaintext .= $block ^ $key; - } - } - if ($this->continuousBuffer) { - $this->decryptIV = $xor; - if ($start = strlen($ciphertext) % $block_size) { - $buffer['ciphertext'] = substr($key, $start) . $buffer['ciphertext']; - } - } - break; - case self::MODE_CFB: - if ($this->continuousBuffer) { - $iv = &$this->decryptIV; - $pos = &$buffer['pos']; - } else { - $iv = $this->decryptIV; - $pos = 0; - } - $len = strlen($ciphertext); - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = $block_size - $pos; - if ($len >= $max) { - $i = $max; - $len -= $max; - $pos = 0; - } else { - $i = $len; - $pos += $len; - $len = 0; - } - // ie. $i = min($max, $len), $len-= $i, $pos+= $i, $pos%= $blocksize - $plaintext = substr($iv, $orig_pos) ^ $ciphertext; - $iv = substr_replace($iv, substr($ciphertext, 0, $i), $orig_pos, $i); - } - while ($len >= $block_size) { - $iv = $this->encryptBlock($iv); - $cb = substr($ciphertext, $i, $block_size); - $plaintext .= $iv ^ $cb; - $iv = $cb; - $len -= $block_size; - $i += $block_size; - } - if ($len) { - $iv = $this->encryptBlock($iv); - $plaintext .= $iv ^ substr($ciphertext, $i); - $iv = substr_replace($iv, substr($ciphertext, $i), 0, $len); - $pos = $len; - } - break; - case self::MODE_CFB8: - $plaintext = ''; - $len = strlen($ciphertext); - $iv = $this->decryptIV; - - for ($i = 0; $i < $len; ++$i) { - $plaintext .= $ciphertext[$i] ^ $this->encryptBlock($iv); - $iv = substr($iv, 1) . $ciphertext[$i]; - } - - if ($this->continuousBuffer) { - if ($len >= $block_size) { - $this->decryptIV = substr($ciphertext, -$block_size); - } else { - $this->decryptIV = substr($this->decryptIV, $len - $block_size) . substr($ciphertext, -$len); - } - } - break; - case self::MODE_OFB8: - $plaintext = ''; - $len = strlen($ciphertext); - $iv = $this->decryptIV; - - for ($i = 0; $i < $len; ++$i) { - $xor = $this->encryptBlock($iv); - $plaintext .= $ciphertext[$i] ^ $xor; - $iv = substr($iv, 1) . $xor[0]; - } - - if ($this->continuousBuffer) { - $this->decryptIV = $iv; - } - break; - case self::MODE_OFB: - $xor = $this->decryptIV; - if (strlen($buffer['xor'])) { - for ($i = 0; $i < strlen($ciphertext); $i += $block_size) { - $block = substr($ciphertext, $i, $block_size); - if (strlen($block) > strlen($buffer['xor'])) { - $xor = $this->encryptBlock($xor); - $buffer['xor'] .= $xor; - } - $key = Strings::shift($buffer['xor'], $block_size); - $plaintext .= $block ^ $key; - } - } else { - for ($i = 0; $i < strlen($ciphertext); $i += $block_size) { - $xor = $this->encryptBlock($xor); - $plaintext .= substr($ciphertext, $i, $block_size) ^ $xor; - } - $key = $xor; - } - if ($this->continuousBuffer) { - $this->decryptIV = $xor; - if ($start = strlen($ciphertext) % $block_size) { - $buffer['xor'] = substr($key, $start) . $buffer['xor']; - } - } - break; - case self::MODE_STREAM: - $plaintext = $this->decryptBlock($ciphertext); - break; - } - return $this->paddable ? $this->unpad($plaintext) : $plaintext; - } - - /** - * Get the authentication tag - * - * Only used in GCM or Poly1305 mode - * - * @see self::encrypt() - * @param int $length optional - * @return string - * @throws \LengthException if $length isn't of a sufficient length - * @throws \RuntimeException if GCM mode isn't being used - */ - public function getTag($length = 16) - { - if ($this->mode != self::MODE_GCM && !$this->usePoly1305) { - throw new \BadMethodCallException('Authentication tags are only utilized in GCM mode or with Poly1305'); - } - - if ($this->newtag === false) { - throw new \BadMethodCallException('A tag can only be returned after a round of encryption has been performed'); - } - - // the tag is 128-bits. it can't be greater than 16 bytes because that's bigger than the tag is. if it - // were 0 you might as well be doing CTR and less than 4 provides minimal security that could be trivially - // easily brute forced. - // see https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf#page=36 - // for more info - if ($length < 4 || $length > 16) { - throw new \LengthException('The authentication tag must be between 4 and 16 bytes long'); - } - - return $length == 16 ? - $this->newtag : - substr($this->newtag, 0, $length); - } - - /** - * Sets the authentication tag - * - * Only used in GCM mode - * - * @see self::decrypt() - * @param string $tag - * @throws \LengthException if $length isn't of a sufficient length - * @throws \RuntimeException if GCM mode isn't being used - */ - public function setTag($tag) - { - if ($this->usePoly1305 && !isset($this->poly1305Key) && method_exists($this, 'createPoly1305Key')) { - $this->createPoly1305Key(); - } - - if ($this->mode != self::MODE_GCM && !$this->usePoly1305) { - throw new \BadMethodCallException('Authentication tags are only utilized in GCM mode or with Poly1305'); - } - - $length = strlen($tag); - if ($length < 4 || $length > 16) { - throw new \LengthException('The authentication tag must be between 4 and 16 bytes long'); - } - $this->oldtag = $tag; - } - - /** - * Get the IV - * - * mcrypt requires an IV even if ECB is used - * - * @see self::encrypt() - * @see self::decrypt() - * @param string $iv - * @return string - */ - protected function getIV($iv) - { - return $this->mode == self::MODE_ECB ? str_repeat("\0", $this->block_size) : $iv; - } - - /** - * OpenSSL CTR Processor - * - * PHP's OpenSSL bindings do not operate in continuous mode so we'll wrap around it. Since the keystream - * for CTR is the same for both encrypting and decrypting this function is re-used by both SymmetricKey::encrypt() - * and SymmetricKey::decrypt(). Also, OpenSSL doesn't implement CTR for all of it's symmetric ciphers so this - * function will emulate CTR with ECB when necessary. - * - * @see self::encrypt() - * @see self::decrypt() - * @param string $plaintext - * @param string $encryptIV - * @param array $buffer - * @return string - */ - private function openssl_ctr_process($plaintext, &$encryptIV, &$buffer) - { - $ciphertext = ''; - - $block_size = $this->block_size; - $key = $this->key; - - if ($this->openssl_emulate_ctr) { - $xor = $encryptIV; - if (strlen($buffer['ciphertext'])) { - for ($i = 0; $i < strlen($plaintext); $i += $block_size) { - $block = substr($plaintext, $i, $block_size); - if (strlen($block) > strlen($buffer['ciphertext'])) { - $buffer['ciphertext'] .= openssl_encrypt($xor, $this->cipher_name_openssl_ecb, $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING); - } - Strings::increment_str($xor); - $otp = Strings::shift($buffer['ciphertext'], $block_size); - $ciphertext .= $block ^ $otp; - } - } else { - for ($i = 0; $i < strlen($plaintext); $i += $block_size) { - $block = substr($plaintext, $i, $block_size); - $otp = openssl_encrypt($xor, $this->cipher_name_openssl_ecb, $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING); - Strings::increment_str($xor); - $ciphertext .= $block ^ $otp; - } - } - if ($this->continuousBuffer) { - $encryptIV = $xor; - if ($start = strlen($plaintext) % $block_size) { - $buffer['ciphertext'] = substr($key, $start) . $buffer['ciphertext']; - } - } - - return $ciphertext; - } - - if (strlen($buffer['ciphertext'])) { - $ciphertext = $plaintext ^ Strings::shift($buffer['ciphertext'], strlen($plaintext)); - $plaintext = substr($plaintext, strlen($ciphertext)); - - if (!strlen($plaintext)) { - return $ciphertext; - } - } - - $overflow = strlen($plaintext) % $block_size; - if ($overflow) { - $plaintext2 = Strings::pop($plaintext, $overflow); // ie. trim $plaintext to a multiple of $block_size and put rest of $plaintext in $plaintext2 - $encrypted = openssl_encrypt($plaintext . str_repeat("\0", $block_size), $this->cipher_name_openssl, $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $encryptIV); - $temp = Strings::pop($encrypted, $block_size); - $ciphertext .= $encrypted . ($plaintext2 ^ $temp); - if ($this->continuousBuffer) { - $buffer['ciphertext'] = substr($temp, $overflow); - $encryptIV = $temp; - } - } elseif (!strlen($buffer['ciphertext'])) { - $ciphertext .= openssl_encrypt($plaintext . str_repeat("\0", $block_size), $this->cipher_name_openssl, $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $encryptIV); - $temp = Strings::pop($ciphertext, $block_size); - if ($this->continuousBuffer) { - $encryptIV = $temp; - } - } - if ($this->continuousBuffer) { - $encryptIV = openssl_decrypt($encryptIV, $this->cipher_name_openssl_ecb, $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING); - if ($overflow) { - Strings::increment_str($encryptIV); - } - } - - return $ciphertext; - } - - /** - * OpenSSL OFB Processor - * - * PHP's OpenSSL bindings do not operate in continuous mode so we'll wrap around it. Since the keystream - * for OFB is the same for both encrypting and decrypting this function is re-used by both SymmetricKey::encrypt() - * and SymmetricKey::decrypt(). - * - * @see self::encrypt() - * @see self::decrypt() - * @param string $plaintext - * @param string $encryptIV - * @param array $buffer - * @return string - */ - private function openssl_ofb_process($plaintext, &$encryptIV, &$buffer) - { - if (strlen($buffer['xor'])) { - $ciphertext = $plaintext ^ $buffer['xor']; - $buffer['xor'] = substr($buffer['xor'], strlen($ciphertext)); - $plaintext = substr($plaintext, strlen($ciphertext)); - } else { - $ciphertext = ''; - } - - $block_size = $this->block_size; - - $len = strlen($plaintext); - $key = $this->key; - $overflow = $len % $block_size; - - if (strlen($plaintext)) { - if ($overflow) { - $ciphertext .= openssl_encrypt(substr($plaintext, 0, -$overflow) . str_repeat("\0", $block_size), $this->cipher_name_openssl, $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $encryptIV); - $xor = Strings::pop($ciphertext, $block_size); - if ($this->continuousBuffer) { - $encryptIV = $xor; - } - $ciphertext .= Strings::shift($xor, $overflow) ^ substr($plaintext, -$overflow); - if ($this->continuousBuffer) { - $buffer['xor'] = $xor; - } - } else { - $ciphertext = openssl_encrypt($plaintext, $this->cipher_name_openssl, $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $encryptIV); - if ($this->continuousBuffer) { - $encryptIV = substr($ciphertext, -$block_size) ^ substr($plaintext, -$block_size); - } - } - } - - return $ciphertext; - } - - /** - * phpseclib <-> OpenSSL Mode Mapper - * - * May need to be overwritten by classes extending this one in some cases - * - * @return string - */ - protected function openssl_translate_mode() - { - switch ($this->mode) { - case self::MODE_ECB: - return 'ecb'; - case self::MODE_CBC: - return 'cbc'; - case self::MODE_CTR: - case self::MODE_GCM: - return 'ctr'; - case self::MODE_CFB: - return 'cfb'; - case self::MODE_CFB8: - return 'cfb8'; - case self::MODE_OFB: - return 'ofb'; - } - } - - /** - * Pad "packets". - * - * Block ciphers working by encrypting between their specified [$this->]block_size at a time - * If you ever need to encrypt or decrypt something that isn't of the proper length, it becomes necessary to - * pad the input so that it is of the proper length. - * - * Padding is enabled by default. Sometimes, however, it is undesirable to pad strings. Such is the case in SSH, - * where "packets" are padded with random bytes before being encrypted. Unpad these packets and you risk stripping - * away characters that shouldn't be stripped away. (SSH knows how many bytes are added because the length is - * transmitted separately) - * - * @see self::disablePadding() - */ - public function enablePadding() - { - $this->padding = true; - } - - /** - * Do not pad packets. - * - * @see self::enablePadding() - */ - public function disablePadding() - { - $this->padding = false; - } - - /** - * Treat consecutive "packets" as if they are a continuous buffer. - * - * Say you have a 32-byte plaintext $plaintext. Using the default behavior, the two following code snippets - * will yield different outputs: - * - * - * echo $rijndael->encrypt(substr($plaintext, 0, 16)); - * echo $rijndael->encrypt(substr($plaintext, 16, 16)); - * - * - * echo $rijndael->encrypt($plaintext); - * - * - * The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates - * another, as demonstrated with the following: - * - * - * $rijndael->encrypt(substr($plaintext, 0, 16)); - * echo $rijndael->decrypt($rijndael->encrypt(substr($plaintext, 16, 16))); - * - * - * echo $rijndael->decrypt($rijndael->encrypt(substr($plaintext, 16, 16))); - * - * - * With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different - * outputs. The reason is due to the fact that the initialization vector's change after every encryption / - * decryption round when the continuous buffer is enabled. When it's disabled, they remain constant. - * - * Put another way, when the continuous buffer is enabled, the state of the \phpseclib3\Crypt\*() object changes after each - * encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that - * continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them), - * however, they are also less intuitive and more likely to cause you problems. - * - * {@internal Could, but not must, extend by the child Crypt_* class} - * - * @see self::disableContinuousBuffer() - */ - public function enableContinuousBuffer() - { - if ($this->mode == self::MODE_ECB) { - return; - } - - if ($this->mode == self::MODE_GCM) { - throw new \BadMethodCallException('This mode does not run in continuous mode'); - } - - $this->continuousBuffer = true; - - $this->setEngine(); - } - - /** - * Treat consecutive packets as if they are a discontinuous buffer. - * - * The default behavior. - * - * {@internal Could, but not must, extend by the child Crypt_* class} - * - * @see self::enableContinuousBuffer() - */ - public function disableContinuousBuffer() - { - if ($this->mode == self::MODE_ECB) { - return; - } - if (!$this->continuousBuffer) { - return; - } - - $this->continuousBuffer = false; - - $this->setEngine(); - } - - /** - * Test for engine validity - * - * @see self::__construct() - * @param int $engine - * @return bool - */ - protected function isValidEngineHelper($engine) - { - switch ($engine) { - case self::ENGINE_OPENSSL: - $this->openssl_emulate_ctr = false; - $result = $this->cipher_name_openssl && - extension_loaded('openssl'); - if (!$result) { - return false; - } - - $methods = openssl_get_cipher_methods(); - if (in_array($this->cipher_name_openssl, $methods)) { - return true; - } - // not all of openssl's symmetric cipher's support ctr. for those - // that don't we'll emulate it - switch ($this->mode) { - case self::MODE_CTR: - if (in_array($this->cipher_name_openssl_ecb, $methods)) { - $this->openssl_emulate_ctr = true; - return true; - } - } - return false; - case self::ENGINE_MCRYPT: - set_error_handler(function () { - }); - $result = $this->cipher_name_mcrypt && - extension_loaded('mcrypt') && - in_array($this->cipher_name_mcrypt, mcrypt_list_algorithms()); - restore_error_handler(); - return $result; - case self::ENGINE_EVAL: - return method_exists($this, 'setupInlineCrypt'); - case self::ENGINE_INTERNAL: - return true; - } - - return false; - } - - /** - * Test for engine validity - * - * @see self::__construct() - * @param string $engine - * @return bool - */ - public function isValidEngine($engine) - { - static $reverseMap; - if (!isset($reverseMap)) { - $reverseMap = array_map('strtolower', self::ENGINE_MAP); - $reverseMap = array_flip($reverseMap); - } - $engine = strtolower($engine); - if (!isset($reverseMap[$engine])) { - return false; - } - - return $this->isValidEngineHelper($reverseMap[$engine]); - } - - /** - * Sets the preferred crypt engine - * - * Currently, $engine could be: - * - * - libsodium[very fast] - * - * - OpenSSL [very fast] - * - * - mcrypt [fast] - * - * - Eval [slow] - * - * - PHP [slowest] - * - * If the preferred crypt engine is not available the fastest available one will be used - * - * @see self::__construct() - * @param string $engine - */ - public function setPreferredEngine($engine) - { - static $reverseMap; - if (!isset($reverseMap)) { - $reverseMap = array_map('strtolower', self::ENGINE_MAP); - $reverseMap = array_flip($reverseMap); - } - $engine = is_string($engine) ? strtolower($engine) : ''; - $this->preferredEngine = isset($reverseMap[$engine]) ? $reverseMap[$engine] : self::ENGINE_LIBSODIUM; - - $this->setEngine(); - } - - /** - * Returns the engine currently being utilized - * - * @see self::setEngine() - */ - public function getEngine() - { - return self::ENGINE_MAP[$this->engine]; - } - - /** - * Sets the engine as appropriate - * - * @see self::__construct() - */ - protected function setEngine() - { - $this->engine = null; - - $candidateEngines = [ - self::ENGINE_LIBSODIUM, - self::ENGINE_OPENSSL_GCM, - self::ENGINE_OPENSSL, - self::ENGINE_MCRYPT, - self::ENGINE_EVAL - ]; - if (isset($this->preferredEngine)) { - $temp = [$this->preferredEngine]; - $candidateEngines = array_merge( - $temp, - array_diff($candidateEngines, $temp) - ); - } - foreach ($candidateEngines as $engine) { - if ($this->isValidEngineHelper($engine)) { - $this->engine = $engine; - break; - } - } - if (!$this->engine) { - $this->engine = self::ENGINE_INTERNAL; - } - - if ($this->engine != self::ENGINE_MCRYPT && $this->enmcrypt) { - set_error_handler(function () { - }); - // Closing the current mcrypt resource(s). _mcryptSetup() will, if needed, - // (re)open them with the module named in $this->cipher_name_mcrypt - mcrypt_module_close($this->enmcrypt); - mcrypt_module_close($this->demcrypt); - $this->enmcrypt = null; - $this->demcrypt = null; - - if ($this->ecb) { - mcrypt_module_close($this->ecb); - $this->ecb = null; - } - restore_error_handler(); - } - - $this->changed = $this->nonIVChanged = true; - } - - /** - * Encrypts a block - * - * Note: Must be extended by the child \phpseclib3\Crypt\* class - * - * @param string $in - * @return string - */ - abstract protected function encryptBlock($in); - - /** - * Decrypts a block - * - * Note: Must be extended by the child \phpseclib3\Crypt\* class - * - * @param string $in - * @return string - */ - abstract protected function decryptBlock($in); - - /** - * Setup the key (expansion) - * - * Only used if $engine == self::ENGINE_INTERNAL - * - * Note: Must extend by the child \phpseclib3\Crypt\* class - * - * @see self::setup() - */ - abstract protected function setupKey(); - - /** - * Setup the self::ENGINE_INTERNAL $engine - * - * (re)init, if necessary, the internal cipher $engine and flush all $buffers - * Used (only) if $engine == self::ENGINE_INTERNAL - * - * _setup() will be called each time if $changed === true - * typically this happens when using one or more of following public methods: - * - * - setKey() - * - * - setIV() - * - * - disableContinuousBuffer() - * - * - First run of encrypt() / decrypt() with no init-settings - * - * {@internal setup() is always called before en/decryption.} - * - * {@internal Could, but not must, extend by the child Crypt_* class} - * - * @see self::setKey() - * @see self::setIV() - * @see self::disableContinuousBuffer() - */ - protected function setup() - { - if (!$this->changed) { - return; - } - - $this->changed = false; - - if ($this->usePoly1305 && !isset($this->poly1305Key) && method_exists($this, 'createPoly1305Key')) { - $this->createPoly1305Key(); - } - - $this->enbuffer = $this->debuffer = ['ciphertext' => '', 'xor' => '', 'pos' => 0, 'enmcrypt_init' => true]; - //$this->newtag = $this->oldtag = false; - - if ($this->usesNonce()) { - if ($this->nonce === false) { - throw new InsufficientSetupException('No nonce has been defined'); - } - if ($this->mode == self::MODE_GCM && !in_array($this->engine, [self::ENGINE_LIBSODIUM, self::ENGINE_OPENSSL_GCM])) { - $this->setupGCM(); - } - } else { - $this->iv = $this->origIV; - } - - if ($this->iv === false && !in_array($this->mode, [self::MODE_STREAM, self::MODE_ECB])) { - if ($this->mode != self::MODE_GCM || !in_array($this->engine, [self::ENGINE_LIBSODIUM, self::ENGINE_OPENSSL_GCM])) { - throw new InsufficientSetupException('No IV has been defined'); - } - } - - if ($this->key === false) { - throw new InsufficientSetupException('No key has been defined'); - } - - $this->encryptIV = $this->decryptIV = $this->iv; - - switch ($this->engine) { - case self::ENGINE_MCRYPT: - $this->enchanged = $this->dechanged = true; - - set_error_handler(function () { - }); - - if (!isset($this->enmcrypt)) { - static $mcrypt_modes = [ - self::MODE_CTR => 'ctr', - self::MODE_ECB => MCRYPT_MODE_ECB, - self::MODE_CBC => MCRYPT_MODE_CBC, - self::MODE_CFB => 'ncfb', - self::MODE_CFB8 => MCRYPT_MODE_CFB, - self::MODE_OFB => MCRYPT_MODE_NOFB, - self::MODE_OFB8 => MCRYPT_MODE_OFB, - self::MODE_STREAM => MCRYPT_MODE_STREAM, - ]; - - $this->demcrypt = mcrypt_module_open($this->cipher_name_mcrypt, '', $mcrypt_modes[$this->mode], ''); - $this->enmcrypt = mcrypt_module_open($this->cipher_name_mcrypt, '', $mcrypt_modes[$this->mode], ''); - - // we need the $ecb mcrypt resource (only) in MODE_CFB with enableContinuousBuffer() - // to workaround mcrypt's broken ncfb implementation in buffered mode - // see: {@link http://phpseclib.sourceforge.net/cfb-demo.phps} - if ($this->mode == self::MODE_CFB) { - $this->ecb = mcrypt_module_open($this->cipher_name_mcrypt, '', MCRYPT_MODE_ECB, ''); - } - } // else should mcrypt_generic_deinit be called? - - if ($this->mode == self::MODE_CFB) { - mcrypt_generic_init($this->ecb, $this->key, str_repeat("\0", $this->block_size)); - } - - restore_error_handler(); - - break; - case self::ENGINE_INTERNAL: - $this->setupKey(); - break; - case self::ENGINE_EVAL: - if ($this->nonIVChanged) { - $this->setupKey(); - $this->setupInlineCrypt(); - } - } - - $this->nonIVChanged = false; - } - - /** - * Pads a string - * - * Pads a string using the RSA PKCS padding standards so that its length is a multiple of the blocksize. - * $this->block_size - (strlen($text) % $this->block_size) bytes are added, each of which is equal to - * chr($this->block_size - (strlen($text) % $this->block_size) - * - * If padding is disabled and $text is not a multiple of the blocksize, the string will be padded regardless - * and padding will, hence forth, be enabled. - * - * @see self::unpad() - * @param string $text - * @throws \LengthException if padding is disabled and the plaintext's length is not a multiple of the block size - * @return string - */ - protected function pad($text) - { - $length = strlen($text); - - if (!$this->padding) { - if ($length % $this->block_size == 0) { - return $text; - } else { - throw new \LengthException("The plaintext's length ($length) is not a multiple of the block size ({$this->block_size}). Try enabling padding."); - } - } - - $pad = $this->block_size - ($length % $this->block_size); - - return str_pad($text, $length + $pad, chr($pad)); - } - - /** - * Unpads a string. - * - * If padding is enabled and the reported padding length is invalid the encryption key will be assumed to be wrong - * and false will be returned. - * - * @see self::pad() - * @param string $text - * @throws \LengthException if the ciphertext's length is not a multiple of the block size - * @return string - */ - protected function unpad($text) - { - if (!$this->padding) { - return $text; - } - - $length = ord($text[strlen($text) - 1]); - - if (!$length || $length > $this->block_size) { - throw new BadDecryptionException("The ciphertext has an invalid padding length ($length) compared to the block size ({$this->block_size})"); - } - - return substr($text, 0, -$length); - } - - /** - * Setup the performance-optimized function for de/encrypt() - * - * Stores the created (or existing) callback function-name - * in $this->inline_crypt - * - * Internally for phpseclib developers: - * - * _setupInlineCrypt() would be called only if: - * - * - $this->engine === self::ENGINE_EVAL - * - * - each time on _setup(), after(!) _setupKey() - * - * - * This ensures that _setupInlineCrypt() has always a - * full ready2go initializated internal cipher $engine state - * where, for example, the keys already expanded, - * keys/block_size calculated and such. - * - * It is, each time if called, the responsibility of _setupInlineCrypt(): - * - * - to set $this->inline_crypt to a valid and fully working callback function - * as a (faster) replacement for encrypt() / decrypt() - * - * - NOT to create unlimited callback functions (for memory reasons!) - * no matter how often _setupInlineCrypt() would be called. At some - * point of amount they must be generic re-useable. - * - * - the code of _setupInlineCrypt() it self, - * and the generated callback code, - * must be, in following order: - * - 100% safe - * - 100% compatible to encrypt()/decrypt() - * - using only php5+ features/lang-constructs/php-extensions if - * compatibility (down to php4) or fallback is provided - * - readable/maintainable/understandable/commented and... not-cryptic-styled-code :-) - * - >= 10% faster than encrypt()/decrypt() [which is, by the way, - * the reason for the existence of _setupInlineCrypt() :-)] - * - memory-nice - * - short (as good as possible) - * - * Note: - _setupInlineCrypt() is using _createInlineCryptFunction() to create the full callback function code. - * - In case of using inline crypting, _setupInlineCrypt() must extend by the child \phpseclib3\Crypt\* class. - * - The following variable names are reserved: - * - $_* (all variable names prefixed with an underscore) - * - $self (object reference to it self. Do not use $this, but $self instead) - * - $in (the content of $in has to en/decrypt by the generated code) - * - The callback function should not use the 'return' statement, but en/decrypt'ing the content of $in only - * - * {@internal If a Crypt_* class providing inline crypting it must extend _setupInlineCrypt()} - * - * @see self::setup() - * @see self::createInlineCryptFunction() - * @see self::encrypt() - * @see self::decrypt() - */ - //protected function setupInlineCrypt(); - - /** - * Creates the performance-optimized function for en/decrypt() - * - * Internally for phpseclib developers: - * - * _createInlineCryptFunction(): - * - * - merge the $cipher_code [setup'ed by _setupInlineCrypt()] - * with the current [$this->]mode of operation code - * - * - create the $inline function, which called by encrypt() / decrypt() - * as its replacement to speed up the en/decryption operations. - * - * - return the name of the created $inline callback function - * - * - used to speed up en/decryption - * - * - * - * The main reason why can speed up things [up to 50%] this way are: - * - * - using variables more effective then regular. - * (ie no use of expensive arrays but integers $k_0, $k_1 ... - * or even, for example, the pure $key[] values hardcoded) - * - * - avoiding 1000's of function calls of ie _encryptBlock() - * but inlining the crypt operations. - * in the mode of operation for() loop. - * - * - full loop unroll the (sometimes key-dependent) rounds - * avoiding this way ++$i counters and runtime-if's etc... - * - * The basic code architectur of the generated $inline en/decrypt() - * lambda function, in pseudo php, is: - * - * - * +----------------------------------------------------------------------------------------------+ - * | callback $inline = create_function: | - * | lambda_function_0001_crypt_ECB($action, $text) | - * | { | - * | INSERT PHP CODE OF: | - * | $cipher_code['init_crypt']; // general init code. | - * | // ie: $sbox'es declarations used for | - * | // encrypt and decrypt'ing. | - * | | - * | switch ($action) { | - * | case 'encrypt': | - * | INSERT PHP CODE OF: | - * | $cipher_code['init_encrypt']; // encrypt sepcific init code. | - * | ie: specified $key or $box | - * | declarations for encrypt'ing. | - * | | - * | foreach ($ciphertext) { | - * | $in = $block_size of $ciphertext; | - * | | - * | INSERT PHP CODE OF: | - * | $cipher_code['encrypt_block']; // encrypt's (string) $in, which is always: | - * | // strlen($in) == $this->block_size | - * | // here comes the cipher algorithm in action | - * | // for encryption. | - * | // $cipher_code['encrypt_block'] has to | - * | // encrypt the content of the $in variable | - * | | - * | $plaintext .= $in; | - * | } | - * | return $plaintext; | - * | | - * | case 'decrypt': | - * | INSERT PHP CODE OF: | - * | $cipher_code['init_decrypt']; // decrypt sepcific init code | - * | ie: specified $key or $box | - * | declarations for decrypt'ing. | - * | foreach ($plaintext) { | - * | $in = $block_size of $plaintext; | - * | | - * | INSERT PHP CODE OF: | - * | $cipher_code['decrypt_block']; // decrypt's (string) $in, which is always | - * | // strlen($in) == $this->block_size | - * | // here comes the cipher algorithm in action | - * | // for decryption. | - * | // $cipher_code['decrypt_block'] has to | - * | // decrypt the content of the $in variable | - * | $ciphertext .= $in; | - * | } | - * | return $ciphertext; | - * | } | - * | } | - * +----------------------------------------------------------------------------------------------+ - * - * - * See also the \phpseclib3\Crypt\*::_setupInlineCrypt()'s for - * productive inline $cipher_code's how they works. - * - * Structure of: - * - * $cipher_code = [ - * 'init_crypt' => (string) '', // optional - * 'init_encrypt' => (string) '', // optional - * 'init_decrypt' => (string) '', // optional - * 'encrypt_block' => (string) '', // required - * 'decrypt_block' => (string) '' // required - * ]; - * - * - * @see self::setupInlineCrypt() - * @see self::encrypt() - * @see self::decrypt() - * @param array $cipher_code - * @return string (the name of the created callback function) - */ - protected function createInlineCryptFunction($cipher_code) - { - $block_size = $this->block_size; - - // optional - $init_crypt = isset($cipher_code['init_crypt']) ? $cipher_code['init_crypt'] : ''; - $init_encrypt = isset($cipher_code['init_encrypt']) ? $cipher_code['init_encrypt'] : ''; - $init_decrypt = isset($cipher_code['init_decrypt']) ? $cipher_code['init_decrypt'] : ''; - // required - $encrypt_block = $cipher_code['encrypt_block']; - $decrypt_block = $cipher_code['decrypt_block']; - - // Generating mode of operation inline code, - // merged with the $cipher_code algorithm - // for encrypt- and decryption. - switch ($this->mode) { - case self::MODE_ECB: - $encrypt = $init_encrypt . ' - $_ciphertext = ""; - $_plaintext_len = strlen($_text); - - for ($_i = 0; $_i < $_plaintext_len; $_i+= ' . $block_size . ') { - $in = substr($_text, $_i, ' . $block_size . '); - ' . $encrypt_block . ' - $_ciphertext.= $in; - } - - return $_ciphertext; - '; - - $decrypt = $init_decrypt . ' - $_plaintext = ""; - $_text = str_pad($_text, strlen($_text) + (' . $block_size . ' - strlen($_text) % ' . $block_size . ') % ' . $block_size . ', chr(0)); - $_ciphertext_len = strlen($_text); - - for ($_i = 0; $_i < $_ciphertext_len; $_i+= ' . $block_size . ') { - $in = substr($_text, $_i, ' . $block_size . '); - ' . $decrypt_block . ' - $_plaintext.= $in; - } - - return $this->unpad($_plaintext); - '; - break; - case self::MODE_CTR: - $encrypt = $init_encrypt . ' - $_ciphertext = ""; - $_plaintext_len = strlen($_text); - $_xor = $this->encryptIV; - $_buffer = &$this->enbuffer; - if (strlen($_buffer["ciphertext"])) { - for ($_i = 0; $_i < $_plaintext_len; $_i+= ' . $block_size . ') { - $_block = substr($_text, $_i, ' . $block_size . '); - if (strlen($_block) > strlen($_buffer["ciphertext"])) { - $in = $_xor; - ' . $encrypt_block . ' - \phpseclib3\Common\Functions\Strings::increment_str($_xor); - $_buffer["ciphertext"].= $in; - } - $_key = \phpseclib3\Common\Functions\Strings::shift($_buffer["ciphertext"], ' . $block_size . '); - $_ciphertext.= $_block ^ $_key; - } - } else { - for ($_i = 0; $_i < $_plaintext_len; $_i+= ' . $block_size . ') { - $_block = substr($_text, $_i, ' . $block_size . '); - $in = $_xor; - ' . $encrypt_block . ' - \phpseclib3\Common\Functions\Strings::increment_str($_xor); - $_key = $in; - $_ciphertext.= $_block ^ $_key; - } - } - if ($this->continuousBuffer) { - $this->encryptIV = $_xor; - if ($_start = $_plaintext_len % ' . $block_size . ') { - $_buffer["ciphertext"] = substr($_key, $_start) . $_buffer["ciphertext"]; - } - } - - return $_ciphertext; - '; - - $decrypt = $init_encrypt . ' - $_plaintext = ""; - $_ciphertext_len = strlen($_text); - $_xor = $this->decryptIV; - $_buffer = &$this->debuffer; - - if (strlen($_buffer["ciphertext"])) { - for ($_i = 0; $_i < $_ciphertext_len; $_i+= ' . $block_size . ') { - $_block = substr($_text, $_i, ' . $block_size . '); - if (strlen($_block) > strlen($_buffer["ciphertext"])) { - $in = $_xor; - ' . $encrypt_block . ' - \phpseclib3\Common\Functions\Strings::increment_str($_xor); - $_buffer["ciphertext"].= $in; - } - $_key = \phpseclib3\Common\Functions\Strings::shift($_buffer["ciphertext"], ' . $block_size . '); - $_plaintext.= $_block ^ $_key; - } - } else { - for ($_i = 0; $_i < $_ciphertext_len; $_i+= ' . $block_size . ') { - $_block = substr($_text, $_i, ' . $block_size . '); - $in = $_xor; - ' . $encrypt_block . ' - \phpseclib3\Common\Functions\Strings::increment_str($_xor); - $_key = $in; - $_plaintext.= $_block ^ $_key; - } - } - if ($this->continuousBuffer) { - $this->decryptIV = $_xor; - if ($_start = $_ciphertext_len % ' . $block_size . ') { - $_buffer["ciphertext"] = substr($_key, $_start) . $_buffer["ciphertext"]; - } - } - - return $_plaintext; - '; - break; - case self::MODE_CFB: - $encrypt = $init_encrypt . ' - $_ciphertext = ""; - $_buffer = &$this->enbuffer; - - if ($this->continuousBuffer) { - $_iv = &$this->encryptIV; - $_pos = &$_buffer["pos"]; - } else { - $_iv = $this->encryptIV; - $_pos = 0; - } - $_len = strlen($_text); - $_i = 0; - if ($_pos) { - $_orig_pos = $_pos; - $_max = ' . $block_size . ' - $_pos; - if ($_len >= $_max) { - $_i = $_max; - $_len-= $_max; - $_pos = 0; - } else { - $_i = $_len; - $_pos+= $_len; - $_len = 0; - } - $_ciphertext = substr($_iv, $_orig_pos) ^ $_text; - $_iv = substr_replace($_iv, $_ciphertext, $_orig_pos, $_i); - } - while ($_len >= ' . $block_size . ') { - $in = $_iv; - ' . $encrypt_block . '; - $_iv = $in ^ substr($_text, $_i, ' . $block_size . '); - $_ciphertext.= $_iv; - $_len-= ' . $block_size . '; - $_i+= ' . $block_size . '; - } - if ($_len) { - $in = $_iv; - ' . $encrypt_block . ' - $_iv = $in; - $_block = $_iv ^ substr($_text, $_i); - $_iv = substr_replace($_iv, $_block, 0, $_len); - $_ciphertext.= $_block; - $_pos = $_len; - } - return $_ciphertext; - '; - - $decrypt = $init_encrypt . ' - $_plaintext = ""; - $_buffer = &$this->debuffer; - - if ($this->continuousBuffer) { - $_iv = &$this->decryptIV; - $_pos = &$_buffer["pos"]; - } else { - $_iv = $this->decryptIV; - $_pos = 0; - } - $_len = strlen($_text); - $_i = 0; - if ($_pos) { - $_orig_pos = $_pos; - $_max = ' . $block_size . ' - $_pos; - if ($_len >= $_max) { - $_i = $_max; - $_len-= $_max; - $_pos = 0; - } else { - $_i = $_len; - $_pos+= $_len; - $_len = 0; - } - $_plaintext = substr($_iv, $_orig_pos) ^ $_text; - $_iv = substr_replace($_iv, substr($_text, 0, $_i), $_orig_pos, $_i); - } - while ($_len >= ' . $block_size . ') { - $in = $_iv; - ' . $encrypt_block . ' - $_iv = $in; - $cb = substr($_text, $_i, ' . $block_size . '); - $_plaintext.= $_iv ^ $cb; - $_iv = $cb; - $_len-= ' . $block_size . '; - $_i+= ' . $block_size . '; - } - if ($_len) { - $in = $_iv; - ' . $encrypt_block . ' - $_iv = $in; - $_plaintext.= $_iv ^ substr($_text, $_i); - $_iv = substr_replace($_iv, substr($_text, $_i), 0, $_len); - $_pos = $_len; - } - - return $_plaintext; - '; - break; - case self::MODE_CFB8: - $encrypt = $init_encrypt . ' - $_ciphertext = ""; - $_len = strlen($_text); - $_iv = $this->encryptIV; - - for ($_i = 0; $_i < $_len; ++$_i) { - $in = $_iv; - ' . $encrypt_block . ' - $_ciphertext .= ($_c = $_text[$_i] ^ $in); - $_iv = substr($_iv, 1) . $_c; - } - - if ($this->continuousBuffer) { - if ($_len >= ' . $block_size . ') { - $this->encryptIV = substr($_ciphertext, -' . $block_size . '); - } else { - $this->encryptIV = substr($this->encryptIV, $_len - ' . $block_size . ') . substr($_ciphertext, -$_len); - } - } - - return $_ciphertext; - '; - $decrypt = $init_encrypt . ' - $_plaintext = ""; - $_len = strlen($_text); - $_iv = $this->decryptIV; - - for ($_i = 0; $_i < $_len; ++$_i) { - $in = $_iv; - ' . $encrypt_block . ' - $_plaintext .= $_text[$_i] ^ $in; - $_iv = substr($_iv, 1) . $_text[$_i]; - } - - if ($this->continuousBuffer) { - if ($_len >= ' . $block_size . ') { - $this->decryptIV = substr($_text, -' . $block_size . '); - } else { - $this->decryptIV = substr($this->decryptIV, $_len - ' . $block_size . ') . substr($_text, -$_len); - } - } - - return $_plaintext; - '; - break; - case self::MODE_OFB8: - $encrypt = $init_encrypt . ' - $_ciphertext = ""; - $_len = strlen($_text); - $_iv = $this->encryptIV; - - for ($_i = 0; $_i < $_len; ++$_i) { - $in = $_iv; - ' . $encrypt_block . ' - $_ciphertext.= $_text[$_i] ^ $in; - $_iv = substr($_iv, 1) . $in[0]; - } - - if ($this->continuousBuffer) { - $this->encryptIV = $_iv; - } - - return $_ciphertext; - '; - $decrypt = $init_encrypt . ' - $_plaintext = ""; - $_len = strlen($_text); - $_iv = $this->decryptIV; - - for ($_i = 0; $_i < $_len; ++$_i) { - $in = $_iv; - ' . $encrypt_block . ' - $_plaintext.= $_text[$_i] ^ $in; - $_iv = substr($_iv, 1) . $in[0]; - } - - if ($this->continuousBuffer) { - $this->decryptIV = $_iv; - } - - return $_plaintext; - '; - break; - case self::MODE_OFB: - $encrypt = $init_encrypt . ' - $_ciphertext = ""; - $_plaintext_len = strlen($_text); - $_xor = $this->encryptIV; - $_buffer = &$this->enbuffer; - - if (strlen($_buffer["xor"])) { - for ($_i = 0; $_i < $_plaintext_len; $_i+= ' . $block_size . ') { - $_block = substr($_text, $_i, ' . $block_size . '); - if (strlen($_block) > strlen($_buffer["xor"])) { - $in = $_xor; - ' . $encrypt_block . ' - $_xor = $in; - $_buffer["xor"].= $_xor; - } - $_key = \phpseclib3\Common\Functions\Strings::shift($_buffer["xor"], ' . $block_size . '); - $_ciphertext.= $_block ^ $_key; - } - } else { - for ($_i = 0; $_i < $_plaintext_len; $_i+= ' . $block_size . ') { - $in = $_xor; - ' . $encrypt_block . ' - $_xor = $in; - $_ciphertext.= substr($_text, $_i, ' . $block_size . ') ^ $_xor; - } - $_key = $_xor; - } - if ($this->continuousBuffer) { - $this->encryptIV = $_xor; - if ($_start = $_plaintext_len % ' . $block_size . ') { - $_buffer["xor"] = substr($_key, $_start) . $_buffer["xor"]; - } - } - return $_ciphertext; - '; - - $decrypt = $init_encrypt . ' - $_plaintext = ""; - $_ciphertext_len = strlen($_text); - $_xor = $this->decryptIV; - $_buffer = &$this->debuffer; - - if (strlen($_buffer["xor"])) { - for ($_i = 0; $_i < $_ciphertext_len; $_i+= ' . $block_size . ') { - $_block = substr($_text, $_i, ' . $block_size . '); - if (strlen($_block) > strlen($_buffer["xor"])) { - $in = $_xor; - ' . $encrypt_block . ' - $_xor = $in; - $_buffer["xor"].= $_xor; - } - $_key = \phpseclib3\Common\Functions\Strings::shift($_buffer["xor"], ' . $block_size . '); - $_plaintext.= $_block ^ $_key; - } - } else { - for ($_i = 0; $_i < $_ciphertext_len; $_i+= ' . $block_size . ') { - $in = $_xor; - ' . $encrypt_block . ' - $_xor = $in; - $_plaintext.= substr($_text, $_i, ' . $block_size . ') ^ $_xor; - } - $_key = $_xor; - } - if ($this->continuousBuffer) { - $this->decryptIV = $_xor; - if ($_start = $_ciphertext_len % ' . $block_size . ') { - $_buffer["xor"] = substr($_key, $_start) . $_buffer["xor"]; - } - } - return $_plaintext; - '; - break; - case self::MODE_STREAM: - $encrypt = $init_encrypt . ' - $_ciphertext = ""; - ' . $encrypt_block . ' - return $_ciphertext; - '; - $decrypt = $init_decrypt . ' - $_plaintext = ""; - ' . $decrypt_block . ' - return $_plaintext; - '; - break; - // case self::MODE_CBC: - default: - $encrypt = $init_encrypt . ' - $_ciphertext = ""; - $_plaintext_len = strlen($_text); - - $in = $this->encryptIV; - - for ($_i = 0; $_i < $_plaintext_len; $_i+= ' . $block_size . ') { - $in = substr($_text, $_i, ' . $block_size . ') ^ $in; - ' . $encrypt_block . ' - $_ciphertext.= $in; - } - - if ($this->continuousBuffer) { - $this->encryptIV = $in; - } - - return $_ciphertext; - '; - - $decrypt = $init_decrypt . ' - $_plaintext = ""; - $_text = str_pad($_text, strlen($_text) + (' . $block_size . ' - strlen($_text) % ' . $block_size . ') % ' . $block_size . ', chr(0)); - $_ciphertext_len = strlen($_text); - - $_iv = $this->decryptIV; - - for ($_i = 0; $_i < $_ciphertext_len; $_i+= ' . $block_size . ') { - $in = $_block = substr($_text, $_i, ' . $block_size . '); - ' . $decrypt_block . ' - $_plaintext.= $in ^ $_iv; - $_iv = $_block; - } - - if ($this->continuousBuffer) { - $this->decryptIV = $_iv; - } - - return $this->unpad($_plaintext); - '; - break; - } - - // Before discrediting this, please read the following: - // @see https://github.com/phpseclib/phpseclib/issues/1293 - // @see https://github.com/phpseclib/phpseclib/pull/1143 - eval('$func = function ($_action, $_text) { ' . $init_crypt . 'if ($_action == "encrypt") { ' . $encrypt . ' } else { ' . $decrypt . ' }};'); - - return \Closure::bind($func, $this, static::class); - } - - /** - * Convert float to int - * - * On ARM CPUs converting floats to ints doesn't always work - * - * @param string $x - * @return int - */ - protected static function safe_intval($x) - { - if (is_int($x)) { - return $x; - } - - if (self::$use_reg_intval) { - return PHP_INT_SIZE == 4 && PHP_VERSION_ID >= 80100 ? intval($x) : $x; - } - - return (fmod($x, 0x80000000) & 0x7FFFFFFF) | - ((fmod(floor($x / 0x80000000), 2) & 1) << 31); - } - - /** - * eval()'able string for in-line float to int - * - * @return string - */ - protected static function safe_intval_inline() - { - if (self::$use_reg_intval) { - return PHP_INT_SIZE == 4 && PHP_VERSION_ID >= 80100 ? 'intval(%s)' : '%s'; - } - - $safeint = '(is_int($temp = %s) ? $temp : (fmod($temp, 0x80000000) & 0x7FFFFFFF) | '; - return $safeint . '((fmod(floor($temp / 0x80000000), 2) & 1) << 31))'; - } - - /** - * Sets up GCM parameters - * - * See steps 1-2 of https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf#page=23 - * for more info - * - */ - private function setupGCM() - { - // don't keep on re-calculating $this->h - if (!$this->h || $this->hKey != $this->key) { - $cipher = new static('ecb'); - $cipher->setKey($this->key); - $cipher->disablePadding(); - - $this->h = self::$gcmField->newInteger( - Strings::switchEndianness($cipher->encrypt("\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0")) - ); - $this->hKey = $this->key; - } - - if (strlen($this->nonce) == 12) { - $this->iv = $this->nonce . "\0\0\0\1"; - } else { - $this->iv = $this->ghash( - self::nullPad128($this->nonce) . str_repeat("\0", 8) . self::len64($this->nonce) - ); - } - } - - /** - * Performs GHASH operation - * - * See https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf#page=20 - * for more info - * - * @see self::decrypt() - * @see self::encrypt() - * @param string $x - * @return string - */ - private function ghash($x) - { - $h = $this->h; - $y = ["\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"]; - $x = str_split($x, 16); - $n = 0; - // the switchEndianness calls are necessary because the multiplication algorithm in BinaryField/Integer - // interprets strings as polynomials in big endian order whereas in GCM they're interpreted in little - // endian order per https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf#page=19. - // big endian order is what binary field elliptic curves use per http://www.secg.org/sec1-v2.pdf#page=18. - - // we could switchEndianness here instead of in the while loop but doing so in the while loop seems like it - // might be slightly more performant - //$x = Strings::switchEndianness($x); - foreach ($x as $xn) { - $xn = Strings::switchEndianness($xn); - $t = $y[$n] ^ $xn; - $temp = self::$gcmField->newInteger($t); - $y[++$n] = $temp->multiply($h)->toBytes(); - $y[$n] = substr($y[$n], 1); - } - $y[$n] = Strings::switchEndianness($y[$n]); - return $y[$n]; - } - - /** - * Returns the bit length of a string in a packed format - * - * @see self::decrypt() - * @see self::encrypt() - * @see self::setupGCM() - * @param string $str - * @return string - */ - private static function len64($str) - { - return "\0\0\0\0" . pack('N', 8 * strlen($str)); - } - - /** - * NULL pads a string to be a multiple of 128 - * - * @see self::decrypt() - * @see self::encrypt() - * @see self::setupGCM() - * @param string $str - * @return string - */ - protected static function nullPad128($str) - { - $len = strlen($str); - return $str . str_repeat("\0", 16 * ceil($len / 16) - $len); - } - - /** - * Calculates Poly1305 MAC - * - * On my system ChaCha20, with libsodium, takes 0.5s. With this custom Poly1305 implementation - * it takes 1.2s. - * - * @see self::decrypt() - * @see self::encrypt() - * @param string $text - * @return string - */ - protected function poly1305($text) - { - $s = $this->poly1305Key; // strlen($this->poly1305Key) == 32 - $r = Strings::shift($s, 16); - $r = strrev($r); - $r &= "\x0f\xff\xff\xfc\x0f\xff\xff\xfc\x0f\xff\xff\xfc\x0f\xff\xff\xff"; - $s = strrev($s); - - $r = self::$poly1305Field->newInteger(new BigInteger($r, 256)); - $s = self::$poly1305Field->newInteger(new BigInteger($s, 256)); - $a = self::$poly1305Field->newInteger(new BigInteger()); - - $blocks = str_split($text, 16); - foreach ($blocks as $block) { - $n = strrev($block . chr(1)); - $n = self::$poly1305Field->newInteger(new BigInteger($n, 256)); - $a = $a->add($n); - $a = $a->multiply($r); - } - $r = $a->toBigInteger()->add($s->toBigInteger()); - $mask = "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"; - return strrev($r->toBytes()) & $mask; - } - - /** - * Return the mode - * - * You can do $obj instanceof AES or whatever to get the cipher but you can't do that to get the mode - * - * @return string - */ - public function getMode() - { - return array_flip(self::MODE_MAP)[$this->mode]; - } - - /** - * Is the continuous buffer enabled? - * - * @return boolean - */ - public function continuousBufferEnabled() - { - return $this->continuousBuffer; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Traits/Fingerprint.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Traits/Fingerprint.php deleted file mode 100644 index 9ca8926..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Traits/Fingerprint.php +++ /dev/null @@ -1,57 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\Common\Traits; - -use phpseclib3\Crypt\Hash; - -/** - * Fingerprint Trait for Private Keys - * - * @author Jim Wigginton - */ -trait Fingerprint -{ - /** - * Returns the public key's fingerprint - * - * The public key's fingerprint is returned, which is equivalent to running `ssh-keygen -lf rsa.pub`. If there is - * no public key currently loaded, false is returned. - * Example output (md5): "c1:b1:30:29:d7:b8:de:6c:97:77:10:d7:46:41:63:87" (as specified by RFC 4716) - * - * @param string $algorithm The hashing algorithm to be used. Valid options are 'md5' and 'sha256'. False is returned - * for invalid values. - * @return mixed - */ - public function getFingerprint($algorithm = 'md5') - { - $type = self::validatePlugin('Keys', 'OpenSSH', 'savePublicKey'); - if ($type === false) { - return false; - } - $key = $this->toString('OpenSSH', ['binary' => true]); - if ($key === false) { - return false; - } - switch ($algorithm) { - case 'sha256': - $hash = new Hash('sha256'); - $base = base64_encode($hash->hash($key)); - return substr($base, 0, strlen($base) - 1); - case 'md5': - return substr(chunk_split(md5($key), 2, ':'), 0, -1); - default: - return false; - } - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Traits/PasswordProtected.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Traits/PasswordProtected.php deleted file mode 100644 index 0ac274e..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Traits/PasswordProtected.php +++ /dev/null @@ -1,46 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\Common\Traits; - -/** - * Password Protected Trait for Private Keys - * - * @author Jim Wigginton - */ -trait PasswordProtected -{ - /** - * Password - * - * @var string|bool - */ - private $password = false; - - /** - * Sets the password - * - * Private keys can be encrypted with a password. To unset the password, pass in the empty string or false. - * Or rather, pass in $password such that empty($password) && !is_string($password) is true. - * - * @see self::createKey() - * @see self::load() - * @param string|bool $password - */ - public function withPassword($password = false) - { - $new = clone $this; - $new->password = $password; - return $new; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DES.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DES.php deleted file mode 100644 index 3b03830..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DES.php +++ /dev/null @@ -1,1392 +0,0 @@ - - * setKey('abcdefgh'); - * - * $size = 10 * 1024; - * $plaintext = ''; - * for ($i = 0; $i < $size; $i++) { - * $plaintext.= 'a'; - * } - * - * echo $des->decrypt($des->encrypt($plaintext)); - * ?> - * - * - * @author Jim Wigginton - * @copyright 2007 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt; - -use phpseclib3\Crypt\Common\BlockCipher; -use phpseclib3\Exception\BadModeException; - -/** - * Pure-PHP implementation of DES. - * - * @author Jim Wigginton - */ -class DES extends BlockCipher -{ - /** - * Contains $keys[self::ENCRYPT] - * - * @see \phpseclib3\Crypt\DES::setupKey() - * @see \phpseclib3\Crypt\DES::processBlock() - */ - const ENCRYPT = 0; - /** - * Contains $keys[self::DECRYPT] - * - * @see \phpseclib3\Crypt\DES::setupKey() - * @see \phpseclib3\Crypt\DES::processBlock() - */ - const DECRYPT = 1; - - /** - * Block Length of the cipher - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::block_size - * @var int - */ - protected $block_size = 8; - - /** - * Key Length (in bytes) - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::setKeyLength() - * @var int - */ - protected $key_length = 8; - - /** - * The mcrypt specific name of the cipher - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::cipher_name_mcrypt - * @var string - */ - protected $cipher_name_mcrypt = 'des'; - - /** - * The OpenSSL names of the cipher / modes - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::openssl_mode_names - * @var array - */ - protected $openssl_mode_names = [ - self::MODE_ECB => 'des-ecb', - self::MODE_CBC => 'des-cbc', - self::MODE_CFB => 'des-cfb', - self::MODE_OFB => 'des-ofb' - // self::MODE_CTR is undefined for DES - ]; - - /** - * Optimizing value while CFB-encrypting - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::cfb_init_len - * @var int - */ - protected $cfb_init_len = 500; - - /** - * Switch for DES/3DES encryption - * - * Used only if $engine == self::ENGINE_INTERNAL - * - * @see self::setupKey() - * @see self::processBlock() - * @var int - */ - protected $des_rounds = 1; - - /** - * max possible size of $key - * - * @see self::setKey() - * @var string - */ - protected $key_length_max = 8; - - /** - * The Key Schedule - * - * @see self::setupKey() - * @var array - */ - private $keys; - - /** - * Key Cache "key" - * - * @see self::setupKey() - * @var array - */ - private $kl; - - /** - * Shuffle table. - * - * For each byte value index, the entry holds an 8-byte string - * with each byte containing all bits in the same state as the - * corresponding bit in the index value. - * - * @see self::processBlock() - * @see self::setupKey() - * @var array - */ - protected static $shuffle = [ - "\x00\x00\x00\x00\x00\x00\x00\x00", "\x00\x00\x00\x00\x00\x00\x00\xFF", - "\x00\x00\x00\x00\x00\x00\xFF\x00", "\x00\x00\x00\x00\x00\x00\xFF\xFF", - "\x00\x00\x00\x00\x00\xFF\x00\x00", "\x00\x00\x00\x00\x00\xFF\x00\xFF", - "\x00\x00\x00\x00\x00\xFF\xFF\x00", "\x00\x00\x00\x00\x00\xFF\xFF\xFF", - "\x00\x00\x00\x00\xFF\x00\x00\x00", "\x00\x00\x00\x00\xFF\x00\x00\xFF", - "\x00\x00\x00\x00\xFF\x00\xFF\x00", "\x00\x00\x00\x00\xFF\x00\xFF\xFF", - "\x00\x00\x00\x00\xFF\xFF\x00\x00", "\x00\x00\x00\x00\xFF\xFF\x00\xFF", - "\x00\x00\x00\x00\xFF\xFF\xFF\x00", "\x00\x00\x00\x00\xFF\xFF\xFF\xFF", - "\x00\x00\x00\xFF\x00\x00\x00\x00", "\x00\x00\x00\xFF\x00\x00\x00\xFF", - "\x00\x00\x00\xFF\x00\x00\xFF\x00", "\x00\x00\x00\xFF\x00\x00\xFF\xFF", - "\x00\x00\x00\xFF\x00\xFF\x00\x00", "\x00\x00\x00\xFF\x00\xFF\x00\xFF", - "\x00\x00\x00\xFF\x00\xFF\xFF\x00", "\x00\x00\x00\xFF\x00\xFF\xFF\xFF", - "\x00\x00\x00\xFF\xFF\x00\x00\x00", "\x00\x00\x00\xFF\xFF\x00\x00\xFF", - "\x00\x00\x00\xFF\xFF\x00\xFF\x00", "\x00\x00\x00\xFF\xFF\x00\xFF\xFF", - "\x00\x00\x00\xFF\xFF\xFF\x00\x00", "\x00\x00\x00\xFF\xFF\xFF\x00\xFF", - "\x00\x00\x00\xFF\xFF\xFF\xFF\x00", "\x00\x00\x00\xFF\xFF\xFF\xFF\xFF", - "\x00\x00\xFF\x00\x00\x00\x00\x00", "\x00\x00\xFF\x00\x00\x00\x00\xFF", - "\x00\x00\xFF\x00\x00\x00\xFF\x00", "\x00\x00\xFF\x00\x00\x00\xFF\xFF", - "\x00\x00\xFF\x00\x00\xFF\x00\x00", "\x00\x00\xFF\x00\x00\xFF\x00\xFF", - "\x00\x00\xFF\x00\x00\xFF\xFF\x00", "\x00\x00\xFF\x00\x00\xFF\xFF\xFF", - "\x00\x00\xFF\x00\xFF\x00\x00\x00", "\x00\x00\xFF\x00\xFF\x00\x00\xFF", - "\x00\x00\xFF\x00\xFF\x00\xFF\x00", "\x00\x00\xFF\x00\xFF\x00\xFF\xFF", - "\x00\x00\xFF\x00\xFF\xFF\x00\x00", "\x00\x00\xFF\x00\xFF\xFF\x00\xFF", - "\x00\x00\xFF\x00\xFF\xFF\xFF\x00", "\x00\x00\xFF\x00\xFF\xFF\xFF\xFF", - "\x00\x00\xFF\xFF\x00\x00\x00\x00", "\x00\x00\xFF\xFF\x00\x00\x00\xFF", - "\x00\x00\xFF\xFF\x00\x00\xFF\x00", "\x00\x00\xFF\xFF\x00\x00\xFF\xFF", - "\x00\x00\xFF\xFF\x00\xFF\x00\x00", "\x00\x00\xFF\xFF\x00\xFF\x00\xFF", - "\x00\x00\xFF\xFF\x00\xFF\xFF\x00", "\x00\x00\xFF\xFF\x00\xFF\xFF\xFF", - "\x00\x00\xFF\xFF\xFF\x00\x00\x00", "\x00\x00\xFF\xFF\xFF\x00\x00\xFF", - "\x00\x00\xFF\xFF\xFF\x00\xFF\x00", "\x00\x00\xFF\xFF\xFF\x00\xFF\xFF", - "\x00\x00\xFF\xFF\xFF\xFF\x00\x00", "\x00\x00\xFF\xFF\xFF\xFF\x00\xFF", - "\x00\x00\xFF\xFF\xFF\xFF\xFF\x00", "\x00\x00\xFF\xFF\xFF\xFF\xFF\xFF", - "\x00\xFF\x00\x00\x00\x00\x00\x00", "\x00\xFF\x00\x00\x00\x00\x00\xFF", - "\x00\xFF\x00\x00\x00\x00\xFF\x00", "\x00\xFF\x00\x00\x00\x00\xFF\xFF", - "\x00\xFF\x00\x00\x00\xFF\x00\x00", "\x00\xFF\x00\x00\x00\xFF\x00\xFF", - "\x00\xFF\x00\x00\x00\xFF\xFF\x00", "\x00\xFF\x00\x00\x00\xFF\xFF\xFF", - "\x00\xFF\x00\x00\xFF\x00\x00\x00", "\x00\xFF\x00\x00\xFF\x00\x00\xFF", - "\x00\xFF\x00\x00\xFF\x00\xFF\x00", "\x00\xFF\x00\x00\xFF\x00\xFF\xFF", - "\x00\xFF\x00\x00\xFF\xFF\x00\x00", "\x00\xFF\x00\x00\xFF\xFF\x00\xFF", - "\x00\xFF\x00\x00\xFF\xFF\xFF\x00", "\x00\xFF\x00\x00\xFF\xFF\xFF\xFF", - "\x00\xFF\x00\xFF\x00\x00\x00\x00", "\x00\xFF\x00\xFF\x00\x00\x00\xFF", - "\x00\xFF\x00\xFF\x00\x00\xFF\x00", "\x00\xFF\x00\xFF\x00\x00\xFF\xFF", - "\x00\xFF\x00\xFF\x00\xFF\x00\x00", "\x00\xFF\x00\xFF\x00\xFF\x00\xFF", - "\x00\xFF\x00\xFF\x00\xFF\xFF\x00", "\x00\xFF\x00\xFF\x00\xFF\xFF\xFF", - "\x00\xFF\x00\xFF\xFF\x00\x00\x00", "\x00\xFF\x00\xFF\xFF\x00\x00\xFF", - "\x00\xFF\x00\xFF\xFF\x00\xFF\x00", "\x00\xFF\x00\xFF\xFF\x00\xFF\xFF", - "\x00\xFF\x00\xFF\xFF\xFF\x00\x00", "\x00\xFF\x00\xFF\xFF\xFF\x00\xFF", - "\x00\xFF\x00\xFF\xFF\xFF\xFF\x00", "\x00\xFF\x00\xFF\xFF\xFF\xFF\xFF", - "\x00\xFF\xFF\x00\x00\x00\x00\x00", "\x00\xFF\xFF\x00\x00\x00\x00\xFF", - "\x00\xFF\xFF\x00\x00\x00\xFF\x00", "\x00\xFF\xFF\x00\x00\x00\xFF\xFF", - "\x00\xFF\xFF\x00\x00\xFF\x00\x00", "\x00\xFF\xFF\x00\x00\xFF\x00\xFF", - "\x00\xFF\xFF\x00\x00\xFF\xFF\x00", "\x00\xFF\xFF\x00\x00\xFF\xFF\xFF", - "\x00\xFF\xFF\x00\xFF\x00\x00\x00", "\x00\xFF\xFF\x00\xFF\x00\x00\xFF", - "\x00\xFF\xFF\x00\xFF\x00\xFF\x00", "\x00\xFF\xFF\x00\xFF\x00\xFF\xFF", - "\x00\xFF\xFF\x00\xFF\xFF\x00\x00", "\x00\xFF\xFF\x00\xFF\xFF\x00\xFF", - "\x00\xFF\xFF\x00\xFF\xFF\xFF\x00", "\x00\xFF\xFF\x00\xFF\xFF\xFF\xFF", - "\x00\xFF\xFF\xFF\x00\x00\x00\x00", "\x00\xFF\xFF\xFF\x00\x00\x00\xFF", - "\x00\xFF\xFF\xFF\x00\x00\xFF\x00", "\x00\xFF\xFF\xFF\x00\x00\xFF\xFF", - "\x00\xFF\xFF\xFF\x00\xFF\x00\x00", "\x00\xFF\xFF\xFF\x00\xFF\x00\xFF", - "\x00\xFF\xFF\xFF\x00\xFF\xFF\x00", "\x00\xFF\xFF\xFF\x00\xFF\xFF\xFF", - "\x00\xFF\xFF\xFF\xFF\x00\x00\x00", "\x00\xFF\xFF\xFF\xFF\x00\x00\xFF", - "\x00\xFF\xFF\xFF\xFF\x00\xFF\x00", "\x00\xFF\xFF\xFF\xFF\x00\xFF\xFF", - "\x00\xFF\xFF\xFF\xFF\xFF\x00\x00", "\x00\xFF\xFF\xFF\xFF\xFF\x00\xFF", - "\x00\xFF\xFF\xFF\xFF\xFF\xFF\x00", "\x00\xFF\xFF\xFF\xFF\xFF\xFF\xFF", - "\xFF\x00\x00\x00\x00\x00\x00\x00", "\xFF\x00\x00\x00\x00\x00\x00\xFF", - "\xFF\x00\x00\x00\x00\x00\xFF\x00", "\xFF\x00\x00\x00\x00\x00\xFF\xFF", - "\xFF\x00\x00\x00\x00\xFF\x00\x00", "\xFF\x00\x00\x00\x00\xFF\x00\xFF", - "\xFF\x00\x00\x00\x00\xFF\xFF\x00", "\xFF\x00\x00\x00\x00\xFF\xFF\xFF", - "\xFF\x00\x00\x00\xFF\x00\x00\x00", "\xFF\x00\x00\x00\xFF\x00\x00\xFF", - "\xFF\x00\x00\x00\xFF\x00\xFF\x00", "\xFF\x00\x00\x00\xFF\x00\xFF\xFF", - "\xFF\x00\x00\x00\xFF\xFF\x00\x00", "\xFF\x00\x00\x00\xFF\xFF\x00\xFF", - "\xFF\x00\x00\x00\xFF\xFF\xFF\x00", "\xFF\x00\x00\x00\xFF\xFF\xFF\xFF", - "\xFF\x00\x00\xFF\x00\x00\x00\x00", "\xFF\x00\x00\xFF\x00\x00\x00\xFF", - "\xFF\x00\x00\xFF\x00\x00\xFF\x00", "\xFF\x00\x00\xFF\x00\x00\xFF\xFF", - "\xFF\x00\x00\xFF\x00\xFF\x00\x00", "\xFF\x00\x00\xFF\x00\xFF\x00\xFF", - "\xFF\x00\x00\xFF\x00\xFF\xFF\x00", "\xFF\x00\x00\xFF\x00\xFF\xFF\xFF", - "\xFF\x00\x00\xFF\xFF\x00\x00\x00", "\xFF\x00\x00\xFF\xFF\x00\x00\xFF", - "\xFF\x00\x00\xFF\xFF\x00\xFF\x00", "\xFF\x00\x00\xFF\xFF\x00\xFF\xFF", - "\xFF\x00\x00\xFF\xFF\xFF\x00\x00", "\xFF\x00\x00\xFF\xFF\xFF\x00\xFF", - "\xFF\x00\x00\xFF\xFF\xFF\xFF\x00", "\xFF\x00\x00\xFF\xFF\xFF\xFF\xFF", - "\xFF\x00\xFF\x00\x00\x00\x00\x00", "\xFF\x00\xFF\x00\x00\x00\x00\xFF", - "\xFF\x00\xFF\x00\x00\x00\xFF\x00", "\xFF\x00\xFF\x00\x00\x00\xFF\xFF", - "\xFF\x00\xFF\x00\x00\xFF\x00\x00", "\xFF\x00\xFF\x00\x00\xFF\x00\xFF", - "\xFF\x00\xFF\x00\x00\xFF\xFF\x00", "\xFF\x00\xFF\x00\x00\xFF\xFF\xFF", - "\xFF\x00\xFF\x00\xFF\x00\x00\x00", "\xFF\x00\xFF\x00\xFF\x00\x00\xFF", - "\xFF\x00\xFF\x00\xFF\x00\xFF\x00", "\xFF\x00\xFF\x00\xFF\x00\xFF\xFF", - "\xFF\x00\xFF\x00\xFF\xFF\x00\x00", "\xFF\x00\xFF\x00\xFF\xFF\x00\xFF", - "\xFF\x00\xFF\x00\xFF\xFF\xFF\x00", "\xFF\x00\xFF\x00\xFF\xFF\xFF\xFF", - "\xFF\x00\xFF\xFF\x00\x00\x00\x00", "\xFF\x00\xFF\xFF\x00\x00\x00\xFF", - "\xFF\x00\xFF\xFF\x00\x00\xFF\x00", "\xFF\x00\xFF\xFF\x00\x00\xFF\xFF", - "\xFF\x00\xFF\xFF\x00\xFF\x00\x00", "\xFF\x00\xFF\xFF\x00\xFF\x00\xFF", - "\xFF\x00\xFF\xFF\x00\xFF\xFF\x00", "\xFF\x00\xFF\xFF\x00\xFF\xFF\xFF", - "\xFF\x00\xFF\xFF\xFF\x00\x00\x00", "\xFF\x00\xFF\xFF\xFF\x00\x00\xFF", - "\xFF\x00\xFF\xFF\xFF\x00\xFF\x00", "\xFF\x00\xFF\xFF\xFF\x00\xFF\xFF", - "\xFF\x00\xFF\xFF\xFF\xFF\x00\x00", "\xFF\x00\xFF\xFF\xFF\xFF\x00\xFF", - "\xFF\x00\xFF\xFF\xFF\xFF\xFF\x00", "\xFF\x00\xFF\xFF\xFF\xFF\xFF\xFF", - "\xFF\xFF\x00\x00\x00\x00\x00\x00", "\xFF\xFF\x00\x00\x00\x00\x00\xFF", - "\xFF\xFF\x00\x00\x00\x00\xFF\x00", "\xFF\xFF\x00\x00\x00\x00\xFF\xFF", - "\xFF\xFF\x00\x00\x00\xFF\x00\x00", "\xFF\xFF\x00\x00\x00\xFF\x00\xFF", - "\xFF\xFF\x00\x00\x00\xFF\xFF\x00", "\xFF\xFF\x00\x00\x00\xFF\xFF\xFF", - "\xFF\xFF\x00\x00\xFF\x00\x00\x00", "\xFF\xFF\x00\x00\xFF\x00\x00\xFF", - "\xFF\xFF\x00\x00\xFF\x00\xFF\x00", "\xFF\xFF\x00\x00\xFF\x00\xFF\xFF", - "\xFF\xFF\x00\x00\xFF\xFF\x00\x00", "\xFF\xFF\x00\x00\xFF\xFF\x00\xFF", - "\xFF\xFF\x00\x00\xFF\xFF\xFF\x00", "\xFF\xFF\x00\x00\xFF\xFF\xFF\xFF", - "\xFF\xFF\x00\xFF\x00\x00\x00\x00", "\xFF\xFF\x00\xFF\x00\x00\x00\xFF", - "\xFF\xFF\x00\xFF\x00\x00\xFF\x00", "\xFF\xFF\x00\xFF\x00\x00\xFF\xFF", - "\xFF\xFF\x00\xFF\x00\xFF\x00\x00", "\xFF\xFF\x00\xFF\x00\xFF\x00\xFF", - "\xFF\xFF\x00\xFF\x00\xFF\xFF\x00", "\xFF\xFF\x00\xFF\x00\xFF\xFF\xFF", - "\xFF\xFF\x00\xFF\xFF\x00\x00\x00", "\xFF\xFF\x00\xFF\xFF\x00\x00\xFF", - "\xFF\xFF\x00\xFF\xFF\x00\xFF\x00", "\xFF\xFF\x00\xFF\xFF\x00\xFF\xFF", - "\xFF\xFF\x00\xFF\xFF\xFF\x00\x00", "\xFF\xFF\x00\xFF\xFF\xFF\x00\xFF", - "\xFF\xFF\x00\xFF\xFF\xFF\xFF\x00", "\xFF\xFF\x00\xFF\xFF\xFF\xFF\xFF", - "\xFF\xFF\xFF\x00\x00\x00\x00\x00", "\xFF\xFF\xFF\x00\x00\x00\x00\xFF", - "\xFF\xFF\xFF\x00\x00\x00\xFF\x00", "\xFF\xFF\xFF\x00\x00\x00\xFF\xFF", - "\xFF\xFF\xFF\x00\x00\xFF\x00\x00", "\xFF\xFF\xFF\x00\x00\xFF\x00\xFF", - "\xFF\xFF\xFF\x00\x00\xFF\xFF\x00", "\xFF\xFF\xFF\x00\x00\xFF\xFF\xFF", - "\xFF\xFF\xFF\x00\xFF\x00\x00\x00", "\xFF\xFF\xFF\x00\xFF\x00\x00\xFF", - "\xFF\xFF\xFF\x00\xFF\x00\xFF\x00", "\xFF\xFF\xFF\x00\xFF\x00\xFF\xFF", - "\xFF\xFF\xFF\x00\xFF\xFF\x00\x00", "\xFF\xFF\xFF\x00\xFF\xFF\x00\xFF", - "\xFF\xFF\xFF\x00\xFF\xFF\xFF\x00", "\xFF\xFF\xFF\x00\xFF\xFF\xFF\xFF", - "\xFF\xFF\xFF\xFF\x00\x00\x00\x00", "\xFF\xFF\xFF\xFF\x00\x00\x00\xFF", - "\xFF\xFF\xFF\xFF\x00\x00\xFF\x00", "\xFF\xFF\xFF\xFF\x00\x00\xFF\xFF", - "\xFF\xFF\xFF\xFF\x00\xFF\x00\x00", "\xFF\xFF\xFF\xFF\x00\xFF\x00\xFF", - "\xFF\xFF\xFF\xFF\x00\xFF\xFF\x00", "\xFF\xFF\xFF\xFF\x00\xFF\xFF\xFF", - "\xFF\xFF\xFF\xFF\xFF\x00\x00\x00", "\xFF\xFF\xFF\xFF\xFF\x00\x00\xFF", - "\xFF\xFF\xFF\xFF\xFF\x00\xFF\x00", "\xFF\xFF\xFF\xFF\xFF\x00\xFF\xFF", - "\xFF\xFF\xFF\xFF\xFF\xFF\x00\x00", "\xFF\xFF\xFF\xFF\xFF\xFF\x00\xFF", - "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\x00", "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF" - ]; - - /** - * IP mapping helper table. - * - * Indexing this table with each source byte performs the initial bit permutation. - * - * @var array - */ - protected static $ipmap = [ - 0x00, 0x10, 0x01, 0x11, 0x20, 0x30, 0x21, 0x31, - 0x02, 0x12, 0x03, 0x13, 0x22, 0x32, 0x23, 0x33, - 0x40, 0x50, 0x41, 0x51, 0x60, 0x70, 0x61, 0x71, - 0x42, 0x52, 0x43, 0x53, 0x62, 0x72, 0x63, 0x73, - 0x04, 0x14, 0x05, 0x15, 0x24, 0x34, 0x25, 0x35, - 0x06, 0x16, 0x07, 0x17, 0x26, 0x36, 0x27, 0x37, - 0x44, 0x54, 0x45, 0x55, 0x64, 0x74, 0x65, 0x75, - 0x46, 0x56, 0x47, 0x57, 0x66, 0x76, 0x67, 0x77, - 0x80, 0x90, 0x81, 0x91, 0xA0, 0xB0, 0xA1, 0xB1, - 0x82, 0x92, 0x83, 0x93, 0xA2, 0xB2, 0xA3, 0xB3, - 0xC0, 0xD0, 0xC1, 0xD1, 0xE0, 0xF0, 0xE1, 0xF1, - 0xC2, 0xD2, 0xC3, 0xD3, 0xE2, 0xF2, 0xE3, 0xF3, - 0x84, 0x94, 0x85, 0x95, 0xA4, 0xB4, 0xA5, 0xB5, - 0x86, 0x96, 0x87, 0x97, 0xA6, 0xB6, 0xA7, 0xB7, - 0xC4, 0xD4, 0xC5, 0xD5, 0xE4, 0xF4, 0xE5, 0xF5, - 0xC6, 0xD6, 0xC7, 0xD7, 0xE6, 0xF6, 0xE7, 0xF7, - 0x08, 0x18, 0x09, 0x19, 0x28, 0x38, 0x29, 0x39, - 0x0A, 0x1A, 0x0B, 0x1B, 0x2A, 0x3A, 0x2B, 0x3B, - 0x48, 0x58, 0x49, 0x59, 0x68, 0x78, 0x69, 0x79, - 0x4A, 0x5A, 0x4B, 0x5B, 0x6A, 0x7A, 0x6B, 0x7B, - 0x0C, 0x1C, 0x0D, 0x1D, 0x2C, 0x3C, 0x2D, 0x3D, - 0x0E, 0x1E, 0x0F, 0x1F, 0x2E, 0x3E, 0x2F, 0x3F, - 0x4C, 0x5C, 0x4D, 0x5D, 0x6C, 0x7C, 0x6D, 0x7D, - 0x4E, 0x5E, 0x4F, 0x5F, 0x6E, 0x7E, 0x6F, 0x7F, - 0x88, 0x98, 0x89, 0x99, 0xA8, 0xB8, 0xA9, 0xB9, - 0x8A, 0x9A, 0x8B, 0x9B, 0xAA, 0xBA, 0xAB, 0xBB, - 0xC8, 0xD8, 0xC9, 0xD9, 0xE8, 0xF8, 0xE9, 0xF9, - 0xCA, 0xDA, 0xCB, 0xDB, 0xEA, 0xFA, 0xEB, 0xFB, - 0x8C, 0x9C, 0x8D, 0x9D, 0xAC, 0xBC, 0xAD, 0xBD, - 0x8E, 0x9E, 0x8F, 0x9F, 0xAE, 0xBE, 0xAF, 0xBF, - 0xCC, 0xDC, 0xCD, 0xDD, 0xEC, 0xFC, 0xED, 0xFD, - 0xCE, 0xDE, 0xCF, 0xDF, 0xEE, 0xFE, 0xEF, 0xFF - ]; - - /** - * Inverse IP mapping helper table. - * Indexing this table with a byte value reverses the bit order. - * - * @var array - */ - protected static $invipmap = [ - 0x00, 0x80, 0x40, 0xC0, 0x20, 0xA0, 0x60, 0xE0, - 0x10, 0x90, 0x50, 0xD0, 0x30, 0xB0, 0x70, 0xF0, - 0x08, 0x88, 0x48, 0xC8, 0x28, 0xA8, 0x68, 0xE8, - 0x18, 0x98, 0x58, 0xD8, 0x38, 0xB8, 0x78, 0xF8, - 0x04, 0x84, 0x44, 0xC4, 0x24, 0xA4, 0x64, 0xE4, - 0x14, 0x94, 0x54, 0xD4, 0x34, 0xB4, 0x74, 0xF4, - 0x0C, 0x8C, 0x4C, 0xCC, 0x2C, 0xAC, 0x6C, 0xEC, - 0x1C, 0x9C, 0x5C, 0xDC, 0x3C, 0xBC, 0x7C, 0xFC, - 0x02, 0x82, 0x42, 0xC2, 0x22, 0xA2, 0x62, 0xE2, - 0x12, 0x92, 0x52, 0xD2, 0x32, 0xB2, 0x72, 0xF2, - 0x0A, 0x8A, 0x4A, 0xCA, 0x2A, 0xAA, 0x6A, 0xEA, - 0x1A, 0x9A, 0x5A, 0xDA, 0x3A, 0xBA, 0x7A, 0xFA, - 0x06, 0x86, 0x46, 0xC6, 0x26, 0xA6, 0x66, 0xE6, - 0x16, 0x96, 0x56, 0xD6, 0x36, 0xB6, 0x76, 0xF6, - 0x0E, 0x8E, 0x4E, 0xCE, 0x2E, 0xAE, 0x6E, 0xEE, - 0x1E, 0x9E, 0x5E, 0xDE, 0x3E, 0xBE, 0x7E, 0xFE, - 0x01, 0x81, 0x41, 0xC1, 0x21, 0xA1, 0x61, 0xE1, - 0x11, 0x91, 0x51, 0xD1, 0x31, 0xB1, 0x71, 0xF1, - 0x09, 0x89, 0x49, 0xC9, 0x29, 0xA9, 0x69, 0xE9, - 0x19, 0x99, 0x59, 0xD9, 0x39, 0xB9, 0x79, 0xF9, - 0x05, 0x85, 0x45, 0xC5, 0x25, 0xA5, 0x65, 0xE5, - 0x15, 0x95, 0x55, 0xD5, 0x35, 0xB5, 0x75, 0xF5, - 0x0D, 0x8D, 0x4D, 0xCD, 0x2D, 0xAD, 0x6D, 0xED, - 0x1D, 0x9D, 0x5D, 0xDD, 0x3D, 0xBD, 0x7D, 0xFD, - 0x03, 0x83, 0x43, 0xC3, 0x23, 0xA3, 0x63, 0xE3, - 0x13, 0x93, 0x53, 0xD3, 0x33, 0xB3, 0x73, 0xF3, - 0x0B, 0x8B, 0x4B, 0xCB, 0x2B, 0xAB, 0x6B, 0xEB, - 0x1B, 0x9B, 0x5B, 0xDB, 0x3B, 0xBB, 0x7B, 0xFB, - 0x07, 0x87, 0x47, 0xC7, 0x27, 0xA7, 0x67, 0xE7, - 0x17, 0x97, 0x57, 0xD7, 0x37, 0xB7, 0x77, 0xF7, - 0x0F, 0x8F, 0x4F, 0xCF, 0x2F, 0xAF, 0x6F, 0xEF, - 0x1F, 0x9F, 0x5F, 0xDF, 0x3F, 0xBF, 0x7F, 0xFF - ]; - - /** - * Pre-permuted S-box1 - * - * Each box ($sbox1-$sbox8) has been vectorized, then each value pre-permuted using the - * P table: concatenation can then be replaced by exclusive ORs. - * - * @var array - */ - protected static $sbox1 = [ - 0x00808200, 0x00000000, 0x00008000, 0x00808202, - 0x00808002, 0x00008202, 0x00000002, 0x00008000, - 0x00000200, 0x00808200, 0x00808202, 0x00000200, - 0x00800202, 0x00808002, 0x00800000, 0x00000002, - 0x00000202, 0x00800200, 0x00800200, 0x00008200, - 0x00008200, 0x00808000, 0x00808000, 0x00800202, - 0x00008002, 0x00800002, 0x00800002, 0x00008002, - 0x00000000, 0x00000202, 0x00008202, 0x00800000, - 0x00008000, 0x00808202, 0x00000002, 0x00808000, - 0x00808200, 0x00800000, 0x00800000, 0x00000200, - 0x00808002, 0x00008000, 0x00008200, 0x00800002, - 0x00000200, 0x00000002, 0x00800202, 0x00008202, - 0x00808202, 0x00008002, 0x00808000, 0x00800202, - 0x00800002, 0x00000202, 0x00008202, 0x00808200, - 0x00000202, 0x00800200, 0x00800200, 0x00000000, - 0x00008002, 0x00008200, 0x00000000, 0x00808002 - ]; - - /** - * Pre-permuted S-box2 - * - * @var array - */ - protected static $sbox2 = [ - 0x40084010, 0x40004000, 0x00004000, 0x00084010, - 0x00080000, 0x00000010, 0x40080010, 0x40004010, - 0x40000010, 0x40084010, 0x40084000, 0x40000000, - 0x40004000, 0x00080000, 0x00000010, 0x40080010, - 0x00084000, 0x00080010, 0x40004010, 0x00000000, - 0x40000000, 0x00004000, 0x00084010, 0x40080000, - 0x00080010, 0x40000010, 0x00000000, 0x00084000, - 0x00004010, 0x40084000, 0x40080000, 0x00004010, - 0x00000000, 0x00084010, 0x40080010, 0x00080000, - 0x40004010, 0x40080000, 0x40084000, 0x00004000, - 0x40080000, 0x40004000, 0x00000010, 0x40084010, - 0x00084010, 0x00000010, 0x00004000, 0x40000000, - 0x00004010, 0x40084000, 0x00080000, 0x40000010, - 0x00080010, 0x40004010, 0x40000010, 0x00080010, - 0x00084000, 0x00000000, 0x40004000, 0x00004010, - 0x40000000, 0x40080010, 0x40084010, 0x00084000 - ]; - - /** - * Pre-permuted S-box3 - * - * @var array - */ - protected static $sbox3 = [ - 0x00000104, 0x04010100, 0x00000000, 0x04010004, - 0x04000100, 0x00000000, 0x00010104, 0x04000100, - 0x00010004, 0x04000004, 0x04000004, 0x00010000, - 0x04010104, 0x00010004, 0x04010000, 0x00000104, - 0x04000000, 0x00000004, 0x04010100, 0x00000100, - 0x00010100, 0x04010000, 0x04010004, 0x00010104, - 0x04000104, 0x00010100, 0x00010000, 0x04000104, - 0x00000004, 0x04010104, 0x00000100, 0x04000000, - 0x04010100, 0x04000000, 0x00010004, 0x00000104, - 0x00010000, 0x04010100, 0x04000100, 0x00000000, - 0x00000100, 0x00010004, 0x04010104, 0x04000100, - 0x04000004, 0x00000100, 0x00000000, 0x04010004, - 0x04000104, 0x00010000, 0x04000000, 0x04010104, - 0x00000004, 0x00010104, 0x00010100, 0x04000004, - 0x04010000, 0x04000104, 0x00000104, 0x04010000, - 0x00010104, 0x00000004, 0x04010004, 0x00010100 - ]; - - /** - * Pre-permuted S-box4 - * - * @var array - */ - protected static $sbox4 = [ - 0x80401000, 0x80001040, 0x80001040, 0x00000040, - 0x00401040, 0x80400040, 0x80400000, 0x80001000, - 0x00000000, 0x00401000, 0x00401000, 0x80401040, - 0x80000040, 0x00000000, 0x00400040, 0x80400000, - 0x80000000, 0x00001000, 0x00400000, 0x80401000, - 0x00000040, 0x00400000, 0x80001000, 0x00001040, - 0x80400040, 0x80000000, 0x00001040, 0x00400040, - 0x00001000, 0x00401040, 0x80401040, 0x80000040, - 0x00400040, 0x80400000, 0x00401000, 0x80401040, - 0x80000040, 0x00000000, 0x00000000, 0x00401000, - 0x00001040, 0x00400040, 0x80400040, 0x80000000, - 0x80401000, 0x80001040, 0x80001040, 0x00000040, - 0x80401040, 0x80000040, 0x80000000, 0x00001000, - 0x80400000, 0x80001000, 0x00401040, 0x80400040, - 0x80001000, 0x00001040, 0x00400000, 0x80401000, - 0x00000040, 0x00400000, 0x00001000, 0x00401040 - ]; - - /** - * Pre-permuted S-box5 - * - * @var array - */ - protected static $sbox5 = [ - 0x00000080, 0x01040080, 0x01040000, 0x21000080, - 0x00040000, 0x00000080, 0x20000000, 0x01040000, - 0x20040080, 0x00040000, 0x01000080, 0x20040080, - 0x21000080, 0x21040000, 0x00040080, 0x20000000, - 0x01000000, 0x20040000, 0x20040000, 0x00000000, - 0x20000080, 0x21040080, 0x21040080, 0x01000080, - 0x21040000, 0x20000080, 0x00000000, 0x21000000, - 0x01040080, 0x01000000, 0x21000000, 0x00040080, - 0x00040000, 0x21000080, 0x00000080, 0x01000000, - 0x20000000, 0x01040000, 0x21000080, 0x20040080, - 0x01000080, 0x20000000, 0x21040000, 0x01040080, - 0x20040080, 0x00000080, 0x01000000, 0x21040000, - 0x21040080, 0x00040080, 0x21000000, 0x21040080, - 0x01040000, 0x00000000, 0x20040000, 0x21000000, - 0x00040080, 0x01000080, 0x20000080, 0x00040000, - 0x00000000, 0x20040000, 0x01040080, 0x20000080 - ]; - - /** - * Pre-permuted S-box6 - * - * @var array - */ - protected static $sbox6 = [ - 0x10000008, 0x10200000, 0x00002000, 0x10202008, - 0x10200000, 0x00000008, 0x10202008, 0x00200000, - 0x10002000, 0x00202008, 0x00200000, 0x10000008, - 0x00200008, 0x10002000, 0x10000000, 0x00002008, - 0x00000000, 0x00200008, 0x10002008, 0x00002000, - 0x00202000, 0x10002008, 0x00000008, 0x10200008, - 0x10200008, 0x00000000, 0x00202008, 0x10202000, - 0x00002008, 0x00202000, 0x10202000, 0x10000000, - 0x10002000, 0x00000008, 0x10200008, 0x00202000, - 0x10202008, 0x00200000, 0x00002008, 0x10000008, - 0x00200000, 0x10002000, 0x10000000, 0x00002008, - 0x10000008, 0x10202008, 0x00202000, 0x10200000, - 0x00202008, 0x10202000, 0x00000000, 0x10200008, - 0x00000008, 0x00002000, 0x10200000, 0x00202008, - 0x00002000, 0x00200008, 0x10002008, 0x00000000, - 0x10202000, 0x10000000, 0x00200008, 0x10002008 - ]; - - /** - * Pre-permuted S-box7 - * - * @var array - */ - protected static $sbox7 = [ - 0x00100000, 0x02100001, 0x02000401, 0x00000000, - 0x00000400, 0x02000401, 0x00100401, 0x02100400, - 0x02100401, 0x00100000, 0x00000000, 0x02000001, - 0x00000001, 0x02000000, 0x02100001, 0x00000401, - 0x02000400, 0x00100401, 0x00100001, 0x02000400, - 0x02000001, 0x02100000, 0x02100400, 0x00100001, - 0x02100000, 0x00000400, 0x00000401, 0x02100401, - 0x00100400, 0x00000001, 0x02000000, 0x00100400, - 0x02000000, 0x00100400, 0x00100000, 0x02000401, - 0x02000401, 0x02100001, 0x02100001, 0x00000001, - 0x00100001, 0x02000000, 0x02000400, 0x00100000, - 0x02100400, 0x00000401, 0x00100401, 0x02100400, - 0x00000401, 0x02000001, 0x02100401, 0x02100000, - 0x00100400, 0x00000000, 0x00000001, 0x02100401, - 0x00000000, 0x00100401, 0x02100000, 0x00000400, - 0x02000001, 0x02000400, 0x00000400, 0x00100001 - ]; - - /** - * Pre-permuted S-box8 - * - * @var array - */ - protected static $sbox8 = [ - 0x08000820, 0x00000800, 0x00020000, 0x08020820, - 0x08000000, 0x08000820, 0x00000020, 0x08000000, - 0x00020020, 0x08020000, 0x08020820, 0x00020800, - 0x08020800, 0x00020820, 0x00000800, 0x00000020, - 0x08020000, 0x08000020, 0x08000800, 0x00000820, - 0x00020800, 0x00020020, 0x08020020, 0x08020800, - 0x00000820, 0x00000000, 0x00000000, 0x08020020, - 0x08000020, 0x08000800, 0x00020820, 0x00020000, - 0x00020820, 0x00020000, 0x08020800, 0x00000800, - 0x00000020, 0x08020020, 0x00000800, 0x00020820, - 0x08000800, 0x00000020, 0x08000020, 0x08020000, - 0x08020020, 0x08000000, 0x00020000, 0x08000820, - 0x00000000, 0x08020820, 0x00020020, 0x08000020, - 0x08020000, 0x08000800, 0x08000820, 0x00000000, - 0x08020820, 0x00020800, 0x00020800, 0x00000820, - 0x00000820, 0x00020020, 0x08000000, 0x08020800 - ]; - - /** - * Default Constructor. - * - * @param string $mode - * @throws BadModeException if an invalid / unsupported mode is provided - */ - public function __construct($mode) - { - parent::__construct($mode); - - if ($this->mode == self::MODE_STREAM) { - throw new BadModeException('Block ciphers cannot be ran in stream mode'); - } - } - - /** - * Test for engine validity - * - * This is mainly just a wrapper to set things up for \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine() - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine() - * @param int $engine - * @return bool - */ - protected function isValidEngineHelper($engine) - { - if ($this->key_length_max == 8) { - if ($engine == self::ENGINE_OPENSSL) { - // quoting https://www.openssl.org/news/openssl-3.0-notes.html, OpenSSL 3.0.1 - // "Moved all variations of the EVP ciphers CAST5, BF, IDEA, SEED, RC2, RC4, RC5, and DES to the legacy provider" - // in theory openssl_get_cipher_methods() should catch this but, on GitHub Actions, at least, it does not - if (defined('OPENSSL_VERSION_TEXT') && version_compare(preg_replace('#OpenSSL (\d+\.\d+\.\d+) .*#', '$1', OPENSSL_VERSION_TEXT), '3.0.1', '>=')) { - return false; - } - $this->cipher_name_openssl_ecb = 'des-ecb'; - $this->cipher_name_openssl = 'des-' . $this->openssl_translate_mode(); - } - } - - return parent::isValidEngineHelper($engine); - } - - /** - * Sets the key. - * - * Keys must be 64-bits long or 8 bytes long. - * - * DES also requires that every eighth bit be a parity bit, however, we'll ignore that. - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::setKey() - * @param string $key - */ - public function setKey($key) - { - if (!($this instanceof TripleDES) && strlen($key) != 8) { - throw new \LengthException('Key of size ' . strlen($key) . ' not supported by this algorithm. Only keys of size 8 are supported'); - } - - // Sets the key - parent::setKey($key); - } - - /** - * Encrypts a block - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::encryptBlock() - * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() - * @see self::encrypt() - * @param string $in - * @return string - */ - protected function encryptBlock($in) - { - return $this->processBlock($in, self::ENCRYPT); - } - - /** - * Decrypts a block - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::decryptBlock() - * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() - * @see self::decrypt() - * @param string $in - * @return string - */ - protected function decryptBlock($in) - { - return $this->processBlock($in, self::DECRYPT); - } - - /** - * Encrypts or decrypts a 64-bit block - * - * $mode should be either self::ENCRYPT or self::DECRYPT. See - * {@link http://en.wikipedia.org/wiki/Image:Feistel.png Feistel.png} to get a general - * idea of what this function does. - * - * @see self::encryptBlock() - * @see self::decryptBlock() - * @param string $block - * @param int $mode - * @return string - */ - private function processBlock($block, $mode) - { - static $sbox1, $sbox2, $sbox3, $sbox4, $sbox5, $sbox6, $sbox7, $sbox8, $shuffleip, $shuffleinvip; - if (!$sbox1) { - $sbox1 = array_map('intval', self::$sbox1); - $sbox2 = array_map('intval', self::$sbox2); - $sbox3 = array_map('intval', self::$sbox3); - $sbox4 = array_map('intval', self::$sbox4); - $sbox5 = array_map('intval', self::$sbox5); - $sbox6 = array_map('intval', self::$sbox6); - $sbox7 = array_map('intval', self::$sbox7); - $sbox8 = array_map('intval', self::$sbox8); - /* Merge $shuffle with $[inv]ipmap */ - for ($i = 0; $i < 256; ++$i) { - $shuffleip[] = self::$shuffle[self::$ipmap[$i]]; - $shuffleinvip[] = self::$shuffle[self::$invipmap[$i]]; - } - } - - $keys = $this->keys[$mode]; - $ki = -1; - - // Do the initial IP permutation. - $t = unpack('Nl/Nr', $block); - list($l, $r) = [$t['l'], $t['r']]; - $block = ($shuffleip[ $r & 0xFF] & "\x80\x80\x80\x80\x80\x80\x80\x80") | - ($shuffleip[($r >> 8) & 0xFF] & "\x40\x40\x40\x40\x40\x40\x40\x40") | - ($shuffleip[($r >> 16) & 0xFF] & "\x20\x20\x20\x20\x20\x20\x20\x20") | - ($shuffleip[($r >> 24) & 0xFF] & "\x10\x10\x10\x10\x10\x10\x10\x10") | - ($shuffleip[ $l & 0xFF] & "\x08\x08\x08\x08\x08\x08\x08\x08") | - ($shuffleip[($l >> 8) & 0xFF] & "\x04\x04\x04\x04\x04\x04\x04\x04") | - ($shuffleip[($l >> 16) & 0xFF] & "\x02\x02\x02\x02\x02\x02\x02\x02") | - ($shuffleip[($l >> 24) & 0xFF] & "\x01\x01\x01\x01\x01\x01\x01\x01"); - - // Extract L0 and R0. - $t = unpack('Nl/Nr', $block); - list($l, $r) = [$t['l'], $t['r']]; - - for ($des_round = 0; $des_round < $this->des_rounds; ++$des_round) { - // Perform the 16 steps. - for ($i = 0; $i < 16; $i++) { - // start of "the Feistel (F) function" - see the following URL: - // http://en.wikipedia.org/wiki/Image:Data_Encryption_Standard_InfoBox_Diagram.png - // Merge key schedule. - $b1 = (($r >> 3) & 0x1FFFFFFF) ^ ($r << 29) ^ $keys[++$ki]; - $b2 = (($r >> 31) & 0x00000001) ^ ($r << 1) ^ $keys[++$ki]; - - // S-box indexing. - $t = $sbox1[($b1 >> 24) & 0x3F] ^ $sbox2[($b2 >> 24) & 0x3F] ^ - $sbox3[($b1 >> 16) & 0x3F] ^ $sbox4[($b2 >> 16) & 0x3F] ^ - $sbox5[($b1 >> 8) & 0x3F] ^ $sbox6[($b2 >> 8) & 0x3F] ^ - $sbox7[ $b1 & 0x3F] ^ $sbox8[ $b2 & 0x3F] ^ $l; - // end of "the Feistel (F) function" - - $l = $r; - $r = $t; - } - - // Last step should not permute L & R. - $t = $l; - $l = $r; - $r = $t; - } - - // Perform the inverse IP permutation. - return ($shuffleinvip[($r >> 24) & 0xFF] & "\x80\x80\x80\x80\x80\x80\x80\x80") | - ($shuffleinvip[($l >> 24) & 0xFF] & "\x40\x40\x40\x40\x40\x40\x40\x40") | - ($shuffleinvip[($r >> 16) & 0xFF] & "\x20\x20\x20\x20\x20\x20\x20\x20") | - ($shuffleinvip[($l >> 16) & 0xFF] & "\x10\x10\x10\x10\x10\x10\x10\x10") | - ($shuffleinvip[($r >> 8) & 0xFF] & "\x08\x08\x08\x08\x08\x08\x08\x08") | - ($shuffleinvip[($l >> 8) & 0xFF] & "\x04\x04\x04\x04\x04\x04\x04\x04") | - ($shuffleinvip[ $r & 0xFF] & "\x02\x02\x02\x02\x02\x02\x02\x02") | - ($shuffleinvip[ $l & 0xFF] & "\x01\x01\x01\x01\x01\x01\x01\x01"); - } - - /** - * Creates the key schedule - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::setupKey() - */ - protected function setupKey() - { - if (isset($this->kl['key']) && $this->key === $this->kl['key'] && $this->des_rounds === $this->kl['des_rounds']) { - // already expanded - return; - } - $this->kl = ['key' => $this->key, 'des_rounds' => $this->des_rounds]; - - static $shifts = [ // number of key bits shifted per round - 1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1 - ]; - - static $pc1map = [ - 0x00, 0x00, 0x08, 0x08, 0x04, 0x04, 0x0C, 0x0C, - 0x02, 0x02, 0x0A, 0x0A, 0x06, 0x06, 0x0E, 0x0E, - 0x10, 0x10, 0x18, 0x18, 0x14, 0x14, 0x1C, 0x1C, - 0x12, 0x12, 0x1A, 0x1A, 0x16, 0x16, 0x1E, 0x1E, - 0x20, 0x20, 0x28, 0x28, 0x24, 0x24, 0x2C, 0x2C, - 0x22, 0x22, 0x2A, 0x2A, 0x26, 0x26, 0x2E, 0x2E, - 0x30, 0x30, 0x38, 0x38, 0x34, 0x34, 0x3C, 0x3C, - 0x32, 0x32, 0x3A, 0x3A, 0x36, 0x36, 0x3E, 0x3E, - 0x40, 0x40, 0x48, 0x48, 0x44, 0x44, 0x4C, 0x4C, - 0x42, 0x42, 0x4A, 0x4A, 0x46, 0x46, 0x4E, 0x4E, - 0x50, 0x50, 0x58, 0x58, 0x54, 0x54, 0x5C, 0x5C, - 0x52, 0x52, 0x5A, 0x5A, 0x56, 0x56, 0x5E, 0x5E, - 0x60, 0x60, 0x68, 0x68, 0x64, 0x64, 0x6C, 0x6C, - 0x62, 0x62, 0x6A, 0x6A, 0x66, 0x66, 0x6E, 0x6E, - 0x70, 0x70, 0x78, 0x78, 0x74, 0x74, 0x7C, 0x7C, - 0x72, 0x72, 0x7A, 0x7A, 0x76, 0x76, 0x7E, 0x7E, - 0x80, 0x80, 0x88, 0x88, 0x84, 0x84, 0x8C, 0x8C, - 0x82, 0x82, 0x8A, 0x8A, 0x86, 0x86, 0x8E, 0x8E, - 0x90, 0x90, 0x98, 0x98, 0x94, 0x94, 0x9C, 0x9C, - 0x92, 0x92, 0x9A, 0x9A, 0x96, 0x96, 0x9E, 0x9E, - 0xA0, 0xA0, 0xA8, 0xA8, 0xA4, 0xA4, 0xAC, 0xAC, - 0xA2, 0xA2, 0xAA, 0xAA, 0xA6, 0xA6, 0xAE, 0xAE, - 0xB0, 0xB0, 0xB8, 0xB8, 0xB4, 0xB4, 0xBC, 0xBC, - 0xB2, 0xB2, 0xBA, 0xBA, 0xB6, 0xB6, 0xBE, 0xBE, - 0xC0, 0xC0, 0xC8, 0xC8, 0xC4, 0xC4, 0xCC, 0xCC, - 0xC2, 0xC2, 0xCA, 0xCA, 0xC6, 0xC6, 0xCE, 0xCE, - 0xD0, 0xD0, 0xD8, 0xD8, 0xD4, 0xD4, 0xDC, 0xDC, - 0xD2, 0xD2, 0xDA, 0xDA, 0xD6, 0xD6, 0xDE, 0xDE, - 0xE0, 0xE0, 0xE8, 0xE8, 0xE4, 0xE4, 0xEC, 0xEC, - 0xE2, 0xE2, 0xEA, 0xEA, 0xE6, 0xE6, 0xEE, 0xEE, - 0xF0, 0xF0, 0xF8, 0xF8, 0xF4, 0xF4, 0xFC, 0xFC, - 0xF2, 0xF2, 0xFA, 0xFA, 0xF6, 0xF6, 0xFE, 0xFE - ]; - - // Mapping tables for the PC-2 transformation. - static $pc2mapc1 = [ - 0x00000000, 0x00000400, 0x00200000, 0x00200400, - 0x00000001, 0x00000401, 0x00200001, 0x00200401, - 0x02000000, 0x02000400, 0x02200000, 0x02200400, - 0x02000001, 0x02000401, 0x02200001, 0x02200401 - ]; - static $pc2mapc2 = [ - 0x00000000, 0x00000800, 0x08000000, 0x08000800, - 0x00010000, 0x00010800, 0x08010000, 0x08010800, - 0x00000000, 0x00000800, 0x08000000, 0x08000800, - 0x00010000, 0x00010800, 0x08010000, 0x08010800, - 0x00000100, 0x00000900, 0x08000100, 0x08000900, - 0x00010100, 0x00010900, 0x08010100, 0x08010900, - 0x00000100, 0x00000900, 0x08000100, 0x08000900, - 0x00010100, 0x00010900, 0x08010100, 0x08010900, - 0x00000010, 0x00000810, 0x08000010, 0x08000810, - 0x00010010, 0x00010810, 0x08010010, 0x08010810, - 0x00000010, 0x00000810, 0x08000010, 0x08000810, - 0x00010010, 0x00010810, 0x08010010, 0x08010810, - 0x00000110, 0x00000910, 0x08000110, 0x08000910, - 0x00010110, 0x00010910, 0x08010110, 0x08010910, - 0x00000110, 0x00000910, 0x08000110, 0x08000910, - 0x00010110, 0x00010910, 0x08010110, 0x08010910, - 0x00040000, 0x00040800, 0x08040000, 0x08040800, - 0x00050000, 0x00050800, 0x08050000, 0x08050800, - 0x00040000, 0x00040800, 0x08040000, 0x08040800, - 0x00050000, 0x00050800, 0x08050000, 0x08050800, - 0x00040100, 0x00040900, 0x08040100, 0x08040900, - 0x00050100, 0x00050900, 0x08050100, 0x08050900, - 0x00040100, 0x00040900, 0x08040100, 0x08040900, - 0x00050100, 0x00050900, 0x08050100, 0x08050900, - 0x00040010, 0x00040810, 0x08040010, 0x08040810, - 0x00050010, 0x00050810, 0x08050010, 0x08050810, - 0x00040010, 0x00040810, 0x08040010, 0x08040810, - 0x00050010, 0x00050810, 0x08050010, 0x08050810, - 0x00040110, 0x00040910, 0x08040110, 0x08040910, - 0x00050110, 0x00050910, 0x08050110, 0x08050910, - 0x00040110, 0x00040910, 0x08040110, 0x08040910, - 0x00050110, 0x00050910, 0x08050110, 0x08050910, - 0x01000000, 0x01000800, 0x09000000, 0x09000800, - 0x01010000, 0x01010800, 0x09010000, 0x09010800, - 0x01000000, 0x01000800, 0x09000000, 0x09000800, - 0x01010000, 0x01010800, 0x09010000, 0x09010800, - 0x01000100, 0x01000900, 0x09000100, 0x09000900, - 0x01010100, 0x01010900, 0x09010100, 0x09010900, - 0x01000100, 0x01000900, 0x09000100, 0x09000900, - 0x01010100, 0x01010900, 0x09010100, 0x09010900, - 0x01000010, 0x01000810, 0x09000010, 0x09000810, - 0x01010010, 0x01010810, 0x09010010, 0x09010810, - 0x01000010, 0x01000810, 0x09000010, 0x09000810, - 0x01010010, 0x01010810, 0x09010010, 0x09010810, - 0x01000110, 0x01000910, 0x09000110, 0x09000910, - 0x01010110, 0x01010910, 0x09010110, 0x09010910, - 0x01000110, 0x01000910, 0x09000110, 0x09000910, - 0x01010110, 0x01010910, 0x09010110, 0x09010910, - 0x01040000, 0x01040800, 0x09040000, 0x09040800, - 0x01050000, 0x01050800, 0x09050000, 0x09050800, - 0x01040000, 0x01040800, 0x09040000, 0x09040800, - 0x01050000, 0x01050800, 0x09050000, 0x09050800, - 0x01040100, 0x01040900, 0x09040100, 0x09040900, - 0x01050100, 0x01050900, 0x09050100, 0x09050900, - 0x01040100, 0x01040900, 0x09040100, 0x09040900, - 0x01050100, 0x01050900, 0x09050100, 0x09050900, - 0x01040010, 0x01040810, 0x09040010, 0x09040810, - 0x01050010, 0x01050810, 0x09050010, 0x09050810, - 0x01040010, 0x01040810, 0x09040010, 0x09040810, - 0x01050010, 0x01050810, 0x09050010, 0x09050810, - 0x01040110, 0x01040910, 0x09040110, 0x09040910, - 0x01050110, 0x01050910, 0x09050110, 0x09050910, - 0x01040110, 0x01040910, 0x09040110, 0x09040910, - 0x01050110, 0x01050910, 0x09050110, 0x09050910 - ]; - static $pc2mapc3 = [ - 0x00000000, 0x00000004, 0x00001000, 0x00001004, - 0x00000000, 0x00000004, 0x00001000, 0x00001004, - 0x10000000, 0x10000004, 0x10001000, 0x10001004, - 0x10000000, 0x10000004, 0x10001000, 0x10001004, - 0x00000020, 0x00000024, 0x00001020, 0x00001024, - 0x00000020, 0x00000024, 0x00001020, 0x00001024, - 0x10000020, 0x10000024, 0x10001020, 0x10001024, - 0x10000020, 0x10000024, 0x10001020, 0x10001024, - 0x00080000, 0x00080004, 0x00081000, 0x00081004, - 0x00080000, 0x00080004, 0x00081000, 0x00081004, - 0x10080000, 0x10080004, 0x10081000, 0x10081004, - 0x10080000, 0x10080004, 0x10081000, 0x10081004, - 0x00080020, 0x00080024, 0x00081020, 0x00081024, - 0x00080020, 0x00080024, 0x00081020, 0x00081024, - 0x10080020, 0x10080024, 0x10081020, 0x10081024, - 0x10080020, 0x10080024, 0x10081020, 0x10081024, - 0x20000000, 0x20000004, 0x20001000, 0x20001004, - 0x20000000, 0x20000004, 0x20001000, 0x20001004, - 0x30000000, 0x30000004, 0x30001000, 0x30001004, - 0x30000000, 0x30000004, 0x30001000, 0x30001004, - 0x20000020, 0x20000024, 0x20001020, 0x20001024, - 0x20000020, 0x20000024, 0x20001020, 0x20001024, - 0x30000020, 0x30000024, 0x30001020, 0x30001024, - 0x30000020, 0x30000024, 0x30001020, 0x30001024, - 0x20080000, 0x20080004, 0x20081000, 0x20081004, - 0x20080000, 0x20080004, 0x20081000, 0x20081004, - 0x30080000, 0x30080004, 0x30081000, 0x30081004, - 0x30080000, 0x30080004, 0x30081000, 0x30081004, - 0x20080020, 0x20080024, 0x20081020, 0x20081024, - 0x20080020, 0x20080024, 0x20081020, 0x20081024, - 0x30080020, 0x30080024, 0x30081020, 0x30081024, - 0x30080020, 0x30080024, 0x30081020, 0x30081024, - 0x00000002, 0x00000006, 0x00001002, 0x00001006, - 0x00000002, 0x00000006, 0x00001002, 0x00001006, - 0x10000002, 0x10000006, 0x10001002, 0x10001006, - 0x10000002, 0x10000006, 0x10001002, 0x10001006, - 0x00000022, 0x00000026, 0x00001022, 0x00001026, - 0x00000022, 0x00000026, 0x00001022, 0x00001026, - 0x10000022, 0x10000026, 0x10001022, 0x10001026, - 0x10000022, 0x10000026, 0x10001022, 0x10001026, - 0x00080002, 0x00080006, 0x00081002, 0x00081006, - 0x00080002, 0x00080006, 0x00081002, 0x00081006, - 0x10080002, 0x10080006, 0x10081002, 0x10081006, - 0x10080002, 0x10080006, 0x10081002, 0x10081006, - 0x00080022, 0x00080026, 0x00081022, 0x00081026, - 0x00080022, 0x00080026, 0x00081022, 0x00081026, - 0x10080022, 0x10080026, 0x10081022, 0x10081026, - 0x10080022, 0x10080026, 0x10081022, 0x10081026, - 0x20000002, 0x20000006, 0x20001002, 0x20001006, - 0x20000002, 0x20000006, 0x20001002, 0x20001006, - 0x30000002, 0x30000006, 0x30001002, 0x30001006, - 0x30000002, 0x30000006, 0x30001002, 0x30001006, - 0x20000022, 0x20000026, 0x20001022, 0x20001026, - 0x20000022, 0x20000026, 0x20001022, 0x20001026, - 0x30000022, 0x30000026, 0x30001022, 0x30001026, - 0x30000022, 0x30000026, 0x30001022, 0x30001026, - 0x20080002, 0x20080006, 0x20081002, 0x20081006, - 0x20080002, 0x20080006, 0x20081002, 0x20081006, - 0x30080002, 0x30080006, 0x30081002, 0x30081006, - 0x30080002, 0x30080006, 0x30081002, 0x30081006, - 0x20080022, 0x20080026, 0x20081022, 0x20081026, - 0x20080022, 0x20080026, 0x20081022, 0x20081026, - 0x30080022, 0x30080026, 0x30081022, 0x30081026, - 0x30080022, 0x30080026, 0x30081022, 0x30081026 - ]; - static $pc2mapc4 = [ - 0x00000000, 0x00100000, 0x00000008, 0x00100008, - 0x00000200, 0x00100200, 0x00000208, 0x00100208, - 0x00000000, 0x00100000, 0x00000008, 0x00100008, - 0x00000200, 0x00100200, 0x00000208, 0x00100208, - 0x04000000, 0x04100000, 0x04000008, 0x04100008, - 0x04000200, 0x04100200, 0x04000208, 0x04100208, - 0x04000000, 0x04100000, 0x04000008, 0x04100008, - 0x04000200, 0x04100200, 0x04000208, 0x04100208, - 0x00002000, 0x00102000, 0x00002008, 0x00102008, - 0x00002200, 0x00102200, 0x00002208, 0x00102208, - 0x00002000, 0x00102000, 0x00002008, 0x00102008, - 0x00002200, 0x00102200, 0x00002208, 0x00102208, - 0x04002000, 0x04102000, 0x04002008, 0x04102008, - 0x04002200, 0x04102200, 0x04002208, 0x04102208, - 0x04002000, 0x04102000, 0x04002008, 0x04102008, - 0x04002200, 0x04102200, 0x04002208, 0x04102208, - 0x00000000, 0x00100000, 0x00000008, 0x00100008, - 0x00000200, 0x00100200, 0x00000208, 0x00100208, - 0x00000000, 0x00100000, 0x00000008, 0x00100008, - 0x00000200, 0x00100200, 0x00000208, 0x00100208, - 0x04000000, 0x04100000, 0x04000008, 0x04100008, - 0x04000200, 0x04100200, 0x04000208, 0x04100208, - 0x04000000, 0x04100000, 0x04000008, 0x04100008, - 0x04000200, 0x04100200, 0x04000208, 0x04100208, - 0x00002000, 0x00102000, 0x00002008, 0x00102008, - 0x00002200, 0x00102200, 0x00002208, 0x00102208, - 0x00002000, 0x00102000, 0x00002008, 0x00102008, - 0x00002200, 0x00102200, 0x00002208, 0x00102208, - 0x04002000, 0x04102000, 0x04002008, 0x04102008, - 0x04002200, 0x04102200, 0x04002208, 0x04102208, - 0x04002000, 0x04102000, 0x04002008, 0x04102008, - 0x04002200, 0x04102200, 0x04002208, 0x04102208, - 0x00020000, 0x00120000, 0x00020008, 0x00120008, - 0x00020200, 0x00120200, 0x00020208, 0x00120208, - 0x00020000, 0x00120000, 0x00020008, 0x00120008, - 0x00020200, 0x00120200, 0x00020208, 0x00120208, - 0x04020000, 0x04120000, 0x04020008, 0x04120008, - 0x04020200, 0x04120200, 0x04020208, 0x04120208, - 0x04020000, 0x04120000, 0x04020008, 0x04120008, - 0x04020200, 0x04120200, 0x04020208, 0x04120208, - 0x00022000, 0x00122000, 0x00022008, 0x00122008, - 0x00022200, 0x00122200, 0x00022208, 0x00122208, - 0x00022000, 0x00122000, 0x00022008, 0x00122008, - 0x00022200, 0x00122200, 0x00022208, 0x00122208, - 0x04022000, 0x04122000, 0x04022008, 0x04122008, - 0x04022200, 0x04122200, 0x04022208, 0x04122208, - 0x04022000, 0x04122000, 0x04022008, 0x04122008, - 0x04022200, 0x04122200, 0x04022208, 0x04122208, - 0x00020000, 0x00120000, 0x00020008, 0x00120008, - 0x00020200, 0x00120200, 0x00020208, 0x00120208, - 0x00020000, 0x00120000, 0x00020008, 0x00120008, - 0x00020200, 0x00120200, 0x00020208, 0x00120208, - 0x04020000, 0x04120000, 0x04020008, 0x04120008, - 0x04020200, 0x04120200, 0x04020208, 0x04120208, - 0x04020000, 0x04120000, 0x04020008, 0x04120008, - 0x04020200, 0x04120200, 0x04020208, 0x04120208, - 0x00022000, 0x00122000, 0x00022008, 0x00122008, - 0x00022200, 0x00122200, 0x00022208, 0x00122208, - 0x00022000, 0x00122000, 0x00022008, 0x00122008, - 0x00022200, 0x00122200, 0x00022208, 0x00122208, - 0x04022000, 0x04122000, 0x04022008, 0x04122008, - 0x04022200, 0x04122200, 0x04022208, 0x04122208, - 0x04022000, 0x04122000, 0x04022008, 0x04122008, - 0x04022200, 0x04122200, 0x04022208, 0x04122208 - ]; - static $pc2mapd1 = [ - 0x00000000, 0x00000001, 0x08000000, 0x08000001, - 0x00200000, 0x00200001, 0x08200000, 0x08200001, - 0x00000002, 0x00000003, 0x08000002, 0x08000003, - 0x00200002, 0x00200003, 0x08200002, 0x08200003 - ]; - static $pc2mapd2 = [ - 0x00000000, 0x00100000, 0x00000800, 0x00100800, - 0x00000000, 0x00100000, 0x00000800, 0x00100800, - 0x04000000, 0x04100000, 0x04000800, 0x04100800, - 0x04000000, 0x04100000, 0x04000800, 0x04100800, - 0x00000004, 0x00100004, 0x00000804, 0x00100804, - 0x00000004, 0x00100004, 0x00000804, 0x00100804, - 0x04000004, 0x04100004, 0x04000804, 0x04100804, - 0x04000004, 0x04100004, 0x04000804, 0x04100804, - 0x00000000, 0x00100000, 0x00000800, 0x00100800, - 0x00000000, 0x00100000, 0x00000800, 0x00100800, - 0x04000000, 0x04100000, 0x04000800, 0x04100800, - 0x04000000, 0x04100000, 0x04000800, 0x04100800, - 0x00000004, 0x00100004, 0x00000804, 0x00100804, - 0x00000004, 0x00100004, 0x00000804, 0x00100804, - 0x04000004, 0x04100004, 0x04000804, 0x04100804, - 0x04000004, 0x04100004, 0x04000804, 0x04100804, - 0x00000200, 0x00100200, 0x00000A00, 0x00100A00, - 0x00000200, 0x00100200, 0x00000A00, 0x00100A00, - 0x04000200, 0x04100200, 0x04000A00, 0x04100A00, - 0x04000200, 0x04100200, 0x04000A00, 0x04100A00, - 0x00000204, 0x00100204, 0x00000A04, 0x00100A04, - 0x00000204, 0x00100204, 0x00000A04, 0x00100A04, - 0x04000204, 0x04100204, 0x04000A04, 0x04100A04, - 0x04000204, 0x04100204, 0x04000A04, 0x04100A04, - 0x00000200, 0x00100200, 0x00000A00, 0x00100A00, - 0x00000200, 0x00100200, 0x00000A00, 0x00100A00, - 0x04000200, 0x04100200, 0x04000A00, 0x04100A00, - 0x04000200, 0x04100200, 0x04000A00, 0x04100A00, - 0x00000204, 0x00100204, 0x00000A04, 0x00100A04, - 0x00000204, 0x00100204, 0x00000A04, 0x00100A04, - 0x04000204, 0x04100204, 0x04000A04, 0x04100A04, - 0x04000204, 0x04100204, 0x04000A04, 0x04100A04, - 0x00020000, 0x00120000, 0x00020800, 0x00120800, - 0x00020000, 0x00120000, 0x00020800, 0x00120800, - 0x04020000, 0x04120000, 0x04020800, 0x04120800, - 0x04020000, 0x04120000, 0x04020800, 0x04120800, - 0x00020004, 0x00120004, 0x00020804, 0x00120804, - 0x00020004, 0x00120004, 0x00020804, 0x00120804, - 0x04020004, 0x04120004, 0x04020804, 0x04120804, - 0x04020004, 0x04120004, 0x04020804, 0x04120804, - 0x00020000, 0x00120000, 0x00020800, 0x00120800, - 0x00020000, 0x00120000, 0x00020800, 0x00120800, - 0x04020000, 0x04120000, 0x04020800, 0x04120800, - 0x04020000, 0x04120000, 0x04020800, 0x04120800, - 0x00020004, 0x00120004, 0x00020804, 0x00120804, - 0x00020004, 0x00120004, 0x00020804, 0x00120804, - 0x04020004, 0x04120004, 0x04020804, 0x04120804, - 0x04020004, 0x04120004, 0x04020804, 0x04120804, - 0x00020200, 0x00120200, 0x00020A00, 0x00120A00, - 0x00020200, 0x00120200, 0x00020A00, 0x00120A00, - 0x04020200, 0x04120200, 0x04020A00, 0x04120A00, - 0x04020200, 0x04120200, 0x04020A00, 0x04120A00, - 0x00020204, 0x00120204, 0x00020A04, 0x00120A04, - 0x00020204, 0x00120204, 0x00020A04, 0x00120A04, - 0x04020204, 0x04120204, 0x04020A04, 0x04120A04, - 0x04020204, 0x04120204, 0x04020A04, 0x04120A04, - 0x00020200, 0x00120200, 0x00020A00, 0x00120A00, - 0x00020200, 0x00120200, 0x00020A00, 0x00120A00, - 0x04020200, 0x04120200, 0x04020A00, 0x04120A00, - 0x04020200, 0x04120200, 0x04020A00, 0x04120A00, - 0x00020204, 0x00120204, 0x00020A04, 0x00120A04, - 0x00020204, 0x00120204, 0x00020A04, 0x00120A04, - 0x04020204, 0x04120204, 0x04020A04, 0x04120A04, - 0x04020204, 0x04120204, 0x04020A04, 0x04120A04 - ]; - static $pc2mapd3 = [ - 0x00000000, 0x00010000, 0x02000000, 0x02010000, - 0x00000020, 0x00010020, 0x02000020, 0x02010020, - 0x00040000, 0x00050000, 0x02040000, 0x02050000, - 0x00040020, 0x00050020, 0x02040020, 0x02050020, - 0x00002000, 0x00012000, 0x02002000, 0x02012000, - 0x00002020, 0x00012020, 0x02002020, 0x02012020, - 0x00042000, 0x00052000, 0x02042000, 0x02052000, - 0x00042020, 0x00052020, 0x02042020, 0x02052020, - 0x00000000, 0x00010000, 0x02000000, 0x02010000, - 0x00000020, 0x00010020, 0x02000020, 0x02010020, - 0x00040000, 0x00050000, 0x02040000, 0x02050000, - 0x00040020, 0x00050020, 0x02040020, 0x02050020, - 0x00002000, 0x00012000, 0x02002000, 0x02012000, - 0x00002020, 0x00012020, 0x02002020, 0x02012020, - 0x00042000, 0x00052000, 0x02042000, 0x02052000, - 0x00042020, 0x00052020, 0x02042020, 0x02052020, - 0x00000010, 0x00010010, 0x02000010, 0x02010010, - 0x00000030, 0x00010030, 0x02000030, 0x02010030, - 0x00040010, 0x00050010, 0x02040010, 0x02050010, - 0x00040030, 0x00050030, 0x02040030, 0x02050030, - 0x00002010, 0x00012010, 0x02002010, 0x02012010, - 0x00002030, 0x00012030, 0x02002030, 0x02012030, - 0x00042010, 0x00052010, 0x02042010, 0x02052010, - 0x00042030, 0x00052030, 0x02042030, 0x02052030, - 0x00000010, 0x00010010, 0x02000010, 0x02010010, - 0x00000030, 0x00010030, 0x02000030, 0x02010030, - 0x00040010, 0x00050010, 0x02040010, 0x02050010, - 0x00040030, 0x00050030, 0x02040030, 0x02050030, - 0x00002010, 0x00012010, 0x02002010, 0x02012010, - 0x00002030, 0x00012030, 0x02002030, 0x02012030, - 0x00042010, 0x00052010, 0x02042010, 0x02052010, - 0x00042030, 0x00052030, 0x02042030, 0x02052030, - 0x20000000, 0x20010000, 0x22000000, 0x22010000, - 0x20000020, 0x20010020, 0x22000020, 0x22010020, - 0x20040000, 0x20050000, 0x22040000, 0x22050000, - 0x20040020, 0x20050020, 0x22040020, 0x22050020, - 0x20002000, 0x20012000, 0x22002000, 0x22012000, - 0x20002020, 0x20012020, 0x22002020, 0x22012020, - 0x20042000, 0x20052000, 0x22042000, 0x22052000, - 0x20042020, 0x20052020, 0x22042020, 0x22052020, - 0x20000000, 0x20010000, 0x22000000, 0x22010000, - 0x20000020, 0x20010020, 0x22000020, 0x22010020, - 0x20040000, 0x20050000, 0x22040000, 0x22050000, - 0x20040020, 0x20050020, 0x22040020, 0x22050020, - 0x20002000, 0x20012000, 0x22002000, 0x22012000, - 0x20002020, 0x20012020, 0x22002020, 0x22012020, - 0x20042000, 0x20052000, 0x22042000, 0x22052000, - 0x20042020, 0x20052020, 0x22042020, 0x22052020, - 0x20000010, 0x20010010, 0x22000010, 0x22010010, - 0x20000030, 0x20010030, 0x22000030, 0x22010030, - 0x20040010, 0x20050010, 0x22040010, 0x22050010, - 0x20040030, 0x20050030, 0x22040030, 0x22050030, - 0x20002010, 0x20012010, 0x22002010, 0x22012010, - 0x20002030, 0x20012030, 0x22002030, 0x22012030, - 0x20042010, 0x20052010, 0x22042010, 0x22052010, - 0x20042030, 0x20052030, 0x22042030, 0x22052030, - 0x20000010, 0x20010010, 0x22000010, 0x22010010, - 0x20000030, 0x20010030, 0x22000030, 0x22010030, - 0x20040010, 0x20050010, 0x22040010, 0x22050010, - 0x20040030, 0x20050030, 0x22040030, 0x22050030, - 0x20002010, 0x20012010, 0x22002010, 0x22012010, - 0x20002030, 0x20012030, 0x22002030, 0x22012030, - 0x20042010, 0x20052010, 0x22042010, 0x22052010, - 0x20042030, 0x20052030, 0x22042030, 0x22052030 - ]; - static $pc2mapd4 = [ - 0x00000000, 0x00000400, 0x01000000, 0x01000400, - 0x00000000, 0x00000400, 0x01000000, 0x01000400, - 0x00000100, 0x00000500, 0x01000100, 0x01000500, - 0x00000100, 0x00000500, 0x01000100, 0x01000500, - 0x10000000, 0x10000400, 0x11000000, 0x11000400, - 0x10000000, 0x10000400, 0x11000000, 0x11000400, - 0x10000100, 0x10000500, 0x11000100, 0x11000500, - 0x10000100, 0x10000500, 0x11000100, 0x11000500, - 0x00080000, 0x00080400, 0x01080000, 0x01080400, - 0x00080000, 0x00080400, 0x01080000, 0x01080400, - 0x00080100, 0x00080500, 0x01080100, 0x01080500, - 0x00080100, 0x00080500, 0x01080100, 0x01080500, - 0x10080000, 0x10080400, 0x11080000, 0x11080400, - 0x10080000, 0x10080400, 0x11080000, 0x11080400, - 0x10080100, 0x10080500, 0x11080100, 0x11080500, - 0x10080100, 0x10080500, 0x11080100, 0x11080500, - 0x00000008, 0x00000408, 0x01000008, 0x01000408, - 0x00000008, 0x00000408, 0x01000008, 0x01000408, - 0x00000108, 0x00000508, 0x01000108, 0x01000508, - 0x00000108, 0x00000508, 0x01000108, 0x01000508, - 0x10000008, 0x10000408, 0x11000008, 0x11000408, - 0x10000008, 0x10000408, 0x11000008, 0x11000408, - 0x10000108, 0x10000508, 0x11000108, 0x11000508, - 0x10000108, 0x10000508, 0x11000108, 0x11000508, - 0x00080008, 0x00080408, 0x01080008, 0x01080408, - 0x00080008, 0x00080408, 0x01080008, 0x01080408, - 0x00080108, 0x00080508, 0x01080108, 0x01080508, - 0x00080108, 0x00080508, 0x01080108, 0x01080508, - 0x10080008, 0x10080408, 0x11080008, 0x11080408, - 0x10080008, 0x10080408, 0x11080008, 0x11080408, - 0x10080108, 0x10080508, 0x11080108, 0x11080508, - 0x10080108, 0x10080508, 0x11080108, 0x11080508, - 0x00001000, 0x00001400, 0x01001000, 0x01001400, - 0x00001000, 0x00001400, 0x01001000, 0x01001400, - 0x00001100, 0x00001500, 0x01001100, 0x01001500, - 0x00001100, 0x00001500, 0x01001100, 0x01001500, - 0x10001000, 0x10001400, 0x11001000, 0x11001400, - 0x10001000, 0x10001400, 0x11001000, 0x11001400, - 0x10001100, 0x10001500, 0x11001100, 0x11001500, - 0x10001100, 0x10001500, 0x11001100, 0x11001500, - 0x00081000, 0x00081400, 0x01081000, 0x01081400, - 0x00081000, 0x00081400, 0x01081000, 0x01081400, - 0x00081100, 0x00081500, 0x01081100, 0x01081500, - 0x00081100, 0x00081500, 0x01081100, 0x01081500, - 0x10081000, 0x10081400, 0x11081000, 0x11081400, - 0x10081000, 0x10081400, 0x11081000, 0x11081400, - 0x10081100, 0x10081500, 0x11081100, 0x11081500, - 0x10081100, 0x10081500, 0x11081100, 0x11081500, - 0x00001008, 0x00001408, 0x01001008, 0x01001408, - 0x00001008, 0x00001408, 0x01001008, 0x01001408, - 0x00001108, 0x00001508, 0x01001108, 0x01001508, - 0x00001108, 0x00001508, 0x01001108, 0x01001508, - 0x10001008, 0x10001408, 0x11001008, 0x11001408, - 0x10001008, 0x10001408, 0x11001008, 0x11001408, - 0x10001108, 0x10001508, 0x11001108, 0x11001508, - 0x10001108, 0x10001508, 0x11001108, 0x11001508, - 0x00081008, 0x00081408, 0x01081008, 0x01081408, - 0x00081008, 0x00081408, 0x01081008, 0x01081408, - 0x00081108, 0x00081508, 0x01081108, 0x01081508, - 0x00081108, 0x00081508, 0x01081108, 0x01081508, - 0x10081008, 0x10081408, 0x11081008, 0x11081408, - 0x10081008, 0x10081408, 0x11081008, 0x11081408, - 0x10081108, 0x10081508, 0x11081108, 0x11081508, - 0x10081108, 0x10081508, 0x11081108, 0x11081508 - ]; - - $keys = []; - for ($des_round = 0; $des_round < $this->des_rounds; ++$des_round) { - // pad the key and remove extra characters as appropriate. - $key = str_pad(substr($this->key, $des_round * 8, 8), 8, "\0"); - - // Perform the PC/1 transformation and compute C and D. - $t = unpack('Nl/Nr', $key); - list($l, $r) = [$t['l'], $t['r']]; - $key = (self::$shuffle[$pc1map[ $r & 0xFF]] & "\x80\x80\x80\x80\x80\x80\x80\x00") | - (self::$shuffle[$pc1map[($r >> 8) & 0xFF]] & "\x40\x40\x40\x40\x40\x40\x40\x00") | - (self::$shuffle[$pc1map[($r >> 16) & 0xFF]] & "\x20\x20\x20\x20\x20\x20\x20\x00") | - (self::$shuffle[$pc1map[($r >> 24) & 0xFF]] & "\x10\x10\x10\x10\x10\x10\x10\x00") | - (self::$shuffle[$pc1map[ $l & 0xFF]] & "\x08\x08\x08\x08\x08\x08\x08\x00") | - (self::$shuffle[$pc1map[($l >> 8) & 0xFF]] & "\x04\x04\x04\x04\x04\x04\x04\x00") | - (self::$shuffle[$pc1map[($l >> 16) & 0xFF]] & "\x02\x02\x02\x02\x02\x02\x02\x00") | - (self::$shuffle[$pc1map[($l >> 24) & 0xFF]] & "\x01\x01\x01\x01\x01\x01\x01\x00"); - $key = unpack('Nc/Nd', $key); - $c = ( $key['c'] >> 4) & 0x0FFFFFFF; - $d = (($key['d'] >> 4) & 0x0FFFFFF0) | ($key['c'] & 0x0F); - - $keys[$des_round] = [ - self::ENCRYPT => [], - self::DECRYPT => array_fill(0, 32, 0) - ]; - for ($i = 0, $ki = 31; $i < 16; ++$i, $ki -= 2) { - $c <<= $shifts[$i]; - $c = ($c | ($c >> 28)) & 0x0FFFFFFF; - $d <<= $shifts[$i]; - $d = ($d | ($d >> 28)) & 0x0FFFFFFF; - - // Perform the PC-2 transformation. - $cp = $pc2mapc1[ $c >> 24 ] | $pc2mapc2[($c >> 16) & 0xFF] | - $pc2mapc3[($c >> 8) & 0xFF] | $pc2mapc4[ $c & 0xFF]; - $dp = $pc2mapd1[ $d >> 24 ] | $pc2mapd2[($d >> 16) & 0xFF] | - $pc2mapd3[($d >> 8) & 0xFF] | $pc2mapd4[ $d & 0xFF]; - - // Reorder: odd bytes/even bytes. Push the result in key schedule. - $val1 = ( $cp & intval(0xFF000000)) | (($cp << 8) & 0x00FF0000) | - (($dp >> 16) & 0x0000FF00) | (($dp >> 8) & 0x000000FF); - $val2 = (($cp << 8) & intval(0xFF000000)) | (($cp << 16) & 0x00FF0000) | - (($dp >> 8) & 0x0000FF00) | ( $dp & 0x000000FF); - $keys[$des_round][self::ENCRYPT][ ] = $val1; - $keys[$des_round][self::DECRYPT][$ki - 1] = $val1; - $keys[$des_round][self::ENCRYPT][ ] = $val2; - $keys[$des_round][self::DECRYPT][$ki ] = $val2; - } - } - - switch ($this->des_rounds) { - case 3: // 3DES keys - $this->keys = [ - self::ENCRYPT => array_merge( - $keys[0][self::ENCRYPT], - $keys[1][self::DECRYPT], - $keys[2][self::ENCRYPT] - ), - self::DECRYPT => array_merge( - $keys[2][self::DECRYPT], - $keys[1][self::ENCRYPT], - $keys[0][self::DECRYPT] - ) - ]; - break; - // case 1: // DES keys - default: - $this->keys = [ - self::ENCRYPT => $keys[0][self::ENCRYPT], - self::DECRYPT => $keys[0][self::DECRYPT] - ]; - } - } - - /** - * Setup the performance-optimized function for de/encrypt() - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::setupInlineCrypt() - */ - protected function setupInlineCrypt() - { - // Engine configuration for: - // - DES ($des_rounds == 1) or - // - 3DES ($des_rounds == 3) - $des_rounds = $this->des_rounds; - - $init_crypt = 'static $sbox1, $sbox2, $sbox3, $sbox4, $sbox5, $sbox6, $sbox7, $sbox8, $shuffleip, $shuffleinvip; - if (!$sbox1) { - $sbox1 = array_map("intval", self::$sbox1); - $sbox2 = array_map("intval", self::$sbox2); - $sbox3 = array_map("intval", self::$sbox3); - $sbox4 = array_map("intval", self::$sbox4); - $sbox5 = array_map("intval", self::$sbox5); - $sbox6 = array_map("intval", self::$sbox6); - $sbox7 = array_map("intval", self::$sbox7); - $sbox8 = array_map("intval", self::$sbox8);' - /* Merge $shuffle with $[inv]ipmap */ . ' - for ($i = 0; $i < 256; ++$i) { - $shuffleip[] = self::$shuffle[self::$ipmap[$i]]; - $shuffleinvip[] = self::$shuffle[self::$invipmap[$i]]; - } - } - '; - - $k = [ - self::ENCRYPT => $this->keys[self::ENCRYPT], - self::DECRYPT => $this->keys[self::DECRYPT] - ]; - $init_encrypt = ''; - $init_decrypt = ''; - - // Creating code for en- and decryption. - $crypt_block = []; - foreach ([self::ENCRYPT, self::DECRYPT] as $c) { - /* Do the initial IP permutation. */ - $crypt_block[$c] = ' - $in = unpack("N*", $in); - $l = $in[1]; - $r = $in[2]; - $in = unpack("N*", - ($shuffleip[ $r & 0xFF] & "\x80\x80\x80\x80\x80\x80\x80\x80") | - ($shuffleip[($r >> 8) & 0xFF] & "\x40\x40\x40\x40\x40\x40\x40\x40") | - ($shuffleip[($r >> 16) & 0xFF] & "\x20\x20\x20\x20\x20\x20\x20\x20") | - ($shuffleip[($r >> 24) & 0xFF] & "\x10\x10\x10\x10\x10\x10\x10\x10") | - ($shuffleip[ $l & 0xFF] & "\x08\x08\x08\x08\x08\x08\x08\x08") | - ($shuffleip[($l >> 8) & 0xFF] & "\x04\x04\x04\x04\x04\x04\x04\x04") | - ($shuffleip[($l >> 16) & 0xFF] & "\x02\x02\x02\x02\x02\x02\x02\x02") | - ($shuffleip[($l >> 24) & 0xFF] & "\x01\x01\x01\x01\x01\x01\x01\x01") - ); - ' . /* Extract L0 and R0 */ ' - $l = $in[1]; - $r = $in[2]; - '; - - $l = '$l'; - $r = '$r'; - - // Perform DES or 3DES. - for ($ki = -1, $des_round = 0; $des_round < $des_rounds; ++$des_round) { - // Perform the 16 steps. - for ($i = 0; $i < 16; ++$i) { - // start of "the Feistel (F) function" - see the following URL: - // http://en.wikipedia.org/wiki/Image:Data_Encryption_Standard_InfoBox_Diagram.png - // Merge key schedule. - $crypt_block[$c] .= ' - $b1 = ((' . $r . ' >> 3) & 0x1FFFFFFF) ^ (' . $r . ' << 29) ^ ' . $k[$c][++$ki] . '; - $b2 = ((' . $r . ' >> 31) & 0x00000001) ^ (' . $r . ' << 1) ^ ' . $k[$c][++$ki] . ';' . - /* S-box indexing. */ - $l . ' = $sbox1[($b1 >> 24) & 0x3F] ^ $sbox2[($b2 >> 24) & 0x3F] ^ - $sbox3[($b1 >> 16) & 0x3F] ^ $sbox4[($b2 >> 16) & 0x3F] ^ - $sbox5[($b1 >> 8) & 0x3F] ^ $sbox6[($b2 >> 8) & 0x3F] ^ - $sbox7[ $b1 & 0x3F] ^ $sbox8[ $b2 & 0x3F] ^ ' . $l . '; - '; - // end of "the Feistel (F) function" - - // swap L & R - list($l, $r) = [$r, $l]; - } - list($l, $r) = [$r, $l]; - } - - // Perform the inverse IP permutation. - $crypt_block[$c] .= '$in = - ($shuffleinvip[($l >> 24) & 0xFF] & "\x80\x80\x80\x80\x80\x80\x80\x80") | - ($shuffleinvip[($r >> 24) & 0xFF] & "\x40\x40\x40\x40\x40\x40\x40\x40") | - ($shuffleinvip[($l >> 16) & 0xFF] & "\x20\x20\x20\x20\x20\x20\x20\x20") | - ($shuffleinvip[($r >> 16) & 0xFF] & "\x10\x10\x10\x10\x10\x10\x10\x10") | - ($shuffleinvip[($l >> 8) & 0xFF] & "\x08\x08\x08\x08\x08\x08\x08\x08") | - ($shuffleinvip[($r >> 8) & 0xFF] & "\x04\x04\x04\x04\x04\x04\x04\x04") | - ($shuffleinvip[ $l & 0xFF] & "\x02\x02\x02\x02\x02\x02\x02\x02") | - ($shuffleinvip[ $r & 0xFF] & "\x01\x01\x01\x01\x01\x01\x01\x01"); - '; - } - - // Creates the inline-crypt function - $this->inline_crypt = $this->createInlineCryptFunction( - [ - 'init_crypt' => $init_crypt, - 'init_encrypt' => $init_encrypt, - 'init_decrypt' => $init_decrypt, - 'encrypt_block' => $crypt_block[self::ENCRYPT], - 'decrypt_block' => $crypt_block[self::DECRYPT] - ] - ); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH.php deleted file mode 100644 index e1deaf0..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH.php +++ /dev/null @@ -1,405 +0,0 @@ - - * - * - * - * @author Jim Wigginton - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt; - -use phpseclib3\Crypt\Common\AsymmetricKey; -use phpseclib3\Crypt\DH\Parameters; -use phpseclib3\Crypt\DH\PrivateKey; -use phpseclib3\Crypt\DH\PublicKey; -use phpseclib3\Exception\NoKeyLoadedException; -use phpseclib3\Exception\UnsupportedOperationException; -use phpseclib3\Math\BigInteger; - -/** - * Pure-PHP (EC)DH implementation - * - * @author Jim Wigginton - */ -abstract class DH extends AsymmetricKey -{ - /** - * Algorithm Name - * - * @var string - */ - const ALGORITHM = 'DH'; - - /** - * DH prime - * - * @var \phpseclib3\Math\BigInteger - */ - protected $prime; - - /** - * DH Base - * - * Prime divisor of p-1 - * - * @var \phpseclib3\Math\BigInteger - */ - protected $base; - - /** - * Public Key - * - * @var \phpseclib3\Math\BigInteger - */ - protected $publicKey; - - /** - * Create DH parameters - * - * This method is a bit polymorphic. It can take any of the following: - * - two BigInteger's (prime and base) - * - an integer representing the size of the prime in bits (the base is assumed to be 2) - * - a string (eg. diffie-hellman-group14-sha1) - * - * @return Parameters - */ - public static function createParameters(...$args) - { - $class = new \ReflectionClass(static::class); - if ($class->isFinal()) { - throw new \RuntimeException('createParameters() should not be called from final classes (' . static::class . ')'); - } - - $params = new Parameters(); - if (count($args) == 2 && $args[0] instanceof BigInteger && $args[1] instanceof BigInteger) { - //if (!$args[0]->isPrime()) { - // throw new \InvalidArgumentException('The first parameter should be a prime number'); - //} - $params->prime = $args[0]; - $params->base = $args[1]; - return $params; - } elseif (count($args) == 1 && is_numeric($args[0])) { - $params->prime = BigInteger::randomPrime($args[0]); - $params->base = new BigInteger(2); - return $params; - } elseif (count($args) != 1 || !is_string($args[0])) { - throw new \InvalidArgumentException('Valid parameters are either: two BigInteger\'s (prime and base), a single integer (the length of the prime; base is assumed to be 2) or a string'); - } - switch ($args[0]) { - // see http://tools.ietf.org/html/rfc2409#section-6.2 and - // http://tools.ietf.org/html/rfc2412, appendex E - case 'diffie-hellman-group1-sha1': - $prime = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' . - '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' . - '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' . - 'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF'; - break; - // see http://tools.ietf.org/html/rfc3526#section-3 - case 'diffie-hellman-group14-sha1': // 2048-bit MODP Group - case 'diffie-hellman-group14-sha256': - $prime = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' . - '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' . - '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' . - 'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF05' . - '98DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB' . - '9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B' . - 'E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718' . - '3995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF'; - break; - // see https://tools.ietf.org/html/rfc3526#section-4 - case 'diffie-hellman-group15-sha512': // 3072-bit MODP Group - $prime = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' . - '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' . - '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' . - 'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF05' . - '98DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB' . - '9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B' . - 'E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718' . - '3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33' . - 'A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7' . - 'ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864' . - 'D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E2' . - '08E24FA074E5AB3143DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF'; - break; - // see https://tools.ietf.org/html/rfc3526#section-5 - case 'diffie-hellman-group16-sha512': // 4096-bit MODP Group - $prime = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' . - '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' . - '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' . - 'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF05' . - '98DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB' . - '9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B' . - 'E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718' . - '3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33' . - 'A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7' . - 'ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864' . - 'D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E2' . - '08E24FA074E5AB3143DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7' . - '88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8' . - 'DBBBC2DB04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2' . - '233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9' . - '93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199FFFFFFFFFFFFFFFF'; - break; - // see https://tools.ietf.org/html/rfc3526#section-6 - case 'diffie-hellman-group17-sha512': // 6144-bit MODP Group - $prime = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' . - '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' . - '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' . - 'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF05' . - '98DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB' . - '9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B' . - 'E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718' . - '3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33' . - 'A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7' . - 'ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864' . - 'D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E2' . - '08E24FA074E5AB3143DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7' . - '88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8' . - 'DBBBC2DB04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2' . - '233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9' . - '93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C93402849236C3FAB4D27C7026' . - 'C1D4DCB2602646DEC9751E763DBA37BDF8FF9406AD9E530EE5DB382F413001AE' . - 'B06A53ED9027D831179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1B' . - 'DB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF5983CA01C64B92EC' . - 'F032EA15D1721D03F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E' . - '59E7C97FBEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA' . - 'CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58BB7C5DA76' . - 'F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632387FE8D76E3C0468' . - '043E8F663F4860EE12BF2D5B0B7474D6E694F91E6DCC4024FFFFFFFFFFFFFFFF'; - break; - // see https://tools.ietf.org/html/rfc3526#section-7 - case 'diffie-hellman-group18-sha512': // 8192-bit MODP Group - $prime = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' . - '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' . - '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' . - 'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF05' . - '98DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB' . - '9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B' . - 'E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718' . - '3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33' . - 'A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7' . - 'ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864' . - 'D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E2' . - '08E24FA074E5AB3143DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7' . - '88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8' . - 'DBBBC2DB04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2' . - '233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9' . - '93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C93402849236C3FAB4D27C7026' . - 'C1D4DCB2602646DEC9751E763DBA37BDF8FF9406AD9E530EE5DB382F413001AE' . - 'B06A53ED9027D831179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1B' . - 'DB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF5983CA01C64B92EC' . - 'F032EA15D1721D03F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E' . - '59E7C97FBEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA' . - 'CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58BB7C5DA76' . - 'F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632387FE8D76E3C0468' . - '043E8F663F4860EE12BF2D5B0B7474D6E694F91E6DBE115974A3926F12FEE5E4' . - '38777CB6A932DF8CD8BEC4D073B931BA3BC832B68D9DD300741FA7BF8AFC47ED' . - '2576F6936BA424663AAB639C5AE4F5683423B4742BF1C978238F16CBE39D652D' . - 'E3FDB8BEFC848AD922222E04A4037C0713EB57A81A23F0C73473FC646CEA306B' . - '4BCBC8862F8385DDFA9D4B7FA2C087E879683303ED5BDD3A062B3CF5B3A278A6' . - '6D2A13F83F44F82DDF310EE074AB6A364597E899A0255DC164F31CC50846851D' . - 'F9AB48195DED7EA1B1D510BD7EE74D73FAF36BC31ECFA268359046F4EB879F92' . - '4009438B481C6CD7889A002ED5EE382BC9190DA6FC026E479558E4475677E9AA' . - '9E3050E2765694DFC81F56E880B96E7160C980DD98EDD3DFFFFFFFFFFFFFFFFF'; - break; - default: - throw new \InvalidArgumentException('Invalid named prime provided'); - } - - $params->prime = new BigInteger($prime, 16); - $params->base = new BigInteger(2); - - return $params; - } - - /** - * Create public / private key pair. - * - * The rationale for the second parameter is described in http://tools.ietf.org/html/rfc4419#section-6.2 : - * - * "To increase the speed of the key exchange, both client and server may - * reduce the size of their private exponents. It should be at least - * twice as long as the key material that is generated from the shared - * secret. For more details, see the paper by van Oorschot and Wiener - * [VAN-OORSCHOT]." - * - * $length is in bits - * - * @param Parameters $params - * @param int $length optional - * @return DH\PrivateKey - */ - public static function createKey(Parameters $params, $length = 0) - { - $class = new \ReflectionClass(static::class); - if ($class->isFinal()) { - throw new \RuntimeException('createKey() should not be called from final classes (' . static::class . ')'); - } - - $one = new BigInteger(1); - if ($length) { - $max = $one->bitwise_leftShift($length); - $max = $max->subtract($one); - } else { - $max = $params->prime->subtract($one); - } - - $key = new PrivateKey(); - $key->prime = $params->prime; - $key->base = $params->base; - $key->privateKey = BigInteger::randomRange($one, $max); - $key->publicKey = $key->base->powMod($key->privateKey, $key->prime); - return $key; - } - - /** - * Compute Shared Secret - * - * @param PrivateKey|EC $private - * @param PublicKey|BigInteger|string $public - * @return mixed - */ - public static function computeSecret($private, $public) - { - if ($private instanceof PrivateKey) { // DH\PrivateKey - switch (true) { - case $public instanceof PublicKey: - if (!$private->prime->equals($public->prime) || !$private->base->equals($public->base)) { - throw new \InvalidArgumentException('The public and private key do not share the same prime and / or base numbers'); - } - return $public->publicKey->powMod($private->privateKey, $private->prime)->toBytes(true); - case is_string($public): - $public = new BigInteger($public, -256); - // fall-through - case $public instanceof BigInteger: - return $public->powMod($private->privateKey, $private->prime)->toBytes(true); - default: - throw new \InvalidArgumentException('$public needs to be an instance of DH\PublicKey, a BigInteger or a string'); - } - } - - if ($private instanceof EC\PrivateKey) { - switch (true) { - case $public instanceof EC\PublicKey: - $public = $public->getEncodedCoordinates(); - // fall-through - case is_string($public): - $point = $private->multiply($public); - switch ($private->getCurve()) { - case 'Curve25519': - case 'Curve448': - $secret = $point; - break; - default: - // according to https://www.secg.org/sec1-v2.pdf#page=33 only X is returned - $secret = substr($point, 1, (strlen($point) - 1) >> 1); - } - /* - if (($secret[0] & "\x80") === "\x80") { - $secret = "\0$secret"; - } - */ - return $secret; - default: - throw new \InvalidArgumentException('$public needs to be an instance of EC\PublicKey or a string (an encoded coordinate)'); - } - } - } - - /** - * Load the key - * - * @param string $key - * @param string $password optional - * @return AsymmetricKey - */ - public static function load($key, $password = false) - { - try { - return EC::load($key, $password); - } catch (NoKeyLoadedException $e) { - } - - return parent::load($key, $password); - } - - /** - * OnLoad Handler - * - * @return bool - */ - protected static function onLoad(array $components) - { - if (!isset($components['privateKey']) && !isset($components['publicKey'])) { - $new = new Parameters(); - } else { - $new = isset($components['privateKey']) ? - new PrivateKey() : - new PublicKey(); - } - - $new->prime = $components['prime']; - $new->base = $components['base']; - - if (isset($components['privateKey'])) { - $new->privateKey = $components['privateKey']; - } - if (isset($components['publicKey'])) { - $new->publicKey = $components['publicKey']; - } - - return $new; - } - - /** - * Determines which hashing function should be used - * - * @param string $hash - */ - public function withHash($hash) - { - throw new UnsupportedOperationException('DH does not use a hash algorithm'); - } - - /** - * Returns the hash algorithm currently being used - * - */ - public function getHash() - { - throw new UnsupportedOperationException('DH does not use a hash algorithm'); - } - - /** - * Returns the parameters - * - * A public / private key is only returned if the currently loaded "key" contains an x or y - * value. - * - * @see self::getPublicKey() - * @return mixed - */ - public function getParameters() - { - $type = DH::validatePlugin('Keys', 'PKCS1', 'saveParameters'); - - $key = $type::saveParameters($this->prime, $this->base); - return DH::load($key, 'PKCS1'); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/Formats/Keys/PKCS1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/Formats/Keys/PKCS1.php deleted file mode 100644 index 65a0a5d..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/Formats/Keys/PKCS1.php +++ /dev/null @@ -1,77 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\DH\Formats\Keys; - -use phpseclib3\Crypt\Common\Formats\Keys\PKCS1 as Progenitor; -use phpseclib3\File\ASN1; -use phpseclib3\File\ASN1\Maps; -use phpseclib3\Math\BigInteger; - -/** - * "PKCS1" Formatted DH Key Handler - * - * @author Jim Wigginton - */ -abstract class PKCS1 extends Progenitor -{ - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password optional - * @return array - */ - public static function load($key, $password = '') - { - $key = parent::load($key, $password); - - $decoded = ASN1::decodeBER($key); - if (!$decoded) { - throw new \RuntimeException('Unable to decode BER'); - } - - $components = ASN1::asn1map($decoded[0], Maps\DHParameter::MAP); - if (!is_array($components)) { - throw new \RuntimeException('Unable to perform ASN1 mapping on parameters'); - } - - return $components; - } - - /** - * Convert EC parameters to the appropriate format - * - * @return string - */ - public static function saveParameters(BigInteger $prime, BigInteger $base, array $options = []) - { - $params = [ - 'prime' => $prime, - 'base' => $base - ]; - $params = ASN1::encodeDER($params, Maps\DHParameter::MAP); - - return "-----BEGIN DH PARAMETERS-----\r\n" . - chunk_split(base64_encode($params), 64) . - "-----END DH PARAMETERS-----\r\n"; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/Formats/Keys/PKCS8.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/Formats/Keys/PKCS8.php deleted file mode 100644 index c330a3c..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/Formats/Keys/PKCS8.php +++ /dev/null @@ -1,132 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\DH\Formats\Keys; - -use phpseclib3\Crypt\Common\Formats\Keys\PKCS8 as Progenitor; -use phpseclib3\File\ASN1; -use phpseclib3\File\ASN1\Maps; -use phpseclib3\Math\BigInteger; - -/** - * PKCS#8 Formatted DH Key Handler - * - * @author Jim Wigginton - */ -abstract class PKCS8 extends Progenitor -{ - /** - * OID Name - * - * @var string - */ - const OID_NAME = 'dhKeyAgreement'; - - /** - * OID Value - * - * @var string - */ - const OID_VALUE = '1.2.840.113549.1.3.1'; - - /** - * Child OIDs loaded - * - * @var bool - */ - protected static $childOIDsLoaded = false; - - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password optional - * @return array - */ - public static function load($key, $password = '') - { - $key = parent::load($key, $password); - - $type = isset($key['privateKey']) ? 'privateKey' : 'publicKey'; - - $decoded = ASN1::decodeBER($key[$type . 'Algorithm']['parameters']->element); - if (empty($decoded)) { - throw new \RuntimeException('Unable to decode BER of parameters'); - } - $components = ASN1::asn1map($decoded[0], Maps\DHParameter::MAP); - if (!is_array($components)) { - throw new \RuntimeException('Unable to perform ASN1 mapping on parameters'); - } - - $decoded = ASN1::decodeBER($key[$type]); - switch (true) { - case !isset($decoded): - case !isset($decoded[0]['content']): - case !$decoded[0]['content'] instanceof BigInteger: - throw new \RuntimeException('Unable to decode BER of parameters'); - } - $components[$type] = $decoded[0]['content']; - - return $components; - } - - /** - * Convert a private key to the appropriate format. - * - * @param \phpseclib3\Math\BigInteger $prime - * @param \phpseclib3\Math\BigInteger $base - * @param \phpseclib3\Math\BigInteger $privateKey - * @param \phpseclib3\Math\BigInteger $publicKey - * @param string $password optional - * @param array $options optional - * @return string - */ - public static function savePrivateKey(BigInteger $prime, BigInteger $base, BigInteger $privateKey, BigInteger $publicKey, $password = '', array $options = []) - { - $params = [ - 'prime' => $prime, - 'base' => $base - ]; - $params = ASN1::encodeDER($params, Maps\DHParameter::MAP); - $params = new ASN1\Element($params); - $key = ASN1::encodeDER($privateKey, ['type' => ASN1::TYPE_INTEGER]); - return self::wrapPrivateKey($key, [], $params, $password, null, '', $options); - } - - /** - * Convert a public key to the appropriate format - * - * @param \phpseclib3\Math\BigInteger $prime - * @param \phpseclib3\Math\BigInteger $base - * @param \phpseclib3\Math\BigInteger $publicKey - * @param array $options optional - * @return string - */ - public static function savePublicKey(BigInteger $prime, BigInteger $base, BigInteger $publicKey, array $options = []) - { - $params = [ - 'prime' => $prime, - 'base' => $base - ]; - $params = ASN1::encodeDER($params, Maps\DHParameter::MAP); - $params = new ASN1\Element($params); - $key = ASN1::encodeDER($publicKey, ['type' => ASN1::TYPE_INTEGER]); - return self::wrapPublicKey($key, $params); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/Parameters.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/Parameters.php deleted file mode 100644 index c0ded84..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/Parameters.php +++ /dev/null @@ -1,36 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\DH; - -use phpseclib3\Crypt\DH; - -/** - * DH Parameters - * - * @author Jim Wigginton - */ -final class Parameters extends DH -{ - /** - * Returns the parameters - * - * @param string $type - * @param array $options optional - * @return string - */ - public function toString($type = 'PKCS1', array $options = []) - { - $type = self::validatePlugin('Keys', 'PKCS1', 'saveParameters'); - - return $type::saveParameters($this->prime, $this->base, $options); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/PrivateKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/PrivateKey.php deleted file mode 100644 index 737781f..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/PrivateKey.php +++ /dev/null @@ -1,75 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\DH; - -use phpseclib3\Crypt\Common; -use phpseclib3\Crypt\DH; - -/** - * DH Private Key - * - * @author Jim Wigginton - */ -final class PrivateKey extends DH -{ - use Common\Traits\PasswordProtected; - - /** - * Private Key - * - * @var \phpseclib3\Math\BigInteger - */ - protected $privateKey; - - /** - * Public Key - * - * @var \phpseclib3\Math\BigInteger - */ - protected $publicKey; - - /** - * Returns the public key - * - * @return DH\PublicKey - */ - public function getPublicKey() - { - $type = self::validatePlugin('Keys', 'PKCS8', 'savePublicKey'); - - if (!isset($this->publicKey)) { - $this->publicKey = $this->base->powMod($this->privateKey, $this->prime); - } - - $key = $type::savePublicKey($this->prime, $this->base, $this->publicKey); - - return DH::loadFormat('PKCS8', $key); - } - - /** - * Returns the private key - * - * @param string $type - * @param array $options optional - * @return string - */ - public function toString($type, array $options = []) - { - $type = self::validatePlugin('Keys', $type, 'savePrivateKey'); - - if (!isset($this->publicKey)) { - $this->publicKey = $this->base->powMod($this->privateKey, $this->prime); - } - - return $type::savePrivateKey($this->prime, $this->base, $this->privateKey, $this->publicKey, $this->password, $options); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/PublicKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/PublicKey.php deleted file mode 100644 index 87726a5..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DH/PublicKey.php +++ /dev/null @@ -1,49 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\DH; - -use phpseclib3\Crypt\Common; -use phpseclib3\Crypt\DH; - -/** - * DH Public Key - * - * @author Jim Wigginton - */ -final class PublicKey extends DH -{ - use Common\Traits\Fingerprint; - - /** - * Returns the public key - * - * @param string $type - * @param array $options optional - * @return string - */ - public function toString($type, array $options = []) - { - $type = self::validatePlugin('Keys', $type, 'savePublicKey'); - - return $type::savePublicKey($this->prime, $this->base, $this->publicKey, $options); - } - - /** - * Returns the public key as a BigInteger - * - * @return \phpseclib3\Math\BigInteger - */ - public function toBigInteger() - { - return $this->publicKey; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA.php deleted file mode 100644 index 0123c66..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA.php +++ /dev/null @@ -1,337 +0,0 @@ - - * getPublicKey(); - * - * $plaintext = 'terrafrost'; - * - * $signature = $private->sign($plaintext); - * - * echo $public->verify($plaintext, $signature) ? 'verified' : 'unverified'; - * ?> - * - * - * @author Jim Wigginton - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt; - -use phpseclib3\Crypt\Common\AsymmetricKey; -use phpseclib3\Crypt\DSA\Parameters; -use phpseclib3\Crypt\DSA\PrivateKey; -use phpseclib3\Crypt\DSA\PublicKey; -use phpseclib3\Exception\InsufficientSetupException; -use phpseclib3\Math\BigInteger; - -/** - * Pure-PHP FIPS 186-4 compliant implementation of DSA. - * - * @author Jim Wigginton - */ -abstract class DSA extends AsymmetricKey -{ - /** - * Algorithm Name - * - * @var string - */ - const ALGORITHM = 'DSA'; - - /** - * DSA Prime P - * - * @var \phpseclib3\Math\BigInteger - */ - protected $p; - - /** - * DSA Group Order q - * - * Prime divisor of p-1 - * - * @var \phpseclib3\Math\BigInteger - */ - protected $q; - - /** - * DSA Group Generator G - * - * @var \phpseclib3\Math\BigInteger - */ - protected $g; - - /** - * DSA public key value y - * - * @var \phpseclib3\Math\BigInteger - */ - protected $y; - - /** - * Signature Format - * - * @var string - */ - protected $sigFormat; - - /** - * Signature Format (Short) - * - * @var string - */ - protected $shortFormat; - - /** - * Create DSA parameters - * - * @param int $L - * @param int $N - * @return \phpseclib3\Crypt\DSA|bool - */ - public static function createParameters($L = 2048, $N = 224) - { - self::initialize_static_variables(); - - $class = new \ReflectionClass(static::class); - if ($class->isFinal()) { - throw new \RuntimeException('createParameters() should not be called from final classes (' . static::class . ')'); - } - - if (!isset(self::$engines['PHP'])) { - self::useBestEngine(); - } - - switch (true) { - case $N == 160: - /* - in FIPS 186-1 and 186-2 N was fixed at 160 whereas K had an upper bound of 1024. - RFC 4253 (SSH Transport Layer Protocol) references FIPS 186-2 and as such most - SSH DSA implementations only support keys with an N of 160. - puttygen let's you set the size of L (but not the size of N) and uses 2048 as the - default L value. that's not really compliant with any of the FIPS standards, however, - for the purposes of maintaining compatibility with puttygen, we'll support it - */ - //case ($L >= 512 || $L <= 1024) && (($L & 0x3F) == 0) && $N == 160: - // FIPS 186-3 changed this as follows: - //case $L == 1024 && $N == 160: - case $L == 2048 && $N == 224: - case $L == 2048 && $N == 256: - case $L == 3072 && $N == 256: - break; - default: - throw new \InvalidArgumentException('Invalid values for N and L'); - } - - $two = new BigInteger(2); - - $q = BigInteger::randomPrime($N); - $divisor = $q->multiply($two); - - do { - $x = BigInteger::random($L); - list(, $c) = $x->divide($divisor); - $p = $x->subtract($c->subtract(self::$one)); - } while ($p->getLength() != $L || !$p->isPrime()); - - $p_1 = $p->subtract(self::$one); - list($e) = $p_1->divide($q); - - // quoting http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf#page=50 , - // "h could be obtained from a random number generator or from a counter that - // changes after each use". PuTTY (sshdssg.c) starts h off at 1 and increments - // it on each loop. wikipedia says "commonly h = 2 is used" so we'll just do that - $h = clone $two; - while (true) { - $g = $h->powMod($e, $p); - if (!$g->equals(self::$one)) { - break; - } - $h = $h->add(self::$one); - } - - $dsa = new Parameters(); - $dsa->p = $p; - $dsa->q = $q; - $dsa->g = $g; - - return $dsa; - } - - /** - * Create public / private key pair. - * - * This method is a bit polymorphic. It can take a DSA/Parameters object, L / N as two distinct parameters or - * no parameters (at which point L and N will be generated with this method) - * - * Returns the private key, from which the publickey can be extracted - * - * @param int[] ...$args - * @return DSA\PrivateKey - */ - public static function createKey(...$args) - { - self::initialize_static_variables(); - - $class = new \ReflectionClass(static::class); - if ($class->isFinal()) { - throw new \RuntimeException('createKey() should not be called from final classes (' . static::class . ')'); - } - - if (!isset(self::$engines['PHP'])) { - self::useBestEngine(); - } - - if (count($args) == 2 && is_int($args[0]) && is_int($args[1])) { - $params = self::createParameters($args[0], $args[1]); - } elseif (count($args) == 1 && $args[0] instanceof Parameters) { - $params = $args[0]; - } elseif (!count($args)) { - $params = self::createParameters(); - } else { - throw new InsufficientSetupException('Valid parameters are either two integers (L and N), a single DSA object or no parameters at all.'); - } - - $private = new PrivateKey(); - $private->p = $params->p; - $private->q = $params->q; - $private->g = $params->g; - - $private->x = BigInteger::randomRange(self::$one, $private->q->subtract(self::$one)); - $private->y = $private->g->powMod($private->x, $private->p); - - //$public = clone $private; - //unset($public->x); - - return $private - ->withHash($params->hash->getHash()) - ->withSignatureFormat($params->shortFormat); - } - - /** - * OnLoad Handler - * - * @return bool - */ - protected static function onLoad(array $components) - { - if (!isset(self::$engines['PHP'])) { - self::useBestEngine(); - } - - if (!isset($components['x']) && !isset($components['y'])) { - $new = new Parameters(); - } elseif (isset($components['x'])) { - $new = new PrivateKey(); - $new->x = $components['x']; - } else { - $new = new PublicKey(); - } - - $new->p = $components['p']; - $new->q = $components['q']; - $new->g = $components['g']; - - if (isset($components['y'])) { - $new->y = $components['y']; - } - - return $new; - } - - /** - * Constructor - * - * PublicKey and PrivateKey objects can only be created from abstract RSA class - */ - protected function __construct() - { - $this->sigFormat = self::validatePlugin('Signature', 'ASN1'); - $this->shortFormat = 'ASN1'; - - parent::__construct(); - } - - /** - * Returns the key size - * - * More specifically, this L (the length of DSA Prime P) and N (the length of DSA Group Order q) - * - * @return array - */ - public function getLength() - { - return ['L' => $this->p->getLength(), 'N' => $this->q->getLength()]; - } - - /** - * Returns the current engine being used - * - * @see self::useInternalEngine() - * @see self::useBestEngine() - * @return string - */ - public function getEngine() - { - if (!isset(self::$engines['PHP'])) { - self::useBestEngine(); - } - return self::$engines['OpenSSL'] && in_array($this->hash->getHash(), openssl_get_md_methods()) ? - 'OpenSSL' : 'PHP'; - } - - /** - * Returns the parameters - * - * A public / private key is only returned if the currently loaded "key" contains an x or y - * value. - * - * @see self::getPublicKey() - * @return mixed - */ - public function getParameters() - { - $type = self::validatePlugin('Keys', 'PKCS1', 'saveParameters'); - - $key = $type::saveParameters($this->p, $this->q, $this->g); - return DSA::load($key, 'PKCS1') - ->withHash($this->hash->getHash()) - ->withSignatureFormat($this->shortFormat); - } - - /** - * Determines the signature padding mode - * - * Valid values are: ASN1, SSH2, Raw - * - * @param string $format - */ - public function withSignatureFormat($format) - { - $new = clone $this; - $new->shortFormat = $format; - $new->sigFormat = self::validatePlugin('Signature', $format); - return $new; - } - - /** - * Returns the signature format currently being used - * - */ - public function getSignatureFormat() - { - return $this->shortFormat; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/OpenSSH.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/OpenSSH.php deleted file mode 100644 index cc204fa..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/OpenSSH.php +++ /dev/null @@ -1,118 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\DSA\Formats\Keys; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\Common\Formats\Keys\OpenSSH as Progenitor; -use phpseclib3\Math\BigInteger; - -/** - * OpenSSH Formatted DSA Key Handler - * - * @author Jim Wigginton - */ -abstract class OpenSSH extends Progenitor -{ - /** - * Supported Key Types - * - * @var array - */ - protected static $types = ['ssh-dss']; - - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password optional - * @return array - */ - public static function load($key, $password = '') - { - $parsed = parent::load($key, $password); - - if (isset($parsed['paddedKey'])) { - list($type) = Strings::unpackSSH2('s', $parsed['paddedKey']); - if ($type != $parsed['type']) { - throw new \RuntimeException("The public and private keys are not of the same type ($type vs $parsed[type])"); - } - - list($p, $q, $g, $y, $x, $comment) = Strings::unpackSSH2('i5s', $parsed['paddedKey']); - - return compact('p', 'q', 'g', 'y', 'x', 'comment'); - } - - list($p, $q, $g, $y) = Strings::unpackSSH2('iiii', $parsed['publicKey']); - - $comment = $parsed['comment']; - - return compact('p', 'q', 'g', 'y', 'comment'); - } - - /** - * Convert a public key to the appropriate format - * - * @param \phpseclib3\Math\BigInteger $p - * @param \phpseclib3\Math\BigInteger $q - * @param \phpseclib3\Math\BigInteger $g - * @param \phpseclib3\Math\BigInteger $y - * @param array $options optional - * @return string - */ - public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, array $options = []) - { - if ($q->getLength() != 160) { - throw new \InvalidArgumentException('SSH only supports keys with an N (length of Group Order q) of 160'); - } - - // from : - // string "ssh-dss" - // mpint p - // mpint q - // mpint g - // mpint y - $DSAPublicKey = Strings::packSSH2('siiii', 'ssh-dss', $p, $q, $g, $y); - - if (isset($options['binary']) ? $options['binary'] : self::$binary) { - return $DSAPublicKey; - } - - $comment = isset($options['comment']) ? $options['comment'] : self::$comment; - $DSAPublicKey = 'ssh-dss ' . base64_encode($DSAPublicKey) . ' ' . $comment; - - return $DSAPublicKey; - } - - /** - * Convert a private key to the appropriate format. - * - * @param \phpseclib3\Math\BigInteger $p - * @param \phpseclib3\Math\BigInteger $q - * @param \phpseclib3\Math\BigInteger $g - * @param \phpseclib3\Math\BigInteger $y - * @param \phpseclib3\Math\BigInteger $x - * @param string $password optional - * @param array $options optional - * @return string - */ - public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '', array $options = []) - { - $publicKey = self::savePublicKey($p, $q, $g, $y, ['binary' => true]); - $privateKey = Strings::packSSH2('si5', 'ssh-dss', $p, $q, $g, $y, $x); - - return self::wrapPrivateKey($publicKey, $privateKey, $password, $options); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PKCS1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PKCS1.php deleted file mode 100644 index 52a0499..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PKCS1.php +++ /dev/null @@ -1,143 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\DSA\Formats\Keys; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\Common\Formats\Keys\PKCS1 as Progenitor; -use phpseclib3\File\ASN1; -use phpseclib3\File\ASN1\Maps; -use phpseclib3\Math\BigInteger; - -/** - * PKCS#1 Formatted DSA Key Handler - * - * @author Jim Wigginton - */ -abstract class PKCS1 extends Progenitor -{ - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password optional - * @return array - */ - public static function load($key, $password = '') - { - $key = parent::load($key, $password); - - $decoded = ASN1::decodeBER($key); - if (!$decoded) { - throw new \RuntimeException('Unable to decode BER'); - } - - $key = ASN1::asn1map($decoded[0], Maps\DSAParams::MAP); - if (is_array($key)) { - return $key; - } - - $key = ASN1::asn1map($decoded[0], Maps\DSAPrivateKey::MAP); - if (is_array($key)) { - return $key; - } - - $key = ASN1::asn1map($decoded[0], Maps\DSAPublicKey::MAP); - if (is_array($key)) { - return $key; - } - - throw new \RuntimeException('Unable to perform ASN1 mapping'); - } - - /** - * Convert DSA parameters to the appropriate format - * - * @param \phpseclib3\Math\BigInteger $p - * @param \phpseclib3\Math\BigInteger $q - * @param \phpseclib3\Math\BigInteger $g - * @return string - */ - public static function saveParameters(BigInteger $p, BigInteger $q, BigInteger $g) - { - $key = [ - 'p' => $p, - 'q' => $q, - 'g' => $g - ]; - - $key = ASN1::encodeDER($key, Maps\DSAParams::MAP); - - return "-----BEGIN DSA PARAMETERS-----\r\n" . - chunk_split(Strings::base64_encode($key), 64) . - "-----END DSA PARAMETERS-----\r\n"; - } - - /** - * Convert a private key to the appropriate format. - * - * @param \phpseclib3\Math\BigInteger $p - * @param \phpseclib3\Math\BigInteger $q - * @param \phpseclib3\Math\BigInteger $g - * @param \phpseclib3\Math\BigInteger $y - * @param \phpseclib3\Math\BigInteger $x - * @param string $password optional - * @param array $options optional - * @return string - */ - public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '', array $options = []) - { - $key = [ - 'version' => 0, - 'p' => $p, - 'q' => $q, - 'g' => $g, - 'y' => $y, - 'x' => $x - ]; - - $key = ASN1::encodeDER($key, Maps\DSAPrivateKey::MAP); - - return self::wrapPrivateKey($key, 'DSA', $password, $options); - } - - /** - * Convert a public key to the appropriate format - * - * @param \phpseclib3\Math\BigInteger $p - * @param \phpseclib3\Math\BigInteger $q - * @param \phpseclib3\Math\BigInteger $g - * @param \phpseclib3\Math\BigInteger $y - * @return string - */ - public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y) - { - $key = ASN1::encodeDER($y, Maps\DSAPublicKey::MAP); - - return self::wrapPublicKey($key, 'DSA'); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PKCS8.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PKCS8.php deleted file mode 100644 index 004881e..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PKCS8.php +++ /dev/null @@ -1,146 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\DSA\Formats\Keys; - -use phpseclib3\Crypt\Common\Formats\Keys\PKCS8 as Progenitor; -use phpseclib3\File\ASN1; -use phpseclib3\File\ASN1\Maps; -use phpseclib3\Math\BigInteger; - -/** - * PKCS#8 Formatted DSA Key Handler - * - * @author Jim Wigginton - */ -abstract class PKCS8 extends Progenitor -{ - /** - * OID Name - * - * @var string - */ - const OID_NAME = 'id-dsa'; - - /** - * OID Value - * - * @var string - */ - const OID_VALUE = '1.2.840.10040.4.1'; - - /** - * Child OIDs loaded - * - * @var bool - */ - protected static $childOIDsLoaded = false; - - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password optional - * @return array - */ - public static function load($key, $password = '') - { - $key = parent::load($key, $password); - - $type = isset($key['privateKey']) ? 'privateKey' : 'publicKey'; - - $decoded = ASN1::decodeBER($key[$type . 'Algorithm']['parameters']->element); - if (!$decoded) { - throw new \RuntimeException('Unable to decode BER of parameters'); - } - $components = ASN1::asn1map($decoded[0], Maps\DSAParams::MAP); - if (!is_array($components)) { - throw new \RuntimeException('Unable to perform ASN1 mapping on parameters'); - } - - $decoded = ASN1::decodeBER($key[$type]); - if (empty($decoded)) { - throw new \RuntimeException('Unable to decode BER'); - } - - $var = $type == 'privateKey' ? 'x' : 'y'; - $components[$var] = ASN1::asn1map($decoded[0], Maps\DSAPublicKey::MAP); - if (!$components[$var] instanceof BigInteger) { - throw new \RuntimeException('Unable to perform ASN1 mapping'); - } - - if (isset($key['meta'])) { - $components['meta'] = $key['meta']; - } - - return $components; - } - - /** - * Convert a private key to the appropriate format. - * - * @param \phpseclib3\Math\BigInteger $p - * @param \phpseclib3\Math\BigInteger $q - * @param \phpseclib3\Math\BigInteger $g - * @param \phpseclib3\Math\BigInteger $y - * @param \phpseclib3\Math\BigInteger $x - * @param string $password optional - * @param array $options optional - * @return string - */ - public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '', array $options = []) - { - $params = [ - 'p' => $p, - 'q' => $q, - 'g' => $g - ]; - $params = ASN1::encodeDER($params, Maps\DSAParams::MAP); - $params = new ASN1\Element($params); - $key = ASN1::encodeDER($x, Maps\DSAPublicKey::MAP); - return self::wrapPrivateKey($key, [], $params, $password, null, '', $options); - } - - /** - * Convert a public key to the appropriate format - * - * @param \phpseclib3\Math\BigInteger $p - * @param \phpseclib3\Math\BigInteger $q - * @param \phpseclib3\Math\BigInteger $g - * @param \phpseclib3\Math\BigInteger $y - * @param array $options optional - * @return string - */ - public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, array $options = []) - { - $params = [ - 'p' => $p, - 'q' => $q, - 'g' => $g - ]; - $params = ASN1::encodeDER($params, Maps\DSAParams::MAP); - $params = new ASN1\Element($params); - $key = ASN1::encodeDER($y, Maps\DSAPublicKey::MAP); - return self::wrapPublicKey($key, $params); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PuTTY.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PuTTY.php deleted file mode 100644 index 177bfdd..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PuTTY.php +++ /dev/null @@ -1,109 +0,0 @@ - 160 kinda useless, hence this handlers not supporting such keys. - * - * PHP version 5 - * - * @author Jim Wigginton - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\DSA\Formats\Keys; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\Common\Formats\Keys\PuTTY as Progenitor; -use phpseclib3\Math\BigInteger; - -/** - * PuTTY Formatted DSA Key Handler - * - * @author Jim Wigginton - */ -abstract class PuTTY extends Progenitor -{ - /** - * Public Handler - * - * @var string - */ - const PUBLIC_HANDLER = 'phpseclib3\Crypt\DSA\Formats\Keys\OpenSSH'; - - /** - * Algorithm Identifier - * - * @var array - */ - protected static $types = ['ssh-dss']; - - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password optional - * @return array - */ - public static function load($key, $password = '') - { - $components = parent::load($key, $password); - if (!isset($components['private'])) { - return $components; - } - extract($components); - unset($components['public'], $components['private']); - - list($p, $q, $g, $y) = Strings::unpackSSH2('iiii', $public); - list($x) = Strings::unpackSSH2('i', $private); - - return compact('p', 'q', 'g', 'y', 'x', 'comment'); - } - - /** - * Convert a private key to the appropriate format. - * - * @param \phpseclib3\Math\BigInteger $p - * @param \phpseclib3\Math\BigInteger $q - * @param \phpseclib3\Math\BigInteger $g - * @param \phpseclib3\Math\BigInteger $y - * @param \phpseclib3\Math\BigInteger $x - * @param string $password optional - * @param array $options optional - * @return string - */ - public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = false, array $options = []) - { - if ($q->getLength() != 160) { - throw new \InvalidArgumentException('SSH only supports keys with an N (length of Group Order q) of 160'); - } - - $public = Strings::packSSH2('iiii', $p, $q, $g, $y); - $private = Strings::packSSH2('i', $x); - - return self::wrapPrivateKey($public, $private, 'ssh-dss', $password, $options); - } - - /** - * Convert a public key to the appropriate format - * - * @param \phpseclib3\Math\BigInteger $p - * @param \phpseclib3\Math\BigInteger $q - * @param \phpseclib3\Math\BigInteger $g - * @param \phpseclib3\Math\BigInteger $y - * @return string - */ - public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y) - { - if ($q->getLength() != 160) { - throw new \InvalidArgumentException('SSH only supports keys with an N (length of Group Order q) of 160'); - } - - return self::wrapPublicKey(Strings::packSSH2('iiii', $p, $q, $g, $y), 'ssh-dss'); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/Raw.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/Raw.php deleted file mode 100644 index 201aa6f..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/Raw.php +++ /dev/null @@ -1,85 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\DSA\Formats\Keys; - -use phpseclib3\Math\BigInteger; - -/** - * Raw DSA Key Handler - * - * @author Jim Wigginton - */ -abstract class Raw -{ - /** - * Break a public or private key down into its constituent components - * - * @param array $key - * @param string $password optional - * @return array - */ - public static function load($key, $password = '') - { - if (!is_array($key)) { - throw new \UnexpectedValueException('Key should be a array - not a ' . gettype($key)); - } - - switch (true) { - case !isset($key['p']) || !isset($key['q']) || !isset($key['g']): - case !$key['p'] instanceof BigInteger: - case !$key['q'] instanceof BigInteger: - case !$key['g'] instanceof BigInteger: - case !isset($key['x']) && !isset($key['y']): - case isset($key['x']) && !$key['x'] instanceof BigInteger: - case isset($key['y']) && !$key['y'] instanceof BigInteger: - throw new \UnexpectedValueException('Key appears to be malformed'); - } - - $options = ['p' => 1, 'q' => 1, 'g' => 1, 'x' => 1, 'y' => 1]; - - return array_intersect_key($key, $options); - } - - /** - * Convert a private key to the appropriate format. - * - * @param \phpseclib3\Math\BigInteger $p - * @param \phpseclib3\Math\BigInteger $q - * @param \phpseclib3\Math\BigInteger $g - * @param \phpseclib3\Math\BigInteger $y - * @param \phpseclib3\Math\BigInteger $x - * @param string $password optional - * @return string - */ - public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '') - { - return compact('p', 'q', 'g', 'y', 'x'); - } - - /** - * Convert a public key to the appropriate format - * - * @param \phpseclib3\Math\BigInteger $p - * @param \phpseclib3\Math\BigInteger $q - * @param \phpseclib3\Math\BigInteger $g - * @param \phpseclib3\Math\BigInteger $y - * @return string - */ - public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y) - { - return compact('p', 'q', 'g', 'y'); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/XML.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/XML.php deleted file mode 100644 index fc36367..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/XML.php +++ /dev/null @@ -1,132 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\DSA\Formats\Keys; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Exception\BadConfigurationException; -use phpseclib3\Math\BigInteger; - -/** - * XML Formatted DSA Key Handler - * - * @author Jim Wigginton - */ -abstract class XML -{ - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password optional - * @return array - */ - public static function load($key, $password = '') - { - if (!Strings::is_stringable($key)) { - throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); - } - - if (!class_exists('DOMDocument')) { - throw new BadConfigurationException('The dom extension is not setup correctly on this system'); - } - - $use_errors = libxml_use_internal_errors(true); - - $dom = new \DOMDocument(); - if (substr($key, 0, 5) != '' . $key . ''; - } - if (!$dom->loadXML($key)) { - libxml_use_internal_errors($use_errors); - throw new \UnexpectedValueException('Key does not appear to contain XML'); - } - $xpath = new \DOMXPath($dom); - $keys = ['p', 'q', 'g', 'y', 'j', 'seed', 'pgencounter']; - foreach ($keys as $key) { - // $dom->getElementsByTagName($key) is case-sensitive - $temp = $xpath->query("//*[translate(local-name(), 'ABCDEFGHIJKLMNOPQRSTUVWXYZ','abcdefghijklmnopqrstuvwxyz')='$key']"); - if (!$temp->length) { - continue; - } - $value = new BigInteger(Strings::base64_decode($temp->item(0)->nodeValue), 256); - switch ($key) { - case 'p': // a prime modulus meeting the [DSS] requirements - // Parameters P, Q, and G can be public and common to a group of users. They might be known - // from application context. As such, they are optional but P and Q must either both appear - // or both be absent - $components['p'] = $value; - break; - case 'q': // an integer in the range 2**159 < Q < 2**160 which is a prime divisor of P-1 - $components['q'] = $value; - break; - case 'g': // an integer with certain properties with respect to P and Q - $components['g'] = $value; - break; - case 'y': // G**X mod P (where X is part of the private key and not made public) - $components['y'] = $value; - // the remaining options do not do anything - case 'j': // (P - 1) / Q - // Parameter J is available for inclusion solely for efficiency as it is calculatable from - // P and Q - case 'seed': // a DSA prime generation seed - // Parameters seed and pgenCounter are used in the DSA prime number generation algorithm - // specified in [DSS]. As such, they are optional but must either both be present or both - // be absent - case 'pgencounter': // a DSA prime generation counter - } - } - - libxml_use_internal_errors($use_errors); - - if (!isset($components['y'])) { - throw new \UnexpectedValueException('Key is missing y component'); - } - - switch (true) { - case !isset($components['p']): - case !isset($components['q']): - case !isset($components['g']): - return ['y' => $components['y']]; - } - - return $components; - } - - /** - * Convert a public key to the appropriate format - * - * See https://www.w3.org/TR/xmldsig-core/#sec-DSAKeyValue - * - * @param \phpseclib3\Math\BigInteger $p - * @param \phpseclib3\Math\BigInteger $q - * @param \phpseclib3\Math\BigInteger $g - * @param \phpseclib3\Math\BigInteger $y - * @return string - */ - public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y) - { - return "\r\n" . - '

' . Strings::base64_encode($p->toBytes()) . "

\r\n" . - ' ' . Strings::base64_encode($q->toBytes()) . "\r\n" . - ' ' . Strings::base64_encode($g->toBytes()) . "\r\n" . - ' ' . Strings::base64_encode($y->toBytes()) . "\r\n" . - ''; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/ASN1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/ASN1.php deleted file mode 100644 index df52bee..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/ASN1.php +++ /dev/null @@ -1,62 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\DSA\Formats\Signature; - -use phpseclib3\File\ASN1 as Encoder; -use phpseclib3\File\ASN1\Maps; -use phpseclib3\Math\BigInteger; - -/** - * ASN1 Signature Handler - * - * @author Jim Wigginton - */ -abstract class ASN1 -{ - /** - * Loads a signature - * - * @param string $sig - * @return array|bool - */ - public static function load($sig) - { - if (!is_string($sig)) { - return false; - } - - $decoded = Encoder::decodeBER($sig); - if (empty($decoded)) { - return false; - } - $components = Encoder::asn1map($decoded[0], Maps\DssSigValue::MAP); - - return $components; - } - - /** - * Returns a signature in the appropriate format - * - * @param \phpseclib3\Math\BigInteger $r - * @param \phpseclib3\Math\BigInteger $s - * @return string - */ - public static function save(BigInteger $r, BigInteger $s) - { - return Encoder::encodeDER(compact('r', 's'), Maps\DssSigValue::MAP); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/Raw.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/Raw.php deleted file mode 100644 index 2657a2a..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/Raw.php +++ /dev/null @@ -1,25 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\DSA\Formats\Signature; - -use phpseclib3\Crypt\Common\Formats\Signature\Raw as Progenitor; - -/** - * Raw DSA Signature Handler - * - * @author Jim Wigginton - */ -abstract class Raw extends Progenitor -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/SSH2.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/SSH2.php deleted file mode 100644 index dbfceab..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/SSH2.php +++ /dev/null @@ -1,74 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\DSA\Formats\Signature; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Math\BigInteger; - -/** - * SSH2 Signature Handler - * - * @author Jim Wigginton - */ -abstract class SSH2 -{ - /** - * Loads a signature - * - * @param string $sig - * @return mixed - */ - public static function load($sig) - { - if (!is_string($sig)) { - return false; - } - - $result = Strings::unpackSSH2('ss', $sig); - if ($result === false) { - return false; - } - list($type, $blob) = $result; - if ($type != 'ssh-dss' || strlen($blob) != 40) { - return false; - } - - return [ - 'r' => new BigInteger(substr($blob, 0, 20), 256), - 's' => new BigInteger(substr($blob, 20), 256) - ]; - } - - /** - * Returns a signature in the appropriate format - * - * @param \phpseclib3\Math\BigInteger $r - * @param \phpseclib3\Math\BigInteger $s - * @return string - */ - public static function save(BigInteger $r, BigInteger $s) - { - if ($r->getLength() > 160 || $s->getLength() > 160) { - return false; - } - return Strings::packSSH2( - 'ss', - 'ssh-dss', - str_pad($r->toBytes(), 20, "\0", STR_PAD_LEFT) . - str_pad($s->toBytes(), 20, "\0", STR_PAD_LEFT) - ); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Parameters.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Parameters.php deleted file mode 100644 index 84d16ba..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/Parameters.php +++ /dev/null @@ -1,36 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\DSA; - -use phpseclib3\Crypt\DSA; - -/** - * DSA Parameters - * - * @author Jim Wigginton - */ -final class Parameters extends DSA -{ - /** - * Returns the parameters - * - * @param string $type - * @param array $options optional - * @return string - */ - public function toString($type = 'PKCS1', array $options = []) - { - $type = self::validatePlugin('Keys', 'PKCS1', 'saveParameters'); - - return $type::saveParameters($this->p, $this->q, $this->g, $options); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/PrivateKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/PrivateKey.php deleted file mode 100644 index 74d3e69..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/PrivateKey.php +++ /dev/null @@ -1,152 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\DSA; - -use phpseclib3\Crypt\Common; -use phpseclib3\Crypt\DSA; -use phpseclib3\Crypt\DSA\Formats\Signature\ASN1 as ASN1Signature; -use phpseclib3\Math\BigInteger; - -/** - * DSA Private Key - * - * @author Jim Wigginton - */ -final class PrivateKey extends DSA implements Common\PrivateKey -{ - use Common\Traits\PasswordProtected; - - /** - * DSA secret exponent x - * - * @var \phpseclib3\Math\BigInteger - */ - protected $x; - - /** - * Returns the public key - * - * If you do "openssl rsa -in private.rsa -pubout -outform PEM" you get a PKCS8 formatted key - * that contains a publicKeyAlgorithm AlgorithmIdentifier and a publicKey BIT STRING. - * An AlgorithmIdentifier contains an OID and a parameters field. With RSA public keys this - * parameters field is NULL. With DSA PKCS8 public keys it is not - it contains the p, q and g - * variables. The publicKey BIT STRING contains, simply, the y variable. This can be verified - * by getting a DSA PKCS8 public key: - * - * "openssl dsa -in private.dsa -pubout -outform PEM" - * - * ie. just swap out rsa with dsa in the rsa command above. - * - * A PKCS1 public key corresponds to the publicKey portion of the PKCS8 key. In the case of RSA - * the publicKey portion /is/ the key. In the case of DSA it is not. You cannot verify a signature - * without the parameters and the PKCS1 DSA public key format does not include the parameters. - * - * @see self::getPrivateKey() - * @return mixed - */ - public function getPublicKey() - { - $type = self::validatePlugin('Keys', 'PKCS8', 'savePublicKey'); - - if (!isset($this->y)) { - $this->y = $this->g->powMod($this->x, $this->p); - } - - $key = $type::savePublicKey($this->p, $this->q, $this->g, $this->y); - - return DSA::loadFormat('PKCS8', $key) - ->withHash($this->hash->getHash()) - ->withSignatureFormat($this->shortFormat); - } - - /** - * Create a signature - * - * @see self::verify() - * @param string $message - * @return mixed - */ - public function sign($message) - { - $format = $this->sigFormat; - - if (self::$engines['OpenSSL'] && in_array($this->hash->getHash(), openssl_get_md_methods())) { - $signature = ''; - $result = openssl_sign($message, $signature, $this->toString('PKCS8'), $this->hash->getHash()); - - if ($result) { - if ($this->shortFormat == 'ASN1') { - return $signature; - } - - extract(ASN1Signature::load($signature)); - - return $format::save($r, $s); - } - } - - $h = $this->hash->hash($message); - $h = $this->bits2int($h); - - while (true) { - $k = BigInteger::randomRange(self::$one, $this->q->subtract(self::$one)); - $r = $this->g->powMod($k, $this->p); - list(, $r) = $r->divide($this->q); - if ($r->equals(self::$zero)) { - continue; - } - $kinv = $k->modInverse($this->q); - $temp = $h->add($this->x->multiply($r)); - $temp = $kinv->multiply($temp); - list(, $s) = $temp->divide($this->q); - if (!$s->equals(self::$zero)) { - break; - } - } - - // the following is an RFC6979 compliant implementation of deterministic DSA - // it's unused because it's mainly intended for use when a good CSPRNG isn't - // available. if phpseclib's CSPRNG isn't good then even key generation is - // suspect - /* - $h1 = $this->hash->hash($message); - $k = $this->computek($h1); - $r = $this->g->powMod($k, $this->p); - list(, $r) = $r->divide($this->q); - $kinv = $k->modInverse($this->q); - $h1 = $this->bits2int($h1); - $temp = $h1->add($this->x->multiply($r)); - $temp = $kinv->multiply($temp); - list(, $s) = $temp->divide($this->q); - */ - - return $format::save($r, $s); - } - - /** - * Returns the private key - * - * @param string $type - * @param array $options optional - * @return string - */ - public function toString($type, array $options = []) - { - $type = self::validatePlugin('Keys', $type, 'savePrivateKey'); - - if (!isset($this->y)) { - $this->y = $this->g->powMod($this->x, $this->p); - } - - return $type::savePrivateKey($this->p, $this->q, $this->g, $this->y, $this->x, $this->password, $options); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/PublicKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/PublicKey.php deleted file mode 100644 index c14ffbd..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/PublicKey.php +++ /dev/null @@ -1,86 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\DSA; - -use phpseclib3\Crypt\Common; -use phpseclib3\Crypt\DSA; -use phpseclib3\Crypt\DSA\Formats\Signature\ASN1 as ASN1Signature; - -/** - * DSA Public Key - * - * @author Jim Wigginton - */ -final class PublicKey extends DSA implements Common\PublicKey -{ - use Common\Traits\Fingerprint; - - /** - * Verify a signature - * - * @see self::verify() - * @param string $message - * @param string $signature - * @return mixed - */ - public function verify($message, $signature) - { - $format = $this->sigFormat; - - $params = $format::load($signature); - if ($params === false || count($params) != 2) { - return false; - } - extract($params); - - if (self::$engines['OpenSSL'] && in_array($this->hash->getHash(), openssl_get_md_methods())) { - $sig = $format != 'ASN1' ? ASN1Signature::save($r, $s) : $signature; - - $result = openssl_verify($message, $sig, $this->toString('PKCS8'), $this->hash->getHash()); - - if ($result != -1) { - return (bool) $result; - } - } - - $q_1 = $this->q->subtract(self::$one); - if (!$r->between(self::$one, $q_1) || !$s->between(self::$one, $q_1)) { - return false; - } - - $w = $s->modInverse($this->q); - $h = $this->hash->hash($message); - $h = $this->bits2int($h); - list(, $u1) = $h->multiply($w)->divide($this->q); - list(, $u2) = $r->multiply($w)->divide($this->q); - $v1 = $this->g->powMod($u1, $this->p); - $v2 = $this->y->powMod($u2, $this->p); - list(, $v) = $v1->multiply($v2)->divide($this->p); - list(, $v) = $v->divide($this->q); - - return $v->equals($r); - } - - /** - * Returns the public key - * - * @param string $type - * @param array $options optional - * @return string - */ - public function toString($type, array $options = []) - { - $type = self::validatePlugin('Keys', $type, 'savePublicKey'); - - return $type::savePublicKey($this->p, $this->q, $this->g, $this->y, $options); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC.php deleted file mode 100644 index 10b3825..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC.php +++ /dev/null @@ -1,480 +0,0 @@ - - * getPublicKey(); - * - * $plaintext = 'terrafrost'; - * - * $signature = $private->sign($plaintext); - * - * echo $public->verify($plaintext, $signature) ? 'verified' : 'unverified'; - * ?> - * - * - * @author Jim Wigginton - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt; - -use phpseclib3\Crypt\Common\AsymmetricKey; -use phpseclib3\Crypt\EC\BaseCurves\Montgomery as MontgomeryCurve; -use phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards as TwistedEdwardsCurve; -use phpseclib3\Crypt\EC\Curves\Curve25519; -use phpseclib3\Crypt\EC\Curves\Ed25519; -use phpseclib3\Crypt\EC\Curves\Ed448; -use phpseclib3\Crypt\EC\Formats\Keys\PKCS1; -use phpseclib3\Crypt\EC\Parameters; -use phpseclib3\Crypt\EC\PrivateKey; -use phpseclib3\Crypt\EC\PublicKey; -use phpseclib3\Exception\UnsupportedAlgorithmException; -use phpseclib3\Exception\UnsupportedCurveException; -use phpseclib3\Exception\UnsupportedOperationException; -use phpseclib3\File\ASN1; -use phpseclib3\File\ASN1\Maps\ECParameters; -use phpseclib3\Math\BigInteger; - -/** - * Pure-PHP implementation of EC. - * - * @author Jim Wigginton - */ -abstract class EC extends AsymmetricKey -{ - /** - * Algorithm Name - * - * @var string - */ - const ALGORITHM = 'EC'; - - /** - * Public Key QA - * - * @var object[] - */ - protected $QA; - - /** - * Curve - * - * @var \phpseclib3\Crypt\EC\BaseCurves\Base - */ - protected $curve; - - /** - * Signature Format - * - * @var string - */ - protected $format; - - /** - * Signature Format (Short) - * - * @var string - */ - protected $shortFormat; - - /** - * Curve Name - * - * @var string - */ - private $curveName; - - /** - * Curve Order - * - * Used for deterministic ECDSA - * - * @var \phpseclib3\Math\BigInteger - */ - protected $q; - - /** - * Alias for the private key - * - * Used for deterministic ECDSA. AsymmetricKey expects $x. I don't like x because - * with x you have x * the base point yielding an (x, y)-coordinate that is the - * public key. But the x is different depending on which side of the equal sign - * you're on. It's less ambiguous if you do dA * base point = (x, y)-coordinate. - * - * @var \phpseclib3\Math\BigInteger - */ - protected $x; - - /** - * Context - * - * @var string - */ - protected $context; - - /** - * Signature Format - * - * @var string - */ - protected $sigFormat; - - /** - * Create public / private key pair. - * - * @param string $curve - * @return \phpseclib3\Crypt\EC\PrivateKey - */ - public static function createKey($curve) - { - self::initialize_static_variables(); - - $class = new \ReflectionClass(static::class); - if ($class->isFinal()) { - throw new \RuntimeException('createKey() should not be called from final classes (' . static::class . ')'); - } - - if (!isset(self::$engines['PHP'])) { - self::useBestEngine(); - } - - $curve = strtolower($curve); - if (self::$engines['libsodium'] && $curve == 'ed25519' && function_exists('sodium_crypto_sign_keypair')) { - $kp = sodium_crypto_sign_keypair(); - - $privatekey = EC::loadFormat('libsodium', sodium_crypto_sign_secretkey($kp)); - //$publickey = EC::loadFormat('libsodium', sodium_crypto_sign_publickey($kp)); - - $privatekey->curveName = 'Ed25519'; - //$publickey->curveName = $curve; - - return $privatekey; - } - - $privatekey = new PrivateKey(); - - $curveName = $curve; - if (preg_match('#(?:^curve|^ed)\d+$#', $curveName)) { - $curveName = ucfirst($curveName); - } elseif (substr($curveName, 0, 10) == 'brainpoolp') { - $curveName = 'brainpoolP' . substr($curveName, 10); - } - $curve = '\phpseclib3\Crypt\EC\Curves\\' . $curveName; - - if (!class_exists($curve)) { - throw new UnsupportedCurveException('Named Curve of ' . $curveName . ' is not supported'); - } - - $reflect = new \ReflectionClass($curve); - $curveName = $reflect->isFinal() ? - $reflect->getParentClass()->getShortName() : - $reflect->getShortName(); - - $curve = new $curve(); - if ($curve instanceof TwistedEdwardsCurve) { - $arr = $curve->extractSecret(Random::string($curve instanceof Ed448 ? 57 : 32)); - $privatekey->dA = $dA = $arr['dA']; - $privatekey->secret = $arr['secret']; - } else { - $privatekey->dA = $dA = $curve->createRandomMultiplier(); - } - if ($curve instanceof Curve25519 && self::$engines['libsodium']) { - //$r = pack('H*', '0900000000000000000000000000000000000000000000000000000000000000'); - //$QA = sodium_crypto_scalarmult($dA->toBytes(), $r); - $QA = sodium_crypto_box_publickey_from_secretkey($dA->toBytes()); - $privatekey->QA = [$curve->convertInteger(new BigInteger(strrev($QA), 256))]; - } else { - $privatekey->QA = $curve->multiplyPoint($curve->getBasePoint(), $dA); - } - $privatekey->curve = $curve; - - //$publickey = clone $privatekey; - //unset($publickey->dA); - //unset($publickey->x); - - $privatekey->curveName = $curveName; - //$publickey->curveName = $curveName; - - if ($privatekey->curve instanceof TwistedEdwardsCurve) { - return $privatekey->withHash($curve::HASH); - } - - return $privatekey; - } - - /** - * OnLoad Handler - * - * @return bool - */ - protected static function onLoad(array $components) - { - if (!isset(self::$engines['PHP'])) { - self::useBestEngine(); - } - - if (!isset($components['dA']) && !isset($components['QA'])) { - $new = new Parameters(); - $new->curve = $components['curve']; - return $new; - } - - $new = isset($components['dA']) ? - new PrivateKey() : - new PublicKey(); - $new->curve = $components['curve']; - $new->QA = $components['QA']; - - if (isset($components['dA'])) { - $new->dA = $components['dA']; - $new->secret = $components['secret']; - } - - if ($new->curve instanceof TwistedEdwardsCurve) { - return $new->withHash($components['curve']::HASH); - } - - return $new; - } - - /** - * Constructor - * - * PublicKey and PrivateKey objects can only be created from abstract RSA class - */ - protected function __construct() - { - $this->sigFormat = self::validatePlugin('Signature', 'ASN1'); - $this->shortFormat = 'ASN1'; - - parent::__construct(); - } - - /** - * Returns the curve - * - * Returns a string if it's a named curve, an array if not - * - * @return string|array - */ - public function getCurve() - { - if ($this->curveName) { - return $this->curveName; - } - - if ($this->curve instanceof MontgomeryCurve) { - $this->curveName = $this->curve instanceof Curve25519 ? 'Curve25519' : 'Curve448'; - return $this->curveName; - } - - if ($this->curve instanceof TwistedEdwardsCurve) { - $this->curveName = $this->curve instanceof Ed25519 ? 'Ed25519' : 'Ed448'; - return $this->curveName; - } - - $params = $this->getParameters()->toString('PKCS8', ['namedCurve' => true]); - $decoded = ASN1::extractBER($params); - $decoded = ASN1::decodeBER($decoded); - $decoded = ASN1::asn1map($decoded[0], ECParameters::MAP); - if (isset($decoded['namedCurve'])) { - $this->curveName = $decoded['namedCurve']; - return $decoded['namedCurve']; - } - - if (!$namedCurves) { - PKCS1::useSpecifiedCurve(); - } - - return $decoded; - } - - /** - * Returns the key size - * - * Quoting https://tools.ietf.org/html/rfc5656#section-2, - * - * "The size of a set of elliptic curve domain parameters on a prime - * curve is defined as the number of bits in the binary representation - * of the field order, commonly denoted by p. Size on a - * characteristic-2 curve is defined as the number of bits in the binary - * representation of the field, commonly denoted by m. A set of - * elliptic curve domain parameters defines a group of order n generated - * by a base point P" - * - * @return int - */ - public function getLength() - { - return $this->curve->getLength(); - } - - /** - * Returns the current engine being used - * - * @see self::useInternalEngine() - * @see self::useBestEngine() - * @return string - */ - public function getEngine() - { - if (!isset(self::$engines['PHP'])) { - self::useBestEngine(); - } - if ($this->curve instanceof TwistedEdwardsCurve) { - return $this->curve instanceof Ed25519 && self::$engines['libsodium'] && !isset($this->context) ? - 'libsodium' : 'PHP'; - } - - return self::$engines['OpenSSL'] && in_array($this->hash->getHash(), openssl_get_md_methods()) ? - 'OpenSSL' : 'PHP'; - } - - /** - * Returns the public key coordinates as a string - * - * Used by ECDH - * - * @return string - */ - public function getEncodedCoordinates() - { - if ($this->curve instanceof MontgomeryCurve) { - return strrev($this->QA[0]->toBytes(true)); - } - if ($this->curve instanceof TwistedEdwardsCurve) { - return $this->curve->encodePoint($this->QA); - } - return "\4" . $this->QA[0]->toBytes(true) . $this->QA[1]->toBytes(true); - } - - /** - * Returns the parameters - * - * @see self::getPublicKey() - * @param string $type optional - * @return mixed - */ - public function getParameters($type = 'PKCS1') - { - $type = self::validatePlugin('Keys', $type, 'saveParameters'); - - $key = $type::saveParameters($this->curve); - - return EC::load($key, 'PKCS1') - ->withHash($this->hash->getHash()) - ->withSignatureFormat($this->shortFormat); - } - - /** - * Determines the signature padding mode - * - * Valid values are: ASN1, SSH2, Raw - * - * @param string $format - */ - public function withSignatureFormat($format) - { - if ($this->curve instanceof MontgomeryCurve) { - throw new UnsupportedOperationException('Montgomery Curves cannot be used to create signatures'); - } - - $new = clone $this; - $new->shortFormat = $format; - $new->sigFormat = self::validatePlugin('Signature', $format); - return $new; - } - - /** - * Returns the signature format currently being used - * - */ - public function getSignatureFormat() - { - return $this->shortFormat; - } - - /** - * Sets the context - * - * Used by Ed25519 / Ed448. - * - * @see self::sign() - * @see self::verify() - * @param string $context optional - */ - public function withContext($context = null) - { - if (!$this->curve instanceof TwistedEdwardsCurve) { - throw new UnsupportedCurveException('Only Ed25519 and Ed448 support contexts'); - } - - $new = clone $this; - if (!isset($context)) { - $new->context = null; - return $new; - } - if (!is_string($context)) { - throw new \InvalidArgumentException('setContext expects a string'); - } - if (strlen($context) > 255) { - throw new \LengthException('The context is supposed to be, at most, 255 bytes long'); - } - $new->context = $context; - return $new; - } - - /** - * Returns the signature format currently being used - * - */ - public function getContext() - { - return $this->context; - } - - /** - * Determines which hashing function should be used - * - * @param string $hash - */ - public function withHash($hash) - { - if ($this->curve instanceof MontgomeryCurve) { - throw new UnsupportedOperationException('Montgomery Curves cannot be used to create signatures'); - } - if ($this->curve instanceof Ed25519 && $hash != 'sha512') { - throw new UnsupportedAlgorithmException('Ed25519 only supports sha512 as a hash'); - } - if ($this->curve instanceof Ed448 && $hash != 'shake256-912') { - throw new UnsupportedAlgorithmException('Ed448 only supports shake256 with a length of 114 bytes'); - } - - return parent::withHash($hash); - } - - /** - * __toString() magic method - * - * @return string - */ - public function __toString() - { - if ($this->curve instanceof MontgomeryCurve) { - return ''; - } - - return parent::__toString(); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Base.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Base.php deleted file mode 100644 index dbc914b..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Base.php +++ /dev/null @@ -1,218 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\BaseCurves; - -use phpseclib3\Math\BigInteger; - -/** - * Base - * - * @author Jim Wigginton - */ -abstract class Base -{ - /** - * The Order - * - * @var BigInteger - */ - protected $order; - - /** - * Finite Field Integer factory - * - * @var \phpseclib3\Math\FiniteField\Integer - */ - protected $factory; - - /** - * Returns a random integer - * - * @return object - */ - public function randomInteger() - { - return $this->factory->randomInteger(); - } - - /** - * Converts a BigInteger to a \phpseclib3\Math\FiniteField\Integer integer - * - * @return object - */ - public function convertInteger(BigInteger $x) - { - return $this->factory->newInteger($x); - } - - /** - * Returns the length, in bytes, of the modulo - * - * @return integer - */ - public function getLengthInBytes() - { - return $this->factory->getLengthInBytes(); - } - - /** - * Returns the length, in bits, of the modulo - * - * @return integer - */ - public function getLength() - { - return $this->factory->getLength(); - } - - /** - * Multiply a point on the curve by a scalar - * - * Uses the montgomery ladder technique as described here: - * - * https://en.wikipedia.org/wiki/Elliptic_curve_point_multiplication#Montgomery_ladder - * https://github.com/phpecc/phpecc/issues/16#issuecomment-59176772 - * - * @return array - */ - public function multiplyPoint(array $p, BigInteger $d) - { - $alreadyInternal = isset($p[2]); - $r = $alreadyInternal ? - [[], $p] : - [[], $this->convertToInternal($p)]; - - $d = $d->toBits(); - for ($i = 0; $i < strlen($d); $i++) { - $d_i = (int) $d[$i]; - $r[1 - $d_i] = $this->addPoint($r[0], $r[1]); - $r[$d_i] = $this->doublePoint($r[$d_i]); - } - - return $alreadyInternal ? $r[0] : $this->convertToAffine($r[0]); - } - - /** - * Creates a random scalar multiplier - * - * @return BigInteger - */ - public function createRandomMultiplier() - { - static $one; - if (!isset($one)) { - $one = new BigInteger(1); - } - - return BigInteger::randomRange($one, $this->order->subtract($one)); - } - - /** - * Performs range check - */ - public function rangeCheck(BigInteger $x) - { - static $zero; - if (!isset($zero)) { - $zero = new BigInteger(); - } - - if (!isset($this->order)) { - throw new \RuntimeException('setOrder needs to be called before this method'); - } - if ($x->compare($this->order) > 0 || $x->compare($zero) <= 0) { - throw new \RangeException('x must be between 1 and the order of the curve'); - } - } - - /** - * Sets the Order - */ - public function setOrder(BigInteger $order) - { - $this->order = $order; - } - - /** - * Returns the Order - * - * @return \phpseclib3\Math\BigInteger - */ - public function getOrder() - { - return $this->order; - } - - /** - * Use a custom defined modular reduction function - * - * @return object - */ - public function setReduction(callable $func) - { - $this->factory->setReduction($func); - } - - /** - * Returns the affine point - * - * @return object[] - */ - public function convertToAffine(array $p) - { - return $p; - } - - /** - * Converts an affine point to a jacobian coordinate - * - * @return object[] - */ - public function convertToInternal(array $p) - { - return $p; - } - - /** - * Negates a point - * - * @return object[] - */ - public function negatePoint(array $p) - { - $temp = [ - $p[0], - $p[1]->negate() - ]; - if (isset($p[2])) { - $temp[] = $p[2]; - } - return $temp; - } - - /** - * Multiply and Add Points - * - * @return int[] - */ - public function multiplyAddPoints(array $points, array $scalars) - { - $p1 = $this->convertToInternal($points[0]); - $p2 = $this->convertToInternal($points[1]); - $p1 = $this->multiplyPoint($p1, $scalars[0]); - $p2 = $this->multiplyPoint($p2, $scalars[1]); - $r = $this->addPoint($p1, $p2); - return $this->convertToAffine($r); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Binary.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Binary.php deleted file mode 100644 index 4fc6c70..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Binary.php +++ /dev/null @@ -1,373 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\BaseCurves; - -use phpseclib3\Math\BigInteger; -use phpseclib3\Math\BinaryField; -use phpseclib3\Math\BinaryField\Integer as BinaryInteger; - -/** - * Curves over y^2 + x*y = x^3 + a*x^2 + b - * - * @author Jim Wigginton - */ -class Binary extends Base -{ - /** - * Binary Field Integer factory - * - * @var \phpseclib3\Math\BinaryField - */ - protected $factory; - - /** - * Cofficient for x^1 - * - * @var object - */ - protected $a; - - /** - * Cofficient for x^0 - * - * @var object - */ - protected $b; - - /** - * Base Point - * - * @var object - */ - protected $p; - - /** - * The number one over the specified finite field - * - * @var object - */ - protected $one; - - /** - * The modulo - * - * @var BigInteger - */ - protected $modulo; - - /** - * The Order - * - * @var BigInteger - */ - protected $order; - - /** - * Sets the modulo - */ - public function setModulo(...$modulo) - { - $this->modulo = $modulo; - $this->factory = new BinaryField(...$modulo); - - $this->one = $this->factory->newInteger("\1"); - } - - /** - * Set coefficients a and b - * - * @param string $a - * @param string $b - */ - public function setCoefficients($a, $b) - { - if (!isset($this->factory)) { - throw new \RuntimeException('setModulo needs to be called before this method'); - } - $this->a = $this->factory->newInteger(pack('H*', $a)); - $this->b = $this->factory->newInteger(pack('H*', $b)); - } - - /** - * Set x and y coordinates for the base point - * - * @param string|BinaryInteger $x - * @param string|BinaryInteger $y - */ - public function setBasePoint($x, $y) - { - switch (true) { - case !is_string($x) && !$x instanceof BinaryInteger: - throw new \UnexpectedValueException('Argument 1 passed to Binary::setBasePoint() must be a string or an instance of BinaryField\Integer'); - case !is_string($y) && !$y instanceof BinaryInteger: - throw new \UnexpectedValueException('Argument 2 passed to Binary::setBasePoint() must be a string or an instance of BinaryField\Integer'); - } - if (!isset($this->factory)) { - throw new \RuntimeException('setModulo needs to be called before this method'); - } - $this->p = [ - is_string($x) ? $this->factory->newInteger(pack('H*', $x)) : $x, - is_string($y) ? $this->factory->newInteger(pack('H*', $y)) : $y - ]; - } - - /** - * Retrieve the base point as an array - * - * @return array - */ - public function getBasePoint() - { - if (!isset($this->factory)) { - throw new \RuntimeException('setModulo needs to be called before this method'); - } - /* - if (!isset($this->p)) { - throw new \RuntimeException('setBasePoint needs to be called before this method'); - } - */ - return $this->p; - } - - /** - * Adds two points on the curve - * - * @return FiniteField[] - */ - public function addPoint(array $p, array $q) - { - if (!isset($this->factory)) { - throw new \RuntimeException('setModulo needs to be called before this method'); - } - - if (!count($p) || !count($q)) { - if (count($q)) { - return $q; - } - if (count($p)) { - return $p; - } - return []; - } - - if (!isset($p[2]) || !isset($q[2])) { - throw new \RuntimeException('Affine coordinates need to be manually converted to "Jacobi" coordinates or vice versa'); - } - - if ($p[0]->equals($q[0])) { - return !$p[1]->equals($q[1]) ? [] : $this->doublePoint($p); - } - - // formulas from http://hyperelliptic.org/EFD/g12o/auto-shortw-jacobian.html - - list($x1, $y1, $z1) = $p; - list($x2, $y2, $z2) = $q; - - $o1 = $z1->multiply($z1); - $b = $x2->multiply($o1); - - if ($z2->equals($this->one)) { - $d = $y2->multiply($o1)->multiply($z1); - $e = $x1->add($b); - $f = $y1->add($d); - $z3 = $e->multiply($z1); - $h = $f->multiply($x2)->add($z3->multiply($y2)); - $i = $f->add($z3); - $g = $z3->multiply($z3); - $p1 = $this->a->multiply($g); - $p2 = $f->multiply($i); - $p3 = $e->multiply($e)->multiply($e); - $x3 = $p1->add($p2)->add($p3); - $y3 = $i->multiply($x3)->add($g->multiply($h)); - - return [$x3, $y3, $z3]; - } - - $o2 = $z2->multiply($z2); - $a = $x1->multiply($o2); - $c = $y1->multiply($o2)->multiply($z2); - $d = $y2->multiply($o1)->multiply($z1); - $e = $a->add($b); - $f = $c->add($d); - $g = $e->multiply($z1); - $h = $f->multiply($x2)->add($g->multiply($y2)); - $z3 = $g->multiply($z2); - $i = $f->add($z3); - $p1 = $this->a->multiply($z3->multiply($z3)); - $p2 = $f->multiply($i); - $p3 = $e->multiply($e)->multiply($e); - $x3 = $p1->add($p2)->add($p3); - $y3 = $i->multiply($x3)->add($g->multiply($g)->multiply($h)); - - return [$x3, $y3, $z3]; - } - - /** - * Doubles a point on a curve - * - * @return FiniteField[] - */ - public function doublePoint(array $p) - { - if (!isset($this->factory)) { - throw new \RuntimeException('setModulo needs to be called before this method'); - } - - if (!count($p)) { - return []; - } - - if (!isset($p[2])) { - throw new \RuntimeException('Affine coordinates need to be manually converted to "Jacobi" coordinates or vice versa'); - } - - // formulas from http://hyperelliptic.org/EFD/g12o/auto-shortw-jacobian.html - - list($x1, $y1, $z1) = $p; - - $a = $x1->multiply($x1); - $b = $a->multiply($a); - - if ($z1->equals($this->one)) { - $x3 = $b->add($this->b); - $z3 = clone $x1; - $p1 = $a->add($y1)->add($z3)->multiply($this->b); - $p2 = $a->add($y1)->multiply($b); - $y3 = $p1->add($p2); - - return [$x3, $y3, $z3]; - } - - $c = $z1->multiply($z1); - $d = $c->multiply($c); - $x3 = $b->add($this->b->multiply($d->multiply($d))); - $z3 = $x1->multiply($c); - $p1 = $b->multiply($z3); - $p2 = $a->add($y1->multiply($z1))->add($z3)->multiply($x3); - $y3 = $p1->add($p2); - - return [$x3, $y3, $z3]; - } - - /** - * Returns the X coordinate and the derived Y coordinate - * - * Not supported because it is covered by patents. - * Quoting https://www.openssl.org/docs/man1.1.0/apps/ecparam.html , - * - * "Due to patent issues the compressed option is disabled by default for binary curves - * and can be enabled by defining the preprocessor macro OPENSSL_EC_BIN_PT_COMP at - * compile time." - * - * @return array - */ - public function derivePoint($m) - { - throw new \RuntimeException('Point compression on binary finite field elliptic curves is not supported'); - } - - /** - * Tests whether or not the x / y values satisfy the equation - * - * @return boolean - */ - public function verifyPoint(array $p) - { - list($x, $y) = $p; - $lhs = $y->multiply($y); - $lhs = $lhs->add($x->multiply($y)); - $x2 = $x->multiply($x); - $x3 = $x2->multiply($x); - $rhs = $x3->add($this->a->multiply($x2))->add($this->b); - - return $lhs->equals($rhs); - } - - /** - * Returns the modulo - * - * @return \phpseclib3\Math\BigInteger - */ - public function getModulo() - { - return $this->modulo; - } - - /** - * Returns the a coefficient - * - * @return \phpseclib3\Math\PrimeField\Integer - */ - public function getA() - { - return $this->a; - } - - /** - * Returns the a coefficient - * - * @return \phpseclib3\Math\PrimeField\Integer - */ - public function getB() - { - return $this->b; - } - - /** - * Returns the affine point - * - * A Jacobian Coordinate is of the form (x, y, z). - * To convert a Jacobian Coordinate to an Affine Point - * you do (x / z^2, y / z^3) - * - * @return \phpseclib3\Math\PrimeField\Integer[] - */ - public function convertToAffine(array $p) - { - if (!isset($p[2])) { - return $p; - } - list($x, $y, $z) = $p; - $z = $this->one->divide($z); - $z2 = $z->multiply($z); - return [ - $x->multiply($z2), - $y->multiply($z2)->multiply($z) - ]; - } - - /** - * Converts an affine point to a jacobian coordinate - * - * @return \phpseclib3\Math\PrimeField\Integer[] - */ - public function convertToInternal(array $p) - { - if (isset($p[2])) { - return $p; - } - - $p[2] = clone $this->one; - $p['fresh'] = true; - return $p; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/KoblitzPrime.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/KoblitzPrime.php deleted file mode 100644 index d8492eb..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/KoblitzPrime.php +++ /dev/null @@ -1,335 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\BaseCurves; - -use phpseclib3\Math\BigInteger; -use phpseclib3\Math\PrimeField; - -/** - * Curves over y^2 = x^3 + b - * - * @author Jim Wigginton - */ -class KoblitzPrime extends Prime -{ - /** - * Basis - * - * @var list - */ - protected $basis; - - /** - * Beta - * - * @var PrimeField\Integer - */ - protected $beta; - - // don't overwrite setCoefficients() with one that only accepts one parameter so that - // one might be able to switch between KoblitzPrime and Prime more easily (for benchmarking - // purposes). - - /** - * Multiply and Add Points - * - * Uses a efficiently computable endomorphism to achieve a slight speedup - * - * Adapted from: - * https://github.com/indutny/elliptic/blob/725bd91/lib/elliptic/curve/short.js#L219 - * - * @return int[] - */ - public function multiplyAddPoints(array $points, array $scalars) - { - static $zero, $one, $two; - if (!isset($two)) { - $two = new BigInteger(2); - $one = new BigInteger(1); - } - - if (!isset($this->beta)) { - // get roots - $inv = $this->one->divide($this->two)->negate(); - $s = $this->three->negate()->squareRoot()->multiply($inv); - $betas = [ - $inv->add($s), - $inv->subtract($s) - ]; - $this->beta = $betas[0]->compare($betas[1]) < 0 ? $betas[0] : $betas[1]; - //echo strtoupper($this->beta->toHex(true)) . "\n"; exit; - } - - if (!isset($this->basis)) { - $factory = new PrimeField($this->order); - $tempOne = $factory->newInteger($one); - $tempTwo = $factory->newInteger($two); - $tempThree = $factory->newInteger(new BigInteger(3)); - - $inv = $tempOne->divide($tempTwo)->negate(); - $s = $tempThree->negate()->squareRoot()->multiply($inv); - - $lambdas = [ - $inv->add($s), - $inv->subtract($s) - ]; - - $lhs = $this->multiplyPoint($this->p, $lambdas[0])[0]; - $rhs = $this->p[0]->multiply($this->beta); - $lambda = $lhs->equals($rhs) ? $lambdas[0] : $lambdas[1]; - - $this->basis = static::extendedGCD($lambda->toBigInteger(), $this->order); - ///* - foreach ($this->basis as $basis) { - echo strtoupper($basis['a']->toHex(true)) . "\n"; - echo strtoupper($basis['b']->toHex(true)) . "\n\n"; - } - exit; - //*/ - } - - $npoints = $nscalars = []; - for ($i = 0; $i < count($points); $i++) { - $p = $points[$i]; - $k = $scalars[$i]->toBigInteger(); - - // begin split - list($v1, $v2) = $this->basis; - - $c1 = $v2['b']->multiply($k); - list($c1, $r) = $c1->divide($this->order); - if ($this->order->compare($r->multiply($two)) <= 0) { - $c1 = $c1->add($one); - } - - $c2 = $v1['b']->negate()->multiply($k); - list($c2, $r) = $c2->divide($this->order); - if ($this->order->compare($r->multiply($two)) <= 0) { - $c2 = $c2->add($one); - } - - $p1 = $c1->multiply($v1['a']); - $p2 = $c2->multiply($v2['a']); - $q1 = $c1->multiply($v1['b']); - $q2 = $c2->multiply($v2['b']); - - $k1 = $k->subtract($p1)->subtract($p2); - $k2 = $q1->add($q2)->negate(); - // end split - - $beta = [ - $p[0]->multiply($this->beta), - $p[1], - clone $this->one - ]; - - if (isset($p['naf'])) { - $beta['naf'] = array_map(function ($p) { - return [ - $p[0]->multiply($this->beta), - $p[1], - clone $this->one - ]; - }, $p['naf']); - $beta['nafwidth'] = $p['nafwidth']; - } - - if ($k1->isNegative()) { - $k1 = $k1->negate(); - $p = $this->negatePoint($p); - } - - if ($k2->isNegative()) { - $k2 = $k2->negate(); - $beta = $this->negatePoint($beta); - } - - $pos = 2 * $i; - $npoints[$pos] = $p; - $nscalars[$pos] = $this->factory->newInteger($k1); - - $pos++; - $npoints[$pos] = $beta; - $nscalars[$pos] = $this->factory->newInteger($k2); - } - - return parent::multiplyAddPoints($npoints, $nscalars); - } - - /** - * Returns the numerator and denominator of the slope - * - * @return FiniteField[] - */ - protected function doublePointHelper(array $p) - { - $numerator = $this->three->multiply($p[0])->multiply($p[0]); - $denominator = $this->two->multiply($p[1]); - return [$numerator, $denominator]; - } - - /** - * Doubles a jacobian coordinate on the curve - * - * See http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html#doubling-dbl-2009-l - * - * @return FiniteField[] - */ - protected function jacobianDoublePoint(array $p) - { - list($x1, $y1, $z1) = $p; - $a = $x1->multiply($x1); - $b = $y1->multiply($y1); - $c = $b->multiply($b); - $d = $x1->add($b); - $d = $d->multiply($d)->subtract($a)->subtract($c)->multiply($this->two); - $e = $this->three->multiply($a); - $f = $e->multiply($e); - $x3 = $f->subtract($this->two->multiply($d)); - $y3 = $e->multiply($d->subtract($x3))->subtract( - $this->eight->multiply($c) - ); - $z3 = $this->two->multiply($y1)->multiply($z1); - return [$x3, $y3, $z3]; - } - - /** - * Doubles a "fresh" jacobian coordinate on the curve - * - * See http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html#doubling-mdbl-2007-bl - * - * @return FiniteField[] - */ - protected function jacobianDoublePointMixed(array $p) - { - list($x1, $y1) = $p; - $xx = $x1->multiply($x1); - $yy = $y1->multiply($y1); - $yyyy = $yy->multiply($yy); - $s = $x1->add($yy); - $s = $s->multiply($s)->subtract($xx)->subtract($yyyy)->multiply($this->two); - $m = $this->three->multiply($xx); - $t = $m->multiply($m)->subtract($this->two->multiply($s)); - $x3 = $t; - $y3 = $s->subtract($t); - $y3 = $m->multiply($y3)->subtract($this->eight->multiply($yyyy)); - $z3 = $this->two->multiply($y1); - return [$x3, $y3, $z3]; - } - - /** - * Tests whether or not the x / y values satisfy the equation - * - * @return boolean - */ - public function verifyPoint(array $p) - { - list($x, $y) = $p; - $lhs = $y->multiply($y); - $temp = $x->multiply($x)->multiply($x); - $rhs = $temp->add($this->b); - - return $lhs->equals($rhs); - } - - /** - * Calculates the parameters needed from the Euclidean algorithm as discussed at - * http://diamond.boisestate.edu/~liljanab/MATH308/GuideToECC.pdf#page=148 - * - * @param BigInteger $u - * @param BigInteger $v - * @return BigInteger[] - */ - protected static function extendedGCD(BigInteger $u, BigInteger $v) - { - $one = new BigInteger(1); - $zero = new BigInteger(); - - $a = clone $one; - $b = clone $zero; - $c = clone $zero; - $d = clone $one; - - $stop = $v->bitwise_rightShift($v->getLength() >> 1); - - $a1 = clone $zero; - $b1 = clone $zero; - $a2 = clone $zero; - $b2 = clone $zero; - - $postGreatestIndex = 0; - - while (!$v->equals($zero)) { - list($q) = $u->divide($v); - - $temp = $u; - $u = $v; - $v = $temp->subtract($v->multiply($q)); - - $temp = $a; - $a = $c; - $c = $temp->subtract($a->multiply($q)); - - $temp = $b; - $b = $d; - $d = $temp->subtract($b->multiply($q)); - - if ($v->compare($stop) > 0) { - $a0 = $v; - $b0 = $c; - } else { - $postGreatestIndex++; - } - - if ($postGreatestIndex == 1) { - $a1 = $v; - $b1 = $c->negate(); - } - - if ($postGreatestIndex == 2) { - $rhs = $a0->multiply($a0)->add($b0->multiply($b0)); - $lhs = $v->multiply($v)->add($b->multiply($b)); - if ($lhs->compare($rhs) <= 0) { - $a2 = $a0; - $b2 = $b0->negate(); - } else { - $a2 = $v; - $b2 = $c->negate(); - } - - break; - } - } - - return [ - ['a' => $a1, 'b' => $b1], - ['a' => $a2, 'b' => $b2] - ]; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Montgomery.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Montgomery.php deleted file mode 100644 index e3fa50b..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Montgomery.php +++ /dev/null @@ -1,279 +0,0 @@ - - * @copyright 2019 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\BaseCurves; - -use phpseclib3\Crypt\EC\Curves\Curve25519; -use phpseclib3\Math\BigInteger; -use phpseclib3\Math\PrimeField; -use phpseclib3\Math\PrimeField\Integer as PrimeInteger; - -/** - * Curves over y^2 = x^3 + a*x + x - * - * @author Jim Wigginton - */ -class Montgomery extends Base -{ - /** - * Prime Field Integer factory - * - * @var \phpseclib3\Math\PrimeField - */ - protected $factory; - - /** - * Cofficient for x - * - * @var object - */ - protected $a; - - /** - * Constant used for point doubling - * - * @var object - */ - protected $a24; - - /** - * The Number Zero - * - * @var object - */ - protected $zero; - - /** - * The Number One - * - * @var object - */ - protected $one; - - /** - * Base Point - * - * @var object - */ - protected $p; - - /** - * The modulo - * - * @var BigInteger - */ - protected $modulo; - - /** - * The Order - * - * @var BigInteger - */ - protected $order; - - /** - * Sets the modulo - */ - public function setModulo(BigInteger $modulo) - { - $this->modulo = $modulo; - $this->factory = new PrimeField($modulo); - $this->zero = $this->factory->newInteger(new BigInteger()); - $this->one = $this->factory->newInteger(new BigInteger(1)); - } - - /** - * Set coefficients a - */ - public function setCoefficients(BigInteger $a) - { - if (!isset($this->factory)) { - throw new \RuntimeException('setModulo needs to be called before this method'); - } - $this->a = $this->factory->newInteger($a); - $two = $this->factory->newInteger(new BigInteger(2)); - $four = $this->factory->newInteger(new BigInteger(4)); - $this->a24 = $this->a->subtract($two)->divide($four); - } - - /** - * Set x and y coordinates for the base point - * - * @param BigInteger|PrimeInteger $x - * @param BigInteger|PrimeInteger $y - * @return PrimeInteger[] - */ - public function setBasePoint($x, $y) - { - switch (true) { - case !$x instanceof BigInteger && !$x instanceof PrimeInteger: - throw new \UnexpectedValueException('Argument 1 passed to Prime::setBasePoint() must be an instance of either BigInteger or PrimeField\Integer'); - case !$y instanceof BigInteger && !$y instanceof PrimeInteger: - throw new \UnexpectedValueException('Argument 2 passed to Prime::setBasePoint() must be an instance of either BigInteger or PrimeField\Integer'); - } - if (!isset($this->factory)) { - throw new \RuntimeException('setModulo needs to be called before this method'); - } - $this->p = [ - $x instanceof BigInteger ? $this->factory->newInteger($x) : $x, - $y instanceof BigInteger ? $this->factory->newInteger($y) : $y - ]; - } - - /** - * Retrieve the base point as an array - * - * @return array - */ - public function getBasePoint() - { - if (!isset($this->factory)) { - throw new \RuntimeException('setModulo needs to be called before this method'); - } - /* - if (!isset($this->p)) { - throw new \RuntimeException('setBasePoint needs to be called before this method'); - } - */ - return $this->p; - } - - /** - * Doubles and adds a point on a curve - * - * See https://tools.ietf.org/html/draft-ietf-tls-curve25519-01#appendix-A.1.3 - * - * @return FiniteField[][] - */ - private function doubleAndAddPoint(array $p, array $q, PrimeInteger $x1) - { - if (!isset($this->factory)) { - throw new \RuntimeException('setModulo needs to be called before this method'); - } - - if (!count($p) || !count($q)) { - return []; - } - - if (!isset($p[1])) { - throw new \RuntimeException('Affine coordinates need to be manually converted to XZ coordinates'); - } - - list($x2, $z2) = $p; - list($x3, $z3) = $q; - - $a = $x2->add($z2); - $aa = $a->multiply($a); - $b = $x2->subtract($z2); - $bb = $b->multiply($b); - $e = $aa->subtract($bb); - $c = $x3->add($z3); - $d = $x3->subtract($z3); - $da = $d->multiply($a); - $cb = $c->multiply($b); - $temp = $da->add($cb); - $x5 = $temp->multiply($temp); - $temp = $da->subtract($cb); - $z5 = $x1->multiply($temp->multiply($temp)); - $x4 = $aa->multiply($bb); - $temp = static::class == Curve25519::class ? $bb : $aa; - $z4 = $e->multiply($temp->add($this->a24->multiply($e))); - - return [ - [$x4, $z4], - [$x5, $z5] - ]; - } - - /** - * Multiply a point on the curve by a scalar - * - * Uses the montgomery ladder technique as described here: - * - * https://en.wikipedia.org/wiki/Elliptic_curve_point_multiplication#Montgomery_ladder - * https://github.com/phpecc/phpecc/issues/16#issuecomment-59176772 - * - * @return array - */ - public function multiplyPoint(array $p, BigInteger $d) - { - $p1 = [$this->one, $this->zero]; - $alreadyInternal = isset($x[1]); - $p2 = $this->convertToInternal($p); - $x = $p[0]; - - $b = $d->toBits(); - $b = str_pad($b, 256, '0', STR_PAD_LEFT); - for ($i = 0; $i < strlen($b); $i++) { - $b_i = (int) $b[$i]; - if ($b_i) { - list($p2, $p1) = $this->doubleAndAddPoint($p2, $p1, $x); - } else { - list($p1, $p2) = $this->doubleAndAddPoint($p1, $p2, $x); - } - } - - return $alreadyInternal ? $p1 : $this->convertToAffine($p1); - } - - /** - * Converts an affine point to an XZ coordinate - * - * From https://hyperelliptic.org/EFD/g1p/auto-montgom-xz.html - * - * XZ coordinates represent x y as X Z satsfying the following equations: - * - * x=X/Z - * - * @return \phpseclib3\Math\PrimeField\Integer[] - */ - public function convertToInternal(array $p) - { - if (empty($p)) { - return [clone $this->zero, clone $this->one]; - } - - if (isset($p[1])) { - return $p; - } - - $p[1] = clone $this->one; - - return $p; - } - - /** - * Returns the affine point - * - * @return \phpseclib3\Math\PrimeField\Integer[] - */ - public function convertToAffine(array $p) - { - if (!isset($p[1])) { - return $p; - } - list($x, $z) = $p; - return [$x->divide($z)]; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Prime.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Prime.php deleted file mode 100644 index 6250dfb..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Prime.php +++ /dev/null @@ -1,785 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\BaseCurves; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Math\BigInteger; -use phpseclib3\Math\Common\FiniteField\Integer; -use phpseclib3\Math\PrimeField; -use phpseclib3\Math\PrimeField\Integer as PrimeInteger; - -/** - * Curves over y^2 = x^3 + a*x + b - * - * @author Jim Wigginton - */ -class Prime extends Base -{ - /** - * Prime Field Integer factory - * - * @var \phpseclib3\Math\PrimeFields - */ - protected $factory; - - /** - * Cofficient for x^1 - * - * @var object - */ - protected $a; - - /** - * Cofficient for x^0 - * - * @var object - */ - protected $b; - - /** - * Base Point - * - * @var object - */ - protected $p; - - /** - * The number one over the specified finite field - * - * @var object - */ - protected $one; - - /** - * The number two over the specified finite field - * - * @var object - */ - protected $two; - - /** - * The number three over the specified finite field - * - * @var object - */ - protected $three; - - /** - * The number four over the specified finite field - * - * @var object - */ - protected $four; - - /** - * The number eight over the specified finite field - * - * @var object - */ - protected $eight; - - /** - * The modulo - * - * @var BigInteger - */ - protected $modulo; - - /** - * The Order - * - * @var BigInteger - */ - protected $order; - - /** - * Sets the modulo - */ - public function setModulo(BigInteger $modulo) - { - $this->modulo = $modulo; - $this->factory = new PrimeField($modulo); - $this->two = $this->factory->newInteger(new BigInteger(2)); - $this->three = $this->factory->newInteger(new BigInteger(3)); - // used by jacobian coordinates - $this->one = $this->factory->newInteger(new BigInteger(1)); - $this->four = $this->factory->newInteger(new BigInteger(4)); - $this->eight = $this->factory->newInteger(new BigInteger(8)); - } - - /** - * Set coefficients a and b - */ - public function setCoefficients(BigInteger $a, BigInteger $b) - { - if (!isset($this->factory)) { - throw new \RuntimeException('setModulo needs to be called before this method'); - } - $this->a = $this->factory->newInteger($a); - $this->b = $this->factory->newInteger($b); - } - - /** - * Set x and y coordinates for the base point - * - * @param BigInteger|PrimeInteger $x - * @param BigInteger|PrimeInteger $y - * @return PrimeInteger[] - */ - public function setBasePoint($x, $y) - { - switch (true) { - case !$x instanceof BigInteger && !$x instanceof PrimeInteger: - throw new \UnexpectedValueException('Argument 1 passed to Prime::setBasePoint() must be an instance of either BigInteger or PrimeField\Integer'); - case !$y instanceof BigInteger && !$y instanceof PrimeInteger: - throw new \UnexpectedValueException('Argument 2 passed to Prime::setBasePoint() must be an instance of either BigInteger or PrimeField\Integer'); - } - if (!isset($this->factory)) { - throw new \RuntimeException('setModulo needs to be called before this method'); - } - $this->p = [ - $x instanceof BigInteger ? $this->factory->newInteger($x) : $x, - $y instanceof BigInteger ? $this->factory->newInteger($y) : $y - ]; - } - - /** - * Retrieve the base point as an array - * - * @return array - */ - public function getBasePoint() - { - if (!isset($this->factory)) { - throw new \RuntimeException('setModulo needs to be called before this method'); - } - /* - if (!isset($this->p)) { - throw new \RuntimeException('setBasePoint needs to be called before this method'); - } - */ - return $this->p; - } - - /** - * Adds two "fresh" jacobian form on the curve - * - * @return FiniteField[] - */ - protected function jacobianAddPointMixedXY(array $p, array $q) - { - list($u1, $s1) = $p; - list($u2, $s2) = $q; - if ($u1->equals($u2)) { - if (!$s1->equals($s2)) { - return []; - } else { - return $this->doublePoint($p); - } - } - $h = $u2->subtract($u1); - $r = $s2->subtract($s1); - $h2 = $h->multiply($h); - $h3 = $h2->multiply($h); - $v = $u1->multiply($h2); - $x3 = $r->multiply($r)->subtract($h3)->subtract($v->multiply($this->two)); - $y3 = $r->multiply( - $v->subtract($x3) - )->subtract( - $s1->multiply($h3) - ); - return [$x3, $y3, $h]; - } - - /** - * Adds one "fresh" jacobian form on the curve - * - * The second parameter should be the "fresh" one - * - * @return FiniteField[] - */ - protected function jacobianAddPointMixedX(array $p, array $q) - { - list($u1, $s1, $z1) = $p; - list($x2, $y2) = $q; - - $z12 = $z1->multiply($z1); - - $u2 = $x2->multiply($z12); - $s2 = $y2->multiply($z12->multiply($z1)); - if ($u1->equals($u2)) { - if (!$s1->equals($s2)) { - return []; - } else { - return $this->doublePoint($p); - } - } - $h = $u2->subtract($u1); - $r = $s2->subtract($s1); - $h2 = $h->multiply($h); - $h3 = $h2->multiply($h); - $v = $u1->multiply($h2); - $x3 = $r->multiply($r)->subtract($h3)->subtract($v->multiply($this->two)); - $y3 = $r->multiply( - $v->subtract($x3) - )->subtract( - $s1->multiply($h3) - ); - $z3 = $h->multiply($z1); - return [$x3, $y3, $z3]; - } - - /** - * Adds two jacobian coordinates on the curve - * - * @return FiniteField[] - */ - protected function jacobianAddPoint(array $p, array $q) - { - list($x1, $y1, $z1) = $p; - list($x2, $y2, $z2) = $q; - - $z12 = $z1->multiply($z1); - $z22 = $z2->multiply($z2); - - $u1 = $x1->multiply($z22); - $u2 = $x2->multiply($z12); - $s1 = $y1->multiply($z22->multiply($z2)); - $s2 = $y2->multiply($z12->multiply($z1)); - if ($u1->equals($u2)) { - if (!$s1->equals($s2)) { - return []; - } else { - return $this->doublePoint($p); - } - } - $h = $u2->subtract($u1); - $r = $s2->subtract($s1); - $h2 = $h->multiply($h); - $h3 = $h2->multiply($h); - $v = $u1->multiply($h2); - $x3 = $r->multiply($r)->subtract($h3)->subtract($v->multiply($this->two)); - $y3 = $r->multiply( - $v->subtract($x3) - )->subtract( - $s1->multiply($h3) - ); - $z3 = $h->multiply($z1)->multiply($z2); - return [$x3, $y3, $z3]; - } - - /** - * Adds two points on the curve - * - * @return FiniteField[] - */ - public function addPoint(array $p, array $q) - { - if (!isset($this->factory)) { - throw new \RuntimeException('setModulo needs to be called before this method'); - } - - if (!count($p) || !count($q)) { - if (count($q)) { - return $q; - } - if (count($p)) { - return $p; - } - return []; - } - - // use jacobian coordinates - if (isset($p[2]) && isset($q[2])) { - if (isset($p['fresh']) && isset($q['fresh'])) { - return $this->jacobianAddPointMixedXY($p, $q); - } - if (isset($p['fresh'])) { - return $this->jacobianAddPointMixedX($q, $p); - } - if (isset($q['fresh'])) { - return $this->jacobianAddPointMixedX($p, $q); - } - return $this->jacobianAddPoint($p, $q); - } - - if (isset($p[2]) || isset($q[2])) { - throw new \RuntimeException('Affine coordinates need to be manually converted to Jacobi coordinates or vice versa'); - } - - if ($p[0]->equals($q[0])) { - if (!$p[1]->equals($q[1])) { - return []; - } else { // eg. doublePoint - list($numerator, $denominator) = $this->doublePointHelper($p); - } - } else { - $numerator = $q[1]->subtract($p[1]); - $denominator = $q[0]->subtract($p[0]); - } - $slope = $numerator->divide($denominator); - $x = $slope->multiply($slope)->subtract($p[0])->subtract($q[0]); - $y = $slope->multiply($p[0]->subtract($x))->subtract($p[1]); - - return [$x, $y]; - } - - /** - * Returns the numerator and denominator of the slope - * - * @return FiniteField[] - */ - protected function doublePointHelper(array $p) - { - $numerator = $this->three->multiply($p[0])->multiply($p[0])->add($this->a); - $denominator = $this->two->multiply($p[1]); - return [$numerator, $denominator]; - } - - /** - * Doubles a jacobian coordinate on the curve - * - * @return FiniteField[] - */ - protected function jacobianDoublePoint(array $p) - { - list($x, $y, $z) = $p; - $x2 = $x->multiply($x); - $y2 = $y->multiply($y); - $z2 = $z->multiply($z); - $s = $this->four->multiply($x)->multiply($y2); - $m1 = $this->three->multiply($x2); - $m2 = $this->a->multiply($z2->multiply($z2)); - $m = $m1->add($m2); - $x1 = $m->multiply($m)->subtract($this->two->multiply($s)); - $y1 = $m->multiply($s->subtract($x1))->subtract( - $this->eight->multiply($y2->multiply($y2)) - ); - $z1 = $this->two->multiply($y)->multiply($z); - return [$x1, $y1, $z1]; - } - - /** - * Doubles a "fresh" jacobian coordinate on the curve - * - * @return FiniteField[] - */ - protected function jacobianDoublePointMixed(array $p) - { - list($x, $y) = $p; - $x2 = $x->multiply($x); - $y2 = $y->multiply($y); - $s = $this->four->multiply($x)->multiply($y2); - $m1 = $this->three->multiply($x2); - $m = $m1->add($this->a); - $x1 = $m->multiply($m)->subtract($this->two->multiply($s)); - $y1 = $m->multiply($s->subtract($x1))->subtract( - $this->eight->multiply($y2->multiply($y2)) - ); - $z1 = $this->two->multiply($y); - return [$x1, $y1, $z1]; - } - - /** - * Doubles a point on a curve - * - * @return FiniteField[] - */ - public function doublePoint(array $p) - { - if (!isset($this->factory)) { - throw new \RuntimeException('setModulo needs to be called before this method'); - } - - if (!count($p)) { - return []; - } - - // use jacobian coordinates - if (isset($p[2])) { - if (isset($p['fresh'])) { - return $this->jacobianDoublePointMixed($p); - } - return $this->jacobianDoublePoint($p); - } - - list($numerator, $denominator) = $this->doublePointHelper($p); - - $slope = $numerator->divide($denominator); - - $x = $slope->multiply($slope)->subtract($p[0])->subtract($p[0]); - $y = $slope->multiply($p[0]->subtract($x))->subtract($p[1]); - - return [$x, $y]; - } - - /** - * Returns the X coordinate and the derived Y coordinate - * - * @return array - */ - public function derivePoint($m) - { - $y = ord(Strings::shift($m)); - $x = new BigInteger($m, 256); - $xp = $this->convertInteger($x); - switch ($y) { - case 2: - $ypn = false; - break; - case 3: - $ypn = true; - break; - default: - throw new \RuntimeException('Coordinate not in recognized format'); - } - $temp = $xp->multiply($this->a); - $temp = $xp->multiply($xp)->multiply($xp)->add($temp); - $temp = $temp->add($this->b); - $b = $temp->squareRoot(); - if (!$b) { - throw new \RuntimeException('Unable to derive Y coordinate'); - } - $bn = $b->isOdd(); - $yp = $ypn == $bn ? $b : $b->negate(); - return [$xp, $yp]; - } - - /** - * Tests whether or not the x / y values satisfy the equation - * - * @return boolean - */ - public function verifyPoint(array $p) - { - list($x, $y) = $p; - $lhs = $y->multiply($y); - $temp = $x->multiply($this->a); - $temp = $x->multiply($x)->multiply($x)->add($temp); - $rhs = $temp->add($this->b); - - return $lhs->equals($rhs); - } - - /** - * Returns the modulo - * - * @return \phpseclib3\Math\BigInteger - */ - public function getModulo() - { - return $this->modulo; - } - - /** - * Returns the a coefficient - * - * @return \phpseclib3\Math\PrimeField\Integer - */ - public function getA() - { - return $this->a; - } - - /** - * Returns the a coefficient - * - * @return \phpseclib3\Math\PrimeField\Integer - */ - public function getB() - { - return $this->b; - } - - /** - * Multiply and Add Points - * - * Adapted from: - * https://github.com/indutny/elliptic/blob/725bd91/lib/elliptic/curve/base.js#L125 - * - * @return int[] - */ - public function multiplyAddPoints(array $points, array $scalars) - { - $length = count($points); - - foreach ($points as &$point) { - $point = $this->convertToInternal($point); - } - - $wnd = [$this->getNAFPoints($points[0], 7)]; - $wndWidth = [isset($points[0]['nafwidth']) ? $points[0]['nafwidth'] : 7]; - for ($i = 1; $i < $length; $i++) { - $wnd[] = $this->getNAFPoints($points[$i], 1); - $wndWidth[] = isset($points[$i]['nafwidth']) ? $points[$i]['nafwidth'] : 1; - } - - $naf = []; - - // comb all window NAFs - - $max = 0; - for ($i = $length - 1; $i >= 1; $i -= 2) { - $a = $i - 1; - $b = $i; - if ($wndWidth[$a] != 1 || $wndWidth[$b] != 1) { - $naf[$a] = $scalars[$a]->getNAF($wndWidth[$a]); - $naf[$b] = $scalars[$b]->getNAF($wndWidth[$b]); - $max = max(count($naf[$a]), count($naf[$b]), $max); - continue; - } - - $comb = [ - $points[$a], // 1 - null, // 3 - null, // 5 - $points[$b] // 7 - ]; - - $comb[1] = $this->addPoint($points[$a], $points[$b]); - $comb[2] = $this->addPoint($points[$a], $this->negatePoint($points[$b])); - - $index = [ - -3, /* -1 -1 */ - -1, /* -1 0 */ - -5, /* -1 1 */ - -7, /* 0 -1 */ - 0, /* 0 -1 */ - 7, /* 0 1 */ - 5, /* 1 -1 */ - 1, /* 1 0 */ - 3 /* 1 1 */ - ]; - - $jsf = self::getJSFPoints($scalars[$a], $scalars[$b]); - - $max = max(count($jsf[0]), $max); - if ($max > 0) { - $naf[$a] = array_fill(0, $max, 0); - $naf[$b] = array_fill(0, $max, 0); - } else { - $naf[$a] = []; - $naf[$b] = []; - } - - for ($j = 0; $j < $max; $j++) { - $ja = isset($jsf[0][$j]) ? $jsf[0][$j] : 0; - $jb = isset($jsf[1][$j]) ? $jsf[1][$j] : 0; - - $naf[$a][$j] = $index[3 * ($ja + 1) + $jb + 1]; - $naf[$b][$j] = 0; - $wnd[$a] = $comb; - } - } - - $acc = []; - $temp = [0, 0, 0, 0]; - for ($i = $max; $i >= 0; $i--) { - $k = 0; - while ($i >= 0) { - $zero = true; - for ($j = 0; $j < $length; $j++) { - $temp[$j] = isset($naf[$j][$i]) ? $naf[$j][$i] : 0; - if ($temp[$j] != 0) { - $zero = false; - } - } - if (!$zero) { - break; - } - $k++; - $i--; - } - - if ($i >= 0) { - $k++; - } - while ($k--) { - $acc = $this->doublePoint($acc); - } - - if ($i < 0) { - break; - } - - for ($j = 0; $j < $length; $j++) { - $z = $temp[$j]; - $p = null; - if ($z == 0) { - continue; - } - $p = $z > 0 ? - $wnd[$j][($z - 1) >> 1] : - $this->negatePoint($wnd[$j][(-$z - 1) >> 1]); - $acc = $this->addPoint($acc, $p); - } - } - - return $this->convertToAffine($acc); - } - - /** - * Precomputes NAF points - * - * Adapted from: - * https://github.com/indutny/elliptic/blob/725bd91/lib/elliptic/curve/base.js#L351 - * - * @return int[] - */ - private function getNAFPoints(array $point, $wnd) - { - if (isset($point['naf'])) { - return $point['naf']; - } - - $res = [$point]; - $max = (1 << $wnd) - 1; - $dbl = $max == 1 ? null : $this->doublePoint($point); - for ($i = 1; $i < $max; $i++) { - $res[] = $this->addPoint($res[$i - 1], $dbl); - } - - $point['naf'] = $res; - - /* - $str = ''; - foreach ($res as $re) { - $re[0] = bin2hex($re[0]->toBytes()); - $re[1] = bin2hex($re[1]->toBytes()); - $str.= " ['$re[0]', '$re[1]'],\r\n"; - } - file_put_contents('temp.txt', $str); - exit; - */ - - return $res; - } - - /** - * Precomputes points in Joint Sparse Form - * - * Adapted from: - * https://github.com/indutny/elliptic/blob/725bd91/lib/elliptic/utils.js#L96 - * - * @return int[] - */ - private static function getJSFPoints(Integer $k1, Integer $k2) - { - static $three; - if (!isset($three)) { - $three = new BigInteger(3); - } - - $jsf = [[], []]; - $k1 = $k1->toBigInteger(); - $k2 = $k2->toBigInteger(); - $d1 = 0; - $d2 = 0; - - while ($k1->compare(new BigInteger(-$d1)) > 0 || $k2->compare(new BigInteger(-$d2)) > 0) { - // first phase - $m14 = $k1->testBit(0) + 2 * $k1->testBit(1); - $m14 += $d1; - $m14 &= 3; - - $m24 = $k2->testBit(0) + 2 * $k2->testBit(1); - $m24 += $d2; - $m24 &= 3; - - if ($m14 == 3) { - $m14 = -1; - } - if ($m24 == 3) { - $m24 = -1; - } - - $u1 = 0; - if ($m14 & 1) { // if $m14 is odd - $m8 = $k1->testBit(0) + 2 * $k1->testBit(1) + 4 * $k1->testBit(2); - $m8 += $d1; - $m8 &= 7; - $u1 = ($m8 == 3 || $m8 == 5) && $m24 == 2 ? -$m14 : $m14; - } - $jsf[0][] = $u1; - - $u2 = 0; - if ($m24 & 1) { // if $m24 is odd - $m8 = $k2->testBit(0) + 2 * $k2->testBit(1) + 4 * $k2->testBit(2); - $m8 += $d2; - $m8 &= 7; - $u2 = ($m8 == 3 || $m8 == 5) && $m14 == 2 ? -$m24 : $m24; - } - $jsf[1][] = $u2; - - // second phase - if (2 * $d1 == $u1 + 1) { - $d1 = 1 - $d1; - } - if (2 * $d2 == $u2 + 1) { - $d2 = 1 - $d2; - } - $k1 = $k1->bitwise_rightShift(1); - $k2 = $k2->bitwise_rightShift(1); - } - - return $jsf; - } - - /** - * Returns the affine point - * - * A Jacobian Coordinate is of the form (x, y, z). - * To convert a Jacobian Coordinate to an Affine Point - * you do (x / z^2, y / z^3) - * - * @return \phpseclib3\Math\PrimeField\Integer[] - */ - public function convertToAffine(array $p) - { - if (!isset($p[2])) { - return $p; - } - list($x, $y, $z) = $p; - $z = $this->one->divide($z); - $z2 = $z->multiply($z); - return [ - $x->multiply($z2), - $y->multiply($z2)->multiply($z) - ]; - } - - /** - * Converts an affine point to a jacobian coordinate - * - * @return \phpseclib3\Math\PrimeField\Integer[] - */ - public function convertToInternal(array $p) - { - if (isset($p[2])) { - return $p; - } - - $p[2] = clone $this->one; - $p['fresh'] = true; - return $p; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/TwistedEdwards.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/TwistedEdwards.php deleted file mode 100644 index 2521a4c..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/TwistedEdwards.php +++ /dev/null @@ -1,215 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\BaseCurves; - -use phpseclib3\Math\BigInteger; -use phpseclib3\Math\PrimeField; -use phpseclib3\Math\PrimeField\Integer as PrimeInteger; - -/** - * Curves over a*x^2 + y^2 = 1 + d*x^2*y^2 - * - * @author Jim Wigginton - */ -class TwistedEdwards extends Base -{ - /** - * The modulo - * - * @var BigInteger - */ - protected $modulo; - - /** - * Cofficient for x^2 - * - * @var object - */ - protected $a; - - /** - * Cofficient for x^2*y^2 - * - * @var object - */ - protected $d; - - /** - * Base Point - * - * @var object[] - */ - protected $p; - - /** - * The number zero over the specified finite field - * - * @var object - */ - protected $zero; - - /** - * The number one over the specified finite field - * - * @var object - */ - protected $one; - - /** - * The number two over the specified finite field - * - * @var object - */ - protected $two; - - /** - * Sets the modulo - */ - public function setModulo(BigInteger $modulo) - { - $this->modulo = $modulo; - $this->factory = new PrimeField($modulo); - $this->zero = $this->factory->newInteger(new BigInteger(0)); - $this->one = $this->factory->newInteger(new BigInteger(1)); - $this->two = $this->factory->newInteger(new BigInteger(2)); - } - - /** - * Set coefficients a and b - */ - public function setCoefficients(BigInteger $a, BigInteger $d) - { - if (!isset($this->factory)) { - throw new \RuntimeException('setModulo needs to be called before this method'); - } - $this->a = $this->factory->newInteger($a); - $this->d = $this->factory->newInteger($d); - } - - /** - * Set x and y coordinates for the base point - */ - public function setBasePoint($x, $y) - { - switch (true) { - case !$x instanceof BigInteger && !$x instanceof PrimeInteger: - throw new \UnexpectedValueException('Argument 1 passed to Prime::setBasePoint() must be an instance of either BigInteger or PrimeField\Integer'); - case !$y instanceof BigInteger && !$y instanceof PrimeInteger: - throw new \UnexpectedValueException('Argument 2 passed to Prime::setBasePoint() must be an instance of either BigInteger or PrimeField\Integer'); - } - if (!isset($this->factory)) { - throw new \RuntimeException('setModulo needs to be called before this method'); - } - $this->p = [ - $x instanceof BigInteger ? $this->factory->newInteger($x) : $x, - $y instanceof BigInteger ? $this->factory->newInteger($y) : $y - ]; - } - - /** - * Returns the a coefficient - * - * @return \phpseclib3\Math\PrimeField\Integer - */ - public function getA() - { - return $this->a; - } - - /** - * Returns the a coefficient - * - * @return \phpseclib3\Math\PrimeField\Integer - */ - public function getD() - { - return $this->d; - } - - /** - * Retrieve the base point as an array - * - * @return array - */ - public function getBasePoint() - { - if (!isset($this->factory)) { - throw new \RuntimeException('setModulo needs to be called before this method'); - } - /* - if (!isset($this->p)) { - throw new \RuntimeException('setBasePoint needs to be called before this method'); - } - */ - return $this->p; - } - - /** - * Returns the affine point - * - * @return \phpseclib3\Math\PrimeField\Integer[] - */ - public function convertToAffine(array $p) - { - if (!isset($p[2])) { - return $p; - } - list($x, $y, $z) = $p; - $z = $this->one->divide($z); - return [ - $x->multiply($z), - $y->multiply($z) - ]; - } - - /** - * Returns the modulo - * - * @return \phpseclib3\Math\BigInteger - */ - public function getModulo() - { - return $this->modulo; - } - - /** - * Tests whether or not the x / y values satisfy the equation - * - * @return boolean - */ - public function verifyPoint(array $p) - { - list($x, $y) = $p; - $x2 = $x->multiply($x); - $y2 = $y->multiply($y); - - $lhs = $this->a->multiply($x2)->add($y2); - $rhs = $this->d->multiply($x2)->multiply($y2)->add($this->one); - - return $lhs->equals($rhs); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Curve25519.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Curve25519.php deleted file mode 100644 index 0f3f4d8..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Curve25519.php +++ /dev/null @@ -1,81 +0,0 @@ - - * @copyright 2019 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Montgomery; -use phpseclib3\Math\BigInteger; - -class Curve25519 extends Montgomery -{ - public function __construct() - { - // 2^255 - 19 - $this->setModulo(new BigInteger('7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFED', 16)); - $this->a24 = $this->factory->newInteger(new BigInteger('121666')); - $this->p = [$this->factory->newInteger(new BigInteger(9))]; - // 2^252 + 0x14def9dea2f79cd65812631a5cf5d3ed - $this->setOrder(new BigInteger('1000000000000000000000000000000014DEF9DEA2F79CD65812631A5CF5D3ED', 16)); - - /* - $this->setCoefficients( - new BigInteger('486662'), // a - ); - $this->setBasePoint( - new BigInteger(9), - new BigInteger('14781619447589544791020593568409986887264606134616475288964881837755586237401') - ); - */ - } - - /** - * Multiply a point on the curve by a scalar - * - * Modifies the scalar as described at https://tools.ietf.org/html/rfc7748#page-8 - * - * @return array - */ - public function multiplyPoint(array $p, BigInteger $d) - { - //$r = strrev(sodium_crypto_scalarmult($d->toBytes(), strrev($p[0]->toBytes()))); - //return [$this->factory->newInteger(new BigInteger($r, 256))]; - - $d = $d->toBytes(); - $d &= "\xF8" . str_repeat("\xFF", 30) . "\x7F"; - $d = strrev($d); - $d |= "\x40"; - $d = new BigInteger($d, -256); - - return parent::multiplyPoint($p, $d); - } - - /** - * Creates a random scalar multiplier - * - * @return BigInteger - */ - public function createRandomMultiplier() - { - return BigInteger::random(256); - } - - /** - * Performs range check - */ - public function rangeCheck(BigInteger $x) - { - if ($x->getLength() > 256 || $x->isNegative()) { - throw new \RangeException('x must be a positive integer less than 256 bytes in length'); - } - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Curve448.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Curve448.php deleted file mode 100644 index f4a4423..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Curve448.php +++ /dev/null @@ -1,92 +0,0 @@ - - * @copyright 2019 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Montgomery; -use phpseclib3\Math\BigInteger; - -class Curve448 extends Montgomery -{ - public function __construct() - { - // 2^448 - 2^224 - 1 - $this->setModulo(new BigInteger( - 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE' . - 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF', - 16 - )); - $this->a24 = $this->factory->newInteger(new BigInteger('39081')); - $this->p = [$this->factory->newInteger(new BigInteger(5))]; - // 2^446 - 0x8335dc163bb124b65129c96fde933d8d723a70aadc873d6d54a7bb0d - $this->setOrder(new BigInteger( - '3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF' . - '7CCA23E9C44EDB49AED63690216CC2728DC58F552378C292AB5844F3', - 16 - )); - - /* - $this->setCoefficients( - new BigInteger('156326'), // a - ); - $this->setBasePoint( - new BigInteger(5), - new BigInteger( - '355293926785568175264127502063783334808976399387714271831880898' . - '435169088786967410002932673765864550910142774147268105838985595290' . - '606362') - ); - */ - } - - /** - * Multiply a point on the curve by a scalar - * - * Modifies the scalar as described at https://tools.ietf.org/html/rfc7748#page-8 - * - * @return array - */ - public function multiplyPoint(array $p, BigInteger $d) - { - //$r = strrev(sodium_crypto_scalarmult($d->toBytes(), strrev($p[0]->toBytes()))); - //return [$this->factory->newInteger(new BigInteger($r, 256))]; - - $d = $d->toBytes(); - $d[0] = $d[0] & "\xFC"; - $d = strrev($d); - $d |= "\x80"; - $d = new BigInteger($d, 256); - - return parent::multiplyPoint($p, $d); - } - - /** - * Creates a random scalar multiplier - * - * @return BigInteger - */ - public function createRandomMultiplier() - { - return BigInteger::random(446); - } - - /** - * Performs range check - */ - public function rangeCheck(BigInteger $x) - { - if ($x->getLength() > 448 || $x->isNegative()) { - throw new \RangeException('x must be a positive integer less than 446 bytes in length'); - } - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Ed25519.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Ed25519.php deleted file mode 100644 index 9d3de68..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Ed25519.php +++ /dev/null @@ -1,333 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards; -use phpseclib3\Crypt\Hash; -use phpseclib3\Crypt\Random; -use phpseclib3\Math\BigInteger; - -class Ed25519 extends TwistedEdwards -{ - const HASH = 'sha512'; - /* - Per https://tools.ietf.org/html/rfc8032#page-6 EdDSA has several parameters, one of which is b: - - 2. An integer b with 2^(b-1) > p. EdDSA public keys have exactly b - bits, and EdDSA signatures have exactly 2*b bits. b is - recommended to be a multiple of 8, so public key and signature - lengths are an integral number of octets. - - SIZE corresponds to b - */ - const SIZE = 32; - - public function __construct() - { - // 2^255 - 19 - $this->setModulo(new BigInteger('7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFED', 16)); - $this->setCoefficients( - // -1 - new BigInteger('7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEC', 16), // a - // -121665/121666 - new BigInteger('52036CEE2B6FFE738CC740797779E89800700A4D4141D8AB75EB4DCA135978A3', 16) // d - ); - $this->setBasePoint( - new BigInteger('216936D3CD6E53FEC0A4E231FDD6DC5C692CC7609525A7B2C9562D608F25D51A', 16), - new BigInteger('6666666666666666666666666666666666666666666666666666666666666658', 16) - ); - $this->setOrder(new BigInteger('1000000000000000000000000000000014DEF9DEA2F79CD65812631A5CF5D3ED', 16)); - // algorithm 14.47 from http://cacr.uwaterloo.ca/hac/about/chap14.pdf#page=16 - /* - $this->setReduction(function($x) { - $parts = $x->bitwise_split(255); - $className = $this->className; - - if (count($parts) > 2) { - list(, $r) = $x->divide($className::$modulo); - return $r; - } - - $zero = new BigInteger(); - $c = new BigInteger(19); - - switch (count($parts)) { - case 2: - list($qi, $ri) = $parts; - break; - case 1: - $qi = $zero; - list($ri) = $parts; - break; - case 0: - return $zero; - } - $r = $ri; - - while ($qi->compare($zero) > 0) { - $temp = $qi->multiply($c)->bitwise_split(255); - if (count($temp) == 2) { - list($qi, $ri) = $temp; - } else { - $qi = $zero; - list($ri) = $temp; - } - $r = $r->add($ri); - } - - while ($r->compare($className::$modulo) > 0) { - $r = $r->subtract($className::$modulo); - } - return $r; - }); - */ - } - - /** - * Recover X from Y - * - * Implements steps 2-4 at https://tools.ietf.org/html/rfc8032#section-5.1.3 - * - * Used by EC\Keys\Common.php - * - * @param BigInteger $y - * @param boolean $sign - * @return object[] - */ - public function recoverX(BigInteger $y, $sign) - { - $y = $this->factory->newInteger($y); - - $y2 = $y->multiply($y); - $u = $y2->subtract($this->one); - $v = $this->d->multiply($y2)->add($this->one); - $x2 = $u->divide($v); - if ($x2->equals($this->zero)) { - if ($sign) { - throw new \RuntimeException('Unable to recover X coordinate (x2 = 0)'); - } - return clone $this->zero; - } - // find the square root - /* we don't do $x2->squareRoot() because, quoting from - https://tools.ietf.org/html/rfc8032#section-5.1.1: - - "For point decoding or "decompression", square roots modulo p are - needed. They can be computed using the Tonelli-Shanks algorithm or - the special case for p = 5 (mod 8). To find a square root of a, - first compute the candidate root x = a^((p+3)/8) (mod p)." - */ - $exp = $this->getModulo()->add(new BigInteger(3)); - $exp = $exp->bitwise_rightShift(3); - $x = $x2->pow($exp); - - // If v x^2 = -u (mod p), set x <-- x * 2^((p-1)/4), which is a square root. - if (!$x->multiply($x)->subtract($x2)->equals($this->zero)) { - $temp = $this->getModulo()->subtract(new BigInteger(1)); - $temp = $temp->bitwise_rightShift(2); - $temp = $this->two->pow($temp); - $x = $x->multiply($temp); - if (!$x->multiply($x)->subtract($x2)->equals($this->zero)) { - throw new \RuntimeException('Unable to recover X coordinate'); - } - } - if ($x->isOdd() != $sign) { - $x = $x->negate(); - } - - return [$x, $y]; - } - - /** - * Extract Secret Scalar - * - * Implements steps 1-3 at https://tools.ietf.org/html/rfc8032#section-5.1.5 - * - * Used by the various key handlers - * - * @param string $str - * @return array - */ - public function extractSecret($str) - { - if (strlen($str) != 32) { - throw new \LengthException('Private Key should be 32-bytes long'); - } - // 1. Hash the 32-byte private key using SHA-512, storing the digest in - // a 64-octet large buffer, denoted h. Only the lower 32 bytes are - // used for generating the public key. - $hash = new Hash('sha512'); - $h = $hash->hash($str); - $h = substr($h, 0, 32); - // 2. Prune the buffer: The lowest three bits of the first octet are - // cleared, the highest bit of the last octet is cleared, and the - // second highest bit of the last octet is set. - $h[0] = $h[0] & chr(0xF8); - $h = strrev($h); - $h[0] = ($h[0] & chr(0x3F)) | chr(0x40); - // 3. Interpret the buffer as the little-endian integer, forming a - // secret scalar s. - $dA = new BigInteger($h, 256); - - return [ - 'dA' => $dA, - 'secret' => $str - ]; - } - - /** - * Encode a point as a string - * - * @param array $point - * @return string - */ - public function encodePoint($point) - { - list($x, $y) = $point; - $y = $y->toBytes(); - $y[0] = $y[0] & chr(0x7F); - if ($x->isOdd()) { - $y[0] = $y[0] | chr(0x80); - } - $y = strrev($y); - - return $y; - } - - /** - * Creates a random scalar multiplier - * - * @return \phpseclib3\Math\PrimeField\Integer - */ - public function createRandomMultiplier() - { - return $this->extractSecret(Random::string(32))['dA']; - } - - /** - * Converts an affine point to an extended homogeneous coordinate - * - * From https://tools.ietf.org/html/rfc8032#section-5.1.4 : - * - * A point (x,y) is represented in extended homogeneous coordinates (X, Y, Z, T), - * with x = X/Z, y = Y/Z, x * y = T/Z. - * - * @return \phpseclib3\Math\PrimeField\Integer[] - */ - public function convertToInternal(array $p) - { - if (empty($p)) { - return [clone $this->zero, clone $this->one, clone $this->one, clone $this->zero]; - } - - if (isset($p[2])) { - return $p; - } - - $p[2] = clone $this->one; - $p[3] = $p[0]->multiply($p[1]); - - return $p; - } - - /** - * Doubles a point on a curve - * - * @return FiniteField[] - */ - public function doublePoint(array $p) - { - if (!isset($this->factory)) { - throw new \RuntimeException('setModulo needs to be called before this method'); - } - - if (!count($p)) { - return []; - } - - if (!isset($p[2])) { - throw new \RuntimeException('Affine coordinates need to be manually converted to "Jacobi" coordinates or vice versa'); - } - - // from https://tools.ietf.org/html/rfc8032#page-12 - - list($x1, $y1, $z1, $t1) = $p; - - $a = $x1->multiply($x1); - $b = $y1->multiply($y1); - $c = $this->two->multiply($z1)->multiply($z1); - $h = $a->add($b); - $temp = $x1->add($y1); - $e = $h->subtract($temp->multiply($temp)); - $g = $a->subtract($b); - $f = $c->add($g); - - $x3 = $e->multiply($f); - $y3 = $g->multiply($h); - $t3 = $e->multiply($h); - $z3 = $f->multiply($g); - - return [$x3, $y3, $z3, $t3]; - } - - /** - * Adds two points on the curve - * - * @return FiniteField[] - */ - public function addPoint(array $p, array $q) - { - if (!isset($this->factory)) { - throw new \RuntimeException('setModulo needs to be called before this method'); - } - - if (!count($p) || !count($q)) { - if (count($q)) { - return $q; - } - if (count($p)) { - return $p; - } - return []; - } - - if (!isset($p[2]) || !isset($q[2])) { - throw new \RuntimeException('Affine coordinates need to be manually converted to "Jacobi" coordinates or vice versa'); - } - - if ($p[0]->equals($q[0])) { - return !$p[1]->equals($q[1]) ? [] : $this->doublePoint($p); - } - - // from https://tools.ietf.org/html/rfc8032#page-12 - - list($x1, $y1, $z1, $t1) = $p; - list($x2, $y2, $z2, $t2) = $q; - - $a = $y1->subtract($x1)->multiply($y2->subtract($x2)); - $b = $y1->add($x1)->multiply($y2->add($x2)); - $c = $t1->multiply($this->two)->multiply($this->d)->multiply($t2); - $d = $z1->multiply($this->two)->multiply($z2); - $e = $b->subtract($a); - $f = $d->subtract($c); - $g = $d->add($c); - $h = $b->add($a); - - $x3 = $e->multiply($f); - $y3 = $g->multiply($h); - $t3 = $e->multiply($h); - $z3 = $f->multiply($g); - - return [$x3, $y3, $z3, $t3]; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Ed448.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Ed448.php deleted file mode 100644 index 5451f90..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/Ed448.php +++ /dev/null @@ -1,273 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards; -use phpseclib3\Crypt\Hash; -use phpseclib3\Crypt\Random; -use phpseclib3\Math\BigInteger; - -class Ed448 extends TwistedEdwards -{ - const HASH = 'shake256-912'; - const SIZE = 57; - - public function __construct() - { - // 2^448 - 2^224 - 1 - $this->setModulo(new BigInteger( - 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE' . - 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF', - 16 - )); - $this->setCoefficients( - new BigInteger(1), - // -39081 - new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE' . - 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF6756', 16) - ); - $this->setBasePoint( - new BigInteger('4F1970C66BED0DED221D15A622BF36DA9E146570470F1767EA6DE324' . - 'A3D3A46412AE1AF72AB66511433B80E18B00938E2626A82BC70CC05E', 16), - new BigInteger('693F46716EB6BC248876203756C9C7624BEA73736CA3984087789C1E' . - '05A0C2D73AD3FF1CE67C39C4FDBD132C4ED7C8AD9808795BF230FA14', 16) - ); - $this->setOrder(new BigInteger( - '3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF' . - '7CCA23E9C44EDB49AED63690216CC2728DC58F552378C292AB5844F3', - 16 - )); - } - - /** - * Recover X from Y - * - * Implements steps 2-4 at https://tools.ietf.org/html/rfc8032#section-5.2.3 - * - * Used by EC\Keys\Common.php - * - * @param BigInteger $y - * @param boolean $sign - * @return object[] - */ - public function recoverX(BigInteger $y, $sign) - { - $y = $this->factory->newInteger($y); - - $y2 = $y->multiply($y); - $u = $y2->subtract($this->one); - $v = $this->d->multiply($y2)->subtract($this->one); - $x2 = $u->divide($v); - if ($x2->equals($this->zero)) { - if ($sign) { - throw new \RuntimeException('Unable to recover X coordinate (x2 = 0)'); - } - return clone $this->zero; - } - // find the square root - $exp = $this->getModulo()->add(new BigInteger(1)); - $exp = $exp->bitwise_rightShift(2); - $x = $x2->pow($exp); - - if (!$x->multiply($x)->subtract($x2)->equals($this->zero)) { - throw new \RuntimeException('Unable to recover X coordinate'); - } - if ($x->isOdd() != $sign) { - $x = $x->negate(); - } - - return [$x, $y]; - } - - /** - * Extract Secret Scalar - * - * Implements steps 1-3 at https://tools.ietf.org/html/rfc8032#section-5.2.5 - * - * Used by the various key handlers - * - * @param string $str - * @return array - */ - public function extractSecret($str) - { - if (strlen($str) != 57) { - throw new \LengthException('Private Key should be 57-bytes long'); - } - // 1. Hash the 57-byte private key using SHAKE256(x, 114), storing the - // digest in a 114-octet large buffer, denoted h. Only the lower 57 - // bytes are used for generating the public key. - $hash = new Hash('shake256-912'); - $h = $hash->hash($str); - $h = substr($h, 0, 57); - // 2. Prune the buffer: The two least significant bits of the first - // octet are cleared, all eight bits the last octet are cleared, and - // the highest bit of the second to last octet is set. - $h[0] = $h[0] & chr(0xFC); - $h = strrev($h); - $h[0] = "\0"; - $h[1] = $h[1] | chr(0x80); - // 3. Interpret the buffer as the little-endian integer, forming a - // secret scalar s. - $dA = new BigInteger($h, 256); - - return [ - 'dA' => $dA, - 'secret' => $str - ]; - - $dA->secret = $str; - return $dA; - } - - /** - * Encode a point as a string - * - * @param array $point - * @return string - */ - public function encodePoint($point) - { - list($x, $y) = $point; - $y = "\0" . $y->toBytes(); - if ($x->isOdd()) { - $y[0] = $y[0] | chr(0x80); - } - $y = strrev($y); - - return $y; - } - - /** - * Creates a random scalar multiplier - * - * @return \phpseclib3\Math\PrimeField\Integer - */ - public function createRandomMultiplier() - { - return $this->extractSecret(Random::string(57))['dA']; - } - - /** - * Converts an affine point to an extended homogeneous coordinate - * - * From https://tools.ietf.org/html/rfc8032#section-5.2.4 : - * - * A point (x,y) is represented in extended homogeneous coordinates (X, Y, Z, T), - * with x = X/Z, y = Y/Z, x * y = T/Z. - * - * @return \phpseclib3\Math\PrimeField\Integer[] - */ - public function convertToInternal(array $p) - { - if (empty($p)) { - return [clone $this->zero, clone $this->one, clone $this->one]; - } - - if (isset($p[2])) { - return $p; - } - - $p[2] = clone $this->one; - - return $p; - } - - /** - * Doubles a point on a curve - * - * @return FiniteField[] - */ - public function doublePoint(array $p) - { - if (!isset($this->factory)) { - throw new \RuntimeException('setModulo needs to be called before this method'); - } - - if (!count($p)) { - return []; - } - - if (!isset($p[2])) { - throw new \RuntimeException('Affine coordinates need to be manually converted to "Jacobi" coordinates or vice versa'); - } - - // from https://tools.ietf.org/html/rfc8032#page-18 - - list($x1, $y1, $z1) = $p; - - $b = $x1->add($y1); - $b = $b->multiply($b); - $c = $x1->multiply($x1); - $d = $y1->multiply($y1); - $e = $c->add($d); - $h = $z1->multiply($z1); - $j = $e->subtract($this->two->multiply($h)); - - $x3 = $b->subtract($e)->multiply($j); - $y3 = $c->subtract($d)->multiply($e); - $z3 = $e->multiply($j); - - return [$x3, $y3, $z3]; - } - - /** - * Adds two points on the curve - * - * @return FiniteField[] - */ - public function addPoint(array $p, array $q) - { - if (!isset($this->factory)) { - throw new \RuntimeException('setModulo needs to be called before this method'); - } - - if (!count($p) || !count($q)) { - if (count($q)) { - return $q; - } - if (count($p)) { - return $p; - } - return []; - } - - if (!isset($p[2]) || !isset($q[2])) { - throw new \RuntimeException('Affine coordinates need to be manually converted to "Jacobi" coordinates or vice versa'); - } - - if ($p[0]->equals($q[0])) { - return !$p[1]->equals($q[1]) ? [] : $this->doublePoint($p); - } - - // from https://tools.ietf.org/html/rfc8032#page-17 - - list($x1, $y1, $z1) = $p; - list($x2, $y2, $z2) = $q; - - $a = $z1->multiply($z2); - $b = $a->multiply($a); - $c = $x1->multiply($x2); - $d = $y1->multiply($y2); - $e = $this->d->multiply($c)->multiply($d); - $f = $b->subtract($e); - $g = $b->add($e); - $h = $x1->add($y1)->multiply($x2->add($y2)); - - $x3 = $a->multiply($f)->multiply($h->subtract($c)->subtract($d)); - $y3 = $a->multiply($g)->multiply($d->subtract($c)); - $z3 = $f->multiply($g); - - return [$x3, $y3, $z3]; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP160r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP160r1.php deleted file mode 100644 index 7bc2272..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP160r1.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class brainpoolP160r1 extends Prime -{ - public function __construct() - { - $this->setModulo(new BigInteger('E95E4A5F737059DC60DFC7AD95B3D8139515620F', 16)); - $this->setCoefficients( - new BigInteger('340E7BE2A280EB74E2BE61BADA745D97E8F7C300', 16), - new BigInteger('1E589A8595423412134FAA2DBDEC95C8D8675E58', 16) - ); - $this->setBasePoint( - new BigInteger('BED5AF16EA3F6A4F62938C4631EB5AF7BDBCDBC3', 16), - new BigInteger('1667CB477A1A8EC338F94741669C976316DA6321', 16) - ); - $this->setOrder(new BigInteger('E95E4A5F737059DC60DF5991D45029409E60FC09', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP160t1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP160t1.php deleted file mode 100644 index ebfb29a..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP160t1.php +++ /dev/null @@ -1,47 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class brainpoolP160t1 extends Prime -{ - public function __construct() - { - $this->setModulo(new BigInteger('E95E4A5F737059DC60DFC7AD95B3D8139515620F', 16)); - $this->setCoefficients( - new BigInteger('E95E4A5F737059DC60DFC7AD95B3D8139515620C', 16), // eg. -3 - new BigInteger('7A556B6DAE535B7B51ED2C4D7DAA7A0B5C55F380', 16) - ); - $this->setBasePoint( - new BigInteger('B199B13B9B34EFC1397E64BAEB05ACC265FF2378', 16), - new BigInteger('ADD6718B7C7C1961F0991B842443772152C9E0AD', 16) - ); - $this->setOrder(new BigInteger('E95E4A5F737059DC60DF5991D45029409E60FC09', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP192r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP192r1.php deleted file mode 100644 index 6ec848b..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP192r1.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class brainpoolP192r1 extends Prime -{ - public function __construct() - { - $this->setModulo(new BigInteger('C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297', 16)); - $this->setCoefficients( - new BigInteger('6A91174076B1E0E19C39C031FE8685C1CAE040E5C69A28EF', 16), - new BigInteger('469A28EF7C28CCA3DC721D044F4496BCCA7EF4146FBF25C9', 16) - ); - $this->setBasePoint( - new BigInteger('C0A0647EAAB6A48753B033C56CB0F0900A2F5C4853375FD6', 16), - new BigInteger('14B690866ABD5BB88B5F4828C1490002E6773FA2FA299B8F', 16) - ); - $this->setOrder(new BigInteger('C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP192t1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP192t1.php deleted file mode 100644 index e6a86bb..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP192t1.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class brainpoolP192t1 extends Prime -{ - public function __construct() - { - $this->setModulo(new BigInteger('C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297', 16)); - $this->setCoefficients( - new BigInteger('C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86294', 16), // eg. -3 - new BigInteger('13D56FFAEC78681E68F9DEB43B35BEC2FB68542E27897B79', 16) - ); - $this->setBasePoint( - new BigInteger('3AE9E58C82F63C30282E1FE7BBF43FA72C446AF6F4618129', 16), - new BigInteger('097E2C5667C2223A902AB5CA449D0084B7E5B3DE7CCC01C9', 16) - ); - $this->setOrder(new BigInteger('C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP224r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP224r1.php deleted file mode 100644 index 3d7d872..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP224r1.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class brainpoolP224r1 extends Prime -{ - public function __construct() - { - $this->setModulo(new BigInteger('D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF', 16)); - $this->setCoefficients( - new BigInteger('68A5E62CA9CE6C1C299803A6C1530B514E182AD8B0042A59CAD29F43', 16), - new BigInteger('2580F63CCFE44138870713B1A92369E33E2135D266DBB372386C400B', 16) - ); - $this->setBasePoint( - new BigInteger('0D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C1E6EFDEE12C07D', 16), - new BigInteger('58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D3761402CD', 16) - ); - $this->setOrder(new BigInteger('D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP224t1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP224t1.php deleted file mode 100644 index 3d4f928..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP224t1.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class brainpoolP224t1 extends Prime -{ - public function __construct() - { - $this->setModulo(new BigInteger('D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF', 16)); - $this->setCoefficients( - new BigInteger('D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FC', 16), // eg. -3 - new BigInteger('4B337D934104CD7BEF271BF60CED1ED20DA14C08B3BB64F18A60888D', 16) - ); - $this->setBasePoint( - new BigInteger('6AB1E344CE25FF3896424E7FFE14762ECB49F8928AC0C76029B4D580', 16), - new BigInteger('0374E9F5143E568CD23F3F4D7C0D4B1E41C8CC0D1C6ABD5F1A46DB4C', 16) - ); - $this->setOrder(new BigInteger('D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP256r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP256r1.php deleted file mode 100644 index 5780da7..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP256r1.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class brainpoolP256r1 extends Prime -{ - public function __construct() - { - $this->setModulo(new BigInteger('A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377', 16)); - $this->setCoefficients( - new BigInteger('7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9', 16), - new BigInteger('26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6', 16) - ); - $this->setBasePoint( - new BigInteger('8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262', 16), - new BigInteger('547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997', 16) - ); - $this->setOrder(new BigInteger('A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP256t1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP256t1.php deleted file mode 100644 index 724d8b8..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP256t1.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class brainpoolP256t1 extends Prime -{ - public function __construct() - { - $this->setModulo(new BigInteger('A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377', 16)); - $this->setCoefficients( - new BigInteger('A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5374', 16), // eg. -3 - new BigInteger('662C61C430D84EA4FE66A7733D0B76B7BF93EBC4AF2F49256AE58101FEE92B04', 16) - ); - $this->setBasePoint( - new BigInteger('A3E8EB3CC1CFE7B7732213B23A656149AFA142C47AAFBC2B79A191562E1305F4', 16), - new BigInteger('2D996C823439C56D7F7B22E14644417E69BCB6DE39D027001DABE8F35B25C9BE', 16) - ); - $this->setOrder(new BigInteger('A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP320r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP320r1.php deleted file mode 100644 index 182e622..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP320r1.php +++ /dev/null @@ -1,40 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class brainpoolP320r1 extends Prime -{ - public function __construct() - { - $this->setModulo(new BigInteger('D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F9' . - '2B9EC7893EC28FCD412B1F1B32E27', 16)); - $this->setCoefficients( - new BigInteger('3EE30B568FBAB0F883CCEBD46D3F3BB8A2A73513F5EB79DA66190EB085FFA9F4' . - '92F375A97D860EB4', 16), - new BigInteger('520883949DFDBC42D3AD198640688A6FE13F41349554B49ACC31DCCD88453981' . - '6F5EB4AC8FB1F1A6', 16) - ); - $this->setBasePoint( - new BigInteger('43BD7E9AFB53D8B85289BCC48EE5BFE6F20137D10A087EB6E7871E2A10A599C7' . - '10AF8D0D39E20611', 16), - new BigInteger('14FDD05545EC1CC8AB4093247F77275E0743FFED117182EAA9C77877AAAC6AC7' . - 'D35245D1692E8EE1', 16) - ); - $this->setOrder(new BigInteger('D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D4' . - '82EC7EE8658E98691555B44C59311', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP320t1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP320t1.php deleted file mode 100644 index d5a620d..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP320t1.php +++ /dev/null @@ -1,40 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class brainpoolP320t1 extends Prime -{ - public function __construct() - { - $this->setModulo(new BigInteger('D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F9' . - '2B9EC7893EC28FCD412B1F1B32E27', 16)); - $this->setCoefficients( - new BigInteger('D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28' . - 'FCD412B1F1B32E24', 16), // eg. -3 - new BigInteger('A7F561E038EB1ED560B3D147DB782013064C19F27ED27C6780AAF77FB8A547CE' . - 'B5B4FEF422340353', 16) - ); - $this->setBasePoint( - new BigInteger('925BE9FB01AFC6FB4D3E7D4990010F813408AB106C4F09CB7EE07868CC136FFF' . - '3357F624A21BED52', 16), - new BigInteger('63BA3A7A27483EBF6671DBEF7ABB30EBEE084E58A0B077AD42A5A0989D1EE71B' . - '1B9BC0455FB0D2C3', 16) - ); - $this->setOrder(new BigInteger('D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D4' . - '82EC7EE8658E98691555B44C59311', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP384r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP384r1.php deleted file mode 100644 index a20b4b4..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP384r1.php +++ /dev/null @@ -1,58 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class brainpoolP384r1 extends Prime -{ - public function __construct() - { - $this->setModulo(new BigInteger( - '8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A7' . - '1874700133107EC53', - 16 - )); - $this->setCoefficients( - new BigInteger( - '7BC382C63D8C150C3C72080ACE05AFA0C2BEA28E4FB22787139165EFBA91F90F8AA5814A503' . - 'AD4EB04A8C7DD22CE2826', - 16 - ), - new BigInteger( - '4A8C7DD22CE28268B39B55416F0447C2FB77DE107DCD2A62E880EA53EEB62D57CB4390295DB' . - 'C9943AB78696FA504C11', - 16 - ) - ); - $this->setBasePoint( - new BigInteger( - '1D1C64F068CF45FFA2A63A81B7C13F6B8847A3E77EF14FE3DB7FCAFE0CBD10E8E826E03436D' . - '646AAEF87B2E247D4AF1E', - 16 - ), - new BigInteger( - '8ABE1D7520F9C2A45CB1EB8E95CFD55262B70B29FEEC5864E19C054FF99129280E464621779' . - '1811142820341263C5315', - 16 - ) - ); - $this->setOrder(new BigInteger( - '8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC31' . - '03B883202E9046565', - 16 - )); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP384t1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP384t1.php deleted file mode 100644 index 366660e..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP384t1.php +++ /dev/null @@ -1,58 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class brainpoolP384t1 extends Prime -{ - public function __construct() - { - $this->setModulo(new BigInteger( - '8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A7' . - '1874700133107EC53', - 16 - )); - $this->setCoefficients( - new BigInteger( - '8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901' . - 'D1A71874700133107EC50', - 16 - ), // eg. -3 - new BigInteger( - '7F519EADA7BDA81BD826DBA647910F8C4B9346ED8CCDC64E4B1ABD11756DCE1D2074AA263B8' . - '8805CED70355A33B471EE', - 16 - ) - ); - $this->setBasePoint( - new BigInteger( - '18DE98B02DB9A306F2AFCD7235F72A819B80AB12EBD653172476FECD462AABFFC4FF191B946' . - 'A5F54D8D0AA2F418808CC', - 16 - ), - new BigInteger( - '25AB056962D30651A114AFD2755AD336747F93475B7A1FCA3B88F2B6A208CCFE469408584DC' . - '2B2912675BF5B9E582928', - 16 - ) - ); - $this->setOrder(new BigInteger( - '8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC31' . - '03B883202E9046565', - 16 - )); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP512r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP512r1.php deleted file mode 100644 index 5efe5e1..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP512r1.php +++ /dev/null @@ -1,58 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class brainpoolP512r1 extends Prime -{ - public function __construct() - { - $this->setModulo(new BigInteger( - 'AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC' . - '66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3', - 16 - )); - $this->setCoefficients( - new BigInteger( - '7830A3318B603B89E2327145AC234CC594CBDD8D3DF91610A83441CAEA9863BC2DED5D5AA82' . - '53AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CA', - 16 - ), - new BigInteger( - '3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C' . - '1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723', - 16 - ) - ); - $this->setBasePoint( - new BigInteger( - '81AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D0098EFF3B1F78E2D' . - '0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F822', - 16 - ), - new BigInteger( - '7DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F8111B2DCDE494A5' . - 'F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892', - 16 - ) - ); - $this->setOrder(new BigInteger( - 'AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA' . - '92619418661197FAC10471DB1D381085DDADDB58796829CA90069', - 16 - )); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP512t1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP512t1.php deleted file mode 100644 index 745863a..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/brainpoolP512t1.php +++ /dev/null @@ -1,58 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class brainpoolP512t1 extends Prime -{ - public function __construct() - { - $this->setModulo(new BigInteger( - 'AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC' . - '66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3', - 16 - )); - $this->setCoefficients( - new BigInteger( - 'AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC' . - '66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F0', - 16 - ), // eg. -3 - new BigInteger( - '7CBBBCF9441CFAB76E1890E46884EAE321F70C0BCB4981527897504BEC3E36A62BCDFA23049' . - '76540F6450085F2DAE145C22553B465763689180EA2571867423E', - 16 - ) - ); - $this->setBasePoint( - new BigInteger( - '640ECE5C12788717B9C1BA06CBC2A6FEBA85842458C56DDE9DB1758D39C0313D82BA51735CD' . - 'B3EA499AA77A7D6943A64F7A3F25FE26F06B51BAA2696FA9035DA', - 16 - ), - new BigInteger( - '5B534BD595F5AF0FA2C892376C84ACE1BB4E3019B71634C01131159CAE03CEE9D9932184BEE' . - 'F216BD71DF2DADF86A627306ECFF96DBB8BACE198B61E00F8B332', - 16 - ) - ); - $this->setOrder(new BigInteger( - 'AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA' . - '92619418661197FAC10471DB1D381085DDADDB58796829CA90069', - 16 - )); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistb233.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistb233.php deleted file mode 100644 index bae12b0..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistb233.php +++ /dev/null @@ -1,18 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -final class nistb233 extends sect233r1 -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistb409.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistb409.php deleted file mode 100644 index a46153d..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistb409.php +++ /dev/null @@ -1,18 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -final class nistb409 extends sect409r1 -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk163.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk163.php deleted file mode 100644 index 8b26376..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk163.php +++ /dev/null @@ -1,18 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -final class nistk163 extends sect163k1 -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk233.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk233.php deleted file mode 100644 index 69e1413..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk233.php +++ /dev/null @@ -1,18 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -final class nistk233 extends sect233k1 -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk283.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk283.php deleted file mode 100644 index 9e95f10..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk283.php +++ /dev/null @@ -1,18 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -final class nistk283 extends sect283k1 -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk409.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk409.php deleted file mode 100644 index 06bd9af..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistk409.php +++ /dev/null @@ -1,18 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -final class nistk409 extends sect409k1 -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp192.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp192.php deleted file mode 100644 index ddead3c..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp192.php +++ /dev/null @@ -1,18 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -final class nistp192 extends secp192r1 -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp224.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp224.php deleted file mode 100644 index 746571b..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp224.php +++ /dev/null @@ -1,18 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -final class nistp224 extends secp224r1 -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp256.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp256.php deleted file mode 100644 index a26c0f9..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp256.php +++ /dev/null @@ -1,18 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -final class nistp256 extends secp256r1 -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp384.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp384.php deleted file mode 100644 index 1f20c02..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp384.php +++ /dev/null @@ -1,18 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -final class nistp384 extends secp384r1 -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp521.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp521.php deleted file mode 100644 index 86fa050..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistp521.php +++ /dev/null @@ -1,18 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -final class nistp521 extends secp521r1 -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistt571.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistt571.php deleted file mode 100644 index 7908b38..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/nistt571.php +++ /dev/null @@ -1,18 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -final class nistt571 extends sect571k1 -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime192v1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime192v1.php deleted file mode 100644 index e9c13cd..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime192v1.php +++ /dev/null @@ -1,18 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -final class prime192v1 extends secp192r1 -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime192v2.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime192v2.php deleted file mode 100644 index e3e341f..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime192v2.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class prime192v2 extends Prime -{ - public function __construct() - { - $this->setModulo(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF', 16)); - $this->setCoefficients( - new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC', 16), - new BigInteger('CC22D6DFB95C6B25E49C0D6364A4E5980C393AA21668D953', 16) - ); - $this->setBasePoint( - new BigInteger('EEA2BAE7E1497842F2DE7769CFE9C989C072AD696F48034A', 16), - new BigInteger('6574D11D69B6EC7A672BB82A083DF2F2B0847DE970B2DE15', 16) - ); - $this->setOrder(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFE5FB1A724DC80418648D8DD31', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime192v3.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime192v3.php deleted file mode 100644 index 1e97992..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime192v3.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class prime192v3 extends Prime -{ - public function __construct() - { - $this->setModulo(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF', 16)); - $this->setCoefficients( - new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC', 16), - new BigInteger('22123DC2395A05CAA7423DAECCC94760A7D462256BD56916', 16) - ); - $this->setBasePoint( - new BigInteger('7D29778100C65A1DA1783716588DCE2B8B4AEE8E228F1896', 16), - new BigInteger('38A90F22637337334B49DCB66A6DC8F9978ACA7648A943B0', 16) - ); - $this->setOrder(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFF7A62D031C83F4294F640EC13', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime239v1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime239v1.php deleted file mode 100644 index 084be9d..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime239v1.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class prime239v1 extends Prime -{ - public function __construct() - { - $this->setModulo(new BigInteger('7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF', 16)); - $this->setCoefficients( - new BigInteger('7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC', 16), - new BigInteger('6B016C3BDCF18941D0D654921475CA71A9DB2FB27D1D37796185C2942C0A', 16) - ); - $this->setBasePoint( - new BigInteger('0FFA963CDCA8816CCC33B8642BEDF905C3D358573D3F27FBBD3B3CB9AAAF', 16), - new BigInteger('7DEBE8E4E90A5DAE6E4054CA530BA04654B36818CE226B39FCCB7B02F1AE', 16) - ); - $this->setOrder(new BigInteger('7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF9E5E9A9F5D9071FBD1522688909D0B', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime239v2.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime239v2.php deleted file mode 100644 index 21941b8..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime239v2.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class prime239v2 extends Prime -{ - public function __construct() - { - $this->setModulo(new BigInteger('7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF', 16)); - $this->setCoefficients( - new BigInteger('7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC', 16), - new BigInteger('617FAB6832576CBBFED50D99F0249C3FEE58B94BA0038C7AE84C8C832F2C', 16) - ); - $this->setBasePoint( - new BigInteger('38AF09D98727705120C921BB5E9E26296A3CDCF2F35757A0EAFD87B830E7', 16), - new BigInteger('5B0125E4DBEA0EC7206DA0FC01D9B081329FB555DE6EF460237DFF8BE4BA', 16) - ); - $this->setOrder(new BigInteger('7FFFFFFFFFFFFFFFFFFFFFFF800000CFA7E8594377D414C03821BC582063', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime239v3.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime239v3.php deleted file mode 100644 index 78c50f0..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime239v3.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class prime239v3 extends Prime -{ - public function __construct() - { - $this->setModulo(new BigInteger('7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF', 16)); - $this->setCoefficients( - new BigInteger('7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC', 16), - new BigInteger('255705FA2A306654B1F4CB03D6A750A30C250102D4988717D9BA15AB6D3E', 16) - ); - $this->setBasePoint( - new BigInteger('6768AE8E18BB92CFCF005C949AA2C6D94853D0E660BBF854B1C9505FE95A', 16), - new BigInteger('1607E6898F390C06BC1D552BAD226F3B6FCFE48B6E818499AF18E3ED6CF3', 16) - ); - $this->setOrder(new BigInteger('7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF975DEB41B3A6057C3C432146526551', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime256v1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime256v1.php deleted file mode 100644 index c72b22e..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/prime256v1.php +++ /dev/null @@ -1,18 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -final class prime256v1 extends secp256r1 -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp112r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp112r1.php deleted file mode 100644 index d1d3194..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp112r1.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class secp112r1 extends Prime -{ - public function __construct() - { - $this->setModulo(new BigInteger('DB7C2ABF62E35E668076BEAD208B', 16)); - $this->setCoefficients( - new BigInteger('DB7C2ABF62E35E668076BEAD2088', 16), - new BigInteger('659EF8BA043916EEDE8911702B22', 16) - ); - $this->setBasePoint( - new BigInteger('09487239995A5EE76B55F9C2F098', 16), - new BigInteger('A89CE5AF8724C0A23E0E0FF77500', 16) - ); - $this->setOrder(new BigInteger('DB7C2ABF62E35E7628DFAC6561C5', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp112r2.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp112r2.php deleted file mode 100644 index da44e7f..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp112r2.php +++ /dev/null @@ -1,35 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class secp112r2 extends Prime -{ - public function __construct() - { - // same modulo as secp112r1 - $this->setModulo(new BigInteger('DB7C2ABF62E35E668076BEAD208B', 16)); - $this->setCoefficients( - new BigInteger('6127C24C05F38A0AAAF65C0EF02C', 16), - new BigInteger('51DEF1815DB5ED74FCC34C85D709', 16) - ); - $this->setBasePoint( - new BigInteger('4BA30AB5E892B4E1649DD0928643', 16), - new BigInteger('ADCD46F5882E3747DEF36E956E97', 16) - ); - $this->setOrder(new BigInteger('36DF0AAFD8B8D7597CA10520D04B', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp128r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp128r1.php deleted file mode 100644 index 34456bc..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp128r1.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class secp128r1 extends Prime -{ - public function __construct() - { - $this->setModulo(new BigInteger('FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF', 16)); - $this->setCoefficients( - new BigInteger('FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC', 16), - new BigInteger('E87579C11079F43DD824993C2CEE5ED3', 16) - ); - $this->setBasePoint( - new BigInteger('161FF7528B899B2D0C28607CA52C5B86', 16), - new BigInteger('CF5AC8395BAFEB13C02DA292DDED7A83', 16) - ); - $this->setOrder(new BigInteger('FFFFFFFE0000000075A30D1B9038A115', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp128r2.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp128r2.php deleted file mode 100644 index e102c34..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp128r2.php +++ /dev/null @@ -1,35 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class secp128r2 extends Prime -{ - public function __construct() - { - // same as secp128r1 - $this->setModulo(new BigInteger('FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF', 16)); - $this->setCoefficients( - new BigInteger('D6031998D1B3BBFEBF59CC9BBFF9AEE1', 16), - new BigInteger('5EEEFCA380D02919DC2C6558BB6D8A5D', 16) - ); - $this->setBasePoint( - new BigInteger('7B6AA5D85E572983E6FB32A7CDEBC140', 16), - new BigInteger('27B6916A894D3AEE7106FE805FC34B44', 16) - ); - $this->setOrder(new BigInteger('3FFFFFFF7FFFFFFFBE0024720613B5A3', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp160k1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp160k1.php deleted file mode 100644 index c6a3334..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp160k1.php +++ /dev/null @@ -1,46 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\KoblitzPrime; -use phpseclib3\Math\BigInteger; - -class secp160k1 extends KoblitzPrime -{ - public function __construct() - { - // same as secp160r2 - $this->setModulo(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73', 16)); - $this->setCoefficients( - new BigInteger('0000000000000000000000000000000000000000', 16), - new BigInteger('0000000000000000000000000000000000000007', 16) - ); - $this->setBasePoint( - new BigInteger('3B4C382CE37AA192A4019E763036F4F5DD4D7EBB', 16), - new BigInteger('938CF935318FDCED6BC28286531733C3F03C4FEE', 16) - ); - $this->setOrder(new BigInteger('0100000000000000000001B8FA16DFAB9ACA16B6B3', 16)); - - $this->basis = []; - $this->basis[] = [ - 'a' => new BigInteger('0096341F1138933BC2F505', -16), - 'b' => new BigInteger('FF6E9D0418C67BB8D5F562', -16) - ]; - $this->basis[] = [ - 'a' => new BigInteger('01BDCB3A09AAAABEAFF4A8', -16), - 'b' => new BigInteger('04D12329FF0EF498EA67', -16) - ]; - $this->beta = $this->factory->newInteger(new BigInteger('645B7345A143464942CC46D7CF4D5D1E1E6CBB68', -16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp160r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp160r1.php deleted file mode 100644 index af46877..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp160r1.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class secp160r1 extends Prime -{ - public function __construct() - { - $this->setModulo(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF', 16)); - $this->setCoefficients( - new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC', 16), - new BigInteger('1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45', 16) - ); - $this->setBasePoint( - new BigInteger('4A96B5688EF573284664698968C38BB913CBFC82', 16), - new BigInteger('23A628553168947D59DCC912042351377AC5FB32', 16) - ); - $this->setOrder(new BigInteger('0100000000000000000001F4C8F927AED3CA752257', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp160r2.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp160r2.php deleted file mode 100644 index 9bd23d2..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp160r2.php +++ /dev/null @@ -1,35 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class secp160r2 extends Prime -{ - public function __construct() - { - // same as secp160k1 - $this->setModulo(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73', 16)); - $this->setCoefficients( - new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC70', 16), - new BigInteger('B4E134D3FB59EB8BAB57274904664D5AF50388BA', 16) - ); - $this->setBasePoint( - new BigInteger('52DCB034293A117E1F4FF11B30F7199D3144CE6D', 16), - new BigInteger('FEAFFEF2E331F296E071FA0DF9982CFEA7D43F2E', 16) - ); - $this->setOrder(new BigInteger('0100000000000000000000351EE786A818F3A1A16B', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp192k1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp192k1.php deleted file mode 100644 index 79ff2e0..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp192k1.php +++ /dev/null @@ -1,45 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\KoblitzPrime; -use phpseclib3\Math\BigInteger; - -class secp192k1 extends KoblitzPrime -{ - public function __construct() - { - $this->setModulo(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37', 16)); - $this->setCoefficients( - new BigInteger('000000000000000000000000000000000000000000000000', 16), - new BigInteger('000000000000000000000000000000000000000000000003', 16) - ); - $this->setBasePoint( - new BigInteger('DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D', 16), - new BigInteger('9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D', 16) - ); - $this->setOrder(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D', 16)); - - $this->basis = []; - $this->basis[] = [ - 'a' => new BigInteger('00B3FB3400DEC5C4ADCEB8655C', -16), - 'b' => new BigInteger('8EE96418CCF4CFC7124FDA0F', -16) - ]; - $this->basis[] = [ - 'a' => new BigInteger('01D90D03E8F096B9948B20F0A9', -16), - 'b' => new BigInteger('42E49819ABBA9474E1083F6B', -16) - ]; - $this->beta = $this->factory->newInteger(new BigInteger('447A96E6C647963E2F7809FEAAB46947F34B0AA3CA0BBA74', -16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp192r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp192r1.php deleted file mode 100644 index 83ab1c7..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp192r1.php +++ /dev/null @@ -1,78 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class secp192r1 extends Prime -{ - public function __construct() - { - $modulo = new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF', 16); - $this->setModulo($modulo); - - // algorithm 2.27 from http://diamond.boisestate.edu/~liljanab/MATH308/GuideToECC.pdf#page=66 - /* in theory this should be faster than regular modular reductions save for one small issue. - to convert to / from base-2**8 with BCMath you have to call bcmul() and bcdiv() a lot. - to convert to / from base-2**8 with PHP64 you have to call base256_rshift() a lot. - in short, converting to / from base-2**8 is pretty expensive and that expense is - enough to offset whatever else might be gained by a simplified reduction algorithm. - now, if PHP supported unsigned integers things might be different. no bit-shifting - would be required for the PHP engine and it'd be a lot faster. but as is, BigInteger - uses base-2**31 or base-2**26 depending on whether or not the system is has a 32-bit - or a 64-bit OS. - */ - /* - $m_length = $this->getLengthInBytes(); - $this->setReduction(function($c) use ($m_length) { - $cBytes = $c->toBytes(); - $className = $this->className; - - if (strlen($cBytes) > 2 * $m_length) { - list(, $r) = $c->divide($className::$modulo); - return $r; - } - - $c = str_pad($cBytes, 48, "\0", STR_PAD_LEFT); - $c = array_reverse(str_split($c, 8)); - - $null = "\0\0\0\0\0\0\0\0"; - $s1 = new BigInteger($c[2] . $c[1] . $c[0], 256); - $s2 = new BigInteger($null . $c[3] . $c[3], 256); - $s3 = new BigInteger($c[4] . $c[4] . $null, 256); - $s4 = new BigInteger($c[5] . $c[5] . $c[5], 256); - - $r = $s1->add($s2)->add($s3)->add($s4); - while ($r->compare($className::$modulo) >= 0) { - $r = $r->subtract($className::$modulo); - } - - return $r; - }); - */ - - $this->setCoefficients( - new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC', 16), - new BigInteger('64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1', 16) - ); - $this->setBasePoint( - new BigInteger('188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012', 16), - new BigInteger('07192B95FFC8DA78631011ED6B24CDD573F977A11E794811', 16) - ); - $this->setOrder(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp224k1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp224k1.php deleted file mode 100644 index 79a5c54..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp224k1.php +++ /dev/null @@ -1,45 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\KoblitzPrime; -use phpseclib3\Math\BigInteger; - -class secp224k1 extends KoblitzPrime -{ - public function __construct() - { - $this->setModulo(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFE56D', 16)); - $this->setCoefficients( - new BigInteger('00000000000000000000000000000000000000000000000000000000', 16), - new BigInteger('00000000000000000000000000000000000000000000000000000005', 16) - ); - $this->setBasePoint( - new BigInteger('A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C', 16), - new BigInteger('7E089FED7FBA344282CAFBD6F7E319F7C0B0BD59E2CA4BDB556D61A5', 16) - ); - $this->setOrder(new BigInteger('010000000000000000000000000001DCE8D2EC6184CAF0A971769FB1F7', 16)); - - $this->basis = []; - $this->basis[] = [ - 'a' => new BigInteger('00B8ADF1378A6EB73409FA6C9C637D', -16), - 'b' => new BigInteger('94730F82B358A3776A826298FA6F', -16) - ]; - $this->basis[] = [ - 'a' => new BigInteger('01DCE8D2EC6184CAF0A972769FCC8B', -16), - 'b' => new BigInteger('4D2100BA3DC75AAB747CCF355DEC', -16) - ]; - $this->beta = $this->factory->newInteger(new BigInteger('01F178FFA4B17C89E6F73AECE2AAD57AF4C0A748B63C830947B27E04', -16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp224r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp224r1.php deleted file mode 100644 index a9e474a..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp224r1.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class secp224r1 extends Prime -{ - public function __construct() - { - $this->setModulo(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001', 16)); - $this->setCoefficients( - new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE', 16), - new BigInteger('B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4', 16) - ); - $this->setBasePoint( - new BigInteger('B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21', 16), - new BigInteger('BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34', 16) - ); - $this->setOrder(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp256k1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp256k1.php deleted file mode 100644 index 462e7a1..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp256k1.php +++ /dev/null @@ -1,49 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -//use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Crypt\EC\BaseCurves\KoblitzPrime; -use phpseclib3\Math\BigInteger; - -//class secp256k1 extends Prime -class secp256k1 extends KoblitzPrime -{ - public function __construct() - { - $this->setModulo(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F', 16)); - $this->setCoefficients( - new BigInteger('0000000000000000000000000000000000000000000000000000000000000000', 16), - new BigInteger('0000000000000000000000000000000000000000000000000000000000000007', 16) - ); - $this->setOrder(new BigInteger('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141', 16)); - $this->setBasePoint( - new BigInteger('79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798', 16), - new BigInteger('483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8', 16) - ); - - $this->basis = []; - $this->basis[] = [ - 'a' => new BigInteger('3086D221A7D46BCDE86C90E49284EB15', -16), - 'b' => new BigInteger('FF1BBC8129FEF177D790AB8056F5401B3D', -16) - ]; - $this->basis[] = [ - 'a' => new BigInteger('114CA50F7A8E2F3F657C1108D9D44CFD8', -16), - 'b' => new BigInteger('3086D221A7D46BCDE86C90E49284EB15', -16) - ]; - $this->beta = $this->factory->newInteger(new BigInteger('7AE96A2B657C07106E64479EAC3434E99CF0497512F58995C1396C28719501EE', -16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp256r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp256r1.php deleted file mode 100644 index 9003373..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp256r1.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class secp256r1 extends Prime -{ - public function __construct() - { - $this->setModulo(new BigInteger('FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF', 16)); - $this->setCoefficients( - new BigInteger('FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC', 16), - new BigInteger('5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B', 16) - ); - $this->setBasePoint( - new BigInteger('6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296', 16), - new BigInteger('4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5', 16) - ); - $this->setOrder(new BigInteger('FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp384r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp384r1.php deleted file mode 100644 index 98764a3..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp384r1.php +++ /dev/null @@ -1,52 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class secp384r1 extends Prime -{ - public function __construct() - { - $this->setModulo(new BigInteger( - 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF', - 16 - )); - $this->setCoefficients( - new BigInteger( - 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC', - 16 - ), - new BigInteger( - 'B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF', - 16 - ) - ); - $this->setBasePoint( - new BigInteger( - 'AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7', - 16 - ), - new BigInteger( - '3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F', - 16 - ) - ); - $this->setOrder(new BigInteger( - 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973', - 16 - )); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp521r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp521r1.php deleted file mode 100644 index b89a4ea..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/secp521r1.php +++ /dev/null @@ -1,46 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Prime; -use phpseclib3\Math\BigInteger; - -class secp521r1 extends Prime -{ - public function __construct() - { - $this->setModulo(new BigInteger('01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF' . - 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF' . - 'FFFF', 16)); - $this->setCoefficients( - new BigInteger('01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF' . - 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF' . - 'FFFC', 16), - new BigInteger('0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF1' . - '09E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B50' . - '3F00', 16) - ); - $this->setBasePoint( - new BigInteger('00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D' . - '3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5' . - 'BD66', 16), - new BigInteger('011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E' . - '662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD1' . - '6650', 16) - ); - $this->setOrder(new BigInteger('01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF' . - 'FFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E9138' . - '6409', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect113r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect113r1.php deleted file mode 100644 index 77ec760..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect113r1.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Binary; -use phpseclib3\Math\BigInteger; - -class sect113r1 extends Binary -{ - public function __construct() - { - $this->setModulo(113, 9, 0); - $this->setCoefficients( - '003088250CA6E7C7FE649CE85820F7', - '00E8BEE4D3E2260744188BE0E9C723' - ); - $this->setBasePoint( - '009D73616F35F4AB1407D73562C10F', - '00A52830277958EE84D1315ED31886' - ); - $this->setOrder(new BigInteger('0100000000000000D9CCEC8A39E56F', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect113r2.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect113r2.php deleted file mode 100644 index 2185d60..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect113r2.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Binary; -use phpseclib3\Math\BigInteger; - -class sect113r2 extends Binary -{ - public function __construct() - { - $this->setModulo(113, 9, 0); - $this->setCoefficients( - '00689918DBEC7E5A0DD6DFC0AA55C7', - '0095E9A9EC9B297BD4BF36E059184F' - ); - $this->setBasePoint( - '01A57A6A7B26CA5EF52FCDB8164797', - '00B3ADC94ED1FE674C06E695BABA1D' - ); - $this->setOrder(new BigInteger('010000000000000108789B2496AF93', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect131r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect131r1.php deleted file mode 100644 index 1365cb6..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect131r1.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Binary; -use phpseclib3\Math\BigInteger; - -class sect131r1 extends Binary -{ - public function __construct() - { - $this->setModulo(131, 8, 3, 2, 0); - $this->setCoefficients( - '07A11B09A76B562144418FF3FF8C2570B8', - '0217C05610884B63B9C6C7291678F9D341' - ); - $this->setBasePoint( - '0081BAF91FDF9833C40F9C181343638399', - '078C6E7EA38C001F73C8134B1B4EF9E150' - ); - $this->setOrder(new BigInteger('0400000000000000023123953A9464B54D', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect131r2.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect131r2.php deleted file mode 100644 index 93c11b2..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect131r2.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Binary; -use phpseclib3\Math\BigInteger; - -class sect131r2 extends Binary -{ - public function __construct() - { - $this->setModulo(131, 8, 3, 2, 0); - $this->setCoefficients( - '03E5A88919D7CAFCBF415F07C2176573B2', - '04B8266A46C55657AC734CE38F018F2192' - ); - $this->setBasePoint( - '0356DCD8F2F95031AD652D23951BB366A8', - '0648F06D867940A5366D9E265DE9EB240F' - ); - $this->setOrder(new BigInteger('0400000000000000016954A233049BA98F', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect163k1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect163k1.php deleted file mode 100644 index 3c8574b..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect163k1.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Binary; -use phpseclib3\Math\BigInteger; - -class sect163k1 extends Binary -{ - public function __construct() - { - $this->setModulo(163, 7, 6, 3, 0); - $this->setCoefficients( - '000000000000000000000000000000000000000001', - '000000000000000000000000000000000000000001' - ); - $this->setBasePoint( - '02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8', - '0289070FB05D38FF58321F2E800536D538CCDAA3D9' - ); - $this->setOrder(new BigInteger('04000000000000000000020108A2E0CC0D99F8A5EF', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect163r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect163r1.php deleted file mode 100644 index 26afd87..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect163r1.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Binary; -use phpseclib3\Math\BigInteger; - -class sect163r1 extends Binary -{ - public function __construct() - { - $this->setModulo(163, 7, 6, 3, 0); - $this->setCoefficients( - '07B6882CAAEFA84F9554FF8428BD88E246D2782AE2', - '0713612DCDDCB40AAB946BDA29CA91F73AF958AFD9' - ); - $this->setBasePoint( - '0369979697AB43897789566789567F787A7876A654', - '00435EDB42EFAFB2989D51FEFCE3C80988F41FF883' - ); - $this->setOrder(new BigInteger('03FFFFFFFFFFFFFFFFFFFF48AAB689C29CA710279B', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect163r2.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect163r2.php deleted file mode 100644 index 38f9466..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect163r2.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Binary; -use phpseclib3\Math\BigInteger; - -class sect163r2 extends Binary -{ - public function __construct() - { - $this->setModulo(163, 7, 6, 3, 0); - $this->setCoefficients( - '000000000000000000000000000000000000000001', - '020A601907B8C953CA1481EB10512F78744A3205FD' - ); - $this->setBasePoint( - '03F0EBA16286A2D57EA0991168D4994637E8343E36', - '00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1' - ); - $this->setOrder(new BigInteger('040000000000000000000292FE77E70C12A4234C33', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect193r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect193r1.php deleted file mode 100644 index 951f261..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect193r1.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Binary; -use phpseclib3\Math\BigInteger; - -class sect193r1 extends Binary -{ - public function __construct() - { - $this->setModulo(193, 15, 0); - $this->setCoefficients( - '0017858FEB7A98975169E171F77B4087DE098AC8A911DF7B01', - '00FDFB49BFE6C3A89FACADAA7A1E5BBC7CC1C2E5D831478814' - ); - $this->setBasePoint( - '01F481BC5F0FF84A74AD6CDF6FDEF4BF6179625372D8C0C5E1', - '0025E399F2903712CCF3EA9E3A1AD17FB0B3201B6AF7CE1B05' - ); - $this->setOrder(new BigInteger('01000000000000000000000000C7F34A778F443ACC920EBA49', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect193r2.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect193r2.php deleted file mode 100644 index e3ff47a..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect193r2.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Binary; -use phpseclib3\Math\BigInteger; - -class sect193r2 extends Binary -{ - public function __construct() - { - $this->setModulo(193, 15, 0); - $this->setCoefficients( - '0163F35A5137C2CE3EA6ED8667190B0BC43ECD69977702709B', - '00C9BB9E8927D4D64C377E2AB2856A5B16E3EFB7F61D4316AE' - ); - $this->setBasePoint( - '00D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8F', - '01CE94335607C304AC29E7DEFBD9CA01F596F927224CDECF6C' - ); - $this->setOrder(new BigInteger('010000000000000000000000015AAB561B005413CCD4EE99D5', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect233k1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect233k1.php deleted file mode 100644 index eea3f7a..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect233k1.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Binary; -use phpseclib3\Math\BigInteger; - -class sect233k1 extends Binary -{ - public function __construct() - { - $this->setModulo(233, 74, 0); - $this->setCoefficients( - '000000000000000000000000000000000000000000000000000000000000', - '000000000000000000000000000000000000000000000000000000000001' - ); - $this->setBasePoint( - '017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126', - '01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3' - ); - $this->setOrder(new BigInteger('8000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect233r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect233r1.php deleted file mode 100644 index 68219f0..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect233r1.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Binary; -use phpseclib3\Math\BigInteger; - -class sect233r1 extends Binary -{ - public function __construct() - { - $this->setModulo(233, 74, 0); - $this->setCoefficients( - '000000000000000000000000000000000000000000000000000000000001', - '0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD' - ); - $this->setBasePoint( - '00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B', - '01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052' - ); - $this->setOrder(new BigInteger('01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect239k1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect239k1.php deleted file mode 100644 index 0e6994b..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect239k1.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Binary; -use phpseclib3\Math\BigInteger; - -class sect239k1 extends Binary -{ - public function __construct() - { - $this->setModulo(239, 158, 0); - $this->setCoefficients( - '000000000000000000000000000000000000000000000000000000000000', - '000000000000000000000000000000000000000000000000000000000001' - ); - $this->setBasePoint( - '29A0B6A887A983E9730988A68727A8B2D126C44CC2CC7B2A6555193035DC', - '76310804F12E549BDB011C103089E73510ACB275FC312A5DC6B76553F0CA' - ); - $this->setOrder(new BigInteger('2000000000000000000000000000005A79FEC67CB6E91F1C1DA800E478A5', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect283k1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect283k1.php deleted file mode 100644 index 279c24a..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect283k1.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Binary; -use phpseclib3\Math\BigInteger; - -class sect283k1 extends Binary -{ - public function __construct() - { - $this->setModulo(283, 12, 7, 5, 0); - $this->setCoefficients( - '000000000000000000000000000000000000000000000000000000000000000000000000', - '000000000000000000000000000000000000000000000000000000000000000000000001' - ); - $this->setBasePoint( - '0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836', - '01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259' - ); - $this->setOrder(new BigInteger('01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect283r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect283r1.php deleted file mode 100644 index e44a607..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect283r1.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Binary; -use phpseclib3\Math\BigInteger; - -class sect283r1 extends Binary -{ - public function __construct() - { - $this->setModulo(283, 12, 7, 5, 0); - $this->setCoefficients( - '000000000000000000000000000000000000000000000000000000000000000000000001', - '027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5' - ); - $this->setBasePoint( - '05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053', - '03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4' - ); - $this->setOrder(new BigInteger('03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307', 16)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect409k1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect409k1.php deleted file mode 100644 index 1fe329d..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect409k1.php +++ /dev/null @@ -1,38 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Binary; -use phpseclib3\Math\BigInteger; - -class sect409k1 extends Binary -{ - public function __construct() - { - $this->setModulo(409, 87, 0); - $this->setCoefficients( - '00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000', - '00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001' - ); - $this->setBasePoint( - '0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746', - '01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B' - ); - $this->setOrder(new BigInteger( - '7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F' . - '83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF', - 16 - )); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect409r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect409r1.php deleted file mode 100644 index 3e209ef..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect409r1.php +++ /dev/null @@ -1,38 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Binary; -use phpseclib3\Math\BigInteger; - -class sect409r1 extends Binary -{ - public function __construct() - { - $this->setModulo(409, 87, 0); - $this->setCoefficients( - '00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001', - '0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F' - ); - $this->setBasePoint( - '015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7', - '0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706' - ); - $this->setOrder(new BigInteger( - '010000000000000000000000000000000000000000000000000001E2' . - 'AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173', - 16 - )); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php deleted file mode 100644 index 3c54eab..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php +++ /dev/null @@ -1,42 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Binary; -use phpseclib3\Math\BigInteger; - -class sect571k1 extends Binary -{ - public function __construct() - { - $this->setModulo(571, 10, 5, 2, 0); - $this->setCoefficients( - '000000000000000000000000000000000000000000000000000000000000000000000000' . - '000000000000000000000000000000000000000000000000000000000000000000000000', - '000000000000000000000000000000000000000000000000000000000000000000000000' . - '000000000000000000000000000000000000000000000000000000000000000000000001' - ); - $this->setBasePoint( - '026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA443709584' . - '93B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972', - '0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0' . - 'AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3' - ); - $this->setOrder(new BigInteger( - '020000000000000000000000000000000000000000000000000000000000000000000000' . - '131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001', - 16 - )); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php deleted file mode 100644 index 172c1af..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php +++ /dev/null @@ -1,42 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Crypt\EC\Curves; - -use phpseclib3\Crypt\EC\BaseCurves\Binary; -use phpseclib3\Math\BigInteger; - -class sect571r1 extends Binary -{ - public function __construct() - { - $this->setModulo(571, 10, 5, 2, 0); - $this->setCoefficients( - '000000000000000000000000000000000000000000000000000000000000000000000000' . - '000000000000000000000000000000000000000000000000000000000000000000000001', - '02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD' . - '8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A' - ); - $this->setBasePoint( - '0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950' . - 'F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19', - '037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43' . - 'BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B' - ); - $this->setOrder(new BigInteger( - '03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF' . - 'E661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47', - 16 - )); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/Common.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/Common.php deleted file mode 100644 index 63402b4..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/Common.php +++ /dev/null @@ -1,549 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\EC\Formats\Keys; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\EC\BaseCurves\Base as BaseCurve; -use phpseclib3\Crypt\EC\BaseCurves\Binary as BinaryCurve; -use phpseclib3\Crypt\EC\BaseCurves\Prime as PrimeCurve; -use phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards as TwistedEdwardsCurve; -use phpseclib3\Exception\UnsupportedCurveException; -use phpseclib3\File\ASN1; -use phpseclib3\File\ASN1\Maps; -use phpseclib3\Math\BigInteger; - -/** - * Generic EC Key Parsing Helper functions - * - * @author Jim Wigginton - */ -trait Common -{ - /** - * Curve OIDs - * - * @var array - */ - private static $curveOIDs = []; - - /** - * Child OIDs loaded - * - * @var bool - */ - protected static $childOIDsLoaded = false; - - /** - * Use Named Curves - * - * @var bool - */ - private static $useNamedCurves = true; - - /** - * Initialize static variables - */ - private static function initialize_static_variables() - { - if (empty(self::$curveOIDs)) { - // the sec* curves are from the standards for efficient cryptography group - // sect* curves are curves over binary finite fields - // secp* curves are curves over prime finite fields - // sec*r* curves are regular curves; sec*k* curves are koblitz curves - // brainpool*r* curves are regular prime finite field curves - // brainpool*t* curves are twisted versions of the brainpool*r* curves - self::$curveOIDs = [ - 'prime192v1' => '1.2.840.10045.3.1.1', // J.5.1, example 1 (aka secp192r1) - 'prime192v2' => '1.2.840.10045.3.1.2', // J.5.1, example 2 - 'prime192v3' => '1.2.840.10045.3.1.3', // J.5.1, example 3 - 'prime239v1' => '1.2.840.10045.3.1.4', // J.5.2, example 1 - 'prime239v2' => '1.2.840.10045.3.1.5', // J.5.2, example 2 - 'prime239v3' => '1.2.840.10045.3.1.6', // J.5.2, example 3 - 'prime256v1' => '1.2.840.10045.3.1.7', // J.5.3, example 1 (aka secp256r1) - - // https://tools.ietf.org/html/rfc5656#section-10 - 'nistp256' => '1.2.840.10045.3.1.7', // aka secp256r1 - 'nistp384' => '1.3.132.0.34', // aka secp384r1 - 'nistp521' => '1.3.132.0.35', // aka secp521r1 - - 'nistk163' => '1.3.132.0.1', // aka sect163k1 - 'nistp192' => '1.2.840.10045.3.1.1', // aka secp192r1 - 'nistp224' => '1.3.132.0.33', // aka secp224r1 - 'nistk233' => '1.3.132.0.26', // aka sect233k1 - 'nistb233' => '1.3.132.0.27', // aka sect233r1 - 'nistk283' => '1.3.132.0.16', // aka sect283k1 - 'nistk409' => '1.3.132.0.36', // aka sect409k1 - 'nistb409' => '1.3.132.0.37', // aka sect409r1 - 'nistt571' => '1.3.132.0.38', // aka sect571k1 - - // from https://tools.ietf.org/html/rfc5915 - 'secp192r1' => '1.2.840.10045.3.1.1', // aka prime192v1 - 'sect163k1' => '1.3.132.0.1', - 'sect163r2' => '1.3.132.0.15', - 'secp224r1' => '1.3.132.0.33', - 'sect233k1' => '1.3.132.0.26', - 'sect233r1' => '1.3.132.0.27', - 'secp256r1' => '1.2.840.10045.3.1.7', // aka prime256v1 - 'sect283k1' => '1.3.132.0.16', - 'sect283r1' => '1.3.132.0.17', - 'secp384r1' => '1.3.132.0.34', - 'sect409k1' => '1.3.132.0.36', - 'sect409r1' => '1.3.132.0.37', - 'secp521r1' => '1.3.132.0.35', - 'sect571k1' => '1.3.132.0.38', - 'sect571r1' => '1.3.132.0.39', - // from http://www.secg.org/SEC2-Ver-1.0.pdf - 'secp112r1' => '1.3.132.0.6', - 'secp112r2' => '1.3.132.0.7', - 'secp128r1' => '1.3.132.0.28', - 'secp128r2' => '1.3.132.0.29', - 'secp160k1' => '1.3.132.0.9', - 'secp160r1' => '1.3.132.0.8', - 'secp160r2' => '1.3.132.0.30', - 'secp192k1' => '1.3.132.0.31', - 'secp224k1' => '1.3.132.0.32', - 'secp256k1' => '1.3.132.0.10', - - 'sect113r1' => '1.3.132.0.4', - 'sect113r2' => '1.3.132.0.5', - 'sect131r1' => '1.3.132.0.22', - 'sect131r2' => '1.3.132.0.23', - 'sect163r1' => '1.3.132.0.2', - 'sect193r1' => '1.3.132.0.24', - 'sect193r2' => '1.3.132.0.25', - 'sect239k1' => '1.3.132.0.3', - - // from http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.202.2977&rep=rep1&type=pdf#page=36 - /* - 'c2pnb163v1' => '1.2.840.10045.3.0.1', // J.4.1, example 1 - 'c2pnb163v2' => '1.2.840.10045.3.0.2', // J.4.1, example 2 - 'c2pnb163v3' => '1.2.840.10045.3.0.3', // J.4.1, example 3 - 'c2pnb172w1' => '1.2.840.10045.3.0.4', // J.4.2, example 1 - 'c2tnb191v1' => '1.2.840.10045.3.0.5', // J.4.3, example 1 - 'c2tnb191v2' => '1.2.840.10045.3.0.6', // J.4.3, example 2 - 'c2tnb191v3' => '1.2.840.10045.3.0.7', // J.4.3, example 3 - 'c2onb191v4' => '1.2.840.10045.3.0.8', // J.4.3, example 4 - 'c2onb191v5' => '1.2.840.10045.3.0.9', // J.4.3, example 5 - 'c2pnb208w1' => '1.2.840.10045.3.0.10', // J.4.4, example 1 - 'c2tnb239v1' => '1.2.840.10045.3.0.11', // J.4.5, example 1 - 'c2tnb239v2' => '1.2.840.10045.3.0.12', // J.4.5, example 2 - 'c2tnb239v3' => '1.2.840.10045.3.0.13', // J.4.5, example 3 - 'c2onb239v4' => '1.2.840.10045.3.0.14', // J.4.5, example 4 - 'c2onb239v5' => '1.2.840.10045.3.0.15', // J.4.5, example 5 - 'c2pnb272w1' => '1.2.840.10045.3.0.16', // J.4.6, example 1 - 'c2pnb304w1' => '1.2.840.10045.3.0.17', // J.4.7, example 1 - 'c2tnb359v1' => '1.2.840.10045.3.0.18', // J.4.8, example 1 - 'c2pnb368w1' => '1.2.840.10045.3.0.19', // J.4.9, example 1 - 'c2tnb431r1' => '1.2.840.10045.3.0.20', // J.4.10, example 1 - */ - - // http://www.ecc-brainpool.org/download/Domain-parameters.pdf - // https://tools.ietf.org/html/rfc5639 - 'brainpoolP160r1' => '1.3.36.3.3.2.8.1.1.1', - 'brainpoolP160t1' => '1.3.36.3.3.2.8.1.1.2', - 'brainpoolP192r1' => '1.3.36.3.3.2.8.1.1.3', - 'brainpoolP192t1' => '1.3.36.3.3.2.8.1.1.4', - 'brainpoolP224r1' => '1.3.36.3.3.2.8.1.1.5', - 'brainpoolP224t1' => '1.3.36.3.3.2.8.1.1.6', - 'brainpoolP256r1' => '1.3.36.3.3.2.8.1.1.7', - 'brainpoolP256t1' => '1.3.36.3.3.2.8.1.1.8', - 'brainpoolP320r1' => '1.3.36.3.3.2.8.1.1.9', - 'brainpoolP320t1' => '1.3.36.3.3.2.8.1.1.10', - 'brainpoolP384r1' => '1.3.36.3.3.2.8.1.1.11', - 'brainpoolP384t1' => '1.3.36.3.3.2.8.1.1.12', - 'brainpoolP512r1' => '1.3.36.3.3.2.8.1.1.13', - 'brainpoolP512t1' => '1.3.36.3.3.2.8.1.1.14' - ]; - ASN1::loadOIDs([ - 'prime-field' => '1.2.840.10045.1.1', - 'characteristic-two-field' => '1.2.840.10045.1.2', - 'characteristic-two-basis' => '1.2.840.10045.1.2.3', - // per http://www.secg.org/SEC1-Ver-1.0.pdf#page=84, gnBasis "not used here" - 'gnBasis' => '1.2.840.10045.1.2.3.1', // NULL - 'tpBasis' => '1.2.840.10045.1.2.3.2', // Trinomial - 'ppBasis' => '1.2.840.10045.1.2.3.3' // Pentanomial - ] + self::$curveOIDs); - } - } - - /** - * Explicitly set the curve - * - * If the key contains an implicit curve phpseclib needs the curve - * to be explicitly provided - * - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve - */ - public static function setImplicitCurve(BaseCurve $curve) - { - self::$implicitCurve = $curve; - } - - /** - * Returns an instance of \phpseclib3\Crypt\EC\BaseCurves\Base based - * on the curve parameters - * - * @param array $params - * @return \phpseclib3\Crypt\EC\BaseCurves\Base|false - */ - protected static function loadCurveByParam(array $params) - { - if (count($params) > 1) { - throw new \RuntimeException('No parameters are present'); - } - if (isset($params['namedCurve'])) { - $curve = '\phpseclib3\Crypt\EC\Curves\\' . $params['namedCurve']; - if (!class_exists($curve)) { - throw new UnsupportedCurveException('Named Curve of ' . $params['namedCurve'] . ' is not supported'); - } - return new $curve(); - } - if (isset($params['implicitCurve'])) { - if (!isset(self::$implicitCurve)) { - throw new \RuntimeException('Implicit curves can be provided by calling setImplicitCurve'); - } - return self::$implicitCurve; - } - if (isset($params['specifiedCurve'])) { - $data = $params['specifiedCurve']; - switch ($data['fieldID']['fieldType']) { - case 'prime-field': - $curve = new PrimeCurve(); - $curve->setModulo($data['fieldID']['parameters']); - $curve->setCoefficients( - new BigInteger($data['curve']['a'], 256), - new BigInteger($data['curve']['b'], 256) - ); - $point = self::extractPoint("\0" . $data['base'], $curve); - $curve->setBasePoint(...$point); - $curve->setOrder($data['order']); - return $curve; - case 'characteristic-two-field': - $curve = new BinaryCurve(); - $params = ASN1::decodeBER($data['fieldID']['parameters']); - $params = ASN1::asn1map($params[0], Maps\Characteristic_two::MAP); - $modulo = [(int) $params['m']->toString()]; - switch ($params['basis']) { - case 'tpBasis': - $modulo[] = (int) $params['parameters']->toString(); - break; - case 'ppBasis': - $temp = ASN1::decodeBER($params['parameters']); - $temp = ASN1::asn1map($temp[0], Maps\Pentanomial::MAP); - $modulo[] = (int) $temp['k3']->toString(); - $modulo[] = (int) $temp['k2']->toString(); - $modulo[] = (int) $temp['k1']->toString(); - } - $modulo[] = 0; - $curve->setModulo(...$modulo); - $len = ceil($modulo[0] / 8); - $curve->setCoefficients( - Strings::bin2hex($data['curve']['a']), - Strings::bin2hex($data['curve']['b']) - ); - $point = self::extractPoint("\0" . $data['base'], $curve); - $curve->setBasePoint(...$point); - $curve->setOrder($data['order']); - return $curve; - default: - throw new UnsupportedCurveException('Field Type of ' . $data['fieldID']['fieldType'] . ' is not supported'); - } - } - throw new \RuntimeException('No valid parameters are present'); - } - - /** - * Extract points from a string - * - * Supports both compressed and uncompressed points - * - * @param string $str - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve - * @return object[] - */ - public static function extractPoint($str, BaseCurve $curve) - { - if ($curve instanceof TwistedEdwardsCurve) { - // first step of point deciding as discussed at the following URL's: - // https://tools.ietf.org/html/rfc8032#section-5.1.3 - // https://tools.ietf.org/html/rfc8032#section-5.2.3 - $y = $str; - $y = strrev($y); - $sign = (bool) (ord($y[0]) & 0x80); - $y[0] = $y[0] & chr(0x7F); - $y = new BigInteger($y, 256); - if ($y->compare($curve->getModulo()) >= 0) { - throw new \RuntimeException('The Y coordinate should not be >= the modulo'); - } - $point = $curve->recoverX($y, $sign); - if (!$curve->verifyPoint($point)) { - throw new \RuntimeException('Unable to verify that point exists on curve'); - } - return $point; - } - - // the first byte of a bit string represents the number of bits in the last byte that are to be ignored but, - // currently, bit strings wanting a non-zero amount of bits trimmed are not supported - if (($val = Strings::shift($str)) != "\0") { - throw new \UnexpectedValueException('extractPoint expects the first byte to be null - not ' . Strings::bin2hex($val)); - } - if ($str == "\0") { - return []; - } - - $keylen = strlen($str); - $order = $curve->getLengthInBytes(); - // point compression is being used - if ($keylen == $order + 1) { - return $curve->derivePoint($str); - } - - // point compression is not being used - if ($keylen == 2 * $order + 1) { - preg_match("#(.)(.{{$order}})(.{{$order}})#s", $str, $matches); - list(, $w, $x, $y) = $matches; - if ($w != "\4") { - throw new \UnexpectedValueException('The first byte of an uncompressed point should be 04 - not ' . Strings::bin2hex($val)); - } - $point = [ - $curve->convertInteger(new BigInteger($x, 256)), - $curve->convertInteger(new BigInteger($y, 256)) - ]; - - if (!$curve->verifyPoint($point)) { - throw new \RuntimeException('Unable to verify that point exists on curve'); - } - - return $point; - } - - throw new \UnexpectedValueException('The string representation of the points is not of an appropriate length'); - } - - /** - * Encode Parameters - * - * @todo Maybe at some point this could be moved to __toString() for each of the curves? - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve - * @param bool $returnArray optional - * @param array $options optional - * @return string|false - */ - private static function encodeParameters(BaseCurve $curve, $returnArray = false, array $options = []) - { - $useNamedCurves = isset($options['namedCurve']) ? $options['namedCurve'] : self::$useNamedCurves; - - $reflect = new \ReflectionClass($curve); - $name = $reflect->getShortName(); - if ($useNamedCurves) { - if (isset(self::$curveOIDs[$name])) { - if ($reflect->isFinal()) { - $reflect = $reflect->getParentClass(); - $name = $reflect->getShortName(); - } - return $returnArray ? - ['namedCurve' => $name] : - ASN1::encodeDER(['namedCurve' => $name], Maps\ECParameters::MAP); - } - foreach (new \DirectoryIterator(__DIR__ . '/../../Curves/') as $file) { - if ($file->getExtension() != 'php') { - continue; - } - $testName = $file->getBasename('.php'); - $class = 'phpseclib3\Crypt\EC\Curves\\' . $testName; - $reflect = new \ReflectionClass($class); - if ($reflect->isFinal()) { - continue; - } - $candidate = new $class(); - switch ($name) { - case 'Prime': - if (!$candidate instanceof PrimeCurve) { - break; - } - if (!$candidate->getModulo()->equals($curve->getModulo())) { - break; - } - if ($candidate->getA()->toBytes() != $curve->getA()->toBytes()) { - break; - } - if ($candidate->getB()->toBytes() != $curve->getB()->toBytes()) { - break; - } - - list($candidateX, $candidateY) = $candidate->getBasePoint(); - list($curveX, $curveY) = $curve->getBasePoint(); - if ($candidateX->toBytes() != $curveX->toBytes()) { - break; - } - if ($candidateY->toBytes() != $curveY->toBytes()) { - break; - } - - return $returnArray ? - ['namedCurve' => $testName] : - ASN1::encodeDER(['namedCurve' => $testName], Maps\ECParameters::MAP); - case 'Binary': - if (!$candidate instanceof BinaryCurve) { - break; - } - if ($candidate->getModulo() != $curve->getModulo()) { - break; - } - if ($candidate->getA()->toBytes() != $curve->getA()->toBytes()) { - break; - } - if ($candidate->getB()->toBytes() != $curve->getB()->toBytes()) { - break; - } - - list($candidateX, $candidateY) = $candidate->getBasePoint(); - list($curveX, $curveY) = $curve->getBasePoint(); - if ($candidateX->toBytes() != $curveX->toBytes()) { - break; - } - if ($candidateY->toBytes() != $curveY->toBytes()) { - break; - } - - return $returnArray ? - ['namedCurve' => $testName] : - ASN1::encodeDER(['namedCurve' => $testName], Maps\ECParameters::MAP); - } - } - } - - $order = $curve->getOrder(); - // we could try to calculate the order thusly: - // https://crypto.stackexchange.com/a/27914/4520 - // https://en.wikipedia.org/wiki/Schoof%E2%80%93Elkies%E2%80%93Atkin_algorithm - if (!$order) { - throw new \RuntimeException('Specified Curves need the order to be specified'); - } - $point = $curve->getBasePoint(); - $x = $point[0]->toBytes(); - $y = $point[1]->toBytes(); - - if ($curve instanceof PrimeCurve) { - /* - * valid versions are: - * - * ecdpVer1: - * - neither the curve or the base point are generated verifiably randomly. - * ecdpVer2: - * - curve and base point are generated verifiably at random and curve.seed is present - * ecdpVer3: - * - base point is generated verifiably at random but curve is not. curve.seed is present - */ - // other (optional) parameters can be calculated using the methods discused at - // https://crypto.stackexchange.com/q/28947/4520 - $data = [ - 'version' => 'ecdpVer1', - 'fieldID' => [ - 'fieldType' => 'prime-field', - 'parameters' => $curve->getModulo() - ], - 'curve' => [ - 'a' => $curve->getA()->toBytes(), - 'b' => $curve->getB()->toBytes() - ], - 'base' => "\4" . $x . $y, - 'order' => $order - ]; - - return $returnArray ? - ['specifiedCurve' => $data] : - ASN1::encodeDER(['specifiedCurve' => $data], Maps\ECParameters::MAP); - } - if ($curve instanceof BinaryCurve) { - $modulo = $curve->getModulo(); - $basis = count($modulo); - $m = array_shift($modulo); - array_pop($modulo); // the last parameter should always be 0 - //rsort($modulo); - switch ($basis) { - case 3: - $basis = 'tpBasis'; - $modulo = new BigInteger($modulo[0]); - break; - case 5: - $basis = 'ppBasis'; - // these should be in strictly ascending order (hence the commented out rsort above) - $modulo = [ - 'k1' => new BigInteger($modulo[2]), - 'k2' => new BigInteger($modulo[1]), - 'k3' => new BigInteger($modulo[0]) - ]; - $modulo = ASN1::encodeDER($modulo, Maps\Pentanomial::MAP); - $modulo = new ASN1\Element($modulo); - } - $params = ASN1::encodeDER([ - 'm' => new BigInteger($m), - 'basis' => $basis, - 'parameters' => $modulo - ], Maps\Characteristic_two::MAP); - $params = new ASN1\Element($params); - $a = ltrim($curve->getA()->toBytes(), "\0"); - if (!strlen($a)) { - $a = "\0"; - } - $b = ltrim($curve->getB()->toBytes(), "\0"); - if (!strlen($b)) { - $b = "\0"; - } - $data = [ - 'version' => 'ecdpVer1', - 'fieldID' => [ - 'fieldType' => 'characteristic-two-field', - 'parameters' => $params - ], - 'curve' => [ - 'a' => $a, - 'b' => $b - ], - 'base' => "\4" . $x . $y, - 'order' => $order - ]; - - return $returnArray ? - ['specifiedCurve' => $data] : - ASN1::encodeDER(['specifiedCurve' => $data], Maps\ECParameters::MAP); - } - - throw new UnsupportedCurveException('Curve cannot be serialized'); - } - - /** - * Use Specified Curve - * - * A specified curve has all the coefficients, the base points, etc, explicitely included. - * A specified curve is a more verbose way of representing a curve - */ - public static function useSpecifiedCurve() - { - self::$useNamedCurves = false; - } - - /** - * Use Named Curve - * - * A named curve does not include any parameters. It is up to the EC parameters to - * know what the coefficients, the base points, etc, are from the name of the curve. - * A named curve is a more concise way of representing a curve - */ - public static function useNamedCurve() - { - self::$useNamedCurves = true; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/JWK.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/JWK.php deleted file mode 100644 index fd18a98..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/JWK.php +++ /dev/null @@ -1,189 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\EC\Formats\Keys; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\Common\Formats\Keys\JWK as Progenitor; -use phpseclib3\Crypt\EC\BaseCurves\Base as BaseCurve; -use phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards as TwistedEdwardsCurve; -use phpseclib3\Crypt\EC\Curves\Ed25519; -use phpseclib3\Crypt\EC\Curves\secp256k1; -use phpseclib3\Crypt\EC\Curves\secp256r1; -use phpseclib3\Crypt\EC\Curves\secp384r1; -use phpseclib3\Crypt\EC\Curves\secp521r1; -use phpseclib3\Exception\UnsupportedCurveException; -use phpseclib3\Math\BigInteger; - -/** - * JWK Formatted EC Handler - * - * @author Jim Wigginton - */ -abstract class JWK extends Progenitor -{ - use Common; - - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password optional - * @return array - */ - public static function load($key, $password = '') - { - $key = parent::load($key, $password); - - switch ($key->kty) { - case 'EC': - switch ($key->crv) { - case 'P-256': - case 'P-384': - case 'P-521': - case 'secp256k1': - break; - default: - throw new UnsupportedCurveException('Only P-256, P-384, P-521 and secp256k1 curves are accepted (' . $key->crv . ' provided)'); - } - break; - case 'OKP': - switch ($key->crv) { - case 'Ed25519': - case 'Ed448': - break; - default: - throw new UnsupportedCurveException('Only Ed25519 and Ed448 curves are accepted (' . $key->crv . ' provided)'); - } - break; - default: - throw new \Exception('Only EC and OKP JWK keys are supported'); - } - - $curve = '\phpseclib3\Crypt\EC\Curves\\' . str_replace('P-', 'nistp', $key->crv); - $curve = new $curve(); - - if ($curve instanceof TwistedEdwardsCurve) { - $QA = self::extractPoint(Strings::base64url_decode($key->x), $curve); - if (!isset($key->d)) { - return compact('curve', 'QA'); - } - $arr = $curve->extractSecret(Strings::base64url_decode($key->d)); - return compact('curve', 'QA') + $arr; - } - - $QA = [ - $curve->convertInteger(new BigInteger(Strings::base64url_decode($key->x), 256)), - $curve->convertInteger(new BigInteger(Strings::base64url_decode($key->y), 256)) - ]; - - if (!$curve->verifyPoint($QA)) { - throw new \RuntimeException('Unable to verify that point exists on curve'); - } - - if (!isset($key->d)) { - return compact('curve', 'QA'); - } - - $dA = new BigInteger(Strings::base64url_decode($key->d), 256); - - $curve->rangeCheck($dA); - - return compact('curve', 'dA', 'QA'); - } - - /** - * Returns the alias that corresponds to a curve - * - * @return string - */ - private static function getAlias(BaseCurve $curve) - { - switch (true) { - case $curve instanceof secp256r1: - return 'P-256'; - case $curve instanceof secp384r1: - return 'P-384'; - case $curve instanceof secp521r1: - return 'P-521'; - case $curve instanceof secp256k1: - return 'secp256k1'; - } - - $reflect = new \ReflectionClass($curve); - $curveName = $reflect->isFinal() ? - $reflect->getParentClass()->getShortName() : - $reflect->getShortName(); - throw new UnsupportedCurveException("$curveName is not a supported curve"); - } - - /** - * Return the array superstructure for an EC public key - * - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve - * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey - * @return array - */ - private static function savePublicKeyHelper(BaseCurve $curve, array $publicKey) - { - if ($curve instanceof TwistedEdwardsCurve) { - return [ - 'kty' => 'OKP', - 'crv' => $curve instanceof Ed25519 ? 'Ed25519' : 'Ed448', - 'x' => Strings::base64url_encode($curve->encodePoint($publicKey)) - ]; - } - - return [ - 'kty' => 'EC', - 'crv' => self::getAlias($curve), - 'x' => Strings::base64url_encode($publicKey[0]->toBytes()), - 'y' => Strings::base64url_encode($publicKey[1]->toBytes()) - ]; - } - - /** - * Convert an EC public key to the appropriate format - * - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve - * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey - * @param array $options optional - * @return string - */ - public static function savePublicKey(BaseCurve $curve, array $publicKey, array $options = []) - { - $key = self::savePublicKeyHelper($curve, $publicKey); - - return self::wrapKey($key, $options); - } - - /** - * Convert a private key to the appropriate format. - * - * @param \phpseclib3\Math\BigInteger $privateKey - * @param \phpseclib3\Crypt\EC\Curves\Ed25519 $curve - * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey - * @param string $secret optional - * @param string $password optional - * @param array $options optional - * @return string - */ - public static function savePrivateKey(BigInteger $privateKey, BaseCurve $curve, array $publicKey, $secret = null, $password = '', array $options = []) - { - $key = self::savePublicKeyHelper($curve, $publicKey); - $key['d'] = $curve instanceof TwistedEdwardsCurve ? $secret : $privateKey->toBytes(); - $key['d'] = Strings::base64url_encode($key['d']); - - return self::wrapKey($key, $options); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPrivate.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPrivate.php deleted file mode 100644 index 5741b05..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPrivate.php +++ /dev/null @@ -1,101 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\EC\Formats\Keys; - -use phpseclib3\Crypt\EC\BaseCurves\Montgomery as MontgomeryCurve; -use phpseclib3\Crypt\EC\Curves\Curve25519; -use phpseclib3\Crypt\EC\Curves\Curve448; -use phpseclib3\Exception\UnsupportedFormatException; -use phpseclib3\Math\BigInteger; - -/** - * Montgomery Curve Private Key Handler - * - * @author Jim Wigginton - */ -abstract class MontgomeryPrivate -{ - /** - * Is invisible flag - * - */ - const IS_INVISIBLE = true; - - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password optional - * @return array - */ - public static function load($key, $password = '') - { - switch (strlen($key)) { - case 32: - $curve = new Curve25519(); - break; - case 56: - $curve = new Curve448(); - break; - default: - throw new \LengthException('The only supported lengths are 32 and 56'); - } - - $components = ['curve' => $curve]; - $components['dA'] = new BigInteger($key, 256); - $curve->rangeCheck($components['dA']); - // note that EC::getEncodedCoordinates does some additional "magic" (it does strrev on the result) - $components['QA'] = $components['curve']->multiplyPoint($components['curve']->getBasePoint(), $components['dA']); - - return $components; - } - - /** - * Convert an EC public key to the appropriate format - * - * @param \phpseclib3\Crypt\EC\BaseCurves\Montgomery $curve - * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey - * @return string - */ - public static function savePublicKey(MontgomeryCurve $curve, array $publicKey) - { - return strrev($publicKey[0]->toBytes()); - } - - /** - * Convert a private key to the appropriate format. - * - * @param \phpseclib3\Math\BigInteger $privateKey - * @param \phpseclib3\Crypt\EC\BaseCurves\Montgomery $curve - * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey - * @param string $secret optional - * @param string $password optional - * @return string - */ - public static function savePrivateKey(BigInteger $privateKey, MontgomeryCurve $curve, array $publicKey, $secret = null, $password = '') - { - if (!empty($password) && is_string($password)) { - throw new UnsupportedFormatException('MontgomeryPrivate private keys do not support encryption'); - } - - return $privateKey->toBytes(); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPublic.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPublic.php deleted file mode 100644 index d1ad48a..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPublic.php +++ /dev/null @@ -1,71 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\EC\Formats\Keys; - -use phpseclib3\Crypt\EC\BaseCurves\Montgomery as MontgomeryCurve; -use phpseclib3\Crypt\EC\Curves\Curve25519; -use phpseclib3\Crypt\EC\Curves\Curve448; -use phpseclib3\Math\BigInteger; - -/** - * Montgomery Public Key Handler - * - * @author Jim Wigginton - */ -abstract class MontgomeryPublic -{ - /** - * Is invisible flag - * - */ - const IS_INVISIBLE = true; - - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password optional - * @return array - */ - public static function load($key, $password = '') - { - switch (strlen($key)) { - case 32: - $curve = new Curve25519(); - break; - case 56: - $curve = new Curve448(); - break; - default: - throw new \LengthException('The only supported lengths are 32 and 56'); - } - - $components = ['curve' => $curve]; - $components['QA'] = [$components['curve']->convertInteger(new BigInteger(strrev($key), 256))]; - - return $components; - } - - /** - * Convert an EC public key to the appropriate format - * - * @param \phpseclib3\Crypt\EC\BaseCurves\Montgomery $curve - * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey - * @return string - */ - public static function savePublicKey(MontgomeryCurve $curve, array $publicKey) - { - return strrev($publicKey[0]->toBytes()); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/OpenSSH.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/OpenSSH.php deleted file mode 100644 index 2cd3e19..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/OpenSSH.php +++ /dev/null @@ -1,209 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\EC\Formats\Keys; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\Common\Formats\Keys\OpenSSH as Progenitor; -use phpseclib3\Crypt\EC\BaseCurves\Base as BaseCurve; -use phpseclib3\Crypt\EC\Curves\Ed25519; -use phpseclib3\Exception\UnsupportedCurveException; -use phpseclib3\Math\BigInteger; - -/** - * OpenSSH Formatted EC Key Handler - * - * @author Jim Wigginton - */ -abstract class OpenSSH extends Progenitor -{ - use Common; - - /** - * Supported Key Types - * - * @var array - */ - protected static $types = [ - 'ecdsa-sha2-nistp256', - 'ecdsa-sha2-nistp384', - 'ecdsa-sha2-nistp521', - 'ssh-ed25519' - ]; - - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password optional - * @return array - */ - public static function load($key, $password = '') - { - $parsed = parent::load($key, $password); - - if (isset($parsed['paddedKey'])) { - $paddedKey = $parsed['paddedKey']; - list($type) = Strings::unpackSSH2('s', $paddedKey); - if ($type != $parsed['type']) { - throw new \RuntimeException("The public and private keys are not of the same type ($type vs $parsed[type])"); - } - if ($type == 'ssh-ed25519') { - list(, $key, $comment) = Strings::unpackSSH2('sss', $paddedKey); - $key = libsodium::load($key); - $key['comment'] = $comment; - return $key; - } - list($curveName, $publicKey, $privateKey, $comment) = Strings::unpackSSH2('ssis', $paddedKey); - $curve = self::loadCurveByParam(['namedCurve' => $curveName]); - $curve->rangeCheck($privateKey); - return [ - 'curve' => $curve, - 'dA' => $privateKey, - 'QA' => self::extractPoint("\0$publicKey", $curve), - 'comment' => $comment - ]; - } - - if ($parsed['type'] == 'ssh-ed25519') { - if (Strings::shift($parsed['publicKey'], 4) != "\0\0\0\x20") { - throw new \RuntimeException('Length of ssh-ed25519 key should be 32'); - } - - $curve = new Ed25519(); - $qa = self::extractPoint($parsed['publicKey'], $curve); - } else { - list($curveName, $publicKey) = Strings::unpackSSH2('ss', $parsed['publicKey']); - $curveName = '\phpseclib3\Crypt\EC\Curves\\' . $curveName; - $curve = new $curveName(); - - $qa = self::extractPoint("\0" . $publicKey, $curve); - } - - return [ - 'curve' => $curve, - 'QA' => $qa, - 'comment' => $parsed['comment'] - ]; - } - - /** - * Returns the alias that corresponds to a curve - * - * @return string - */ - private static function getAlias(BaseCurve $curve) - { - self::initialize_static_variables(); - - $reflect = new \ReflectionClass($curve); - $name = $reflect->getShortName(); - - $oid = self::$curveOIDs[$name]; - $aliases = array_filter(self::$curveOIDs, function ($v) use ($oid) { - return $v == $oid; - }); - $aliases = array_keys($aliases); - - for ($i = 0; $i < count($aliases); $i++) { - if (in_array('ecdsa-sha2-' . $aliases[$i], self::$types)) { - $alias = $aliases[$i]; - break; - } - } - - if (!isset($alias)) { - throw new UnsupportedCurveException($name . ' is not a curve that the OpenSSH plugin supports'); - } - - return $alias; - } - - /** - * Convert an EC public key to the appropriate format - * - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve - * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey - * @param array $options optional - * @return string - */ - public static function savePublicKey(BaseCurve $curve, array $publicKey, array $options = []) - { - $comment = isset($options['comment']) ? $options['comment'] : self::$comment; - - if ($curve instanceof Ed25519) { - $key = Strings::packSSH2('ss', 'ssh-ed25519', $curve->encodePoint($publicKey)); - - if (isset($options['binary']) ? $options['binary'] : self::$binary) { - return $key; - } - - $key = 'ssh-ed25519 ' . base64_encode($key) . ' ' . $comment; - return $key; - } - - $alias = self::getAlias($curve); - - $points = "\4" . $publicKey[0]->toBytes() . $publicKey[1]->toBytes(); - $key = Strings::packSSH2('sss', 'ecdsa-sha2-' . $alias, $alias, $points); - - if (isset($options['binary']) ? $options['binary'] : self::$binary) { - return $key; - } - - $key = 'ecdsa-sha2-' . $alias . ' ' . base64_encode($key) . ' ' . $comment; - - return $key; - } - - /** - * Convert a private key to the appropriate format. - * - * @param \phpseclib3\Math\BigInteger $privateKey - * @param \phpseclib3\Crypt\EC\Curves\Ed25519 $curve - * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey - * @param string $secret optional - * @param string $password optional - * @param array $options optional - * @return string - */ - public static function savePrivateKey(BigInteger $privateKey, BaseCurve $curve, array $publicKey, $secret = null, $password = '', array $options = []) - { - if ($curve instanceof Ed25519) { - if (!isset($secret)) { - throw new \RuntimeException('Private Key does not have a secret set'); - } - if (strlen($secret) != 32) { - throw new \RuntimeException('Private Key secret is not of the correct length'); - } - - $pubKey = $curve->encodePoint($publicKey); - - $publicKey = Strings::packSSH2('ss', 'ssh-ed25519', $pubKey); - $privateKey = Strings::packSSH2('sss', 'ssh-ed25519', $pubKey, $secret . $pubKey); - - return self::wrapPrivateKey($publicKey, $privateKey, $password, $options); - } - - $alias = self::getAlias($curve); - - $points = "\4" . $publicKey[0]->toBytes() . $publicKey[1]->toBytes(); - $publicKey = self::savePublicKey($curve, $publicKey, ['binary' => true]); - - $privateKey = Strings::packSSH2('sssi', 'ecdsa-sha2-' . $alias, $alias, $points, $privateKey); - - return self::wrapPrivateKey($publicKey, $privateKey, $password, $options); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS1.php deleted file mode 100644 index 9f4b330..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS1.php +++ /dev/null @@ -1,194 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\EC\Formats\Keys; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\Common\Formats\Keys\PKCS1 as Progenitor; -use phpseclib3\Crypt\EC\BaseCurves\Base as BaseCurve; -use phpseclib3\Crypt\EC\BaseCurves\Montgomery as MontgomeryCurve; -use phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards as TwistedEdwardsCurve; -use phpseclib3\Exception\UnsupportedCurveException; -use phpseclib3\File\ASN1; -use phpseclib3\File\ASN1\Maps; -use phpseclib3\Math\BigInteger; - -/** - * "PKCS1" (RFC5915) Formatted EC Key Handler - * - * @author Jim Wigginton - */ -abstract class PKCS1 extends Progenitor -{ - use Common; - - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password optional - * @return array - */ - public static function load($key, $password = '') - { - self::initialize_static_variables(); - - if (!Strings::is_stringable($key)) { - throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); - } - - if (strpos($key, 'BEGIN EC PARAMETERS') && strpos($key, 'BEGIN EC PRIVATE KEY')) { - $components = []; - - preg_match('#-*BEGIN EC PRIVATE KEY-*[^-]*-*END EC PRIVATE KEY-*#s', $key, $matches); - $decoded = parent::load($matches[0], $password); - $decoded = ASN1::decodeBER($decoded); - if (!$decoded) { - throw new \RuntimeException('Unable to decode BER'); - } - - $ecPrivate = ASN1::asn1map($decoded[0], Maps\ECPrivateKey::MAP); - if (!is_array($ecPrivate)) { - throw new \RuntimeException('Unable to perform ASN1 mapping'); - } - - if (isset($ecPrivate['parameters'])) { - $components['curve'] = self::loadCurveByParam($ecPrivate['parameters']); - } - - preg_match('#-*BEGIN EC PARAMETERS-*[^-]*-*END EC PARAMETERS-*#s', $key, $matches); - $decoded = parent::load($matches[0], ''); - $decoded = ASN1::decodeBER($decoded); - if (!$decoded) { - throw new \RuntimeException('Unable to decode BER'); - } - $ecParams = ASN1::asn1map($decoded[0], Maps\ECParameters::MAP); - if (!is_array($ecParams)) { - throw new \RuntimeException('Unable to perform ASN1 mapping'); - } - $ecParams = self::loadCurveByParam($ecParams); - - // comparing $ecParams and $components['curve'] directly won't work because they'll have different Math\Common\FiniteField classes - // even if the modulo is the same - if (isset($components['curve']) && self::encodeParameters($ecParams, false, []) != self::encodeParameters($components['curve'], false, [])) { - throw new \RuntimeException('EC PARAMETERS does not correspond to EC PRIVATE KEY'); - } - - if (!isset($components['curve'])) { - $components['curve'] = $ecParams; - } - - $components['dA'] = new BigInteger($ecPrivate['privateKey'], 256); - $components['curve']->rangeCheck($components['dA']); - $components['QA'] = isset($ecPrivate['publicKey']) ? - self::extractPoint($ecPrivate['publicKey'], $components['curve']) : - $components['curve']->multiplyPoint($components['curve']->getBasePoint(), $components['dA']); - - return $components; - } - - $key = parent::load($key, $password); - - $decoded = ASN1::decodeBER($key); - if (!$decoded) { - throw new \RuntimeException('Unable to decode BER'); - } - - $key = ASN1::asn1map($decoded[0], Maps\ECParameters::MAP); - if (is_array($key)) { - return ['curve' => self::loadCurveByParam($key)]; - } - - $key = ASN1::asn1map($decoded[0], Maps\ECPrivateKey::MAP); - if (!is_array($key)) { - throw new \RuntimeException('Unable to perform ASN1 mapping'); - } - if (!isset($key['parameters'])) { - throw new \RuntimeException('Key cannot be loaded without parameters'); - } - - $components = []; - $components['curve'] = self::loadCurveByParam($key['parameters']); - $components['dA'] = new BigInteger($key['privateKey'], 256); - $components['QA'] = isset($ecPrivate['publicKey']) ? - self::extractPoint($ecPrivate['publicKey'], $components['curve']) : - $components['curve']->multiplyPoint($components['curve']->getBasePoint(), $components['dA']); - - return $components; - } - - /** - * Convert EC parameters to the appropriate format - * - * @return string - */ - public static function saveParameters(BaseCurve $curve, array $options = []) - { - self::initialize_static_variables(); - - if ($curve instanceof TwistedEdwardsCurve || $curve instanceof MontgomeryCurve) { - throw new UnsupportedCurveException('TwistedEdwards and Montgomery Curves are not supported'); - } - - $key = self::encodeParameters($curve, false, $options); - - return "-----BEGIN EC PARAMETERS-----\r\n" . - chunk_split(Strings::base64_encode($key), 64) . - "-----END EC PARAMETERS-----\r\n"; - } - - /** - * Convert a private key to the appropriate format. - * - * @param \phpseclib3\Math\BigInteger $privateKey - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve - * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey - * @param string $secret optional - * @param string $password optional - * @param array $options optional - * @return string - */ - public static function savePrivateKey(BigInteger $privateKey, BaseCurve $curve, array $publicKey, $secret = null, $password = '', array $options = []) - { - self::initialize_static_variables(); - - if ($curve instanceof TwistedEdwardsCurve || $curve instanceof MontgomeryCurve) { - throw new UnsupportedCurveException('TwistedEdwards Curves are not supported'); - } - - $publicKey = "\4" . $publicKey[0]->toBytes() . $publicKey[1]->toBytes(); - - $key = [ - 'version' => 'ecPrivkeyVer1', - 'privateKey' => $privateKey->toBytes(), - 'parameters' => new ASN1\Element(self::encodeParameters($curve)), - 'publicKey' => "\0" . $publicKey - ]; - - $key = ASN1::encodeDER($key, Maps\ECPrivateKey::MAP); - - return self::wrapPrivateKey($key, 'EC', $password, $options); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS8.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS8.php deleted file mode 100644 index 0ec7742..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS8.php +++ /dev/null @@ -1,234 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\EC\Formats\Keys; - -use phpseclib3\Crypt\Common\Formats\Keys\PKCS8 as Progenitor; -use phpseclib3\Crypt\EC\BaseCurves\Base as BaseCurve; -use phpseclib3\Crypt\EC\BaseCurves\Montgomery as MontgomeryCurve; -use phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards as TwistedEdwardsCurve; -use phpseclib3\Crypt\EC\Curves\Ed25519; -use phpseclib3\Crypt\EC\Curves\Ed448; -use phpseclib3\Exception\UnsupportedCurveException; -use phpseclib3\File\ASN1; -use phpseclib3\File\ASN1\Maps; -use phpseclib3\Math\BigInteger; - -/** - * PKCS#8 Formatted EC Key Handler - * - * @author Jim Wigginton - */ -abstract class PKCS8 extends Progenitor -{ - use Common; - - /** - * OID Name - * - * @var array - */ - const OID_NAME = ['id-ecPublicKey', 'id-Ed25519', 'id-Ed448']; - - /** - * OID Value - * - * @var string - */ - const OID_VALUE = ['1.2.840.10045.2.1', '1.3.101.112', '1.3.101.113']; - - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password optional - * @return array - */ - public static function load($key, $password = '') - { - // initialize_static_variables() is defined in both the trait and the parent class - // when it's defined in two places it's the traits one that's called - // the parent one is needed, as well, but the parent one is called by other methods - // in the parent class as needed and in the context of the parent it's the parent - // one that's called - self::initialize_static_variables(); - - $key = parent::load($key, $password); - - $type = isset($key['privateKey']) ? 'privateKey' : 'publicKey'; - - switch ($key[$type . 'Algorithm']['algorithm']) { - case 'id-Ed25519': - case 'id-Ed448': - return self::loadEdDSA($key); - } - - $decoded = ASN1::decodeBER($key[$type . 'Algorithm']['parameters']->element); - if (!$decoded) { - throw new \RuntimeException('Unable to decode BER'); - } - $params = ASN1::asn1map($decoded[0], Maps\ECParameters::MAP); - if (!$params) { - throw new \RuntimeException('Unable to decode the parameters using Maps\ECParameters'); - } - - $components = []; - $components['curve'] = self::loadCurveByParam($params); - - if ($type == 'publicKey') { - $components['QA'] = self::extractPoint("\0" . $key['publicKey'], $components['curve']); - - return $components; - } - - $decoded = ASN1::decodeBER($key['privateKey']); - if (!$decoded) { - throw new \RuntimeException('Unable to decode BER'); - } - $key = ASN1::asn1map($decoded[0], Maps\ECPrivateKey::MAP); - if (isset($key['parameters']) && $params != $key['parameters']) { - throw new \RuntimeException('The PKCS8 parameter field does not match the private key parameter field'); - } - - $components['dA'] = new BigInteger($key['privateKey'], 256); - $components['curve']->rangeCheck($components['dA']); - $components['QA'] = isset($key['publicKey']) ? - self::extractPoint($key['publicKey'], $components['curve']) : - $components['curve']->multiplyPoint($components['curve']->getBasePoint(), $components['dA']); - - return $components; - } - - /** - * Break a public or private EdDSA key down into its constituent components - * - * @return array - */ - private static function loadEdDSA(array $key) - { - $components = []; - - if (isset($key['privateKey'])) { - $components['curve'] = $key['privateKeyAlgorithm']['algorithm'] == 'id-Ed25519' ? new Ed25519() : new Ed448(); - - // 0x04 == octet string - // 0x20 == length (32 bytes) - if (substr($key['privateKey'], 0, 2) != "\x04\x20") { - throw new \RuntimeException('The first two bytes of the private key field should be 0x0420'); - } - $arr = $components['curve']->extractSecret(substr($key['privateKey'], 2)); - $components['dA'] = $arr['dA']; - $components['secret'] = $arr['secret']; - } - - if (isset($key['publicKey'])) { - if (!isset($components['curve'])) { - $components['curve'] = $key['publicKeyAlgorithm']['algorithm'] == 'id-Ed25519' ? new Ed25519() : new Ed448(); - } - - $components['QA'] = self::extractPoint($key['publicKey'], $components['curve']); - } - - if (isset($key['privateKey']) && !isset($components['QA'])) { - $components['QA'] = $components['curve']->multiplyPoint($components['curve']->getBasePoint(), $components['dA']); - } - - return $components; - } - - /** - * Convert an EC public key to the appropriate format - * - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve - * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey - * @param array $options optional - * @return string - */ - public static function savePublicKey(BaseCurve $curve, array $publicKey, array $options = []) - { - self::initialize_static_variables(); - - if ($curve instanceof MontgomeryCurve) { - throw new UnsupportedCurveException('Montgomery Curves are not supported'); - } - - if ($curve instanceof TwistedEdwardsCurve) { - return self::wrapPublicKey( - $curve->encodePoint($publicKey), - null, - $curve instanceof Ed25519 ? 'id-Ed25519' : 'id-Ed448' - ); - } - - $params = new ASN1\Element(self::encodeParameters($curve, false, $options)); - - $key = "\4" . $publicKey[0]->toBytes() . $publicKey[1]->toBytes(); - - return self::wrapPublicKey($key, $params, 'id-ecPublicKey'); - } - - /** - * Convert a private key to the appropriate format. - * - * @param \phpseclib3\Math\BigInteger $privateKey - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve - * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey - * @param string $secret optional - * @param string $password optional - * @param array $options optional - * @return string - */ - public static function savePrivateKey(BigInteger $privateKey, BaseCurve $curve, array $publicKey, $secret = null, $password = '', array $options = []) - { - self::initialize_static_variables(); - - if ($curve instanceof MontgomeryCurve) { - throw new UnsupportedCurveException('Montgomery Curves are not supported'); - } - - if ($curve instanceof TwistedEdwardsCurve) { - return self::wrapPrivateKey( - "\x04\x20" . $secret, - [], - null, - $password, - $curve instanceof Ed25519 ? 'id-Ed25519' : 'id-Ed448' - ); - } - - $publicKey = "\4" . $publicKey[0]->toBytes() . $publicKey[1]->toBytes(); - - $params = new ASN1\Element(self::encodeParameters($curve, false, $options)); - - $key = [ - 'version' => 'ecPrivkeyVer1', - 'privateKey' => $privateKey->toBytes(), - //'parameters' => $params, - 'publicKey' => "\0" . $publicKey - ]; - - $key = ASN1::encodeDER($key, Maps\ECPrivateKey::MAP); - - return self::wrapPrivateKey($key, [], $params, $password, 'id-ecPublicKey', '', $options); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PuTTY.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PuTTY.php deleted file mode 100644 index 866c883..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PuTTY.php +++ /dev/null @@ -1,138 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\EC\Formats\Keys; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\Common\Formats\Keys\PuTTY as Progenitor; -use phpseclib3\Crypt\EC\BaseCurves\Base as BaseCurve; -use phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards as TwistedEdwardsCurve; -use phpseclib3\Math\BigInteger; - -/** - * PuTTY Formatted EC Key Handler - * - * @author Jim Wigginton - */ -abstract class PuTTY extends Progenitor -{ - use Common; - - /** - * Public Handler - * - * @var string - */ - const PUBLIC_HANDLER = 'phpseclib3\Crypt\EC\Formats\Keys\OpenSSH'; - - /** - * Supported Key Types - * - * @var array - */ - protected static $types = [ - 'ecdsa-sha2-nistp256', - 'ecdsa-sha2-nistp384', - 'ecdsa-sha2-nistp521', - 'ssh-ed25519' - ]; - - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password optional - * @return array - */ - public static function load($key, $password = '') - { - $components = parent::load($key, $password); - if (!isset($components['private'])) { - return $components; - } - - $private = $components['private']; - - $temp = Strings::base64_encode(Strings::packSSH2('s', $components['type']) . $components['public']); - $components = OpenSSH::load($components['type'] . ' ' . $temp . ' ' . $components['comment']); - - if ($components['curve'] instanceof TwistedEdwardsCurve) { - if (Strings::shift($private, 4) != "\0\0\0\x20") { - throw new \RuntimeException('Length of ssh-ed25519 key should be 32'); - } - $arr = $components['curve']->extractSecret($private); - $components['dA'] = $arr['dA']; - $components['secret'] = $arr['secret']; - } else { - list($components['dA']) = Strings::unpackSSH2('i', $private); - $components['curve']->rangeCheck($components['dA']); - } - - return $components; - } - - /** - * Convert a private key to the appropriate format. - * - * @param \phpseclib3\Math\BigInteger $privateKey - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve - * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey - * @param string $secret optional - * @param string $password optional - * @param array $options optional - * @return string - */ - public static function savePrivateKey(BigInteger $privateKey, BaseCurve $curve, array $publicKey, $secret = null, $password = false, array $options = []) - { - self::initialize_static_variables(); - - $public = explode(' ', OpenSSH::savePublicKey($curve, $publicKey)); - $name = $public[0]; - $public = Strings::base64_decode($public[1]); - list(, $length) = unpack('N', Strings::shift($public, 4)); - Strings::shift($public, $length); - - // PuTTY pads private keys with a null byte per the following: - // https://github.com/github/putty/blob/a3d14d77f566a41fc61dfdc5c2e0e384c9e6ae8b/sshecc.c#L1926 - if (!$curve instanceof TwistedEdwardsCurve) { - $private = $privateKey->toBytes(); - if (!(strlen($privateKey->toBits()) & 7)) { - $private = "\0$private"; - } - } - - $private = $curve instanceof TwistedEdwardsCurve ? - Strings::packSSH2('s', $secret) : - Strings::packSSH2('s', $private); - - return self::wrapPrivateKey($public, $private, $name, $password, $options); - } - - /** - * Convert an EC public key to the appropriate format - * - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve - * @param \phpseclib3\Math\Common\FiniteField[] $publicKey - * @return string - */ - public static function savePublicKey(BaseCurve $curve, array $publicKey) - { - $public = explode(' ', OpenSSH::savePublicKey($curve, $publicKey)); - $type = $public[0]; - $public = Strings::base64_decode($public[1]); - list(, $length) = unpack('N', Strings::shift($public, 4)); - Strings::shift($public, $length); - - return self::wrapPublicKey($public, $type); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/XML.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/XML.php deleted file mode 100644 index 27d9218..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/XML.php +++ /dev/null @@ -1,485 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\EC\Formats\Keys; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\EC\BaseCurves\Base as BaseCurve; -use phpseclib3\Crypt\EC\BaseCurves\Montgomery as MontgomeryCurve; -use phpseclib3\Crypt\EC\BaseCurves\Prime as PrimeCurve; -use phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards as TwistedEdwardsCurve; -use phpseclib3\Exception\BadConfigurationException; -use phpseclib3\Exception\UnsupportedCurveException; -use phpseclib3\Math\BigInteger; - -/** - * XML Formatted EC Key Handler - * - * @author Jim Wigginton - */ -abstract class XML -{ - use Common; - - /** - * Default namespace - * - * @var string - */ - private static $namespace; - - /** - * Flag for using RFC4050 syntax - * - * @var bool - */ - private static $rfc4050 = false; - - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password optional - * @return array - */ - public static function load($key, $password = '') - { - self::initialize_static_variables(); - - if (!Strings::is_stringable($key)) { - throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); - } - - if (!class_exists('DOMDocument')) { - throw new BadConfigurationException('The dom extension is not setup correctly on this system'); - } - - $use_errors = libxml_use_internal_errors(true); - - $temp = self::isolateNamespace($key, 'http://www.w3.org/2009/xmldsig11#'); - if ($temp) { - $key = $temp; - } - - $temp = self::isolateNamespace($key, 'http://www.w3.org/2001/04/xmldsig-more#'); - if ($temp) { - $key = $temp; - } - - $dom = new \DOMDocument(); - if (substr($key, 0, 5) != '' . $key . ''; - } - - if (!$dom->loadXML($key)) { - libxml_use_internal_errors($use_errors); - throw new \UnexpectedValueException('Key does not appear to contain XML'); - } - $xpath = new \DOMXPath($dom); - libxml_use_internal_errors($use_errors); - $curve = self::loadCurveByParam($xpath); - - $pubkey = self::query($xpath, 'publickey', 'Public Key is not present'); - - $QA = self::query($xpath, 'ecdsakeyvalue')->length ? - self::extractPointRFC4050($xpath, $curve) : - self::extractPoint("\0" . $pubkey, $curve); - - libxml_use_internal_errors($use_errors); - - return compact('curve', 'QA'); - } - - /** - * Case-insensitive xpath query - * - * @param \DOMXPath $xpath - * @param string $name - * @param string $error optional - * @param bool $decode optional - * @return \DOMNodeList - */ - private static function query(\DOMXPath $xpath, $name, $error = null, $decode = true) - { - $query = '/'; - $names = explode('/', $name); - foreach ($names as $name) { - $query .= "/*[translate(local-name(), 'ABCDEFGHIJKLMNOPQRSTUVWXYZ','abcdefghijklmnopqrstuvwxyz')='$name']"; - } - $result = $xpath->query($query); - if (!isset($error)) { - return $result; - } - - if (!$result->length) { - throw new \RuntimeException($error); - } - return $decode ? self::decodeValue($result->item(0)->textContent) : $result->item(0)->textContent; - } - - /** - * Finds the first element in the relevant namespace, strips the namespacing and returns the XML for that element. - * - * @param string $xml - * @param string $ns - */ - private static function isolateNamespace($xml, $ns) - { - $dom = new \DOMDocument(); - if (!$dom->loadXML($xml)) { - return false; - } - $xpath = new \DOMXPath($dom); - $nodes = $xpath->query("//*[namespace::*[.='$ns'] and not(../namespace::*[.='$ns'])]"); - if (!$nodes->length) { - return false; - } - $node = $nodes->item(0); - $ns_name = $node->lookupPrefix($ns); - if ($ns_name) { - $node->removeAttributeNS($ns, $ns_name); - } - return $dom->saveXML($node); - } - - /** - * Decodes the value - * - * @param string $value - */ - private static function decodeValue($value) - { - return Strings::base64_decode(str_replace(["\r", "\n", ' ', "\t"], '', $value)); - } - - /** - * Extract points from an XML document - * - * @param \DOMXPath $xpath - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve - * @return object[] - */ - private static function extractPointRFC4050(\DOMXPath $xpath, BaseCurve $curve) - { - $x = self::query($xpath, 'publickey/x'); - $y = self::query($xpath, 'publickey/y'); - if (!$x->length || !$x->item(0)->hasAttribute('Value')) { - throw new \RuntimeException('Public Key / X coordinate not found'); - } - if (!$y->length || !$y->item(0)->hasAttribute('Value')) { - throw new \RuntimeException('Public Key / Y coordinate not found'); - } - $point = [ - $curve->convertInteger(new BigInteger($x->item(0)->getAttribute('Value'))), - $curve->convertInteger(new BigInteger($y->item(0)->getAttribute('Value'))) - ]; - if (!$curve->verifyPoint($point)) { - throw new \RuntimeException('Unable to verify that point exists on curve'); - } - return $point; - } - - /** - * Returns an instance of \phpseclib3\Crypt\EC\BaseCurves\Base based - * on the curve parameters - * - * @param \DomXPath $xpath - * @return \phpseclib3\Crypt\EC\BaseCurves\Base|false - */ - private static function loadCurveByParam(\DOMXPath $xpath) - { - $namedCurve = self::query($xpath, 'namedcurve'); - if ($namedCurve->length == 1) { - $oid = $namedCurve->item(0)->getAttribute('URN'); - $oid = preg_replace('#[^\d.]#', '', $oid); - $name = array_search($oid, self::$curveOIDs); - if ($name === false) { - throw new UnsupportedCurveException('Curve with OID of ' . $oid . ' is not supported'); - } - - $curve = '\phpseclib3\Crypt\EC\Curves\\' . $name; - if (!class_exists($curve)) { - throw new UnsupportedCurveException('Named Curve of ' . $name . ' is not supported'); - } - return new $curve(); - } - - $params = self::query($xpath, 'explicitparams'); - if ($params->length) { - return self::loadCurveByParamRFC4050($xpath); - } - - $params = self::query($xpath, 'ecparameters'); - if (!$params->length) { - throw new \RuntimeException('No parameters are present'); - } - - $fieldTypes = [ - 'prime-field' => ['fieldid/prime/p'], - 'gnb' => ['fieldid/gnb/m'], - 'tnb' => ['fieldid/tnb/k'], - 'pnb' => ['fieldid/pnb/k1', 'fieldid/pnb/k2', 'fieldid/pnb/k3'], - 'unknown' => [] - ]; - - foreach ($fieldTypes as $type => $queries) { - foreach ($queries as $query) { - $result = self::query($xpath, $query); - if (!$result->length) { - continue 2; - } - $param = preg_replace('#.*/#', '', $query); - $$param = self::decodeValue($result->item(0)->textContent); - } - break; - } - - $a = self::query($xpath, 'curve/a', 'A coefficient is not present'); - $b = self::query($xpath, 'curve/b', 'B coefficient is not present'); - $base = self::query($xpath, 'base', 'Base point is not present'); - $order = self::query($xpath, 'order', 'Order is not present'); - - switch ($type) { - case 'prime-field': - $curve = new PrimeCurve(); - $curve->setModulo(new BigInteger($p, 256)); - $curve->setCoefficients( - new BigInteger($a, 256), - new BigInteger($b, 256) - ); - $point = self::extractPoint("\0" . $base, $curve); - $curve->setBasePoint(...$point); - $curve->setOrder(new BigInteger($order, 256)); - return $curve; - case 'gnb': - case 'tnb': - case 'pnb': - default: - throw new UnsupportedCurveException('Field Type of ' . $type . ' is not supported'); - } - } - - /** - * Returns an instance of \phpseclib3\Crypt\EC\BaseCurves\Base based - * on the curve parameters - * - * @param \DomXPath $xpath - * @return \phpseclib3\Crypt\EC\BaseCurves\Base|false - */ - private static function loadCurveByParamRFC4050(\DOMXPath $xpath) - { - $fieldTypes = [ - 'prime-field' => ['primefieldparamstype/p'], - 'unknown' => [] - ]; - - foreach ($fieldTypes as $type => $queries) { - foreach ($queries as $query) { - $result = self::query($xpath, $query); - if (!$result->length) { - continue 2; - } - $param = preg_replace('#.*/#', '', $query); - $$param = $result->item(0)->textContent; - } - break; - } - - $a = self::query($xpath, 'curveparamstype/a', 'A coefficient is not present', false); - $b = self::query($xpath, 'curveparamstype/b', 'B coefficient is not present', false); - $x = self::query($xpath, 'basepointparams/basepoint/ecpointtype/x', 'Base Point X is not present', false); - $y = self::query($xpath, 'basepointparams/basepoint/ecpointtype/y', 'Base Point Y is not present', false); - $order = self::query($xpath, 'order', 'Order is not present', false); - - switch ($type) { - case 'prime-field': - $curve = new PrimeCurve(); - - $p = str_replace(["\r", "\n", ' ', "\t"], '', $p); - $curve->setModulo(new BigInteger($p)); - - $a = str_replace(["\r", "\n", ' ', "\t"], '', $a); - $b = str_replace(["\r", "\n", ' ', "\t"], '', $b); - $curve->setCoefficients( - new BigInteger($a), - new BigInteger($b) - ); - - $x = str_replace(["\r", "\n", ' ', "\t"], '', $x); - $y = str_replace(["\r", "\n", ' ', "\t"], '', $y); - $curve->setBasePoint( - new BigInteger($x), - new BigInteger($y) - ); - - $order = str_replace(["\r", "\n", ' ', "\t"], '', $order); - $curve->setOrder(new BigInteger($order)); - return $curve; - default: - throw new UnsupportedCurveException('Field Type of ' . $type . ' is not supported'); - } - } - - /** - * Sets the namespace. dsig11 is the most common one. - * - * Set to null to unset. Used only for creating public keys. - * - * @param string $namespace - */ - public static function setNamespace($namespace) - { - self::$namespace = $namespace; - } - - /** - * Uses the XML syntax specified in https://tools.ietf.org/html/rfc4050 - */ - public static function enableRFC4050Syntax() - { - self::$rfc4050 = true; - } - - /** - * Uses the XML syntax specified in https://www.w3.org/TR/xmldsig-core/#sec-ECParameters - */ - public static function disableRFC4050Syntax() - { - self::$rfc4050 = false; - } - - /** - * Convert a public key to the appropriate format - * - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve - * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey - * @param array $options optional - * @return string - */ - public static function savePublicKey(BaseCurve $curve, array $publicKey, array $options = []) - { - self::initialize_static_variables(); - - if ($curve instanceof TwistedEdwardsCurve || $curve instanceof MontgomeryCurve) { - throw new UnsupportedCurveException('TwistedEdwards and Montgomery Curves are not supported'); - } - - if (empty(static::$namespace)) { - $pre = $post = ''; - } else { - $pre = static::$namespace . ':'; - $post = ':' . static::$namespace; - } - - if (self::$rfc4050) { - return '<' . $pre . 'ECDSAKeyValue xmlns' . $post . '="http://www.w3.org/2001/04/xmldsig-more#">' . "\r\n" . - self::encodeXMLParameters($curve, $pre, $options) . "\r\n" . - '<' . $pre . 'PublicKey>' . "\r\n" . - '<' . $pre . 'X Value="' . $publicKey[0] . '" />' . "\r\n" . - '<' . $pre . 'Y Value="' . $publicKey[1] . '" />' . "\r\n" . - '' . "\r\n" . - ''; - } - - $publicKey = "\4" . $publicKey[0]->toBytes() . $publicKey[1]->toBytes(); - - return '<' . $pre . 'ECDSAKeyValue xmlns' . $post . '="http://www.w3.org/2009/xmldsig11#">' . "\r\n" . - self::encodeXMLParameters($curve, $pre, $options) . "\r\n" . - '<' . $pre . 'PublicKey>' . Strings::base64_encode($publicKey) . '' . "\r\n" . - ''; - } - - /** - * Encode Parameters - * - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve - * @param string $pre - * @param array $options optional - * @return string|false - */ - private static function encodeXMLParameters(BaseCurve $curve, $pre, array $options = []) - { - $result = self::encodeParameters($curve, true, $options); - - if (isset($result['namedCurve'])) { - $namedCurve = '<' . $pre . 'NamedCurve URI="urn:oid:' . self::$curveOIDs[$result['namedCurve']] . '" />'; - return self::$rfc4050 ? - '' . str_replace('URI', 'URN', $namedCurve) . '' : - $namedCurve; - } - - if (self::$rfc4050) { - $xml = '<' . $pre . 'ExplicitParams>' . "\r\n" . - '<' . $pre . 'FieldParams>' . "\r\n"; - $temp = $result['specifiedCurve']; - switch ($temp['fieldID']['fieldType']) { - case 'prime-field': - $xml .= '<' . $pre . 'PrimeFieldParamsType>' . "\r\n" . - '<' . $pre . 'P>' . $temp['fieldID']['parameters'] . '' . "\r\n" . - '' . "\r\n"; - $a = $curve->getA(); - $b = $curve->getB(); - list($x, $y) = $curve->getBasePoint(); - break; - default: - throw new UnsupportedCurveException('Field Type of ' . $temp['fieldID']['fieldType'] . ' is not supported'); - } - $xml .= '' . "\r\n" . - '<' . $pre . 'CurveParamsType>' . "\r\n" . - '<' . $pre . 'A>' . $a . '' . "\r\n" . - '<' . $pre . 'B>' . $b . '' . "\r\n" . - '' . "\r\n" . - '<' . $pre . 'BasePointParams>' . "\r\n" . - '<' . $pre . 'BasePoint>' . "\r\n" . - '<' . $pre . 'ECPointType>' . "\r\n" . - '<' . $pre . 'X>' . $x . '' . "\r\n" . - '<' . $pre . 'Y>' . $y . '' . "\r\n" . - '' . "\r\n" . - '' . "\r\n" . - '<' . $pre . 'Order>' . $curve->getOrder() . '' . "\r\n" . - '' . "\r\n" . - '' . "\r\n"; - - return $xml; - } - - if (isset($result['specifiedCurve'])) { - $xml = '<' . $pre . 'ECParameters>' . "\r\n" . - '<' . $pre . 'FieldID>' . "\r\n"; - $temp = $result['specifiedCurve']; - switch ($temp['fieldID']['fieldType']) { - case 'prime-field': - $xml .= '<' . $pre . 'Prime>' . "\r\n" . - '<' . $pre . 'P>' . Strings::base64_encode($temp['fieldID']['parameters']->toBytes()) . '' . "\r\n" . - '' . "\r\n" ; - break; - default: - throw new UnsupportedCurveException('Field Type of ' . $temp['fieldID']['fieldType'] . ' is not supported'); - } - $xml .= '' . "\r\n" . - '<' . $pre . 'Curve>' . "\r\n" . - '<' . $pre . 'A>' . Strings::base64_encode($temp['curve']['a']) . '' . "\r\n" . - '<' . $pre . 'B>' . Strings::base64_encode($temp['curve']['b']) . '' . "\r\n" . - '' . "\r\n" . - '<' . $pre . 'Base>' . Strings::base64_encode($temp['base']) . '' . "\r\n" . - '<' . $pre . 'Order>' . Strings::base64_encode($temp['order']) . '' . "\r\n" . - ''; - return $xml; - } - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/libsodium.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/libsodium.php deleted file mode 100644 index 2be6ba5..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/libsodium.php +++ /dev/null @@ -1,116 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\EC\Formats\Keys; - -use phpseclib3\Crypt\EC\Curves\Ed25519; -use phpseclib3\Exception\UnsupportedFormatException; -use phpseclib3\Math\BigInteger; - -/** - * libsodium Key Handler - * - * @author Jim Wigginton - */ -abstract class libsodium -{ - use Common; - - /** - * Is invisible flag - * - */ - const IS_INVISIBLE = true; - - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password optional - * @return array - */ - public static function load($key, $password = '') - { - switch (strlen($key)) { - case 32: - $public = $key; - break; - case 64: - $private = substr($key, 0, 32); - $public = substr($key, -32); - break; - case 96: - $public = substr($key, -32); - if (substr($key, 32, 32) != $public) { - throw new \RuntimeException('Keys with 96 bytes should have the 2nd and 3rd set of 32 bytes match'); - } - $private = substr($key, 0, 32); - break; - default: - throw new \RuntimeException('libsodium keys need to either be 32 bytes long, 64 bytes long or 96 bytes long'); - } - - $curve = new Ed25519(); - $components = ['curve' => $curve]; - if (isset($private)) { - $arr = $curve->extractSecret($private); - $components['dA'] = $arr['dA']; - $components['secret'] = $arr['secret']; - } - $components['QA'] = isset($public) ? - self::extractPoint($public, $curve) : - $curve->multiplyPoint($curve->getBasePoint(), $components['dA']); - - return $components; - } - - /** - * Convert an EC public key to the appropriate format - * - * @param \phpseclib3\Crypt\EC\Curves\Ed25519 $curve - * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey - * @return string - */ - public static function savePublicKey(Ed25519 $curve, array $publicKey) - { - return $curve->encodePoint($publicKey); - } - - /** - * Convert a private key to the appropriate format. - * - * @param \phpseclib3\Math\BigInteger $privateKey - * @param \phpseclib3\Crypt\EC\Curves\Ed25519 $curve - * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey - * @param string $secret optional - * @param string $password optional - * @return string - */ - public static function savePrivateKey(BigInteger $privateKey, Ed25519 $curve, array $publicKey, $secret = null, $password = '') - { - if (!isset($secret)) { - throw new \RuntimeException('Private Key does not have a secret set'); - } - if (strlen($secret) != 32) { - throw new \RuntimeException('Private Key secret is not of the correct length'); - } - if (!empty($password) && is_string($password)) { - throw new UnsupportedFormatException('libsodium private keys do not support encryption'); - } - return $secret . $curve->encodePoint($publicKey); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/ASN1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/ASN1.php deleted file mode 100644 index d2a80a1..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/ASN1.php +++ /dev/null @@ -1,62 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\EC\Formats\Signature; - -use phpseclib3\File\ASN1 as Encoder; -use phpseclib3\File\ASN1\Maps\EcdsaSigValue; -use phpseclib3\Math\BigInteger; - -/** - * ASN1 Signature Handler - * - * @author Jim Wigginton - */ -abstract class ASN1 -{ - /** - * Loads a signature - * - * @param string $sig - * @return array - */ - public static function load($sig) - { - if (!is_string($sig)) { - return false; - } - - $decoded = Encoder::decodeBER($sig); - if (empty($decoded)) { - return false; - } - $components = Encoder::asn1map($decoded[0], EcdsaSigValue::MAP); - - return $components; - } - - /** - * Returns a signature in the appropriate format - * - * @param \phpseclib3\Math\BigInteger $r - * @param \phpseclib3\Math\BigInteger $s - * @return string - */ - public static function save(BigInteger $r, BigInteger $s) - { - return Encoder::encodeDER(compact('r', 's'), EcdsaSigValue::MAP); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/IEEE.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/IEEE.php deleted file mode 100644 index 69139da..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/IEEE.php +++ /dev/null @@ -1,66 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\EC\Formats\Signature; - -use phpseclib3\Math\BigInteger; - -/** - * ASN1 Signature Handler - * - * @author Jim Wigginton - */ -abstract class IEEE -{ - /** - * Loads a signature - * - * @param string $sig - * @return array - */ - public static function load($sig) - { - if (!is_string($sig)) { - return false; - } - - $len = strlen($sig); - if ($len & 1) { - return false; - } - - $r = new BigInteger(substr($sig, 0, $len >> 1), 256); - $s = new BigInteger(substr($sig, $len >> 1), 256); - - return compact('r', 's'); - } - - /** - * Returns a signature in the appropriate format - * - * @param \phpseclib3\Math\BigInteger $r - * @param \phpseclib3\Math\BigInteger $s - * @return string - */ - public static function save(BigInteger $r, BigInteger $s) - { - $r = $r->toBytes(); - $s = $s->toBytes(); - $len = max(strlen($r), strlen($s)); - return str_pad($r, $len, "\0", STR_PAD_LEFT) . str_pad($s, $len, "\0", STR_PAD_LEFT); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/Raw.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/Raw.php deleted file mode 100644 index 7e4b47f..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/Raw.php +++ /dev/null @@ -1,25 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\EC\Formats\Signature; - -use phpseclib3\Crypt\Common\Formats\Signature\Raw as Progenitor; - -/** - * Raw DSA Signature Handler - * - * @author Jim Wigginton - */ -abstract class Raw extends Progenitor -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/SSH2.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/SSH2.php deleted file mode 100644 index e064442..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/SSH2.php +++ /dev/null @@ -1,94 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\EC\Formats\Signature; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Math\BigInteger; - -/** - * SSH2 Signature Handler - * - * @author Jim Wigginton - */ -abstract class SSH2 -{ - /** - * Loads a signature - * - * @param string $sig - * @return mixed - */ - public static function load($sig) - { - if (!is_string($sig)) { - return false; - } - - $result = Strings::unpackSSH2('ss', $sig); - if ($result === false) { - return false; - } - list($type, $blob) = $result; - switch ($type) { - // see https://tools.ietf.org/html/rfc5656#section-3.1.2 - case 'ecdsa-sha2-nistp256': - case 'ecdsa-sha2-nistp384': - case 'ecdsa-sha2-nistp521': - break; - default: - return false; - } - - $result = Strings::unpackSSH2('ii', $blob); - if ($result === false) { - return false; - } - - return [ - 'r' => $result[0], - 's' => $result[1] - ]; - } - - /** - * Returns a signature in the appropriate format - * - * @param \phpseclib3\Math\BigInteger $r - * @param \phpseclib3\Math\BigInteger $s - * @param string $curve - * @return string - */ - public static function save(BigInteger $r, BigInteger $s, $curve) - { - switch ($curve) { - case 'secp256r1': - $curve = 'nistp256'; - break; - case 'secp384r1': - $curve = 'nistp384'; - break; - case 'secp521r1': - $curve = 'nistp521'; - break; - default: - return false; - } - - $blob = Strings::packSSH2('ii', $r, $s); - - return Strings::packSSH2('ss', 'ecdsa-sha2-' . $curve, $blob); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Parameters.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Parameters.php deleted file mode 100644 index c0ed64a..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Parameters.php +++ /dev/null @@ -1,36 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\EC; - -use phpseclib3\Crypt\EC; - -/** - * EC Parameters - * - * @author Jim Wigginton - */ -final class Parameters extends EC -{ - /** - * Returns the parameters - * - * @param string $type - * @param array $options optional - * @return string - */ - public function toString($type = 'PKCS1', array $options = []) - { - $type = self::validatePlugin('Keys', 'PKCS1', 'saveParameters'); - - return $type::saveParameters($this->curve, $options); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/PrivateKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/PrivateKey.php deleted file mode 100644 index 462ea1a..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/PrivateKey.php +++ /dev/null @@ -1,256 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\EC; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\Common; -use phpseclib3\Crypt\EC; -use phpseclib3\Crypt\EC\BaseCurves\Montgomery as MontgomeryCurve; -use phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards as TwistedEdwardsCurve; -use phpseclib3\Crypt\EC\Curves\Curve25519; -use phpseclib3\Crypt\EC\Curves\Ed25519; -use phpseclib3\Crypt\EC\Formats\Keys\PKCS1; -use phpseclib3\Crypt\EC\Formats\Signature\ASN1 as ASN1Signature; -use phpseclib3\Crypt\Hash; -use phpseclib3\Exception\UnsupportedOperationException; -use phpseclib3\Math\BigInteger; - -/** - * EC Private Key - * - * @author Jim Wigginton - */ -final class PrivateKey extends EC implements Common\PrivateKey -{ - use Common\Traits\PasswordProtected; - - /** - * Private Key dA - * - * sign() converts this to a BigInteger so one might wonder why this is a FiniteFieldInteger instead of - * a BigInteger. That's because a FiniteFieldInteger, when converted to a byte string, is null padded by - * a certain amount whereas a BigInteger isn't. - * - * @var object - */ - protected $dA; - - /** - * @var string - */ - protected $secret; - - /** - * Multiplies an encoded point by the private key - * - * Used by ECDH - * - * @param string $coordinates - * @return string - */ - public function multiply($coordinates) - { - if ($this->curve instanceof MontgomeryCurve) { - if ($this->curve instanceof Curve25519 && self::$engines['libsodium']) { - return sodium_crypto_scalarmult($this->dA->toBytes(), $coordinates); - } - - $point = [$this->curve->convertInteger(new BigInteger(strrev($coordinates), 256))]; - $point = $this->curve->multiplyPoint($point, $this->dA); - return strrev($point[0]->toBytes(true)); - } - if (!$this->curve instanceof TwistedEdwardsCurve) { - $coordinates = "\0$coordinates"; - } - $point = PKCS1::extractPoint($coordinates, $this->curve); - $point = $this->curve->multiplyPoint($point, $this->dA); - if ($this->curve instanceof TwistedEdwardsCurve) { - return $this->curve->encodePoint($point); - } - if (empty($point)) { - throw new \RuntimeException('The infinity point is invalid'); - } - return "\4" . $point[0]->toBytes(true) . $point[1]->toBytes(true); - } - - /** - * Create a signature - * - * @see self::verify() - * @param string $message - * @return mixed - */ - public function sign($message) - { - if ($this->curve instanceof MontgomeryCurve) { - throw new UnsupportedOperationException('Montgomery Curves cannot be used to create signatures'); - } - - $dA = $this->dA; - $order = $this->curve->getOrder(); - - $shortFormat = $this->shortFormat; - $format = $this->sigFormat; - if ($format === false) { - return false; - } - - if ($this->curve instanceof TwistedEdwardsCurve) { - if ($this->curve instanceof Ed25519 && self::$engines['libsodium'] && !isset($this->context)) { - $result = sodium_crypto_sign_detached($message, $this->withPassword()->toString('libsodium')); - return $shortFormat == 'SSH2' ? Strings::packSSH2('ss', 'ssh-' . strtolower($this->getCurve()), $result) : $result; - } - - // contexts (Ed25519ctx) are supported but prehashing (Ed25519ph) is not. - // quoting https://tools.ietf.org/html/rfc8032#section-8.5 , - // "The Ed25519ph and Ed448ph variants ... SHOULD NOT be used" - $A = $this->curve->encodePoint($this->QA); - $curve = $this->curve; - $hash = new Hash($curve::HASH); - - $secret = substr($hash->hash($this->secret), $curve::SIZE); - - if ($curve instanceof Ed25519) { - $dom = !isset($this->context) ? '' : - 'SigEd25519 no Ed25519 collisions' . "\0" . chr(strlen($this->context)) . $this->context; - } else { - $context = isset($this->context) ? $this->context : ''; - $dom = 'SigEd448' . "\0" . chr(strlen($context)) . $context; - } - // SHA-512(dom2(F, C) || prefix || PH(M)) - $r = $hash->hash($dom . $secret . $message); - $r = strrev($r); - $r = new BigInteger($r, 256); - list(, $r) = $r->divide($order); - $R = $curve->multiplyPoint($curve->getBasePoint(), $r); - $R = $curve->encodePoint($R); - $k = $hash->hash($dom . $R . $A . $message); - $k = strrev($k); - $k = new BigInteger($k, 256); - list(, $k) = $k->divide($order); - $S = $k->multiply($dA)->add($r); - list(, $S) = $S->divide($order); - $S = str_pad(strrev($S->toBytes()), $curve::SIZE, "\0"); - return $shortFormat == 'SSH2' ? Strings::packSSH2('ss', 'ssh-' . strtolower($this->getCurve()), $R . $S) : $R . $S; - } - - if (self::$engines['OpenSSL'] && in_array($this->hash->getHash(), openssl_get_md_methods())) { - $signature = ''; - // altho PHP's OpenSSL bindings only supported EC key creation in PHP 7.1 they've long - // supported signing / verification - // we use specified curves to avoid issues with OpenSSL possibly not supporting a given named curve; - // doing this may mean some curve-specific optimizations can't be used but idk if OpenSSL even - // has curve-specific optimizations - $result = openssl_sign($message, $signature, $this->toString('PKCS8', ['namedCurve' => false]), $this->hash->getHash()); - - if ($result) { - if ($shortFormat == 'ASN1') { - return $signature; - } - - extract(ASN1Signature::load($signature)); - - return $shortFormat == 'SSH2' ? $format::save($r, $s, $this->getCurve()) : $format::save($r, $s); - } - } - - $e = $this->hash->hash($message); - $e = new BigInteger($e, 256); - - $Ln = $this->hash->getLength() - $order->getLength(); - $z = $Ln > 0 ? $e->bitwise_rightShift($Ln) : $e; - - while (true) { - $k = BigInteger::randomRange(self::$one, $order->subtract(self::$one)); - list($x, $y) = $this->curve->multiplyPoint($this->curve->getBasePoint(), $k); - $x = $x->toBigInteger(); - list(, $r) = $x->divide($order); - if ($r->equals(self::$zero)) { - continue; - } - $kinv = $k->modInverse($order); - $temp = $z->add($dA->multiply($r)); - $temp = $kinv->multiply($temp); - list(, $s) = $temp->divide($order); - if (!$s->equals(self::$zero)) { - break; - } - } - - // the following is an RFC6979 compliant implementation of deterministic ECDSA - // it's unused because it's mainly intended for use when a good CSPRNG isn't - // available. if phpseclib's CSPRNG isn't good then even key generation is - // suspect - /* - // if this were actually being used it'd probably be better if this lived in load() and createKey() - $this->q = $this->curve->getOrder(); - $dA = $this->dA->toBigInteger(); - $this->x = $dA; - - $h1 = $this->hash->hash($message); - $k = $this->computek($h1); - list($x, $y) = $this->curve->multiplyPoint($this->curve->getBasePoint(), $k); - $x = $x->toBigInteger(); - list(, $r) = $x->divide($this->q); - $kinv = $k->modInverse($this->q); - $h1 = $this->bits2int($h1); - $temp = $h1->add($dA->multiply($r)); - $temp = $kinv->multiply($temp); - list(, $s) = $temp->divide($this->q); - */ - - return $shortFormat == 'SSH2' ? $format::save($r, $s, $this->getCurve()) : $format::save($r, $s); - } - - /** - * Returns the private key - * - * @param string $type - * @param array $options optional - * @return string - */ - public function toString($type, array $options = []) - { - $type = self::validatePlugin('Keys', $type, 'savePrivateKey'); - - return $type::savePrivateKey($this->dA, $this->curve, $this->QA, $this->secret, $this->password, $options); - } - - /** - * Returns the public key - * - * @see self::getPrivateKey() - * @return mixed - */ - public function getPublicKey() - { - $format = 'PKCS8'; - if ($this->curve instanceof MontgomeryCurve) { - $format = 'MontgomeryPublic'; - } - - $type = self::validatePlugin('Keys', $format, 'savePublicKey'); - - $key = $type::savePublicKey($this->curve, $this->QA); - $key = EC::loadFormat($format, $key); - if ($this->curve instanceof MontgomeryCurve) { - return $key; - } - $key = $key - ->withHash($this->hash->getHash()) - ->withSignatureFormat($this->shortFormat); - if ($this->curve instanceof TwistedEdwardsCurve) { - $key = $key->withContext($this->context); - } - return $key; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/PublicKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/PublicKey.php deleted file mode 100644 index 4558ce3..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/PublicKey.php +++ /dev/null @@ -1,172 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\EC; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\Common; -use phpseclib3\Crypt\EC; -use phpseclib3\Crypt\EC\BaseCurves\Montgomery as MontgomeryCurve; -use phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards as TwistedEdwardsCurve; -use phpseclib3\Crypt\EC\Curves\Ed25519; -use phpseclib3\Crypt\EC\Formats\Keys\PKCS1; -use phpseclib3\Crypt\EC\Formats\Signature\ASN1 as ASN1Signature; -use phpseclib3\Crypt\Hash; -use phpseclib3\Exception\UnsupportedOperationException; -use phpseclib3\Math\BigInteger; - -/** - * EC Public Key - * - * @author Jim Wigginton - */ -final class PublicKey extends EC implements Common\PublicKey -{ - use Common\Traits\Fingerprint; - - /** - * Verify a signature - * - * @see self::verify() - * @param string $message - * @param string $signature - * @return mixed - */ - public function verify($message, $signature) - { - if ($this->curve instanceof MontgomeryCurve) { - throw new UnsupportedOperationException('Montgomery Curves cannot be used to create signatures'); - } - - $shortFormat = $this->shortFormat; - $format = $this->sigFormat; - if ($format === false) { - return false; - } - - $order = $this->curve->getOrder(); - - if ($this->curve instanceof TwistedEdwardsCurve) { - if ($shortFormat == 'SSH2') { - list(, $signature) = Strings::unpackSSH2('ss', $signature); - } - - if ($this->curve instanceof Ed25519 && self::$engines['libsodium'] && !isset($this->context)) { - return sodium_crypto_sign_verify_detached($signature, $message, $this->toString('libsodium')); - } - - $curve = $this->curve; - if (strlen($signature) != 2 * $curve::SIZE) { - return false; - } - - $R = substr($signature, 0, $curve::SIZE); - $S = substr($signature, $curve::SIZE); - - try { - $R = PKCS1::extractPoint($R, $curve); - $R = $this->curve->convertToInternal($R); - } catch (\Exception $e) { - return false; - } - - $S = strrev($S); - $S = new BigInteger($S, 256); - - if ($S->compare($order) >= 0) { - return false; - } - - $A = $curve->encodePoint($this->QA); - - if ($curve instanceof Ed25519) { - $dom2 = !isset($this->context) ? '' : - 'SigEd25519 no Ed25519 collisions' . "\0" . chr(strlen($this->context)) . $this->context; - } else { - $context = isset($this->context) ? $this->context : ''; - $dom2 = 'SigEd448' . "\0" . chr(strlen($context)) . $context; - } - - $hash = new Hash($curve::HASH); - $k = $hash->hash($dom2 . substr($signature, 0, $curve::SIZE) . $A . $message); - $k = strrev($k); - $k = new BigInteger($k, 256); - list(, $k) = $k->divide($order); - - $qa = $curve->convertToInternal($this->QA); - - $lhs = $curve->multiplyPoint($curve->getBasePoint(), $S); - $rhs = $curve->multiplyPoint($qa, $k); - $rhs = $curve->addPoint($rhs, $R); - $rhs = $curve->convertToAffine($rhs); - - return $lhs[0]->equals($rhs[0]) && $lhs[1]->equals($rhs[1]); - } - - $params = $format::load($signature); - if ($params === false || count($params) != 2) { - return false; - } - extract($params); - - if (self::$engines['OpenSSL'] && in_array($this->hash->getHash(), openssl_get_md_methods())) { - $sig = $format != 'ASN1' ? ASN1Signature::save($r, $s) : $signature; - - $result = openssl_verify($message, $sig, $this->toString('PKCS8', ['namedCurve' => false]), $this->hash->getHash()); - - if ($result != -1) { - return (bool) $result; - } - } - - $n_1 = $order->subtract(self::$one); - if (!$r->between(self::$one, $n_1) || !$s->between(self::$one, $n_1)) { - return false; - } - - $e = $this->hash->hash($message); - $e = new BigInteger($e, 256); - - $Ln = $this->hash->getLength() - $order->getLength(); - $z = $Ln > 0 ? $e->bitwise_rightShift($Ln) : $e; - - $w = $s->modInverse($order); - list(, $u1) = $z->multiply($w)->divide($order); - list(, $u2) = $r->multiply($w)->divide($order); - - $u1 = $this->curve->convertInteger($u1); - $u2 = $this->curve->convertInteger($u2); - - list($x1, $y1) = $this->curve->multiplyAddPoints( - [$this->curve->getBasePoint(), $this->QA], - [$u1, $u2] - ); - - $x1 = $x1->toBigInteger(); - list(, $x1) = $x1->divide($order); - - return $x1->equals($r); - } - - /** - * Returns the public key - * - * @param string $type - * @param array $options optional - * @return string - */ - public function toString($type, array $options = []) - { - $type = self::validatePlugin('Keys', $type, 'savePublicKey'); - - return $type::savePublicKey($this->curve, $this->QA, $options); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Hash.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Hash.php deleted file mode 100644 index 0e02544..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Hash.php +++ /dev/null @@ -1,1455 +0,0 @@ - - * setKey('abcdefg'); - * - * echo base64_encode($hash->hash('abcdefg')); - * ?> - * - * - * @author Jim Wigginton - * @copyright 2015 Jim Wigginton - * @author Andreas Fischer - * @copyright 2015 Andreas Fischer - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Exception\InsufficientSetupException; -use phpseclib3\Exception\UnsupportedAlgorithmException; -use phpseclib3\Math\BigInteger; -use phpseclib3\Math\PrimeField; - -/** - * @author Jim Wigginton - * @author Andreas Fischer - */ -class Hash -{ - /** - * Padding Types - * - */ - const PADDING_KECCAK = 1; - - /** - * Padding Types - * - */ - const PADDING_SHA3 = 2; - - /** - * Padding Types - * - */ - const PADDING_SHAKE = 3; - - /** - * Padding Type - * - * Only used by SHA3 - * - * @var int - */ - private $paddingType = 0; - - /** - * Hash Parameter - * - * @see self::setHash() - * @var int - */ - private $hashParam; - - /** - * Byte-length of hash output (Internal HMAC) - * - * @see self::setHash() - * @var int - */ - private $length; - - /** - * Hash Algorithm - * - * @see self::setHash() - * @var string - */ - private $algo; - - /** - * Key - * - * @see self::setKey() - * @var string - */ - private $key = false; - - /** - * Nonce - * - * @see self::setNonce() - * @var string - */ - private $nonce = false; - - /** - * Hash Parameters - * - * @var array - */ - private $parameters = []; - - /** - * Computed Key - * - * @see self::_computeKey() - * @var string - */ - private $computedKey = false; - - /** - * Outer XOR (Internal HMAC) - * - * Used only for sha512/* - * - * @see self::hash() - * @var string - */ - private $opad; - - /** - * Inner XOR (Internal HMAC) - * - * Used only for sha512/* - * - * @see self::hash() - * @var string - */ - private $ipad; - - /** - * Recompute AES Key - * - * Used only for umac - * - * @see self::hash() - * @var boolean - */ - private $recomputeAESKey; - - /** - * umac cipher object - * - * @see self::hash() - * @var \phpseclib3\Crypt\AES - */ - private $c; - - /** - * umac pad - * - * @see self::hash() - * @var string - */ - private $pad; - - /** - * Block Size - * - * @var int - */ - private $blockSize; - - /**#@+ - * UMAC variables - * - * @var PrimeField - */ - private static $factory36; - private static $factory64; - private static $factory128; - private static $offset64; - private static $offset128; - private static $marker64; - private static $marker128; - private static $maxwordrange64; - private static $maxwordrange128; - /**#@-*/ - - /** - * Default Constructor. - * - * @param string $hash - */ - public function __construct($hash = 'sha256') - { - $this->setHash($hash); - } - - /** - * Sets the key for HMACs - * - * Keys can be of any length. - * - * @param string $key - */ - public function setKey($key = false) - { - $this->key = $key; - $this->computeKey(); - $this->recomputeAESKey = true; - } - - /** - * Sets the nonce for UMACs - * - * Keys can be of any length. - * - * @param string $nonce - */ - public function setNonce($nonce = false) - { - switch (true) { - case !is_string($nonce): - case strlen($nonce) > 0 && strlen($nonce) <= 16: - $this->recomputeAESKey = true; - $this->nonce = $nonce; - return; - } - - throw new \LengthException('The nonce length must be between 1 and 16 bytes, inclusive'); - } - - /** - * Pre-compute the key used by the HMAC - * - * Quoting http://tools.ietf.org/html/rfc2104#section-2, "Applications that use keys longer than B bytes - * will first hash the key using H and then use the resultant L byte string as the actual key to HMAC." - * - * As documented in https://www.reddit.com/r/PHP/comments/9nct2l/symfonypolyfill_hash_pbkdf2_correct_fix_for/ - * when doing an HMAC multiple times it's faster to compute the hash once instead of computing it during - * every call - * - */ - private function computeKey() - { - if ($this->key === false) { - $this->computedKey = false; - return; - } - - if (strlen($this->key) <= $this->getBlockLengthInBytes()) { - $this->computedKey = $this->key; - return; - } - - $this->computedKey = is_array($this->algo) ? - call_user_func($this->algo, $this->key) : - hash($this->algo, $this->key, true); - } - - /** - * Gets the hash function. - * - * As set by the constructor or by the setHash() method. - * - * @return string - */ - public function getHash() - { - return $this->hashParam; - } - - /** - * Sets the hash function. - * - * @param string $hash - */ - public function setHash($hash) - { - $this->hashParam = $hash = strtolower($hash); - switch ($hash) { - case 'umac-32': - case 'umac-64': - case 'umac-96': - case 'umac-128': - $this->blockSize = 128; - $this->length = abs(substr($hash, -3)) >> 3; - $this->algo = 'umac'; - return; - case 'md2-96': - case 'md5-96': - case 'sha1-96': - case 'sha224-96': - case 'sha256-96': - case 'sha384-96': - case 'sha512-96': - case 'sha512/224-96': - case 'sha512/256-96': - $hash = substr($hash, 0, -3); - $this->length = 12; // 96 / 8 = 12 - break; - case 'md2': - case 'md5': - $this->length = 16; - break; - case 'sha1': - $this->length = 20; - break; - case 'sha224': - case 'sha512/224': - case 'sha3-224': - $this->length = 28; - break; - case 'keccak256': - $this->paddingType = self::PADDING_KECCAK; - // fall-through - case 'sha256': - case 'sha512/256': - case 'sha3-256': - $this->length = 32; - break; - case 'sha384': - case 'sha3-384': - $this->length = 48; - break; - case 'sha512': - case 'sha3-512': - $this->length = 64; - break; - default: - if (preg_match('#^(shake(?:128|256))-(\d+)$#', $hash, $matches)) { - $this->paddingType = self::PADDING_SHAKE; - $hash = $matches[1]; - $this->length = $matches[2] >> 3; - } else { - throw new UnsupportedAlgorithmException( - "$hash is not a supported algorithm" - ); - } - } - - switch ($hash) { - case 'md2': - case 'md2-96': - $this->blockSize = 128; - break; - case 'md5-96': - case 'sha1-96': - case 'sha224-96': - case 'sha256-96': - case 'md5': - case 'sha1': - case 'sha224': - case 'sha256': - $this->blockSize = 512; - break; - case 'sha3-224': - $this->blockSize = 1152; // 1600 - 2*224 - break; - case 'sha3-256': - case 'shake256': - case 'keccak256': - $this->blockSize = 1088; // 1600 - 2*256 - break; - case 'sha3-384': - $this->blockSize = 832; // 1600 - 2*384 - break; - case 'sha3-512': - $this->blockSize = 576; // 1600 - 2*512 - break; - case 'shake128': - $this->blockSize = 1344; // 1600 - 2*128 - break; - default: - $this->blockSize = 1024; - } - - if (in_array(substr($hash, 0, 5), ['sha3-', 'shake', 'kecca'])) { - // PHP 7.1.0 introduced support for "SHA3 fixed mode algorithms": - // http://php.net/ChangeLog-7.php#7.1.0 - if (version_compare(PHP_VERSION, '7.1.0') < 0 || substr($hash, 0, 5) != 'sha3-') { - //preg_match('#(\d+)$#', $hash, $matches); - //$this->parameters['capacity'] = 2 * $matches[1]; // 1600 - $this->blockSize - //$this->parameters['rate'] = 1600 - $this->parameters['capacity']; // == $this->blockSize - if (!$this->paddingType) { - $this->paddingType = self::PADDING_SHA3; - } - $this->parameters = [ - 'capacity' => 1600 - $this->blockSize, - 'rate' => $this->blockSize, - 'length' => $this->length, - 'padding' => $this->paddingType - ]; - $hash = ['phpseclib3\Crypt\Hash', PHP_INT_SIZE == 8 ? 'sha3_64' : 'sha3_32']; - } - } - - if ($hash == 'sha512/224' || $hash == 'sha512/256') { - // PHP 7.1.0 introduced sha512/224 and sha512/256 support: - // http://php.net/ChangeLog-7.php#7.1.0 - if (version_compare(PHP_VERSION, '7.1.0') < 0) { - // from http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf#page=24 - $initial = $hash == 'sha512/256' ? - [ - '22312194FC2BF72C', '9F555FA3C84C64C2', '2393B86B6F53B151', '963877195940EABD', - '96283EE2A88EFFE3', 'BE5E1E2553863992', '2B0199FC2C85B8AA', '0EB72DDC81C52CA2' - ] : - [ - '8C3D37C819544DA2', '73E1996689DCD4D6', '1DFAB7AE32FF9C82', '679DD514582F9FCF', - '0F6D2B697BD44DA8', '77E36F7304C48942', '3F9D85A86A1D36C8', '1112E6AD91D692A1' - ]; - for ($i = 0; $i < 8; $i++) { - $initial[$i] = new BigInteger($initial[$i], 16); - $initial[$i]->setPrecision(64); - } - - $this->parameters = compact('initial'); - - $hash = ['phpseclib3\Crypt\Hash', 'sha512']; - } - } - - if (is_array($hash)) { - $b = $this->blockSize >> 3; - $this->ipad = str_repeat(chr(0x36), $b); - $this->opad = str_repeat(chr(0x5C), $b); - } - - $this->algo = $hash; - - $this->computeKey(); - } - - /** - * KDF: Key-Derivation Function - * - * The key-derivation function generates pseudorandom bits used to key the hash functions. - * - * @param int $index a non-negative integer less than 2^64 - * @param int $numbytes a non-negative integer less than 2^64 - * @return string string of length numbytes bytes - */ - private function kdf($index, $numbytes) - { - $this->c->setIV(pack('N4', 0, $index, 0, 1)); - - return $this->c->encrypt(str_repeat("\0", $numbytes)); - } - - /** - * PDF Algorithm - * - * @return string string of length taglen bytes. - */ - private function pdf() - { - $k = $this->key; - $nonce = $this->nonce; - $taglen = $this->length; - - // - // Extract and zero low bit(s) of Nonce if needed - // - if ($taglen <= 8) { - $last = strlen($nonce) - 1; - $mask = $taglen == 4 ? "\3" : "\1"; - $index = $nonce[$last] & $mask; - $nonce[$last] = $nonce[$last] ^ $index; - } - - // - // Make Nonce BLOCKLEN bytes by appending zeroes if needed - // - $nonce = str_pad($nonce, 16, "\0"); - - // - // Generate subkey, encipher and extract indexed substring - // - $kp = $this->kdf(0, 16); - $c = new AES('ctr'); - $c->disablePadding(); - $c->setKey($kp); - $c->setIV($nonce); - $t = $c->encrypt("\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"); - - // we could use ord() but per https://paragonie.com/blog/2016/06/constant-time-encoding-boring-cryptography-rfc-4648-and-you - // unpack() doesn't leak timing info - return $taglen <= 8 ? - substr($t, unpack('C', $index)[1] * $taglen, $taglen) : - substr($t, 0, $taglen); - } - - /** - * UHASH Algorithm - * - * @param string $m string of length less than 2^67 bits. - * @param int $taglen the integer 4, 8, 12 or 16. - * @return string string of length taglen bytes. - */ - private function uhash($m, $taglen) - { - // - // One internal iteration per 4 bytes of output - // - $iters = $taglen >> 2; - - // - // Define total key needed for all iterations using KDF. - // L1Key reuses most key material between iterations. - // - //$L1Key = $this->kdf(1, 1024 + ($iters - 1) * 16); - $L1Key = $this->kdf(1, (1024 + ($iters - 1)) * 16); - $L2Key = $this->kdf(2, $iters * 24); - $L3Key1 = $this->kdf(3, $iters * 64); - $L3Key2 = $this->kdf(4, $iters * 4); - - // - // For each iteration, extract key and do three-layer hash. - // If bytelength(M) <= 1024, then skip L2-HASH. - // - $y = ''; - for ($i = 0; $i < $iters; $i++) { - $L1Key_i = substr($L1Key, $i * 16, 1024); - $L2Key_i = substr($L2Key, $i * 24, 24); - $L3Key1_i = substr($L3Key1, $i * 64, 64); - $L3Key2_i = substr($L3Key2, $i * 4, 4); - - $a = self::L1Hash($L1Key_i, $m); - $b = strlen($m) <= 1024 ? "\0\0\0\0\0\0\0\0$a" : self::L2Hash($L2Key_i, $a); - $c = self::L3Hash($L3Key1_i, $L3Key2_i, $b); - $y .= $c; - } - - return $y; - } - - /** - * L1-HASH Algorithm - * - * The first-layer hash breaks the message into 1024-byte chunks and - * hashes each with a function called NH. Concatenating the results - * forms a string, which is up to 128 times shorter than the original. - * - * @param string $k string of length 1024 bytes. - * @param string $m string of length less than 2^67 bits. - * @return string string of length (8 * ceil(bitlength(M)/8192)) bytes. - */ - private static function L1Hash($k, $m) - { - // - // Break M into 1024 byte chunks (final chunk may be shorter) - // - $m = str_split($m, 1024); - - // - // For each chunk, except the last: endian-adjust, NH hash - // and add bit-length. Use results to build Y. - // - $length = new BigInteger(1024 * 8); - $y = ''; - for ($i = 0; $i < count($m) - 1; $i++) { - $m[$i] = pack('N*', ...unpack('V*', $m[$i])); // ENDIAN-SWAP - $y .= static::nh($k, $m[$i], $length); - } - - // - // For the last chunk: pad to 32-byte boundary, endian-adjust, - // NH hash and add bit-length. Concatenate the result to Y. - // - $length = count($m) ? strlen($m[$i]) : 0; - $pad = 32 - ($length % 32); - $pad = max(32, $length + $pad % 32); - $m[$i] = str_pad(isset($m[$i]) ? $m[$i] : '', $pad, "\0"); // zeropad - $m[$i] = pack('N*', ...unpack('V*', $m[$i])); // ENDIAN-SWAP - - $y .= static::nh($k, $m[$i], new BigInteger($length * 8)); - - return $y; - } - - /** - * NH Algorithm - * - * @param string $k string of length 1024 bytes. - * @param string $m string with length divisible by 32 bytes. - * @return string string of length 8 bytes. - */ - private static function nh($k, $m, $length) - { - $toUInt32 = function ($x) { - $x = new BigInteger($x, 256); - $x->setPrecision(32); - return $x; - }; - - // - // Break M and K into 4-byte chunks - // - //$t = strlen($m) >> 2; - $m = str_split($m, 4); - $t = count($m); - $k = str_split($k, 4); - $k = array_pad(array_slice($k, 0, $t), $t, 0); - - $m = array_map($toUInt32, $m); - $k = array_map($toUInt32, $k); - - // - // Perform NH hash on the chunks, pairing words for multiplication - // which are 4 apart to accommodate vector-parallelism. - // - $y = new BigInteger(); - $y->setPrecision(64); - $i = 0; - while ($i < $t) { - $temp = $m[$i]->add($k[$i]); - $temp->setPrecision(64); - $temp = $temp->multiply($m[$i + 4]->add($k[$i + 4])); - $y = $y->add($temp); - - $temp = $m[$i + 1]->add($k[$i + 1]); - $temp->setPrecision(64); - $temp = $temp->multiply($m[$i + 5]->add($k[$i + 5])); - $y = $y->add($temp); - - $temp = $m[$i + 2]->add($k[$i + 2]); - $temp->setPrecision(64); - $temp = $temp->multiply($m[$i + 6]->add($k[$i + 6])); - $y = $y->add($temp); - - $temp = $m[$i + 3]->add($k[$i + 3]); - $temp->setPrecision(64); - $temp = $temp->multiply($m[$i + 7]->add($k[$i + 7])); - $y = $y->add($temp); - - $i += 8; - } - - return $y->add($length)->toBytes(); - } - - /** - * L2-HASH: Second-Layer Hash - * - * The second-layer rehashes the L1-HASH output using a polynomial hash - * called POLY. If the L1-HASH output is long, then POLY is called once - * on a prefix of the L1-HASH output and called using different settings - * on the remainder. (This two-step hashing of the L1-HASH output is - * needed only if the message length is greater than 16 megabytes.) - * Careful implementation of POLY is necessary to avoid a possible - * timing attack (see Section 6.6 for more information). - * - * @param string $k string of length 24 bytes. - * @param string $m string of length less than 2^64 bytes. - * @return string string of length 16 bytes. - */ - private static function L2Hash($k, $m) - { - // - // Extract keys and restrict to special key-sets - // - $k64 = $k & "\x01\xFF\xFF\xFF\x01\xFF\xFF\xFF"; - $k64 = new BigInteger($k64, 256); - $k128 = substr($k, 8) & "\x01\xFF\xFF\xFF\x01\xFF\xFF\xFF\x01\xFF\xFF\xFF\x01\xFF\xFF\xFF"; - $k128 = new BigInteger($k128, 256); - - // - // If M is no more than 2^17 bytes, hash under 64-bit prime, - // otherwise, hash first 2^17 bytes under 64-bit prime and - // remainder under 128-bit prime. - // - if (strlen($m) <= 0x20000) { // 2^14 64-bit words - $y = self::poly(64, self::$maxwordrange64, $k64, $m); - } else { - $m_1 = substr($m, 0, 0x20000); // 1 << 17 - $m_2 = substr($m, 0x20000) . "\x80"; - $length = strlen($m_2); - $pad = 16 - ($length % 16); - $pad %= 16; - $m_2 = str_pad($m_2, $length + $pad, "\0"); // zeropad - $y = self::poly(64, self::$maxwordrange64, $k64, $m_1); - $y = str_pad($y, 16, "\0", STR_PAD_LEFT); - $y = self::poly(128, self::$maxwordrange128, $k128, $y . $m_2); - } - - return str_pad($y, 16, "\0", STR_PAD_LEFT); - } - - /** - * POLY Algorithm - * - * @param int $wordbits the integer 64 or 128. - * @param BigInteger $maxwordrange positive integer less than 2^wordbits. - * @param BigInteger $k integer in the range 0 ... prime(wordbits) - 1. - * @param string $m string with length divisible by (wordbits / 8) bytes. - * @return integer in the range 0 ... prime(wordbits) - 1. - */ - private static function poly($wordbits, $maxwordrange, $k, $m) - { - // - // Define constants used for fixing out-of-range words - // - $wordbytes = $wordbits >> 3; - if ($wordbits == 128) { - $factory = self::$factory128; - $offset = self::$offset128; - $marker = self::$marker128; - } else { - $factory = self::$factory64; - $offset = self::$offset64; - $marker = self::$marker64; - } - - $k = $factory->newInteger($k); - - // - // Break M into chunks of length wordbytes bytes - // - $m_i = str_split($m, $wordbytes); - - // - // Each input word m is compared with maxwordrange. If not smaller - // then 'marker' and (m - offset), both in range, are hashed. - // - $y = $factory->newInteger(new BigInteger(1)); - foreach ($m_i as $m) { - $m = $factory->newInteger(new BigInteger($m, 256)); - if ($m->compare($maxwordrange) >= 0) { - $y = $k->multiply($y)->add($marker); - $y = $k->multiply($y)->add($m->subtract($offset)); - } else { - $y = $k->multiply($y)->add($m); - } - } - - return $y->toBytes(); - } - - /** - * L3-HASH: Third-Layer Hash - * - * The output from L2-HASH is 16 bytes long. This final hash function - * hashes the 16-byte string to a fixed length of 4 bytes. - * - * @param string $k1 string of length 64 bytes. - * @param string $k2 string of length 4 bytes. - * @param string $m string of length 16 bytes. - * @return string string of length 4 bytes. - */ - private static function L3Hash($k1, $k2, $m) - { - $factory = self::$factory36; - - $y = $factory->newInteger(new BigInteger()); - for ($i = 0; $i < 8; $i++) { - $m_i = $factory->newInteger(new BigInteger(substr($m, 2 * $i, 2), 256)); - $k_i = $factory->newInteger(new BigInteger(substr($k1, 8 * $i, 8), 256)); - $y = $y->add($m_i->multiply($k_i)); - } - $y = str_pad(substr($y->toBytes(), -4), 4, "\0", STR_PAD_LEFT); - $y = $y ^ $k2; - - return $y; - } - - /** - * Compute the Hash / HMAC / UMAC. - * - * @param string $text - * @return string - */ - public function hash($text) - { - $algo = $this->algo; - if ($algo == 'umac') { - if ($this->recomputeAESKey) { - if (!is_string($this->nonce)) { - throw new InsufficientSetupException('No nonce has been set'); - } - if (!is_string($this->key)) { - throw new InsufficientSetupException('No key has been set'); - } - if (strlen($this->key) != 16) { - throw new \LengthException('Key must be 16 bytes long'); - } - - if (!isset(self::$maxwordrange64)) { - $one = new BigInteger(1); - - $prime36 = new BigInteger("\x00\x00\x00\x0F\xFF\xFF\xFF\xFB", 256); - self::$factory36 = new PrimeField($prime36); - - $prime64 = new BigInteger("\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xC5", 256); - self::$factory64 = new PrimeField($prime64); - - $prime128 = new BigInteger("\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\x61", 256); - self::$factory128 = new PrimeField($prime128); - - self::$offset64 = new BigInteger("\1\0\0\0\0\0\0\0\0", 256); - self::$offset64 = self::$factory64->newInteger(self::$offset64->subtract($prime64)); - self::$offset128 = new BigInteger("\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", 256); - self::$offset128 = self::$factory128->newInteger(self::$offset128->subtract($prime128)); - - self::$marker64 = self::$factory64->newInteger($prime64->subtract($one)); - self::$marker128 = self::$factory128->newInteger($prime128->subtract($one)); - - $maxwordrange64 = $one->bitwise_leftShift(64)->subtract($one->bitwise_leftShift(32)); - self::$maxwordrange64 = self::$factory64->newInteger($maxwordrange64); - - $maxwordrange128 = $one->bitwise_leftShift(128)->subtract($one->bitwise_leftShift(96)); - self::$maxwordrange128 = self::$factory128->newInteger($maxwordrange128); - } - - $this->c = new AES('ctr'); - $this->c->disablePadding(); - $this->c->setKey($this->key); - - $this->pad = $this->pdf(); - - $this->recomputeAESKey = false; - } - - $hashedmessage = $this->uhash($text, $this->length); - return $hashedmessage ^ $this->pad; - } - - if (is_array($algo)) { - if (empty($this->key) || !is_string($this->key)) { - return substr($algo($text, ...array_values($this->parameters)), 0, $this->length); - } - - // SHA3 HMACs are discussed at https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf#page=30 - - $key = str_pad($this->computedKey, $b, chr(0)); - $temp = $this->ipad ^ $key; - $temp .= $text; - $temp = substr($algo($temp, ...array_values($this->parameters)), 0, $this->length); - $output = $this->opad ^ $key; - $output .= $temp; - $output = $algo($output, ...array_values($this->parameters)); - - return substr($output, 0, $this->length); - } - - $output = !empty($this->key) || is_string($this->key) ? - hash_hmac($algo, $text, $this->computedKey, true) : - hash($algo, $text, true); - - return strlen($output) > $this->length - ? substr($output, 0, $this->length) - : $output; - } - - /** - * Returns the hash length (in bits) - * - * @return int - */ - public function getLength() - { - return $this->length << 3; - } - - /** - * Returns the hash length (in bytes) - * - * @return int - */ - public function getLengthInBytes() - { - return $this->length; - } - - /** - * Returns the block length (in bits) - * - * @return int - */ - public function getBlockLength() - { - return $this->blockSize; - } - - /** - * Returns the block length (in bytes) - * - * @return int - */ - public function getBlockLengthInBytes() - { - return $this->blockSize >> 3; - } - - /** - * Pads SHA3 based on the mode - * - * @param int $padLength - * @param int $padType - * @return string - */ - private static function sha3_pad($padLength, $padType) - { - switch ($padType) { - case self::PADDING_KECCAK: - $temp = chr(0x01) . str_repeat("\0", $padLength - 1); - $temp[$padLength - 1] = $temp[$padLength - 1] | chr(0x80); - return $temp; - case self::PADDING_SHAKE: - $temp = chr(0x1F) . str_repeat("\0", $padLength - 1); - $temp[$padLength - 1] = $temp[$padLength - 1] | chr(0x80); - return $temp; - //case self::PADDING_SHA3: - default: - // from https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf#page=36 - return $padLength == 1 ? chr(0x86) : chr(0x06) . str_repeat("\0", $padLength - 2) . chr(0x80); - } - } - - /** - * Pure-PHP 32-bit implementation of SHA3 - * - * Whereas BigInteger.php's 32-bit engine works on PHP 64-bit this 32-bit implementation - * of SHA3 will *not* work on PHP 64-bit. This is because this implementation - * employees bitwise NOTs and bitwise left shifts. And the round constants only work - * on 32-bit PHP. eg. dechex(-2147483648) returns 80000000 on 32-bit PHP and - * FFFFFFFF80000000 on 64-bit PHP. Sure, we could do bitwise ANDs but that would slow - * things down. - * - * SHA512 requires BigInteger to simulate 64-bit unsigned integers because SHA2 employees - * addition whereas SHA3 just employees bitwise operators. PHP64 only supports signed - * 64-bit integers, which complicates addition, whereas that limitation isn't an issue - * for SHA3. - * - * In https://ws680.nist.gov/publication/get_pdf.cfm?pub_id=919061#page=16 KECCAK[C] is - * defined as "the KECCAK instance with KECCAK-f[1600] as the underlying permutation and - * capacity c". This is relevant because, altho the KECCAK standard defines a mode - * (KECCAK-f[800]) designed for 32-bit machines that mode is incompatible with SHA3 - * - * @param string $p - * @param int $c - * @param int $r - * @param int $d - * @param int $padType - */ - private static function sha3_32($p, $c, $r, $d, $padType) - { - $block_size = $r >> 3; - $padLength = $block_size - (strlen($p) % $block_size); - $num_ints = $block_size >> 2; - - $p .= static::sha3_pad($padLength, $padType); - - $n = strlen($p) / $r; // number of blocks - - $s = [ - [[0, 0], [0, 0], [0, 0], [0, 0], [0, 0]], - [[0, 0], [0, 0], [0, 0], [0, 0], [0, 0]], - [[0, 0], [0, 0], [0, 0], [0, 0], [0, 0]], - [[0, 0], [0, 0], [0, 0], [0, 0], [0, 0]], - [[0, 0], [0, 0], [0, 0], [0, 0], [0, 0]] - ]; - - $p = str_split($p, $block_size); - - foreach ($p as $pi) { - $pi = unpack('V*', $pi); - $x = $y = 0; - for ($i = 1; $i <= $num_ints; $i += 2) { - $s[$x][$y][0] ^= $pi[$i + 1]; - $s[$x][$y][1] ^= $pi[$i]; - if (++$y == 5) { - $y = 0; - $x++; - } - } - static::processSHA3Block32($s); - } - - $z = ''; - $i = $j = 0; - while (strlen($z) < $d) { - $z .= pack('V2', $s[$i][$j][1], $s[$i][$j++][0]); - if ($j == 5) { - $j = 0; - $i++; - if ($i == 5) { - $i = 0; - static::processSHA3Block32($s); - } - } - } - - return $z; - } - - /** - * 32-bit block processing method for SHA3 - * - * @param array $s - */ - private static function processSHA3Block32(&$s) - { - static $rotationOffsets = [ - [ 0, 1, 62, 28, 27], - [36, 44, 6, 55, 20], - [ 3, 10, 43, 25, 39], - [41, 45, 15, 21, 8], - [18, 2, 61, 56, 14] - ]; - - // the standards give these constants in hexadecimal notation. it's tempting to want to use - // that same notation, here, however, we can't, because 0x80000000, on PHP32, is a positive - // float - not the negative int that we need to be in PHP32. so we use -2147483648 instead - static $roundConstants = [ - [0, 1], - [0, 32898], - [-2147483648, 32906], - [-2147483648, -2147450880], - [0, 32907], - [0, -2147483647], - [-2147483648, -2147450751], - [-2147483648, 32777], - [0, 138], - [0, 136], - [0, -2147450871], - [0, -2147483638], - [0, -2147450741], - [-2147483648, 139], - [-2147483648, 32905], - [-2147483648, 32771], - [-2147483648, 32770], - [-2147483648, 128], - [0, 32778], - [-2147483648, -2147483638], - [-2147483648, -2147450751], - [-2147483648, 32896], - [0, -2147483647], - [-2147483648, -2147450872] - ]; - - for ($round = 0; $round < 24; $round++) { - // theta step - $parity = $rotated = []; - for ($i = 0; $i < 5; $i++) { - $parity[] = [ - $s[0][$i][0] ^ $s[1][$i][0] ^ $s[2][$i][0] ^ $s[3][$i][0] ^ $s[4][$i][0], - $s[0][$i][1] ^ $s[1][$i][1] ^ $s[2][$i][1] ^ $s[3][$i][1] ^ $s[4][$i][1] - ]; - $rotated[] = static::rotateLeft32($parity[$i], 1); - } - - $temp = [ - [$parity[4][0] ^ $rotated[1][0], $parity[4][1] ^ $rotated[1][1]], - [$parity[0][0] ^ $rotated[2][0], $parity[0][1] ^ $rotated[2][1]], - [$parity[1][0] ^ $rotated[3][0], $parity[1][1] ^ $rotated[3][1]], - [$parity[2][0] ^ $rotated[4][0], $parity[2][1] ^ $rotated[4][1]], - [$parity[3][0] ^ $rotated[0][0], $parity[3][1] ^ $rotated[0][1]] - ]; - for ($i = 0; $i < 5; $i++) { - for ($j = 0; $j < 5; $j++) { - $s[$i][$j][0] ^= $temp[$j][0]; - $s[$i][$j][1] ^= $temp[$j][1]; - } - } - - $st = $s; - - // rho and pi steps - for ($i = 0; $i < 5; $i++) { - for ($j = 0; $j < 5; $j++) { - $st[(2 * $i + 3 * $j) % 5][$j] = static::rotateLeft32($s[$j][$i], $rotationOffsets[$j][$i]); - } - } - - // chi step - for ($i = 0; $i < 5; $i++) { - $s[$i][0] = [ - $st[$i][0][0] ^ (~$st[$i][1][0] & $st[$i][2][0]), - $st[$i][0][1] ^ (~$st[$i][1][1] & $st[$i][2][1]) - ]; - $s[$i][1] = [ - $st[$i][1][0] ^ (~$st[$i][2][0] & $st[$i][3][0]), - $st[$i][1][1] ^ (~$st[$i][2][1] & $st[$i][3][1]) - ]; - $s[$i][2] = [ - $st[$i][2][0] ^ (~$st[$i][3][0] & $st[$i][4][0]), - $st[$i][2][1] ^ (~$st[$i][3][1] & $st[$i][4][1]) - ]; - $s[$i][3] = [ - $st[$i][3][0] ^ (~$st[$i][4][0] & $st[$i][0][0]), - $st[$i][3][1] ^ (~$st[$i][4][1] & $st[$i][0][1]) - ]; - $s[$i][4] = [ - $st[$i][4][0] ^ (~$st[$i][0][0] & $st[$i][1][0]), - $st[$i][4][1] ^ (~$st[$i][0][1] & $st[$i][1][1]) - ]; - } - - // iota step - $s[0][0][0] ^= $roundConstants[$round][0]; - $s[0][0][1] ^= $roundConstants[$round][1]; - } - } - - /** - * Rotate 32-bit int - * - * @param array $x - * @param int $shift - */ - private static function rotateLeft32($x, $shift) - { - if ($shift < 32) { - list($hi, $lo) = $x; - } else { - $shift -= 32; - list($lo, $hi) = $x; - } - - return [ - ($hi << $shift) | (($lo >> (32 - $shift)) & (1 << $shift) - 1), - ($lo << $shift) | (($hi >> (32 - $shift)) & (1 << $shift) - 1) - ]; - } - - /** - * Pure-PHP 64-bit implementation of SHA3 - * - * @param string $p - * @param int $c - * @param int $r - * @param int $d - * @param int $padType - */ - private static function sha3_64($p, $c, $r, $d, $padType) - { - $block_size = $r >> 3; - $padLength = $block_size - (strlen($p) % $block_size); - $num_ints = $block_size >> 2; - - $p .= static::sha3_pad($padLength, $padType); - - $n = strlen($p) / $r; // number of blocks - - $s = [ - [0, 0, 0, 0, 0], - [0, 0, 0, 0, 0], - [0, 0, 0, 0, 0], - [0, 0, 0, 0, 0], - [0, 0, 0, 0, 0] - ]; - - $p = str_split($p, $block_size); - - foreach ($p as $pi) { - $pi = unpack('P*', $pi); - $x = $y = 0; - foreach ($pi as $subpi) { - $s[$x][$y++] ^= $subpi; - if ($y == 5) { - $y = 0; - $x++; - } - } - static::processSHA3Block64($s); - } - - $z = ''; - $i = $j = 0; - while (strlen($z) < $d) { - $z .= pack('P', $s[$i][$j++]); - if ($j == 5) { - $j = 0; - $i++; - if ($i == 5) { - $i = 0; - static::processSHA3Block64($s); - } - } - } - - return $z; - } - - /** - * 64-bit block processing method for SHA3 - * - * @param array $s - */ - private static function processSHA3Block64(&$s) - { - static $rotationOffsets = [ - [ 0, 1, 62, 28, 27], - [36, 44, 6, 55, 20], - [ 3, 10, 43, 25, 39], - [41, 45, 15, 21, 8], - [18, 2, 61, 56, 14] - ]; - - static $roundConstants = [ - 1, - 32898, - -9223372036854742902, - -9223372034707259392, - 32907, - 2147483649, - -9223372034707259263, - -9223372036854743031, - 138, - 136, - 2147516425, - 2147483658, - 2147516555, - -9223372036854775669, - -9223372036854742903, - -9223372036854743037, - -9223372036854743038, - -9223372036854775680, - 32778, - -9223372034707292150, - -9223372034707259263, - -9223372036854742912, - 2147483649, - -9223372034707259384 - ]; - - for ($round = 0; $round < 24; $round++) { - // theta step - $parity = []; - for ($i = 0; $i < 5; $i++) { - $parity[] = $s[0][$i] ^ $s[1][$i] ^ $s[2][$i] ^ $s[3][$i] ^ $s[4][$i]; - } - $temp = [ - $parity[4] ^ static::rotateLeft64($parity[1], 1), - $parity[0] ^ static::rotateLeft64($parity[2], 1), - $parity[1] ^ static::rotateLeft64($parity[3], 1), - $parity[2] ^ static::rotateLeft64($parity[4], 1), - $parity[3] ^ static::rotateLeft64($parity[0], 1) - ]; - for ($i = 0; $i < 5; $i++) { - for ($j = 0; $j < 5; $j++) { - $s[$i][$j] ^= $temp[$j]; - } - } - - $st = $s; - - // rho and pi steps - for ($i = 0; $i < 5; $i++) { - for ($j = 0; $j < 5; $j++) { - $st[(2 * $i + 3 * $j) % 5][$j] = static::rotateLeft64($s[$j][$i], $rotationOffsets[$j][$i]); - } - } - - // chi step - for ($i = 0; $i < 5; $i++) { - $s[$i] = [ - $st[$i][0] ^ (~$st[$i][1] & $st[$i][2]), - $st[$i][1] ^ (~$st[$i][2] & $st[$i][3]), - $st[$i][2] ^ (~$st[$i][3] & $st[$i][4]), - $st[$i][3] ^ (~$st[$i][4] & $st[$i][0]), - $st[$i][4] ^ (~$st[$i][0] & $st[$i][1]) - ]; - } - - // iota step - $s[0][0] ^= $roundConstants[$round]; - } - } - - /** - * Rotate 64-bit int - * - * @param int $x - * @param int $shift - */ - private static function rotateLeft64($x, $shift) - { - return ($x << $shift) | (($x >> (64 - $shift)) & ((1 << $shift) - 1)); - } - - /** - * Pure-PHP implementation of SHA512 - * - * @param string $m - * @param array $hash - * @return string - */ - private static function sha512($m, $hash) - { - static $k; - - if (!isset($k)) { - // Initialize table of round constants - // (first 64 bits of the fractional parts of the cube roots of the first 80 primes 2..409) - $k = [ - '428a2f98d728ae22', '7137449123ef65cd', 'b5c0fbcfec4d3b2f', 'e9b5dba58189dbbc', - '3956c25bf348b538', '59f111f1b605d019', '923f82a4af194f9b', 'ab1c5ed5da6d8118', - 'd807aa98a3030242', '12835b0145706fbe', '243185be4ee4b28c', '550c7dc3d5ffb4e2', - '72be5d74f27b896f', '80deb1fe3b1696b1', '9bdc06a725c71235', 'c19bf174cf692694', - 'e49b69c19ef14ad2', 'efbe4786384f25e3', '0fc19dc68b8cd5b5', '240ca1cc77ac9c65', - '2de92c6f592b0275', '4a7484aa6ea6e483', '5cb0a9dcbd41fbd4', '76f988da831153b5', - '983e5152ee66dfab', 'a831c66d2db43210', 'b00327c898fb213f', 'bf597fc7beef0ee4', - 'c6e00bf33da88fc2', 'd5a79147930aa725', '06ca6351e003826f', '142929670a0e6e70', - '27b70a8546d22ffc', '2e1b21385c26c926', '4d2c6dfc5ac42aed', '53380d139d95b3df', - '650a73548baf63de', '766a0abb3c77b2a8', '81c2c92e47edaee6', '92722c851482353b', - 'a2bfe8a14cf10364', 'a81a664bbc423001', 'c24b8b70d0f89791', 'c76c51a30654be30', - 'd192e819d6ef5218', 'd69906245565a910', 'f40e35855771202a', '106aa07032bbd1b8', - '19a4c116b8d2d0c8', '1e376c085141ab53', '2748774cdf8eeb99', '34b0bcb5e19b48a8', - '391c0cb3c5c95a63', '4ed8aa4ae3418acb', '5b9cca4f7763e373', '682e6ff3d6b2b8a3', - '748f82ee5defb2fc', '78a5636f43172f60', '84c87814a1f0ab72', '8cc702081a6439ec', - '90befffa23631e28', 'a4506cebde82bde9', 'bef9a3f7b2c67915', 'c67178f2e372532b', - 'ca273eceea26619c', 'd186b8c721c0c207', 'eada7dd6cde0eb1e', 'f57d4f7fee6ed178', - '06f067aa72176fba', '0a637dc5a2c898a6', '113f9804bef90dae', '1b710b35131c471b', - '28db77f523047d84', '32caab7b40c72493', '3c9ebe0a15c9bebc', '431d67c49c100d4c', - '4cc5d4becb3e42b6', '597f299cfc657e2a', '5fcb6fab3ad6faec', '6c44198c4a475817' - ]; - - for ($i = 0; $i < 80; $i++) { - $k[$i] = new BigInteger($k[$i], 16); - } - } - - // Pre-processing - $length = strlen($m); - // to round to nearest 112 mod 128, we'll add 128 - (length + (128 - 112)) % 128 - $m .= str_repeat(chr(0), 128 - (($length + 16) & 0x7F)); - $m[$length] = chr(0x80); - // we don't support hashing strings 512MB long - $m .= pack('N4', 0, 0, 0, $length << 3); - - // Process the message in successive 1024-bit chunks - $chunks = str_split($m, 128); - foreach ($chunks as $chunk) { - $w = []; - for ($i = 0; $i < 16; $i++) { - $temp = new BigInteger(Strings::shift($chunk, 8), 256); - $temp->setPrecision(64); - $w[] = $temp; - } - - // Extend the sixteen 32-bit words into eighty 32-bit words - for ($i = 16; $i < 80; $i++) { - $temp = [ - $w[$i - 15]->bitwise_rightRotate(1), - $w[$i - 15]->bitwise_rightRotate(8), - $w[$i - 15]->bitwise_rightShift(7) - ]; - $s0 = $temp[0]->bitwise_xor($temp[1]); - $s0 = $s0->bitwise_xor($temp[2]); - $temp = [ - $w[$i - 2]->bitwise_rightRotate(19), - $w[$i - 2]->bitwise_rightRotate(61), - $w[$i - 2]->bitwise_rightShift(6) - ]; - $s1 = $temp[0]->bitwise_xor($temp[1]); - $s1 = $s1->bitwise_xor($temp[2]); - $w[$i] = clone $w[$i - 16]; - $w[$i] = $w[$i]->add($s0); - $w[$i] = $w[$i]->add($w[$i - 7]); - $w[$i] = $w[$i]->add($s1); - } - - // Initialize hash value for this chunk - $a = clone $hash[0]; - $b = clone $hash[1]; - $c = clone $hash[2]; - $d = clone $hash[3]; - $e = clone $hash[4]; - $f = clone $hash[5]; - $g = clone $hash[6]; - $h = clone $hash[7]; - - // Main loop - for ($i = 0; $i < 80; $i++) { - $temp = [ - $a->bitwise_rightRotate(28), - $a->bitwise_rightRotate(34), - $a->bitwise_rightRotate(39) - ]; - $s0 = $temp[0]->bitwise_xor($temp[1]); - $s0 = $s0->bitwise_xor($temp[2]); - $temp = [ - $a->bitwise_and($b), - $a->bitwise_and($c), - $b->bitwise_and($c) - ]; - $maj = $temp[0]->bitwise_xor($temp[1]); - $maj = $maj->bitwise_xor($temp[2]); - $t2 = $s0->add($maj); - - $temp = [ - $e->bitwise_rightRotate(14), - $e->bitwise_rightRotate(18), - $e->bitwise_rightRotate(41) - ]; - $s1 = $temp[0]->bitwise_xor($temp[1]); - $s1 = $s1->bitwise_xor($temp[2]); - $temp = [ - $e->bitwise_and($f), - $g->bitwise_and($e->bitwise_not()) - ]; - $ch = $temp[0]->bitwise_xor($temp[1]); - $t1 = $h->add($s1); - $t1 = $t1->add($ch); - $t1 = $t1->add($k[$i]); - $t1 = $t1->add($w[$i]); - - $h = clone $g; - $g = clone $f; - $f = clone $e; - $e = $d->add($t1); - $d = clone $c; - $c = clone $b; - $b = clone $a; - $a = $t1->add($t2); - } - - // Add this chunk's hash to result so far - $hash = [ - $hash[0]->add($a), - $hash[1]->add($b), - $hash[2]->add($c), - $hash[3]->add($d), - $hash[4]->add($e), - $hash[5]->add($f), - $hash[6]->add($g), - $hash[7]->add($h) - ]; - } - - // Produce the final hash value (big-endian) - // (\phpseclib3\Crypt\Hash::hash() trims the output for hashes but not for HMACs. as such, we trim the output here) - $temp = $hash[0]->toBytes() . $hash[1]->toBytes() . $hash[2]->toBytes() . $hash[3]->toBytes() . - $hash[4]->toBytes() . $hash[5]->toBytes() . $hash[6]->toBytes() . $hash[7]->toBytes(); - - return $temp; - } - - /** - * __toString() magic method - */ - public function __toString() - { - return $this->getHash(); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/PublicKeyLoader.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/PublicKeyLoader.php deleted file mode 100644 index 61afbae..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/PublicKeyLoader.php +++ /dev/null @@ -1,111 +0,0 @@ - - * @copyright 2009 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt; - -use phpseclib3\Crypt\Common\AsymmetricKey; -use phpseclib3\Crypt\Common\PrivateKey; -use phpseclib3\Crypt\Common\PublicKey; -use phpseclib3\Exception\NoKeyLoadedException; -use phpseclib3\File\X509; - -/** - * PublicKeyLoader - * - * @author Jim Wigginton - */ -abstract class PublicKeyLoader -{ - /** - * Loads a public or private key - * - * @return AsymmetricKey - * @param string|array $key - * @param string $password optional - */ - public static function load($key, $password = false) - { - try { - return EC::load($key, $password); - } catch (NoKeyLoadedException $e) { - } - - try { - return RSA::load($key, $password); - } catch (NoKeyLoadedException $e) { - } - - try { - return DSA::load($key, $password); - } catch (NoKeyLoadedException $e) { - } - - try { - $x509 = new X509(); - $x509->loadX509($key); - $key = $x509->getPublicKey(); - if ($key) { - return $key; - } - } catch (\Exception $e) { - } - - throw new NoKeyLoadedException('Unable to read key'); - } - - /** - * Loads a private key - * - * @return PrivateKey - * @param string|array $key - * @param string $password optional - */ - public static function loadPrivateKey($key, $password = false) - { - $key = self::load($key, $password); - if (!$key instanceof PrivateKey) { - throw new NoKeyLoadedException('The key that was loaded was not a private key'); - } - return $key; - } - - /** - * Loads a public key - * - * @return PublicKey - * @param string|array $key - */ - public static function loadPublicKey($key) - { - $key = self::load($key); - if (!$key instanceof PublicKey) { - throw new NoKeyLoadedException('The key that was loaded was not a public key'); - } - return $key; - } - - /** - * Loads parameters - * - * @return AsymmetricKey - * @param string|array $key - */ - public static function loadParameters($key) - { - $key = self::load($key); - if (!$key instanceof PrivateKey && !$key instanceof PublicKey) { - throw new NoKeyLoadedException('The key that was loaded was not a parameter'); - } - return $key; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RC2.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RC2.php deleted file mode 100644 index 654c906..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RC2.php +++ /dev/null @@ -1,640 +0,0 @@ - - * setKey('abcdefgh'); - * - * $plaintext = str_repeat('a', 1024); - * - * echo $rc2->decrypt($rc2->encrypt($plaintext)); - * ?> - * - * - * @author Patrick Monnerat - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt; - -use phpseclib3\Crypt\Common\BlockCipher; -use phpseclib3\Exception\BadModeException; - -/** - * Pure-PHP implementation of RC2. - * - */ -class RC2 extends BlockCipher -{ - /** - * Block Length of the cipher - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::block_size - * @var int - */ - protected $block_size = 8; - - /** - * The Key - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::key - * @see self::setKey() - * @var string - */ - protected $key; - - /** - * The Original (unpadded) Key - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::key - * @see self::setKey() - * @see self::encrypt() - * @see self::decrypt() - * @var string - */ - private $orig_key; - - /** - * Key Length (in bytes) - * - * @see \phpseclib3\Crypt\RC2::setKeyLength() - * @var int - */ - protected $key_length = 16; // = 128 bits - - /** - * The mcrypt specific name of the cipher - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::cipher_name_mcrypt - * @var string - */ - protected $cipher_name_mcrypt = 'rc2'; - - /** - * Optimizing value while CFB-encrypting - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::cfb_init_len - * @var int - */ - protected $cfb_init_len = 500; - - /** - * The key length in bits. - * - * {@internal Should be in range [1..1024].} - * - * {@internal Changing this value after setting the key has no effect.} - * - * @see self::setKeyLength() - * @see self::setKey() - * @var int - */ - private $default_key_length = 1024; - - /** - * The key length in bits. - * - * {@internal Should be in range [1..1024].} - * - * @see self::isValidEnine() - * @see self::setKey() - * @var int - */ - private $current_key_length; - - /** - * The Key Schedule - * - * @see self::setupKey() - * @var array - */ - private $keys; - - /** - * Key expansion randomization table. - * Twice the same 256-value sequence to save a modulus in key expansion. - * - * @see self::setKey() - * @var array - */ - private static $pitable = [ - 0xD9, 0x78, 0xF9, 0xC4, 0x19, 0xDD, 0xB5, 0xED, - 0x28, 0xE9, 0xFD, 0x79, 0x4A, 0xA0, 0xD8, 0x9D, - 0xC6, 0x7E, 0x37, 0x83, 0x2B, 0x76, 0x53, 0x8E, - 0x62, 0x4C, 0x64, 0x88, 0x44, 0x8B, 0xFB, 0xA2, - 0x17, 0x9A, 0x59, 0xF5, 0x87, 0xB3, 0x4F, 0x13, - 0x61, 0x45, 0x6D, 0x8D, 0x09, 0x81, 0x7D, 0x32, - 0xBD, 0x8F, 0x40, 0xEB, 0x86, 0xB7, 0x7B, 0x0B, - 0xF0, 0x95, 0x21, 0x22, 0x5C, 0x6B, 0x4E, 0x82, - 0x54, 0xD6, 0x65, 0x93, 0xCE, 0x60, 0xB2, 0x1C, - 0x73, 0x56, 0xC0, 0x14, 0xA7, 0x8C, 0xF1, 0xDC, - 0x12, 0x75, 0xCA, 0x1F, 0x3B, 0xBE, 0xE4, 0xD1, - 0x42, 0x3D, 0xD4, 0x30, 0xA3, 0x3C, 0xB6, 0x26, - 0x6F, 0xBF, 0x0E, 0xDA, 0x46, 0x69, 0x07, 0x57, - 0x27, 0xF2, 0x1D, 0x9B, 0xBC, 0x94, 0x43, 0x03, - 0xF8, 0x11, 0xC7, 0xF6, 0x90, 0xEF, 0x3E, 0xE7, - 0x06, 0xC3, 0xD5, 0x2F, 0xC8, 0x66, 0x1E, 0xD7, - 0x08, 0xE8, 0xEA, 0xDE, 0x80, 0x52, 0xEE, 0xF7, - 0x84, 0xAA, 0x72, 0xAC, 0x35, 0x4D, 0x6A, 0x2A, - 0x96, 0x1A, 0xD2, 0x71, 0x5A, 0x15, 0x49, 0x74, - 0x4B, 0x9F, 0xD0, 0x5E, 0x04, 0x18, 0xA4, 0xEC, - 0xC2, 0xE0, 0x41, 0x6E, 0x0F, 0x51, 0xCB, 0xCC, - 0x24, 0x91, 0xAF, 0x50, 0xA1, 0xF4, 0x70, 0x39, - 0x99, 0x7C, 0x3A, 0x85, 0x23, 0xB8, 0xB4, 0x7A, - 0xFC, 0x02, 0x36, 0x5B, 0x25, 0x55, 0x97, 0x31, - 0x2D, 0x5D, 0xFA, 0x98, 0xE3, 0x8A, 0x92, 0xAE, - 0x05, 0xDF, 0x29, 0x10, 0x67, 0x6C, 0xBA, 0xC9, - 0xD3, 0x00, 0xE6, 0xCF, 0xE1, 0x9E, 0xA8, 0x2C, - 0x63, 0x16, 0x01, 0x3F, 0x58, 0xE2, 0x89, 0xA9, - 0x0D, 0x38, 0x34, 0x1B, 0xAB, 0x33, 0xFF, 0xB0, - 0xBB, 0x48, 0x0C, 0x5F, 0xB9, 0xB1, 0xCD, 0x2E, - 0xC5, 0xF3, 0xDB, 0x47, 0xE5, 0xA5, 0x9C, 0x77, - 0x0A, 0xA6, 0x20, 0x68, 0xFE, 0x7F, 0xC1, 0xAD, - 0xD9, 0x78, 0xF9, 0xC4, 0x19, 0xDD, 0xB5, 0xED, - 0x28, 0xE9, 0xFD, 0x79, 0x4A, 0xA0, 0xD8, 0x9D, - 0xC6, 0x7E, 0x37, 0x83, 0x2B, 0x76, 0x53, 0x8E, - 0x62, 0x4C, 0x64, 0x88, 0x44, 0x8B, 0xFB, 0xA2, - 0x17, 0x9A, 0x59, 0xF5, 0x87, 0xB3, 0x4F, 0x13, - 0x61, 0x45, 0x6D, 0x8D, 0x09, 0x81, 0x7D, 0x32, - 0xBD, 0x8F, 0x40, 0xEB, 0x86, 0xB7, 0x7B, 0x0B, - 0xF0, 0x95, 0x21, 0x22, 0x5C, 0x6B, 0x4E, 0x82, - 0x54, 0xD6, 0x65, 0x93, 0xCE, 0x60, 0xB2, 0x1C, - 0x73, 0x56, 0xC0, 0x14, 0xA7, 0x8C, 0xF1, 0xDC, - 0x12, 0x75, 0xCA, 0x1F, 0x3B, 0xBE, 0xE4, 0xD1, - 0x42, 0x3D, 0xD4, 0x30, 0xA3, 0x3C, 0xB6, 0x26, - 0x6F, 0xBF, 0x0E, 0xDA, 0x46, 0x69, 0x07, 0x57, - 0x27, 0xF2, 0x1D, 0x9B, 0xBC, 0x94, 0x43, 0x03, - 0xF8, 0x11, 0xC7, 0xF6, 0x90, 0xEF, 0x3E, 0xE7, - 0x06, 0xC3, 0xD5, 0x2F, 0xC8, 0x66, 0x1E, 0xD7, - 0x08, 0xE8, 0xEA, 0xDE, 0x80, 0x52, 0xEE, 0xF7, - 0x84, 0xAA, 0x72, 0xAC, 0x35, 0x4D, 0x6A, 0x2A, - 0x96, 0x1A, 0xD2, 0x71, 0x5A, 0x15, 0x49, 0x74, - 0x4B, 0x9F, 0xD0, 0x5E, 0x04, 0x18, 0xA4, 0xEC, - 0xC2, 0xE0, 0x41, 0x6E, 0x0F, 0x51, 0xCB, 0xCC, - 0x24, 0x91, 0xAF, 0x50, 0xA1, 0xF4, 0x70, 0x39, - 0x99, 0x7C, 0x3A, 0x85, 0x23, 0xB8, 0xB4, 0x7A, - 0xFC, 0x02, 0x36, 0x5B, 0x25, 0x55, 0x97, 0x31, - 0x2D, 0x5D, 0xFA, 0x98, 0xE3, 0x8A, 0x92, 0xAE, - 0x05, 0xDF, 0x29, 0x10, 0x67, 0x6C, 0xBA, 0xC9, - 0xD3, 0x00, 0xE6, 0xCF, 0xE1, 0x9E, 0xA8, 0x2C, - 0x63, 0x16, 0x01, 0x3F, 0x58, 0xE2, 0x89, 0xA9, - 0x0D, 0x38, 0x34, 0x1B, 0xAB, 0x33, 0xFF, 0xB0, - 0xBB, 0x48, 0x0C, 0x5F, 0xB9, 0xB1, 0xCD, 0x2E, - 0xC5, 0xF3, 0xDB, 0x47, 0xE5, 0xA5, 0x9C, 0x77, - 0x0A, 0xA6, 0x20, 0x68, 0xFE, 0x7F, 0xC1, 0xAD - ]; - - /** - * Inverse key expansion randomization table. - * - * @see self::setKey() - * @var array - */ - private static $invpitable = [ - 0xD1, 0xDA, 0xB9, 0x6F, 0x9C, 0xC8, 0x78, 0x66, - 0x80, 0x2C, 0xF8, 0x37, 0xEA, 0xE0, 0x62, 0xA4, - 0xCB, 0x71, 0x50, 0x27, 0x4B, 0x95, 0xD9, 0x20, - 0x9D, 0x04, 0x91, 0xE3, 0x47, 0x6A, 0x7E, 0x53, - 0xFA, 0x3A, 0x3B, 0xB4, 0xA8, 0xBC, 0x5F, 0x68, - 0x08, 0xCA, 0x8F, 0x14, 0xD7, 0xC0, 0xEF, 0x7B, - 0x5B, 0xBF, 0x2F, 0xE5, 0xE2, 0x8C, 0xBA, 0x12, - 0xE1, 0xAF, 0xB2, 0x54, 0x5D, 0x59, 0x76, 0xDB, - 0x32, 0xA2, 0x58, 0x6E, 0x1C, 0x29, 0x64, 0xF3, - 0xE9, 0x96, 0x0C, 0x98, 0x19, 0x8D, 0x3E, 0x26, - 0xAB, 0xA5, 0x85, 0x16, 0x40, 0xBD, 0x49, 0x67, - 0xDC, 0x22, 0x94, 0xBB, 0x3C, 0xC1, 0x9B, 0xEB, - 0x45, 0x28, 0x18, 0xD8, 0x1A, 0x42, 0x7D, 0xCC, - 0xFB, 0x65, 0x8E, 0x3D, 0xCD, 0x2A, 0xA3, 0x60, - 0xAE, 0x93, 0x8A, 0x48, 0x97, 0x51, 0x15, 0xF7, - 0x01, 0x0B, 0xB7, 0x36, 0xB1, 0x2E, 0x11, 0xFD, - 0x84, 0x2D, 0x3F, 0x13, 0x88, 0xB3, 0x34, 0x24, - 0x1B, 0xDE, 0xC5, 0x1D, 0x4D, 0x2B, 0x17, 0x31, - 0x74, 0xA9, 0xC6, 0x43, 0x6D, 0x39, 0x90, 0xBE, - 0xC3, 0xB0, 0x21, 0x6B, 0xF6, 0x0F, 0xD5, 0x99, - 0x0D, 0xAC, 0x1F, 0x5C, 0x9E, 0xF5, 0xF9, 0x4C, - 0xD6, 0xDF, 0x89, 0xE4, 0x8B, 0xFF, 0xC7, 0xAA, - 0xE7, 0xED, 0x46, 0x25, 0xB6, 0x06, 0x5E, 0x35, - 0xB5, 0xEC, 0xCE, 0xE8, 0x6C, 0x30, 0x55, 0x61, - 0x4A, 0xFE, 0xA0, 0x79, 0x03, 0xF0, 0x10, 0x72, - 0x7C, 0xCF, 0x52, 0xA6, 0xA7, 0xEE, 0x44, 0xD3, - 0x9A, 0x57, 0x92, 0xD0, 0x5A, 0x7A, 0x41, 0x7F, - 0x0E, 0x00, 0x63, 0xF2, 0x4F, 0x05, 0x83, 0xC9, - 0xA1, 0xD4, 0xDD, 0xC4, 0x56, 0xF4, 0xD2, 0x77, - 0x81, 0x09, 0x82, 0x33, 0x9F, 0x07, 0x86, 0x75, - 0x38, 0x4E, 0x69, 0xF1, 0xAD, 0x23, 0x73, 0x87, - 0x70, 0x02, 0xC2, 0x1E, 0xB8, 0x0A, 0xFC, 0xE6 - ]; - - /** - * Default Constructor. - * - * @param string $mode - * @throws \InvalidArgumentException if an invalid / unsupported mode is provided - */ - public function __construct($mode) - { - parent::__construct($mode); - - if ($this->mode == self::MODE_STREAM) { - throw new BadModeException('Block ciphers cannot be ran in stream mode'); - } - } - - /** - * Test for engine validity - * - * This is mainly just a wrapper to set things up for \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine() - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() - * @param int $engine - * @return bool - */ - protected function isValidEngineHelper($engine) - { - switch ($engine) { - case self::ENGINE_OPENSSL: - if ($this->current_key_length != 128 || strlen($this->orig_key) < 16) { - return false; - } - // quoting https://www.openssl.org/news/openssl-3.0-notes.html, OpenSSL 3.0.1 - // "Moved all variations of the EVP ciphers CAST5, BF, IDEA, SEED, RC2, RC4, RC5, and DES to the legacy provider" - // in theory openssl_get_cipher_methods() should catch this but, on GitHub Actions, at least, it does not - if (defined('OPENSSL_VERSION_TEXT') && version_compare(preg_replace('#OpenSSL (\d+\.\d+\.\d+) .*#', '$1', OPENSSL_VERSION_TEXT), '3.0.1', '>=')) { - return false; - } - $this->cipher_name_openssl_ecb = 'rc2-ecb'; - $this->cipher_name_openssl = 'rc2-' . $this->openssl_translate_mode(); - } - - return parent::isValidEngineHelper($engine); - } - - /** - * Sets the key length. - * - * Valid key lengths are 8 to 1024. - * Calling this function after setting the key has no effect until the next - * \phpseclib3\Crypt\RC2::setKey() call. - * - * @param int $length in bits - * @throws \LengthException if the key length isn't supported - */ - public function setKeyLength($length) - { - if ($length < 8 || $length > 1024) { - throw new \LengthException('Key size of ' . $length . ' bits is not supported by this algorithm. Only keys between 1 and 1024 bits, inclusive, are supported'); - } - - $this->default_key_length = $this->current_key_length = $length; - $this->explicit_key_length = $length >> 3; - } - - /** - * Returns the current key length - * - * @return int - */ - public function getKeyLength() - { - return $this->current_key_length; - } - - /** - * Sets the key. - * - * Keys can be of any length. RC2, itself, uses 8 to 1024 bit keys (eg. - * strlen($key) <= 128), however, we only use the first 128 bytes if $key - * has more then 128 bytes in it, and set $key to a single null byte if - * it is empty. - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::setKey() - * @param string $key - * @param int|boolean $t1 optional Effective key length in bits. - * @throws \LengthException if the key length isn't supported - */ - public function setKey($key, $t1 = false) - { - $this->orig_key = $key; - - if ($t1 === false) { - $t1 = $this->default_key_length; - } - - if ($t1 < 1 || $t1 > 1024) { - throw new \LengthException('Key size of ' . $length . ' bits is not supported by this algorithm. Only keys between 1 and 1024 bits, inclusive, are supported'); - } - - $this->current_key_length = $t1; - if (strlen($key) < 1 || strlen($key) > 128) { - throw new \LengthException('Key of size ' . strlen($key) . ' not supported by this algorithm. Only keys of sizes between 8 and 1024 bits, inclusive, are supported'); - } - - $t = strlen($key); - - // The mcrypt RC2 implementation only supports effective key length - // of 1024 bits. It is however possible to handle effective key - // lengths in range 1..1024 by expanding the key and applying - // inverse pitable mapping to the first byte before submitting it - // to mcrypt. - - // Key expansion. - $l = array_values(unpack('C*', $key)); - $t8 = ($t1 + 7) >> 3; - $tm = 0xFF >> (8 * $t8 - $t1); - - // Expand key. - $pitable = self::$pitable; - for ($i = $t; $i < 128; $i++) { - $l[$i] = $pitable[$l[$i - 1] + $l[$i - $t]]; - } - $i = 128 - $t8; - $l[$i] = $pitable[$l[$i] & $tm]; - while ($i--) { - $l[$i] = $pitable[$l[$i + 1] ^ $l[$i + $t8]]; - } - - // Prepare the key for mcrypt. - $l[0] = self::$invpitable[$l[0]]; - array_unshift($l, 'C*'); - - $this->key = pack(...$l); - $this->key_length = strlen($this->key); - $this->changed = $this->nonIVChanged = true; - $this->setEngine(); - } - - /** - * Encrypts a message. - * - * Mostly a wrapper for \phpseclib3\Crypt\Common\SymmetricKey::encrypt, with some additional OpenSSL handling code - * - * @see self::decrypt() - * @param string $plaintext - * @return string $ciphertext - */ - public function encrypt($plaintext) - { - if ($this->engine == self::ENGINE_OPENSSL) { - $temp = $this->key; - $this->key = $this->orig_key; - $result = parent::encrypt($plaintext); - $this->key = $temp; - return $result; - } - - return parent::encrypt($plaintext); - } - - /** - * Decrypts a message. - * - * Mostly a wrapper for \phpseclib3\Crypt\Common\SymmetricKey::decrypt, with some additional OpenSSL handling code - * - * @see self::encrypt() - * @param string $ciphertext - * @return string $plaintext - */ - public function decrypt($ciphertext) - { - if ($this->engine == self::ENGINE_OPENSSL) { - $temp = $this->key; - $this->key = $this->orig_key; - $result = parent::decrypt($ciphertext); - $this->key = $temp; - return $result; - } - - return parent::decrypt($ciphertext); - } - - /** - * Encrypts a block - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::encryptBlock() - * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() - * @param string $in - * @return string - */ - protected function encryptBlock($in) - { - list($r0, $r1, $r2, $r3) = array_values(unpack('v*', $in)); - $keys = $this->keys; - $limit = 20; - $actions = [$limit => 44, 44 => 64]; - $j = 0; - - for (;;) { - // Mixing round. - $r0 = (($r0 + $keys[$j++] + ((($r1 ^ $r2) & $r3) ^ $r1)) & 0xFFFF) << 1; - $r0 |= $r0 >> 16; - $r1 = (($r1 + $keys[$j++] + ((($r2 ^ $r3) & $r0) ^ $r2)) & 0xFFFF) << 2; - $r1 |= $r1 >> 16; - $r2 = (($r2 + $keys[$j++] + ((($r3 ^ $r0) & $r1) ^ $r3)) & 0xFFFF) << 3; - $r2 |= $r2 >> 16; - $r3 = (($r3 + $keys[$j++] + ((($r0 ^ $r1) & $r2) ^ $r0)) & 0xFFFF) << 5; - $r3 |= $r3 >> 16; - - if ($j === $limit) { - if ($limit === 64) { - break; - } - - // Mashing round. - $r0 += $keys[$r3 & 0x3F]; - $r1 += $keys[$r0 & 0x3F]; - $r2 += $keys[$r1 & 0x3F]; - $r3 += $keys[$r2 & 0x3F]; - $limit = $actions[$limit]; - } - } - - return pack('vvvv', $r0, $r1, $r2, $r3); - } - - /** - * Decrypts a block - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::decryptBlock() - * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() - * @param string $in - * @return string - */ - protected function decryptBlock($in) - { - list($r0, $r1, $r2, $r3) = array_values(unpack('v*', $in)); - $keys = $this->keys; - $limit = 44; - $actions = [$limit => 20, 20 => 0]; - $j = 64; - - for (;;) { - // R-mixing round. - $r3 = ($r3 | ($r3 << 16)) >> 5; - $r3 = ($r3 - $keys[--$j] - ((($r0 ^ $r1) & $r2) ^ $r0)) & 0xFFFF; - $r2 = ($r2 | ($r2 << 16)) >> 3; - $r2 = ($r2 - $keys[--$j] - ((($r3 ^ $r0) & $r1) ^ $r3)) & 0xFFFF; - $r1 = ($r1 | ($r1 << 16)) >> 2; - $r1 = ($r1 - $keys[--$j] - ((($r2 ^ $r3) & $r0) ^ $r2)) & 0xFFFF; - $r0 = ($r0 | ($r0 << 16)) >> 1; - $r0 = ($r0 - $keys[--$j] - ((($r1 ^ $r2) & $r3) ^ $r1)) & 0xFFFF; - - if ($j === $limit) { - if ($limit === 0) { - break; - } - - // R-mashing round. - $r3 = ($r3 - $keys[$r2 & 0x3F]) & 0xFFFF; - $r2 = ($r2 - $keys[$r1 & 0x3F]) & 0xFFFF; - $r1 = ($r1 - $keys[$r0 & 0x3F]) & 0xFFFF; - $r0 = ($r0 - $keys[$r3 & 0x3F]) & 0xFFFF; - $limit = $actions[$limit]; - } - } - - return pack('vvvv', $r0, $r1, $r2, $r3); - } - - /** - * Creates the key schedule - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::setupKey() - */ - protected function setupKey() - { - if (!isset($this->key)) { - $this->setKey(''); - } - - // Key has already been expanded in \phpseclib3\Crypt\RC2::setKey(): - // Only the first value must be altered. - $l = unpack('Ca/Cb/v*', $this->key); - array_unshift($l, self::$pitable[$l['a']] | ($l['b'] << 8)); - unset($l['a']); - unset($l['b']); - $this->keys = $l; - } - - /** - * Setup the performance-optimized function for de/encrypt() - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::setupInlineCrypt() - */ - protected function setupInlineCrypt() - { - // Init code for both, encrypt and decrypt. - $init_crypt = '$keys = $this->keys;'; - - $keys = $this->keys; - - // $in is the current 8 bytes block which has to be en/decrypt - $encrypt_block = $decrypt_block = ' - $in = unpack("v4", $in); - $r0 = $in[1]; - $r1 = $in[2]; - $r2 = $in[3]; - $r3 = $in[4]; - '; - - // Create code for encryption. - $limit = 20; - $actions = [$limit => 44, 44 => 64]; - $j = 0; - - for (;;) { - // Mixing round. - $encrypt_block .= ' - $r0 = (($r0 + ' . $keys[$j++] . ' + - ((($r1 ^ $r2) & $r3) ^ $r1)) & 0xFFFF) << 1; - $r0 |= $r0 >> 16; - $r1 = (($r1 + ' . $keys[$j++] . ' + - ((($r2 ^ $r3) & $r0) ^ $r2)) & 0xFFFF) << 2; - $r1 |= $r1 >> 16; - $r2 = (($r2 + ' . $keys[$j++] . ' + - ((($r3 ^ $r0) & $r1) ^ $r3)) & 0xFFFF) << 3; - $r2 |= $r2 >> 16; - $r3 = (($r3 + ' . $keys[$j++] . ' + - ((($r0 ^ $r1) & $r2) ^ $r0)) & 0xFFFF) << 5; - $r3 |= $r3 >> 16;'; - - if ($j === $limit) { - if ($limit === 64) { - break; - } - - // Mashing round. - $encrypt_block .= ' - $r0 += $keys[$r3 & 0x3F]; - $r1 += $keys[$r0 & 0x3F]; - $r2 += $keys[$r1 & 0x3F]; - $r3 += $keys[$r2 & 0x3F];'; - $limit = $actions[$limit]; - } - } - - $encrypt_block .= '$in = pack("v4", $r0, $r1, $r2, $r3);'; - - // Create code for decryption. - $limit = 44; - $actions = [$limit => 20, 20 => 0]; - $j = 64; - - for (;;) { - // R-mixing round. - $decrypt_block .= ' - $r3 = ($r3 | ($r3 << 16)) >> 5; - $r3 = ($r3 - ' . $keys[--$j] . ' - - ((($r0 ^ $r1) & $r2) ^ $r0)) & 0xFFFF; - $r2 = ($r2 | ($r2 << 16)) >> 3; - $r2 = ($r2 - ' . $keys[--$j] . ' - - ((($r3 ^ $r0) & $r1) ^ $r3)) & 0xFFFF; - $r1 = ($r1 | ($r1 << 16)) >> 2; - $r1 = ($r1 - ' . $keys[--$j] . ' - - ((($r2 ^ $r3) & $r0) ^ $r2)) & 0xFFFF; - $r0 = ($r0 | ($r0 << 16)) >> 1; - $r0 = ($r0 - ' . $keys[--$j] . ' - - ((($r1 ^ $r2) & $r3) ^ $r1)) & 0xFFFF;'; - - if ($j === $limit) { - if ($limit === 0) { - break; - } - - // R-mashing round. - $decrypt_block .= ' - $r3 = ($r3 - $keys[$r2 & 0x3F]) & 0xFFFF; - $r2 = ($r2 - $keys[$r1 & 0x3F]) & 0xFFFF; - $r1 = ($r1 - $keys[$r0 & 0x3F]) & 0xFFFF; - $r0 = ($r0 - $keys[$r3 & 0x3F]) & 0xFFFF;'; - $limit = $actions[$limit]; - } - } - - $decrypt_block .= '$in = pack("v4", $r0, $r1, $r2, $r3);'; - - // Creates the inline-crypt function - $this->inline_crypt = $this->createInlineCryptFunction( - [ - 'init_crypt' => $init_crypt, - 'encrypt_block' => $encrypt_block, - 'decrypt_block' => $decrypt_block - ] - ); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RC4.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RC4.php deleted file mode 100644 index 5f3bff2..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RC4.php +++ /dev/null @@ -1,280 +0,0 @@ - - * setKey('abcdefgh'); - * - * $size = 10 * 1024; - * $plaintext = ''; - * for ($i = 0; $i < $size; $i++) { - * $plaintext.= 'a'; - * } - * - * echo $rc4->decrypt($rc4->encrypt($plaintext)); - * ?> - * - * - * @author Jim Wigginton - * @copyright 2007 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt; - -use phpseclib3\Crypt\Common\StreamCipher; - -/** - * Pure-PHP implementation of RC4. - * - * @author Jim Wigginton - */ -class RC4 extends StreamCipher -{ - /** - * @see \phpseclib3\Crypt\RC4::_crypt() - */ - const ENCRYPT = 0; - - /** - * @see \phpseclib3\Crypt\RC4::_crypt() - */ - const DECRYPT = 1; - - /** - * Key Length (in bytes) - * - * @see \phpseclib3\Crypt\RC4::setKeyLength() - * @var int - */ - protected $key_length = 128; // = 1024 bits - - /** - * The mcrypt specific name of the cipher - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::cipher_name_mcrypt - * @var string - */ - protected $cipher_name_mcrypt = 'arcfour'; - - /** - * The Key - * - * @see self::setKey() - * @var string - */ - protected $key; - - /** - * The Key Stream for decryption and encryption - * - * @see self::setKey() - * @var array - */ - private $stream; - - /** - * Test for engine validity - * - * This is mainly just a wrapper to set things up for \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine() - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() - * @param int $engine - * @return bool - */ - protected function isValidEngineHelper($engine) - { - if ($engine == self::ENGINE_OPENSSL) { - if ($this->continuousBuffer) { - return false; - } - // quoting https://www.openssl.org/news/openssl-3.0-notes.html, OpenSSL 3.0.1 - // "Moved all variations of the EVP ciphers CAST5, BF, IDEA, SEED, RC2, RC4, RC5, and DES to the legacy provider" - // in theory openssl_get_cipher_methods() should catch this but, on GitHub Actions, at least, it does not - if (defined('OPENSSL_VERSION_TEXT') && version_compare(preg_replace('#OpenSSL (\d+\.\d+\.\d+) .*#', '$1', OPENSSL_VERSION_TEXT), '3.0.1', '>=')) { - return false; - } - $this->cipher_name_openssl = 'rc4-40'; - } - - return parent::isValidEngineHelper($engine); - } - - /** - * Sets the key length - * - * Keys can be between 1 and 256 bytes long. - * - * @param int $length - * @throws \LengthException if the key length is invalid - */ - public function setKeyLength($length) - { - if ($length < 8 || $length > 2048) { - throw new \LengthException('Key size of ' . $length . ' bits is not supported by this algorithm. Only keys between 1 and 256 bytes are supported'); - } - - $this->key_length = $length >> 3; - - parent::setKeyLength($length); - } - - /** - * Sets the key length - * - * Keys can be between 1 and 256 bytes long. - * - * @param string $key - */ - public function setKey($key) - { - $length = strlen($key); - if ($length < 1 || $length > 256) { - throw new \LengthException('Key size of ' . $length . ' bytes is not supported by RC4. Keys must be between 1 and 256 bytes long'); - } - - parent::setKey($key); - } - - /** - * Encrypts a message. - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() - * @see self::crypt() - * @param string $plaintext - * @return string $ciphertext - */ - public function encrypt($plaintext) - { - if ($this->engine != self::ENGINE_INTERNAL) { - return parent::encrypt($plaintext); - } - return $this->crypt($plaintext, self::ENCRYPT); - } - - /** - * Decrypts a message. - * - * $this->decrypt($this->encrypt($plaintext)) == $this->encrypt($this->encrypt($plaintext)). - * At least if the continuous buffer is disabled. - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() - * @see self::crypt() - * @param string $ciphertext - * @return string $plaintext - */ - public function decrypt($ciphertext) - { - if ($this->engine != self::ENGINE_INTERNAL) { - return parent::decrypt($ciphertext); - } - return $this->crypt($ciphertext, self::DECRYPT); - } - - /** - * Encrypts a block - * - * @param string $in - */ - protected function encryptBlock($in) - { - // RC4 does not utilize this method - } - - /** - * Decrypts a block - * - * @param string $in - */ - protected function decryptBlock($in) - { - // RC4 does not utilize this method - } - - /** - * Setup the key (expansion) - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::_setupKey() - */ - protected function setupKey() - { - $key = $this->key; - $keyLength = strlen($key); - $keyStream = range(0, 255); - $j = 0; - for ($i = 0; $i < 256; $i++) { - $j = ($j + $keyStream[$i] + ord($key[$i % $keyLength])) & 255; - $temp = $keyStream[$i]; - $keyStream[$i] = $keyStream[$j]; - $keyStream[$j] = $temp; - } - - $this->stream = []; - $this->stream[self::DECRYPT] = $this->stream[self::ENCRYPT] = [ - 0, // index $i - 0, // index $j - $keyStream - ]; - } - - /** - * Encrypts or decrypts a message. - * - * @see self::encrypt() - * @see self::decrypt() - * @param string $text - * @param int $mode - * @return string $text - */ - private function crypt($text, $mode) - { - if ($this->changed) { - $this->setup(); - } - - $stream = &$this->stream[$mode]; - if ($this->continuousBuffer) { - $i = &$stream[0]; - $j = &$stream[1]; - $keyStream = &$stream[2]; - } else { - $i = $stream[0]; - $j = $stream[1]; - $keyStream = $stream[2]; - } - - $len = strlen($text); - for ($k = 0; $k < $len; ++$k) { - $i = ($i + 1) & 255; - $ksi = $keyStream[$i]; - $j = ($j + $ksi) & 255; - $ksj = $keyStream[$j]; - - $keyStream[$i] = $ksj; - $keyStream[$j] = $ksi; - $text[$k] = $text[$k] ^ chr($keyStream[($ksj + $ksi) & 255]); - } - - return $text; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA.php deleted file mode 100644 index 19dcfea..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA.php +++ /dev/null @@ -1,934 +0,0 @@ - - * getPublicKey(); - * - * $plaintext = 'terrafrost'; - * - * $ciphertext = $public->encrypt($plaintext); - * - * echo $private->decrypt($ciphertext); - * ?> - * - * - * Here's an example of how to create signatures and verify signatures with this library: - * - * getPublicKey(); - * - * $plaintext = 'terrafrost'; - * - * $signature = $private->sign($plaintext); - * - * echo $public->verify($plaintext, $signature) ? 'verified' : 'unverified'; - * ?> - * - * - * One thing to consider when using this: so phpseclib uses PSS mode by default. - * Technically, id-RSASSA-PSS has a different key format than rsaEncryption. So - * should phpseclib save to the id-RSASSA-PSS format by default or the - * rsaEncryption format? For stand-alone keys I figure rsaEncryption is better - * because SSH doesn't use PSS and idk how many SSH servers would be able to - * decode an id-RSASSA-PSS key. For X.509 certificates the id-RSASSA-PSS - * format is used by default (unless you change it up to use PKCS1 instead) - * - * @author Jim Wigginton - * @copyright 2009 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt; - -use phpseclib3\Crypt\Common\AsymmetricKey; -use phpseclib3\Crypt\RSA\Formats\Keys\PSS; -use phpseclib3\Crypt\RSA\PrivateKey; -use phpseclib3\Crypt\RSA\PublicKey; -use phpseclib3\Exception\InconsistentSetupException; -use phpseclib3\Exception\UnsupportedAlgorithmException; -use phpseclib3\Math\BigInteger; - -/** - * Pure-PHP PKCS#1 compliant implementation of RSA. - * - * @author Jim Wigginton - */ -abstract class RSA extends AsymmetricKey -{ - /** - * Algorithm Name - * - * @var string - */ - const ALGORITHM = 'RSA'; - - /** - * Use {@link http://en.wikipedia.org/wiki/Optimal_Asymmetric_Encryption_Padding Optimal Asymmetric Encryption Padding} - * (OAEP) for encryption / decryption. - * - * Uses sha256 by default - * - * @see self::setHash() - * @see self::setMGFHash() - * @see self::encrypt() - * @see self::decrypt() - */ - const ENCRYPTION_OAEP = 1; - - /** - * Use PKCS#1 padding. - * - * Although self::PADDING_OAEP / self::PADDING_PSS offers more security, including PKCS#1 padding is necessary for purposes of backwards - * compatibility with protocols (like SSH-1) written before OAEP's introduction. - * - * @see self::encrypt() - * @see self::decrypt() - */ - const ENCRYPTION_PKCS1 = 2; - - /** - * Do not use any padding - * - * Although this method is not recommended it can none-the-less sometimes be useful if you're trying to decrypt some legacy - * stuff, if you're trying to diagnose why an encrypted message isn't decrypting, etc. - * - * @see self::encrypt() - * @see self::decrypt() - */ - const ENCRYPTION_NONE = 4; - - /** - * Use the Probabilistic Signature Scheme for signing - * - * Uses sha256 and 0 as the salt length - * - * @see self::setSaltLength() - * @see self::setMGFHash() - * @see self::setHash() - * @see self::sign() - * @see self::verify() - * @see self::setHash() - */ - const SIGNATURE_PSS = 16; - - /** - * Use a relaxed version of PKCS#1 padding for signature verification - * - * @see self::sign() - * @see self::verify() - * @see self::setHash() - */ - const SIGNATURE_RELAXED_PKCS1 = 32; - - /** - * Use PKCS#1 padding for signature verification - * - * @see self::sign() - * @see self::verify() - * @see self::setHash() - */ - const SIGNATURE_PKCS1 = 64; - - /** - * Encryption padding mode - * - * @var int - */ - protected $encryptionPadding = self::ENCRYPTION_OAEP; - - /** - * Signature padding mode - * - * @var int - */ - protected $signaturePadding = self::SIGNATURE_PSS; - - /** - * Length of hash function output - * - * @var int - */ - protected $hLen; - - /** - * Length of salt - * - * @var int - */ - protected $sLen; - - /** - * Label - * - * @var string - */ - protected $label = ''; - - /** - * Hash function for the Mask Generation Function - * - * @var \phpseclib3\Crypt\Hash - */ - protected $mgfHash; - - /** - * Length of MGF hash function output - * - * @var int - */ - protected $mgfHLen; - - /** - * Modulus (ie. n) - * - * @var \phpseclib3\Math\BigInteger - */ - protected $modulus; - - /** - * Modulus length - * - * @var \phpseclib3\Math\BigInteger - */ - protected $k; - - /** - * Exponent (ie. e or d) - * - * @var \phpseclib3\Math\BigInteger - */ - protected $exponent; - - /** - * Default public exponent - * - * @var int - * @link http://en.wikipedia.org/wiki/65537_%28number%29 - */ - private static $defaultExponent = 65537; - - /** - * Enable Blinding? - * - * @var bool - */ - protected static $enableBlinding = true; - - /** - * OpenSSL configuration file name. - * - * @see self::createKey() - * @var ?string - */ - protected static $configFile; - - /** - * Smallest Prime - * - * Per , this number ought not result in primes smaller - * than 256 bits. As a consequence if the key you're trying to create is 1024 bits and you've set smallestPrime - * to 384 bits then you're going to get a 384 bit prime and a 640 bit prime (384 + 1024 % 384). At least if - * engine is set to self::ENGINE_INTERNAL. If Engine is set to self::ENGINE_OPENSSL then smallest Prime is - * ignored (ie. multi-prime RSA support is more intended as a way to speed up RSA key generation when there's - * a chance neither gmp nor OpenSSL are installed) - * - * @var int - */ - private static $smallestPrime = 4096; - - /** - * Public Exponent - * - * @var \phpseclib3\Math\BigInteger - */ - protected $publicExponent; - - /** - * Sets the public exponent for key generation - * - * This will be 65537 unless changed. - * - * @param int $val - */ - public static function setExponent($val) - { - self::$defaultExponent = $val; - } - - /** - * Sets the smallest prime number in bits. Used for key generation - * - * This will be 4096 unless changed. - * - * @param int $val - */ - public static function setSmallestPrime($val) - { - self::$smallestPrime = $val; - } - - /** - * Sets the OpenSSL config file path - * - * Set to the empty string to use the default config file - * - * @param string $val - */ - public static function setOpenSSLConfigPath($val) - { - self::$configFile = $val; - } - - /** - * Create a private key - * - * The public key can be extracted from the private key - * - * @return RSA\PrivateKey - * @param int $bits - */ - public static function createKey($bits = 2048) - { - self::initialize_static_variables(); - - $class = new \ReflectionClass(static::class); - if ($class->isFinal()) { - throw new \RuntimeException('createKey() should not be called from final classes (' . static::class . ')'); - } - - $regSize = $bits >> 1; // divide by two to see how many bits P and Q would be - if ($regSize > self::$smallestPrime) { - $num_primes = floor($bits / self::$smallestPrime); - $regSize = self::$smallestPrime; - } else { - $num_primes = 2; - } - - if ($num_primes == 2 && $bits >= 384 && self::$defaultExponent == 65537) { - if (!isset(self::$engines['PHP'])) { - self::useBestEngine(); - } - - // OpenSSL uses 65537 as the exponent and requires RSA keys be 384 bits minimum - if (self::$engines['OpenSSL']) { - $config = []; - if (self::$configFile) { - $config['config'] = self::$configFile; - } - $rsa = openssl_pkey_new(['private_key_bits' => $bits] + $config); - openssl_pkey_export($rsa, $privatekeystr, null, $config); - - // clear the buffer of error strings stemming from a minimalistic openssl.cnf - // https://github.com/php/php-src/issues/11054 talks about other errors this'll pick up - while (openssl_error_string() !== false) { - } - - return RSA::load($privatekeystr); - } - } - - static $e; - if (!isset($e)) { - $e = new BigInteger(self::$defaultExponent); - } - - $n = clone self::$one; - $exponents = $coefficients = $primes = []; - $lcm = [ - 'top' => clone self::$one, - 'bottom' => false - ]; - - do { - for ($i = 1; $i <= $num_primes; $i++) { - if ($i != $num_primes) { - $primes[$i] = BigInteger::randomPrime($regSize); - } else { - extract(BigInteger::minMaxBits($bits)); - /** @var BigInteger $min - * @var BigInteger $max - */ - list($min) = $min->divide($n); - $min = $min->add(self::$one); - list($max) = $max->divide($n); - $primes[$i] = BigInteger::randomRangePrime($min, $max); - } - - // the first coefficient is calculated differently from the rest - // ie. instead of being $primes[1]->modInverse($primes[2]), it's $primes[2]->modInverse($primes[1]) - if ($i > 2) { - $coefficients[$i] = $n->modInverse($primes[$i]); - } - - $n = $n->multiply($primes[$i]); - - $temp = $primes[$i]->subtract(self::$one); - - // textbook RSA implementations use Euler's totient function instead of the least common multiple. - // see http://en.wikipedia.org/wiki/Euler%27s_totient_function - $lcm['top'] = $lcm['top']->multiply($temp); - $lcm['bottom'] = $lcm['bottom'] === false ? $temp : $lcm['bottom']->gcd($temp); - } - - list($temp) = $lcm['top']->divide($lcm['bottom']); - $gcd = $temp->gcd($e); - $i0 = 1; - } while (!$gcd->equals(self::$one)); - - $coefficients[2] = $primes[2]->modInverse($primes[1]); - - $d = $e->modInverse($temp); - - foreach ($primes as $i => $prime) { - $temp = $prime->subtract(self::$one); - $exponents[$i] = $e->modInverse($temp); - } - - // from : - // RSAPrivateKey ::= SEQUENCE { - // version Version, - // modulus INTEGER, -- n - // publicExponent INTEGER, -- e - // privateExponent INTEGER, -- d - // prime1 INTEGER, -- p - // prime2 INTEGER, -- q - // exponent1 INTEGER, -- d mod (p-1) - // exponent2 INTEGER, -- d mod (q-1) - // coefficient INTEGER, -- (inverse of q) mod p - // otherPrimeInfos OtherPrimeInfos OPTIONAL - // } - $privatekey = new PrivateKey(); - $privatekey->modulus = $n; - $privatekey->k = $bits >> 3; - $privatekey->publicExponent = $e; - $privatekey->exponent = $d; - $privatekey->primes = $primes; - $privatekey->exponents = $exponents; - $privatekey->coefficients = $coefficients; - - /* - $publickey = new PublicKey; - $publickey->modulus = $n; - $publickey->k = $bits >> 3; - $publickey->exponent = $e; - $publickey->publicExponent = $e; - $publickey->isPublic = true; - */ - - return $privatekey; - } - - /** - * OnLoad Handler - * - * @return bool - */ - protected static function onLoad(array $components) - { - $key = $components['isPublicKey'] ? - new PublicKey() : - new PrivateKey(); - - $key->modulus = $components['modulus']; - $key->publicExponent = $components['publicExponent']; - $key->k = $key->modulus->getLengthInBytes(); - - if ($components['isPublicKey'] || !isset($components['privateExponent'])) { - $key->exponent = $key->publicExponent; - } else { - $key->privateExponent = $components['privateExponent']; - $key->exponent = $key->privateExponent; - $key->primes = $components['primes']; - $key->exponents = $components['exponents']; - $key->coefficients = $components['coefficients']; - } - - if ($components['format'] == PSS::class) { - // in the X509 world RSA keys are assumed to use PKCS1 padding by default. only if the key is - // explicitly a PSS key is the use of PSS assumed. phpseclib does not work like this. phpseclib - // uses PSS padding by default. it assumes the more secure method by default and altho it provides - // for the less secure PKCS1 method you have to go out of your way to use it. this is consistent - // with the latest trends in crypto. libsodium (NaCl) is actually a little more extreme in that - // not only does it defaults to the most secure methods - it doesn't even let you choose less - // secure methods - //$key = $key->withPadding(self::SIGNATURE_PSS); - if (isset($components['hash'])) { - $key = $key->withHash($components['hash']); - } - if (isset($components['MGFHash'])) { - $key = $key->withMGFHash($components['MGFHash']); - } - if (isset($components['saltLength'])) { - $key = $key->withSaltLength($components['saltLength']); - } - } - - return $key; - } - - /** - * Initialize static variables - */ - protected static function initialize_static_variables() - { - if (!isset(self::$configFile)) { - self::$configFile = dirname(__FILE__) . '/../openssl.cnf'; - } - - parent::initialize_static_variables(); - } - - /** - * Constructor - * - * PublicKey and PrivateKey objects can only be created from abstract RSA class - */ - protected function __construct() - { - parent::__construct(); - - $this->hLen = $this->hash->getLengthInBytes(); - $this->mgfHash = new Hash('sha256'); - $this->mgfHLen = $this->mgfHash->getLengthInBytes(); - } - - /** - * Integer-to-Octet-String primitive - * - * See {@link http://tools.ietf.org/html/rfc3447#section-4.1 RFC3447#section-4.1}. - * - * @param bool|\phpseclib3\Math\BigInteger $x - * @param int $xLen - * @return bool|string - */ - protected function i2osp($x, $xLen) - { - if ($x === false) { - return false; - } - $x = $x->toBytes(); - if (strlen($x) > $xLen) { - throw new \OutOfRangeException('Resultant string length out of range'); - } - return str_pad($x, $xLen, chr(0), STR_PAD_LEFT); - } - - /** - * Octet-String-to-Integer primitive - * - * See {@link http://tools.ietf.org/html/rfc3447#section-4.2 RFC3447#section-4.2}. - * - * @param string $x - * @return \phpseclib3\Math\BigInteger - */ - protected function os2ip($x) - { - return new BigInteger($x, 256); - } - - /** - * EMSA-PKCS1-V1_5-ENCODE - * - * See {@link http://tools.ietf.org/html/rfc3447#section-9.2 RFC3447#section-9.2}. - * - * @param string $m - * @param int $emLen - * @throws \LengthException if the intended encoded message length is too short - * @return string - */ - protected function emsa_pkcs1_v1_5_encode($m, $emLen) - { - $h = $this->hash->hash($m); - - // see http://tools.ietf.org/html/rfc3447#page-43 - switch ($this->hash->getHash()) { - case 'md2': - $t = "\x30\x20\x30\x0c\x06\x08\x2a\x86\x48\x86\xf7\x0d\x02\x02\x05\x00\x04\x10"; - break; - case 'md5': - $t = "\x30\x20\x30\x0c\x06\x08\x2a\x86\x48\x86\xf7\x0d\x02\x05\x05\x00\x04\x10"; - break; - case 'sha1': - $t = "\x30\x21\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14"; - break; - case 'sha256': - $t = "\x30\x31\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x01\x05\x00\x04\x20"; - break; - case 'sha384': - $t = "\x30\x41\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x02\x05\x00\x04\x30"; - break; - case 'sha512': - $t = "\x30\x51\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x03\x05\x00\x04\x40"; - break; - // from https://www.emc.com/collateral/white-papers/h11300-pkcs-1v2-2-rsa-cryptography-standard-wp.pdf#page=40 - case 'sha224': - $t = "\x30\x2d\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x04\x05\x00\x04\x1c"; - break; - case 'sha512/224': - $t = "\x30\x2d\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x05\x05\x00\x04\x1c"; - break; - case 'sha512/256': - $t = "\x30\x31\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x06\x05\x00\x04\x20"; - } - $t .= $h; - $tLen = strlen($t); - - if ($emLen < $tLen + 11) { - throw new \LengthException('Intended encoded message length too short'); - } - - $ps = str_repeat(chr(0xFF), $emLen - $tLen - 3); - - $em = "\0\1$ps\0$t"; - - return $em; - } - - /** - * EMSA-PKCS1-V1_5-ENCODE (without NULL) - * - * Quoting https://tools.ietf.org/html/rfc8017#page-65, - * - * "The parameters field associated with id-sha1, id-sha224, id-sha256, - * id-sha384, id-sha512, id-sha512/224, and id-sha512/256 should - * generally be omitted, but if present, it shall have a value of type - * NULL" - * - * @param string $m - * @param int $emLen - * @return string - */ - protected function emsa_pkcs1_v1_5_encode_without_null($m, $emLen) - { - $h = $this->hash->hash($m); - - // see http://tools.ietf.org/html/rfc3447#page-43 - switch ($this->hash->getHash()) { - case 'sha1': - $t = "\x30\x1f\x30\x07\x06\x05\x2b\x0e\x03\x02\x1a\x04\x14"; - break; - case 'sha256': - $t = "\x30\x2f\x30\x0b\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x01\x04\x20"; - break; - case 'sha384': - $t = "\x30\x3f\x30\x0b\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x02\x04\x30"; - break; - case 'sha512': - $t = "\x30\x4f\x30\x0b\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x03\x04\x40"; - break; - // from https://www.emc.com/collateral/white-papers/h11300-pkcs-1v2-2-rsa-cryptography-standard-wp.pdf#page=40 - case 'sha224': - $t = "\x30\x2b\x30\x0b\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x04\x04\x1c"; - break; - case 'sha512/224': - $t = "\x30\x2b\x30\x0b\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x05\x04\x1c"; - break; - case 'sha512/256': - $t = "\x30\x2f\x30\x0b\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x06\x04\x20"; - break; - default: - throw new UnsupportedAlgorithmException('md2 and md5 require NULLs'); - } - $t .= $h; - $tLen = strlen($t); - - if ($emLen < $tLen + 11) { - throw new \LengthException('Intended encoded message length too short'); - } - - $ps = str_repeat(chr(0xFF), $emLen - $tLen - 3); - - $em = "\0\1$ps\0$t"; - - return $em; - } - - /** - * MGF1 - * - * See {@link http://tools.ietf.org/html/rfc3447#appendix-B.2.1 RFC3447#appendix-B.2.1}. - * - * @param string $mgfSeed - * @param int $maskLen - * @return string - */ - protected function mgf1($mgfSeed, $maskLen) - { - // if $maskLen would yield strings larger than 4GB, PKCS#1 suggests a "Mask too long" error be output. - - $t = ''; - $count = ceil($maskLen / $this->mgfHLen); - for ($i = 0; $i < $count; $i++) { - $c = pack('N', $i); - $t .= $this->mgfHash->hash($mgfSeed . $c); - } - - return substr($t, 0, $maskLen); - } - - /** - * Returns the key size - * - * More specifically, this returns the size of the modulo in bits. - * - * @return int - */ - public function getLength() - { - return !isset($this->modulus) ? 0 : $this->modulus->getLength(); - } - - /** - * Determines which hashing function should be used - * - * Used with signature production / verification and (if the encryption mode is self::PADDING_OAEP) encryption and - * decryption. - * - * @param string $hash - */ - public function withHash($hash) - { - $new = clone $this; - - // \phpseclib3\Crypt\Hash supports algorithms that PKCS#1 doesn't support. md5-96 and sha1-96, for example. - switch (strtolower($hash)) { - case 'md2': - case 'md5': - case 'sha1': - case 'sha256': - case 'sha384': - case 'sha512': - case 'sha224': - case 'sha512/224': - case 'sha512/256': - $new->hash = new Hash($hash); - break; - default: - throw new UnsupportedAlgorithmException( - 'The only supported hash algorithms are: md2, md5, sha1, sha256, sha384, sha512, sha224, sha512/224, sha512/256' - ); - } - $new->hLen = $new->hash->getLengthInBytes(); - - return $new; - } - - /** - * Determines which hashing function should be used for the mask generation function - * - * The mask generation function is used by self::PADDING_OAEP and self::PADDING_PSS and although it's - * best if Hash and MGFHash are set to the same thing this is not a requirement. - * - * @param string $hash - */ - public function withMGFHash($hash) - { - $new = clone $this; - - // \phpseclib3\Crypt\Hash supports algorithms that PKCS#1 doesn't support. md5-96 and sha1-96, for example. - switch (strtolower($hash)) { - case 'md2': - case 'md5': - case 'sha1': - case 'sha256': - case 'sha384': - case 'sha512': - case 'sha224': - case 'sha512/224': - case 'sha512/256': - $new->mgfHash = new Hash($hash); - break; - default: - throw new UnsupportedAlgorithmException( - 'The only supported hash algorithms are: md2, md5, sha1, sha256, sha384, sha512, sha224, sha512/224, sha512/256' - ); - } - $new->mgfHLen = $new->mgfHash->getLengthInBytes(); - - return $new; - } - - /** - * Returns the MGF hash algorithm currently being used - * - */ - public function getMGFHash() - { - return clone $this->mgfHash; - } - - /** - * Determines the salt length - * - * Used by RSA::PADDING_PSS - * - * To quote from {@link http://tools.ietf.org/html/rfc3447#page-38 RFC3447#page-38}: - * - * Typical salt lengths in octets are hLen (the length of the output - * of the hash function Hash) and 0. - * - * @param int $sLen - */ - public function withSaltLength($sLen) - { - $new = clone $this; - $new->sLen = $sLen; - return $new; - } - - /** - * Returns the salt length currently being used - * - */ - public function getSaltLength() - { - return $this->sLen !== null ? $this->sLen : $this->hLen; - } - - /** - * Determines the label - * - * Used by RSA::PADDING_OAEP - * - * To quote from {@link http://tools.ietf.org/html/rfc3447#page-17 RFC3447#page-17}: - * - * Both the encryption and the decryption operations of RSAES-OAEP take - * the value of a label L as input. In this version of PKCS #1, L is - * the empty string; other uses of the label are outside the scope of - * this document. - * - * @param string $label - */ - public function withLabel($label) - { - $new = clone $this; - $new->label = $label; - return $new; - } - - /** - * Returns the label currently being used - * - */ - public function getLabel() - { - return $this->label; - } - - /** - * Determines the padding modes - * - * Example: $key->withPadding(RSA::ENCRYPTION_PKCS1 | RSA::SIGNATURE_PKCS1); - * - * @param int $padding - */ - public function withPadding($padding) - { - $masks = [ - self::ENCRYPTION_OAEP, - self::ENCRYPTION_PKCS1, - self::ENCRYPTION_NONE - ]; - $encryptedCount = 0; - $selected = 0; - foreach ($masks as $mask) { - if ($padding & $mask) { - $selected = $mask; - $encryptedCount++; - } - } - if ($encryptedCount > 1) { - throw new InconsistentSetupException('Multiple encryption padding modes have been selected; at most only one should be selected'); - } - $encryptionPadding = $selected; - - $masks = [ - self::SIGNATURE_PSS, - self::SIGNATURE_RELAXED_PKCS1, - self::SIGNATURE_PKCS1 - ]; - $signatureCount = 0; - $selected = 0; - foreach ($masks as $mask) { - if ($padding & $mask) { - $selected = $mask; - $signatureCount++; - } - } - if ($signatureCount > 1) { - throw new InconsistentSetupException('Multiple signature padding modes have been selected; at most only one should be selected'); - } - $signaturePadding = $selected; - - $new = clone $this; - if ($encryptedCount) { - $new->encryptionPadding = $encryptionPadding; - } - if ($signatureCount) { - $new->signaturePadding = $signaturePadding; - } - return $new; - } - - /** - * Returns the padding currently being used - * - */ - public function getPadding() - { - return $this->signaturePadding | $this->encryptionPadding; - } - - /** - * Returns the current engine being used - * - * OpenSSL is only used in this class (and it's subclasses) for key generation - * Even then it depends on the parameters you're using. It's not used for - * multi-prime RSA nor is it used if the key length is outside of the range - * supported by OpenSSL - * - * @see self::useInternalEngine() - * @see self::useBestEngine() - * @return string - */ - public function getEngine() - { - if (!isset(self::$engines['PHP'])) { - self::useBestEngine(); - } - return self::$engines['OpenSSL'] && self::$defaultExponent == 65537 ? - 'OpenSSL' : - 'PHP'; - } - - /** - * Enable RSA Blinding - * - */ - public static function enableBlinding() - { - static::$enableBlinding = true; - } - - /** - * Disable RSA Blinding - * - */ - public static function disableBlinding() - { - static::$enableBlinding = false; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/JWK.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/JWK.php deleted file mode 100644 index 87f543d..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/JWK.php +++ /dev/null @@ -1,142 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\RSA\Formats\Keys; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\Common\Formats\Keys\JWK as Progenitor; -use phpseclib3\Math\BigInteger; - -/** - * JWK Formatted RSA Handler - * - * @author Jim Wigginton - */ -abstract class JWK extends Progenitor -{ - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password optional - * @return array - */ - public static function load($key, $password = '') - { - $key = parent::load($key, $password); - - if ($key->kty != 'RSA') { - throw new \RuntimeException('Only RSA JWK keys are supported'); - } - - $count = $publicCount = 0; - $vars = ['n', 'e', 'd', 'p', 'q', 'dp', 'dq', 'qi']; - foreach ($vars as $var) { - if (!isset($key->$var) || !is_string($key->$var)) { - continue; - } - $count++; - $value = new BigInteger(Strings::base64url_decode($key->$var), 256); - switch ($var) { - case 'n': - $publicCount++; - $components['modulus'] = $value; - break; - case 'e': - $publicCount++; - $components['publicExponent'] = $value; - break; - case 'd': - $components['privateExponent'] = $value; - break; - case 'p': - $components['primes'][1] = $value; - break; - case 'q': - $components['primes'][2] = $value; - break; - case 'dp': - $components['exponents'][1] = $value; - break; - case 'dq': - $components['exponents'][2] = $value; - break; - case 'qi': - $components['coefficients'][2] = $value; - } - } - - if ($count == count($vars)) { - return $components + ['isPublicKey' => false]; - } - - if ($count == 2 && $publicCount == 2) { - return $components + ['isPublicKey' => true]; - } - - throw new \UnexpectedValueException('Key does not have an appropriate number of RSA parameters'); - } - - /** - * Convert a private key to the appropriate format. - * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e - * @param \phpseclib3\Math\BigInteger $d - * @param array $primes - * @param array $exponents - * @param array $coefficients - * @param string $password optional - * @param array $options optional - * @return string - */ - public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, $password = '', array $options = []) - { - if (count($primes) != 2) { - throw new \InvalidArgumentException('JWK does not support multi-prime RSA keys'); - } - - $key = [ - 'kty' => 'RSA', - 'n' => Strings::base64url_encode($n->toBytes()), - 'e' => Strings::base64url_encode($e->toBytes()), - 'd' => Strings::base64url_encode($d->toBytes()), - 'p' => Strings::base64url_encode($primes[1]->toBytes()), - 'q' => Strings::base64url_encode($primes[2]->toBytes()), - 'dp' => Strings::base64url_encode($exponents[1]->toBytes()), - 'dq' => Strings::base64url_encode($exponents[2]->toBytes()), - 'qi' => Strings::base64url_encode($coefficients[2]->toBytes()) - ]; - - return self::wrapKey($key, $options); - } - - /** - * Convert a public key to the appropriate format - * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e - * @param array $options optional - * @return string - */ - public static function savePublicKey(BigInteger $n, BigInteger $e, array $options = []) - { - $key = [ - 'kty' => 'RSA', - 'n' => Strings::base64url_encode($n->toBytes()), - 'e' => Strings::base64url_encode($e->toBytes()) - ]; - - return self::wrapKey($key, $options); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/MSBLOB.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/MSBLOB.php deleted file mode 100644 index e9a0c4f..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/MSBLOB.php +++ /dev/null @@ -1,228 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\RSA\Formats\Keys; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Exception\UnsupportedFormatException; -use phpseclib3\Math\BigInteger; - -/** - * Microsoft BLOB Formatted RSA Key Handler - * - * @author Jim Wigginton - */ -abstract class MSBLOB -{ - /** - * Public/Private Key Pair - * - */ - const PRIVATEKEYBLOB = 0x7; - /** - * Public Key - * - */ - const PUBLICKEYBLOB = 0x6; - /** - * Public Key - * - */ - const PUBLICKEYBLOBEX = 0xA; - /** - * RSA public key exchange algorithm - * - */ - const CALG_RSA_KEYX = 0x0000A400; - /** - * RSA public key exchange algorithm - * - */ - const CALG_RSA_SIGN = 0x00002400; - /** - * Public Key - * - */ - const RSA1 = 0x31415352; - /** - * Private Key - * - */ - const RSA2 = 0x32415352; - - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password optional - * @return array - */ - public static function load($key, $password = '') - { - if (!Strings::is_stringable($key)) { - throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); - } - - $key = Strings::base64_decode($key); - - if (!is_string($key)) { - throw new \UnexpectedValueException('Base64 decoding produced an error'); - } - if (strlen($key) < 20) { - throw new \UnexpectedValueException('Key appears to be malformed'); - } - - // PUBLICKEYSTRUC publickeystruc - // https://msdn.microsoft.com/en-us/library/windows/desktop/aa387453(v=vs.85).aspx - extract(unpack('atype/aversion/vreserved/Valgo', Strings::shift($key, 8))); - /** - * @var string $type - * @var string $version - * @var integer $reserved - * @var integer $algo - */ - switch (ord($type)) { - case self::PUBLICKEYBLOB: - case self::PUBLICKEYBLOBEX: - $publickey = true; - break; - case self::PRIVATEKEYBLOB: - $publickey = false; - break; - default: - throw new \UnexpectedValueException('Key appears to be malformed'); - } - - $components = ['isPublicKey' => $publickey]; - - // https://msdn.microsoft.com/en-us/library/windows/desktop/aa375549(v=vs.85).aspx - switch ($algo) { - case self::CALG_RSA_KEYX: - case self::CALG_RSA_SIGN: - break; - default: - throw new \UnexpectedValueException('Key appears to be malformed'); - } - - // RSAPUBKEY rsapubkey - // https://msdn.microsoft.com/en-us/library/windows/desktop/aa387685(v=vs.85).aspx - // could do V for pubexp but that's unsigned 32-bit whereas some PHP installs only do signed 32-bit - extract(unpack('Vmagic/Vbitlen/a4pubexp', Strings::shift($key, 12))); - /** - * @var integer $magic - * @var integer $bitlen - * @var string $pubexp - */ - switch ($magic) { - case self::RSA2: - $components['isPublicKey'] = false; - // fall-through - case self::RSA1: - break; - default: - throw new \UnexpectedValueException('Key appears to be malformed'); - } - - $baseLength = $bitlen / 16; - if (strlen($key) != 2 * $baseLength && strlen($key) != 9 * $baseLength) { - throw new \UnexpectedValueException('Key appears to be malformed'); - } - - $components[$components['isPublicKey'] ? 'publicExponent' : 'privateExponent'] = new BigInteger(strrev($pubexp), 256); - // BYTE modulus[rsapubkey.bitlen/8] - $components['modulus'] = new BigInteger(strrev(Strings::shift($key, $bitlen / 8)), 256); - - if ($publickey) { - return $components; - } - - $components['isPublicKey'] = false; - - // BYTE prime1[rsapubkey.bitlen/16] - $components['primes'] = [1 => new BigInteger(strrev(Strings::shift($key, $bitlen / 16)), 256)]; - // BYTE prime2[rsapubkey.bitlen/16] - $components['primes'][] = new BigInteger(strrev(Strings::shift($key, $bitlen / 16)), 256); - // BYTE exponent1[rsapubkey.bitlen/16] - $components['exponents'] = [1 => new BigInteger(strrev(Strings::shift($key, $bitlen / 16)), 256)]; - // BYTE exponent2[rsapubkey.bitlen/16] - $components['exponents'][] = new BigInteger(strrev(Strings::shift($key, $bitlen / 16)), 256); - // BYTE coefficient[rsapubkey.bitlen/16] - $components['coefficients'] = [2 => new BigInteger(strrev(Strings::shift($key, $bitlen / 16)), 256)]; - if (isset($components['privateExponent'])) { - $components['publicExponent'] = $components['privateExponent']; - } - // BYTE privateExponent[rsapubkey.bitlen/8] - $components['privateExponent'] = new BigInteger(strrev(Strings::shift($key, $bitlen / 8)), 256); - - return $components; - } - - /** - * Convert a private key to the appropriate format. - * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e - * @param \phpseclib3\Math\BigInteger $d - * @param array $primes - * @param array $exponents - * @param array $coefficients - * @param string $password optional - * @return string - */ - public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, $password = '') - { - if (count($primes) != 2) { - throw new \InvalidArgumentException('MSBLOB does not support multi-prime RSA keys'); - } - - if (!empty($password) && is_string($password)) { - throw new UnsupportedFormatException('MSBLOB private keys do not support encryption'); - } - - $n = strrev($n->toBytes()); - $e = str_pad(strrev($e->toBytes()), 4, "\0"); - $key = pack('aavV', chr(self::PRIVATEKEYBLOB), chr(2), 0, self::CALG_RSA_KEYX); - $key .= pack('VVa*', self::RSA2, 8 * strlen($n), $e); - $key .= $n; - $key .= strrev($primes[1]->toBytes()); - $key .= strrev($primes[2]->toBytes()); - $key .= strrev($exponents[1]->toBytes()); - $key .= strrev($exponents[2]->toBytes()); - $key .= strrev($coefficients[2]->toBytes()); - $key .= strrev($d->toBytes()); - - return Strings::base64_encode($key); - } - - /** - * Convert a public key to the appropriate format - * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e - * @return string - */ - public static function savePublicKey(BigInteger $n, BigInteger $e) - { - $n = strrev($n->toBytes()); - $e = str_pad(strrev($e->toBytes()), 4, "\0"); - $key = pack('aavV', chr(self::PUBLICKEYBLOB), chr(2), 0, self::CALG_RSA_KEYX); - $key .= pack('VVa*', self::RSA1, 8 * strlen($n), $e); - $key .= $n; - - return Strings::base64_encode($key); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/OpenSSH.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/OpenSSH.php deleted file mode 100644 index 2367810..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/OpenSSH.php +++ /dev/null @@ -1,132 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\RSA\Formats\Keys; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\Common\Formats\Keys\OpenSSH as Progenitor; -use phpseclib3\Math\BigInteger; - -/** - * OpenSSH Formatted RSA Key Handler - * - * @author Jim Wigginton - */ -abstract class OpenSSH extends Progenitor -{ - /** - * Supported Key Types - * - * @var array - */ - protected static $types = ['ssh-rsa']; - - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password optional - * @return array - */ - public static function load($key, $password = '') - { - static $one; - if (!isset($one)) { - $one = new BigInteger(1); - } - - $parsed = parent::load($key, $password); - - if (isset($parsed['paddedKey'])) { - list($type) = Strings::unpackSSH2('s', $parsed['paddedKey']); - if ($type != $parsed['type']) { - throw new \RuntimeException("The public and private keys are not of the same type ($type vs $parsed[type])"); - } - - $primes = $coefficients = []; - - list( - $modulus, - $publicExponent, - $privateExponent, - $coefficients[2], - $primes[1], - $primes[2], - $comment, - ) = Strings::unpackSSH2('i6s', $parsed['paddedKey']); - - $temp = $primes[1]->subtract($one); - $exponents = [1 => $publicExponent->modInverse($temp)]; - $temp = $primes[2]->subtract($one); - $exponents[] = $publicExponent->modInverse($temp); - - $isPublicKey = false; - - return compact('publicExponent', 'modulus', 'privateExponent', 'primes', 'coefficients', 'exponents', 'comment', 'isPublicKey'); - } - - list($publicExponent, $modulus) = Strings::unpackSSH2('ii', $parsed['publicKey']); - - return [ - 'isPublicKey' => true, - 'modulus' => $modulus, - 'publicExponent' => $publicExponent, - 'comment' => $parsed['comment'] - ]; - } - - /** - * Convert a public key to the appropriate format - * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e - * @param array $options optional - * @return string - */ - public static function savePublicKey(BigInteger $n, BigInteger $e, array $options = []) - { - $RSAPublicKey = Strings::packSSH2('sii', 'ssh-rsa', $e, $n); - - if (isset($options['binary']) ? $options['binary'] : self::$binary) { - return $RSAPublicKey; - } - - $comment = isset($options['comment']) ? $options['comment'] : self::$comment; - $RSAPublicKey = 'ssh-rsa ' . base64_encode($RSAPublicKey) . ' ' . $comment; - - return $RSAPublicKey; - } - - /** - * Convert a private key to the appropriate format. - * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e - * @param \phpseclib3\Math\BigInteger $d - * @param array $primes - * @param array $exponents - * @param array $coefficients - * @param string $password optional - * @param array $options optional - * @return string - */ - public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, $password = '', array $options = []) - { - $publicKey = self::savePublicKey($n, $e, ['binary' => true]); - $privateKey = Strings::packSSH2('si6', 'ssh-rsa', $n, $e, $d, $coefficients[2], $primes[1], $primes[2]); - - return self::wrapPrivateKey($publicKey, $privateKey, $password, $options); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PKCS1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PKCS1.php deleted file mode 100644 index 276c602..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PKCS1.php +++ /dev/null @@ -1,160 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\RSA\Formats\Keys; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\Common\Formats\Keys\PKCS1 as Progenitor; -use phpseclib3\File\ASN1; -use phpseclib3\File\ASN1\Maps; -use phpseclib3\Math\BigInteger; - -/** - * PKCS#1 Formatted RSA Key Handler - * - * @author Jim Wigginton - */ -abstract class PKCS1 extends Progenitor -{ - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password optional - * @return array - */ - public static function load($key, $password = '') - { - if (!Strings::is_stringable($key)) { - throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); - } - - if (strpos($key, 'PUBLIC') !== false) { - $components = ['isPublicKey' => true]; - } elseif (strpos($key, 'PRIVATE') !== false) { - $components = ['isPublicKey' => false]; - } else { - $components = []; - } - - $key = parent::load($key, $password); - - $decoded = ASN1::decodeBER($key); - if (!$decoded) { - throw new \RuntimeException('Unable to decode BER'); - } - - $key = ASN1::asn1map($decoded[0], Maps\RSAPrivateKey::MAP); - if (is_array($key)) { - $components += [ - 'modulus' => $key['modulus'], - 'publicExponent' => $key['publicExponent'], - 'privateExponent' => $key['privateExponent'], - 'primes' => [1 => $key['prime1'], $key['prime2']], - 'exponents' => [1 => $key['exponent1'], $key['exponent2']], - 'coefficients' => [2 => $key['coefficient']] - ]; - if ($key['version'] == 'multi') { - foreach ($key['otherPrimeInfos'] as $primeInfo) { - $components['primes'][] = $primeInfo['prime']; - $components['exponents'][] = $primeInfo['exponent']; - $components['coefficients'][] = $primeInfo['coefficient']; - } - } - if (!isset($components['isPublicKey'])) { - $components['isPublicKey'] = false; - } - return $components; - } - - $key = ASN1::asn1map($decoded[0], Maps\RSAPublicKey::MAP); - - if (!is_array($key)) { - throw new \RuntimeException('Unable to perform ASN1 mapping'); - } - - if (!isset($components['isPublicKey'])) { - $components['isPublicKey'] = true; - } - - return $components + $key; - } - - /** - * Convert a private key to the appropriate format. - * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e - * @param \phpseclib3\Math\BigInteger $d - * @param array $primes - * @param array $exponents - * @param array $coefficients - * @param string $password optional - * @param array $options optional - * @return string - */ - public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, $password = '', array $options = []) - { - $num_primes = count($primes); - $key = [ - 'version' => $num_primes == 2 ? 'two-prime' : 'multi', - 'modulus' => $n, - 'publicExponent' => $e, - 'privateExponent' => $d, - 'prime1' => $primes[1], - 'prime2' => $primes[2], - 'exponent1' => $exponents[1], - 'exponent2' => $exponents[2], - 'coefficient' => $coefficients[2] - ]; - for ($i = 3; $i <= $num_primes; $i++) { - $key['otherPrimeInfos'][] = [ - 'prime' => $primes[$i], - 'exponent' => $exponents[$i], - 'coefficient' => $coefficients[$i] - ]; - } - - $key = ASN1::encodeDER($key, Maps\RSAPrivateKey::MAP); - - return self::wrapPrivateKey($key, 'RSA', $password, $options); - } - - /** - * Convert a public key to the appropriate format - * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e - * @return string - */ - public static function savePublicKey(BigInteger $n, BigInteger $e) - { - $key = [ - 'modulus' => $n, - 'publicExponent' => $e - ]; - - $key = ASN1::encodeDER($key, Maps\RSAPublicKey::MAP); - - return self::wrapPublicKey($key, 'RSA'); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PKCS8.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PKCS8.php deleted file mode 100644 index 1eaac6e..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PKCS8.php +++ /dev/null @@ -1,122 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\RSA\Formats\Keys; - -use phpseclib3\Crypt\Common\Formats\Keys\PKCS8 as Progenitor; -use phpseclib3\File\ASN1; -use phpseclib3\Math\BigInteger; - -/** - * PKCS#8 Formatted RSA Key Handler - * - * @author Jim Wigginton - */ -abstract class PKCS8 extends Progenitor -{ - /** - * OID Name - * - * @var string - */ - const OID_NAME = 'rsaEncryption'; - - /** - * OID Value - * - * @var string - */ - const OID_VALUE = '1.2.840.113549.1.1.1'; - - /** - * Child OIDs loaded - * - * @var bool - */ - protected static $childOIDsLoaded = false; - - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password optional - * @return array - */ - public static function load($key, $password = '') - { - $key = parent::load($key, $password); - - if (isset($key['privateKey'])) { - $components['isPublicKey'] = false; - $type = 'private'; - } else { - $components['isPublicKey'] = true; - $type = 'public'; - } - - $result = $components + PKCS1::load($key[$type . 'Key']); - - if (isset($key['meta'])) { - $result['meta'] = $key['meta']; - } - - return $result; - } - - /** - * Convert a private key to the appropriate format. - * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e - * @param \phpseclib3\Math\BigInteger $d - * @param array $primes - * @param array $exponents - * @param array $coefficients - * @param string $password optional - * @param array $options optional - * @return string - */ - public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, $password = '', array $options = []) - { - $key = PKCS1::savePrivateKey($n, $e, $d, $primes, $exponents, $coefficients); - $key = ASN1::extractBER($key); - return self::wrapPrivateKey($key, [], null, $password, null, '', $options); - } - - /** - * Convert a public key to the appropriate format - * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e - * @param array $options optional - * @return string - */ - public static function savePublicKey(BigInteger $n, BigInteger $e, array $options = []) - { - $key = PKCS1::savePublicKey($n, $e); - $key = ASN1::extractBER($key); - return self::wrapPublicKey($key, null); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PSS.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PSS.php deleted file mode 100644 index ed75b9b..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PSS.php +++ /dev/null @@ -1,238 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\RSA\Formats\Keys; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\Common\Formats\Keys\PKCS8 as Progenitor; -use phpseclib3\File\ASN1; -use phpseclib3\File\ASN1\Maps; -use phpseclib3\Math\BigInteger; - -/** - * PKCS#8 Formatted RSA-PSS Key Handler - * - * @author Jim Wigginton - */ -abstract class PSS extends Progenitor -{ - /** - * OID Name - * - * @var string - */ - const OID_NAME = 'id-RSASSA-PSS'; - - /** - * OID Value - * - * @var string - */ - const OID_VALUE = '1.2.840.113549.1.1.10'; - - /** - * OIDs loaded - * - * @var bool - */ - private static $oidsLoaded = false; - - /** - * Child OIDs loaded - * - * @var bool - */ - protected static $childOIDsLoaded = false; - - /** - * Initialize static variables - */ - private static function initialize_static_variables() - { - if (!self::$oidsLoaded) { - ASN1::loadOIDs([ - 'md2' => '1.2.840.113549.2.2', - 'md4' => '1.2.840.113549.2.4', - 'md5' => '1.2.840.113549.2.5', - 'id-sha1' => '1.3.14.3.2.26', - 'id-sha256' => '2.16.840.1.101.3.4.2.1', - 'id-sha384' => '2.16.840.1.101.3.4.2.2', - 'id-sha512' => '2.16.840.1.101.3.4.2.3', - 'id-sha224' => '2.16.840.1.101.3.4.2.4', - 'id-sha512/224' => '2.16.840.1.101.3.4.2.5', - 'id-sha512/256' => '2.16.840.1.101.3.4.2.6', - - 'id-mgf1' => '1.2.840.113549.1.1.8' - ]); - self::$oidsLoaded = true; - } - } - - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password optional - * @return array - */ - public static function load($key, $password = '') - { - self::initialize_static_variables(); - - if (!Strings::is_stringable($key)) { - throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); - } - - $components = ['isPublicKey' => strpos($key, 'PUBLIC') !== false]; - - $key = parent::load($key, $password); - - $type = isset($key['privateKey']) ? 'private' : 'public'; - - $result = $components + PKCS1::load($key[$type . 'Key']); - - if (isset($key[$type . 'KeyAlgorithm']['parameters'])) { - $decoded = ASN1::decodeBER($key[$type . 'KeyAlgorithm']['parameters']); - if ($decoded === false) { - throw new \UnexpectedValueException('Unable to decode parameters'); - } - $params = ASN1::asn1map($decoded[0], Maps\RSASSA_PSS_params::MAP); - } else { - $params = []; - } - - if (isset($params['maskGenAlgorithm']['parameters'])) { - $decoded = ASN1::decodeBER($params['maskGenAlgorithm']['parameters']); - if ($decoded === false) { - throw new \UnexpectedValueException('Unable to decode parameters'); - } - $params['maskGenAlgorithm']['parameters'] = ASN1::asn1map($decoded[0], Maps\HashAlgorithm::MAP); - } else { - $params['maskGenAlgorithm'] = [ - 'algorithm' => 'id-mgf1', - 'parameters' => ['algorithm' => 'id-sha1'] - ]; - } - - if (!isset($params['hashAlgorithm']['algorithm'])) { - $params['hashAlgorithm']['algorithm'] = 'id-sha1'; - } - - $result['hash'] = str_replace('id-', '', $params['hashAlgorithm']['algorithm']); - $result['MGFHash'] = str_replace('id-', '', $params['maskGenAlgorithm']['parameters']['algorithm']); - if (isset($params['saltLength'])) { - $result['saltLength'] = (int) $params['saltLength']->toString(); - } - - if (isset($key['meta'])) { - $result['meta'] = $key['meta']; - } - - return $result; - } - - /** - * Convert a private key to the appropriate format. - * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e - * @param \phpseclib3\Math\BigInteger $d - * @param array $primes - * @param array $exponents - * @param array $coefficients - * @param string $password optional - * @param array $options optional - * @return string - */ - public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, $password = '', array $options = []) - { - self::initialize_static_variables(); - - $key = PKCS1::savePrivateKey($n, $e, $d, $primes, $exponents, $coefficients); - $key = ASN1::extractBER($key); - $params = self::savePSSParams($options); - return self::wrapPrivateKey($key, [], $params, $password, null, '', $options); - } - - /** - * Convert a public key to the appropriate format - * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e - * @param array $options optional - * @return string - */ - public static function savePublicKey(BigInteger $n, BigInteger $e, array $options = []) - { - self::initialize_static_variables(); - - $key = PKCS1::savePublicKey($n, $e); - $key = ASN1::extractBER($key); - $params = self::savePSSParams($options); - return self::wrapPublicKey($key, $params); - } - - /** - * Encodes PSS parameters - * - * @param array $options - * @return string - */ - public static function savePSSParams(array $options) - { - /* - The trailerField field is an integer. It provides - compatibility with IEEE Std 1363a-2004 [P1363A]. The value - MUST be 1, which represents the trailer field with hexadecimal - value 0xBC. Other trailer fields, including the trailer field - composed of HashID concatenated with 0xCC that is specified in - IEEE Std 1363a, are not supported. Implementations that - perform signature generation MUST omit the trailerField field, - indicating that the default trailer field value was used. - Implementations that perform signature validation MUST - recognize both a present trailerField field with value 1 and an - absent trailerField field. - - source: https://tools.ietf.org/html/rfc4055#page-9 - */ - $params = [ - 'trailerField' => new BigInteger(1) - ]; - if (isset($options['hash'])) { - $params['hashAlgorithm']['algorithm'] = 'id-' . $options['hash']; - } - if (isset($options['MGFHash'])) { - $temp = ['algorithm' => 'id-' . $options['MGFHash']]; - $temp = ASN1::encodeDER($temp, Maps\HashAlgorithm::MAP); - $params['maskGenAlgorithm'] = [ - 'algorithm' => 'id-mgf1', - 'parameters' => new ASN1\Element($temp) - ]; - } - if (isset($options['saltLength'])) { - $params['saltLength'] = new BigInteger($options['saltLength']); - } - - return new ASN1\Element(ASN1::encodeDER($params, Maps\RSASSA_PSS_params::MAP)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PuTTY.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PuTTY.php deleted file mode 100644 index fe35717..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PuTTY.php +++ /dev/null @@ -1,121 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\RSA\Formats\Keys; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\Common\Formats\Keys\PuTTY as Progenitor; -use phpseclib3\Math\BigInteger; - -/** - * PuTTY Formatted RSA Key Handler - * - * @author Jim Wigginton - */ -abstract class PuTTY extends Progenitor -{ - /** - * Public Handler - * - * @var string - */ - const PUBLIC_HANDLER = 'phpseclib3\Crypt\RSA\Formats\Keys\OpenSSH'; - - /** - * Algorithm Identifier - * - * @var array - */ - protected static $types = ['ssh-rsa']; - - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password optional - * @return array - */ - public static function load($key, $password = '') - { - static $one; - if (!isset($one)) { - $one = new BigInteger(1); - } - - $components = parent::load($key, $password); - if (!isset($components['private'])) { - return $components; - } - extract($components); - unset($components['public'], $components['private']); - - $isPublicKey = false; - - $result = Strings::unpackSSH2('ii', $public); - if ($result === false) { - throw new \UnexpectedValueException('Key appears to be malformed'); - } - list($publicExponent, $modulus) = $result; - - $result = Strings::unpackSSH2('iiii', $private); - if ($result === false) { - throw new \UnexpectedValueException('Key appears to be malformed'); - } - $primes = $coefficients = []; - list($privateExponent, $primes[1], $primes[2], $coefficients[2]) = $result; - - $temp = $primes[1]->subtract($one); - $exponents = [1 => $publicExponent->modInverse($temp)]; - $temp = $primes[2]->subtract($one); - $exponents[] = $publicExponent->modInverse($temp); - - return compact('publicExponent', 'modulus', 'privateExponent', 'primes', 'coefficients', 'exponents', 'comment', 'isPublicKey'); - } - - /** - * Convert a private key to the appropriate format. - * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e - * @param \phpseclib3\Math\BigInteger $d - * @param array $primes - * @param array $exponents - * @param array $coefficients - * @param string $password optional - * @param array $options optional - * @return string - */ - public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, $password = '', array $options = []) - { - if (count($primes) != 2) { - throw new \InvalidArgumentException('PuTTY does not support multi-prime RSA keys'); - } - - $public = Strings::packSSH2('ii', $e, $n); - $private = Strings::packSSH2('iiii', $d, $primes[1], $primes[2], $coefficients[2]); - - return self::wrapPrivateKey($public, $private, 'ssh-rsa', $password, $options); - } - - /** - * Convert a public key to the appropriate format - * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e - * @return string - */ - public static function savePublicKey(BigInteger $n, BigInteger $e) - { - return self::wrapPublicKey(Strings::packSSH2('ii', $e, $n), 'ssh-rsa'); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/Raw.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/Raw.php deleted file mode 100644 index db72878..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/Raw.php +++ /dev/null @@ -1,184 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\RSA\Formats\Keys; - -use phpseclib3\Math\BigInteger; - -/** - * Raw RSA Key Handler - * - * @author Jim Wigginton - */ -abstract class Raw -{ - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password optional - * @return array - */ - public static function load($key, $password = '') - { - if (!is_array($key)) { - throw new \UnexpectedValueException('Key should be a array - not a ' . gettype($key)); - } - - $key = array_change_key_case($key, CASE_LOWER); - - $components = ['isPublicKey' => false]; - - foreach (['e', 'exponent', 'publicexponent', 0, 'privateexponent', 'd'] as $index) { - if (isset($key[$index])) { - $components['publicExponent'] = $key[$index]; - break; - } - } - - foreach (['n', 'modulo', 'modulus', 1] as $index) { - if (isset($key[$index])) { - $components['modulus'] = $key[$index]; - break; - } - } - - if (!isset($components['publicExponent']) || !isset($components['modulus'])) { - throw new \UnexpectedValueException('Modulus / exponent not present'); - } - - if (isset($key['primes'])) { - $components['primes'] = $key['primes']; - } elseif (isset($key['p']) && isset($key['q'])) { - $indices = [ - ['p', 'q'], - ['prime1', 'prime2'] - ]; - foreach ($indices as $index) { - list($i0, $i1) = $index; - if (isset($key[$i0]) && isset($key[$i1])) { - $components['primes'] = [1 => $key[$i0], $key[$i1]]; - } - } - } - - if (isset($key['exponents'])) { - $components['exponents'] = $key['exponents']; - } else { - $indices = [ - ['dp', 'dq'], - ['exponent1', 'exponent2'] - ]; - foreach ($indices as $index) { - list($i0, $i1) = $index; - if (isset($key[$i0]) && isset($key[$i1])) { - $components['exponents'] = [1 => $key[$i0], $key[$i1]]; - } - } - } - - if (isset($key['coefficients'])) { - $components['coefficients'] = $key['coefficients']; - } else { - foreach (['inverseq', 'q\'', 'coefficient'] as $index) { - if (isset($key[$index])) { - $components['coefficients'] = [2 => $key[$index]]; - } - } - } - - if (!isset($components['primes'])) { - $components['isPublicKey'] = true; - return $components; - } - - if (!isset($components['exponents'])) { - $one = new BigInteger(1); - $temp = $components['primes'][1]->subtract($one); - $exponents = [1 => $components['publicExponent']->modInverse($temp)]; - $temp = $components['primes'][2]->subtract($one); - $exponents[] = $components['publicExponent']->modInverse($temp); - $components['exponents'] = $exponents; - } - - if (!isset($components['coefficients'])) { - $components['coefficients'] = [2 => $components['primes'][2]->modInverse($components['primes'][1])]; - } - - foreach (['privateexponent', 'd'] as $index) { - if (isset($key[$index])) { - $components['privateExponent'] = $key[$index]; - break; - } - } - - return $components; - } - - /** - * Convert a private key to the appropriate format. - * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e - * @param \phpseclib3\Math\BigInteger $d - * @param array $primes - * @param array $exponents - * @param array $coefficients - * @param string $password optional - * @param array $options optional - * @return array - */ - public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, $password = '', array $options = []) - { - if (!empty($password) && is_string($password)) { - throw new UnsupportedFormatException('Raw private keys do not support encryption'); - } - - return [ - 'e' => clone $e, - 'n' => clone $n, - 'd' => clone $d, - 'primes' => array_map(function ($var) { - return clone $var; - }, $primes), - 'exponents' => array_map(function ($var) { - return clone $var; - }, $exponents), - 'coefficients' => array_map(function ($var) { - return clone $var; - }, $coefficients) - ]; - } - - /** - * Convert a public key to the appropriate format - * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e - * @return array - */ - public static function savePublicKey(BigInteger $n, BigInteger $e) - { - return ['e' => clone $e, 'n' => clone $n]; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/XML.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/XML.php deleted file mode 100644 index 280048c..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/XML.php +++ /dev/null @@ -1,171 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\RSA\Formats\Keys; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Exception\BadConfigurationException; -use phpseclib3\Exception\UnsupportedFormatException; -use phpseclib3\Math\BigInteger; - -/** - * XML Formatted RSA Key Handler - * - * @author Jim Wigginton - */ -abstract class XML -{ - /** - * Break a public or private key down into its constituent components - * - * @param string $key - * @param string $password optional - * @return array - */ - public static function load($key, $password = '') - { - if (!Strings::is_stringable($key)) { - throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); - } - - if (!class_exists('DOMDocument')) { - throw new BadConfigurationException('The dom extension is not setup correctly on this system'); - } - - $components = [ - 'isPublicKey' => false, - 'primes' => [], - 'exponents' => [], - 'coefficients' => [] - ]; - - $use_errors = libxml_use_internal_errors(true); - - $dom = new \DOMDocument(); - if (substr($key, 0, 5) != '' . $key . ''; - } - if (!$dom->loadXML($key)) { - libxml_use_internal_errors($use_errors); - throw new \UnexpectedValueException('Key does not appear to contain XML'); - } - $xpath = new \DOMXPath($dom); - $keys = ['modulus', 'exponent', 'p', 'q', 'dp', 'dq', 'inverseq', 'd']; - foreach ($keys as $key) { - // $dom->getElementsByTagName($key) is case-sensitive - $temp = $xpath->query("//*[translate(local-name(), 'ABCDEFGHIJKLMNOPQRSTUVWXYZ','abcdefghijklmnopqrstuvwxyz')='$key']"); - if (!$temp->length) { - continue; - } - $value = new BigInteger(Strings::base64_decode($temp->item(0)->nodeValue), 256); - switch ($key) { - case 'modulus': - $components['modulus'] = $value; - break; - case 'exponent': - $components['publicExponent'] = $value; - break; - case 'p': - $components['primes'][1] = $value; - break; - case 'q': - $components['primes'][2] = $value; - break; - case 'dp': - $components['exponents'][1] = $value; - break; - case 'dq': - $components['exponents'][2] = $value; - break; - case 'inverseq': - $components['coefficients'][2] = $value; - break; - case 'd': - $components['privateExponent'] = $value; - } - } - - libxml_use_internal_errors($use_errors); - - foreach ($components as $key => $value) { - if (is_array($value) && !count($value)) { - unset($components[$key]); - } - } - - if (isset($components['modulus']) && isset($components['publicExponent'])) { - if (count($components) == 3) { - $components['isPublicKey'] = true; - } - return $components; - } - - throw new \UnexpectedValueException('Modulus / exponent not present'); - } - - /** - * Convert a private key to the appropriate format. - * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e - * @param \phpseclib3\Math\BigInteger $d - * @param array $primes - * @param array $exponents - * @param array $coefficients - * @param string $password optional - * @return string - */ - public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, $password = '') - { - if (count($primes) != 2) { - throw new \InvalidArgumentException('XML does not support multi-prime RSA keys'); - } - - if (!empty($password) && is_string($password)) { - throw new UnsupportedFormatException('XML private keys do not support encryption'); - } - - return "\r\n" . - ' ' . Strings::base64_encode($n->toBytes()) . "\r\n" . - ' ' . Strings::base64_encode($e->toBytes()) . "\r\n" . - '

' . Strings::base64_encode($primes[1]->toBytes()) . "

\r\n" . - ' ' . Strings::base64_encode($primes[2]->toBytes()) . "\r\n" . - ' ' . Strings::base64_encode($exponents[1]->toBytes()) . "\r\n" . - ' ' . Strings::base64_encode($exponents[2]->toBytes()) . "\r\n" . - ' ' . Strings::base64_encode($coefficients[2]->toBytes()) . "\r\n" . - ' ' . Strings::base64_encode($d->toBytes()) . "\r\n" . - ''; - } - - /** - * Convert a public key to the appropriate format - * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e - * @return string - */ - public static function savePublicKey(BigInteger $n, BigInteger $e) - { - return "\r\n" . - ' ' . Strings::base64_encode($n->toBytes()) . "\r\n" . - ' ' . Strings::base64_encode($e->toBytes()) . "\r\n" . - ''; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/PrivateKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/PrivateKey.php deleted file mode 100644 index 37dd09a..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/PrivateKey.php +++ /dev/null @@ -1,530 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\RSA; - -use phpseclib3\Crypt\Common; -use phpseclib3\Crypt\Random; -use phpseclib3\Crypt\RSA; -use phpseclib3\Crypt\RSA\Formats\Keys\PSS; -use phpseclib3\Exception\UnsupportedFormatException; -use phpseclib3\Math\BigInteger; - -/** - * Raw RSA Key Handler - * - * @author Jim Wigginton - */ -final class PrivateKey extends RSA implements Common\PrivateKey -{ - use Common\Traits\PasswordProtected; - - /** - * Primes for Chinese Remainder Theorem (ie. p and q) - * - * @var array - */ - protected $primes; - - /** - * Exponents for Chinese Remainder Theorem (ie. dP and dQ) - * - * @var array - */ - protected $exponents; - - /** - * Coefficients for Chinese Remainder Theorem (ie. qInv) - * - * @var array - */ - protected $coefficients; - - /** - * Private Exponent - * - * @var \phpseclib3\Math\BigInteger - */ - protected $privateExponent; - - /** - * RSADP - * - * See {@link http://tools.ietf.org/html/rfc3447#section-5.1.2 RFC3447#section-5.1.2}. - * - * @return bool|\phpseclib3\Math\BigInteger - */ - private function rsadp(BigInteger $c) - { - if ($c->compare(self::$zero) < 0 || $c->compare($this->modulus) > 0) { - throw new \OutOfRangeException('Ciphertext representative out of range'); - } - return $this->exponentiate($c); - } - - /** - * RSASP1 - * - * See {@link http://tools.ietf.org/html/rfc3447#section-5.2.1 RFC3447#section-5.2.1}. - * - * @return bool|\phpseclib3\Math\BigInteger - */ - private function rsasp1(BigInteger $m) - { - if ($m->compare(self::$zero) < 0 || $m->compare($this->modulus) > 0) { - throw new \OutOfRangeException('Signature representative out of range'); - } - return $this->exponentiate($m); - } - - /** - * Exponentiate - * - * @param \phpseclib3\Math\BigInteger $x - * @return \phpseclib3\Math\BigInteger - */ - protected function exponentiate(BigInteger $x) - { - switch (true) { - case empty($this->primes): - case $this->primes[1]->equals(self::$zero): - case empty($this->coefficients): - case $this->coefficients[2]->equals(self::$zero): - case empty($this->exponents): - case $this->exponents[1]->equals(self::$zero): - return $x->modPow($this->exponent, $this->modulus); - } - - $num_primes = count($this->primes); - - if (!static::$enableBlinding) { - $m_i = [ - 1 => $x->modPow($this->exponents[1], $this->primes[1]), - 2 => $x->modPow($this->exponents[2], $this->primes[2]) - ]; - $h = $m_i[1]->subtract($m_i[2]); - $h = $h->multiply($this->coefficients[2]); - list(, $h) = $h->divide($this->primes[1]); - $m = $m_i[2]->add($h->multiply($this->primes[2])); - - $r = $this->primes[1]; - for ($i = 3; $i <= $num_primes; $i++) { - $m_i = $x->modPow($this->exponents[$i], $this->primes[$i]); - - $r = $r->multiply($this->primes[$i - 1]); - - $h = $m_i->subtract($m); - $h = $h->multiply($this->coefficients[$i]); - list(, $h) = $h->divide($this->primes[$i]); - - $m = $m->add($r->multiply($h)); - } - } else { - $smallest = $this->primes[1]; - for ($i = 2; $i <= $num_primes; $i++) { - if ($smallest->compare($this->primes[$i]) > 0) { - $smallest = $this->primes[$i]; - } - } - - $r = BigInteger::randomRange(self::$one, $smallest->subtract(self::$one)); - - $m_i = [ - 1 => $this->blind($x, $r, 1), - 2 => $this->blind($x, $r, 2) - ]; - $h = $m_i[1]->subtract($m_i[2]); - $h = $h->multiply($this->coefficients[2]); - list(, $h) = $h->divide($this->primes[1]); - $m = $m_i[2]->add($h->multiply($this->primes[2])); - - $r = $this->primes[1]; - for ($i = 3; $i <= $num_primes; $i++) { - $m_i = $this->blind($x, $r, $i); - - $r = $r->multiply($this->primes[$i - 1]); - - $h = $m_i->subtract($m); - $h = $h->multiply($this->coefficients[$i]); - list(, $h) = $h->divide($this->primes[$i]); - - $m = $m->add($r->multiply($h)); - } - } - - return $m; - } - - /** - * Performs RSA Blinding - * - * Protects against timing attacks by employing RSA Blinding. - * Returns $x->modPow($this->exponents[$i], $this->primes[$i]) - * - * @param \phpseclib3\Math\BigInteger $x - * @param \phpseclib3\Math\BigInteger $r - * @param int $i - * @return \phpseclib3\Math\BigInteger - */ - private function blind(BigInteger $x, BigInteger $r, $i) - { - $x = $x->multiply($r->modPow($this->publicExponent, $this->primes[$i])); - $x = $x->modPow($this->exponents[$i], $this->primes[$i]); - - $r = $r->modInverse($this->primes[$i]); - $x = $x->multiply($r); - list(, $x) = $x->divide($this->primes[$i]); - - return $x; - } - - /** - * EMSA-PSS-ENCODE - * - * See {@link http://tools.ietf.org/html/rfc3447#section-9.1.1 RFC3447#section-9.1.1}. - * - * @return string - * @param string $m - * @throws \RuntimeException on encoding error - * @param int $emBits - */ - private function emsa_pss_encode($m, $emBits) - { - // if $m is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error - // be output. - - $emLen = ($emBits + 1) >> 3; // ie. ceil($emBits / 8) - $sLen = $this->sLen !== null ? $this->sLen : $this->hLen; - - $mHash = $this->hash->hash($m); - if ($emLen < $this->hLen + $sLen + 2) { - throw new \LengthException('RSA modulus too short'); - } - - $salt = Random::string($sLen); - $m2 = "\0\0\0\0\0\0\0\0" . $mHash . $salt; - $h = $this->hash->hash($m2); - $ps = str_repeat(chr(0), $emLen - $sLen - $this->hLen - 2); - $db = $ps . chr(1) . $salt; - $dbMask = $this->mgf1($h, $emLen - $this->hLen - 1); // ie. stlren($db) - $maskedDB = $db ^ $dbMask; - $maskedDB[0] = ~chr(0xFF << ($emBits & 7)) & $maskedDB[0]; - $em = $maskedDB . $h . chr(0xBC); - - return $em; - } - - /** - * RSASSA-PSS-SIGN - * - * See {@link http://tools.ietf.org/html/rfc3447#section-8.1.1 RFC3447#section-8.1.1}. - * - * @param string $m - * @return bool|string - */ - private function rsassa_pss_sign($m) - { - // EMSA-PSS encoding - - $em = $this->emsa_pss_encode($m, 8 * $this->k - 1); - - // RSA signature - - $m = $this->os2ip($em); - $s = $this->rsasp1($m); - $s = $this->i2osp($s, $this->k); - - // Output the signature S - - return $s; - } - - /** - * RSASSA-PKCS1-V1_5-SIGN - * - * See {@link http://tools.ietf.org/html/rfc3447#section-8.2.1 RFC3447#section-8.2.1}. - * - * @param string $m - * @throws \LengthException if the RSA modulus is too short - * @return bool|string - */ - private function rsassa_pkcs1_v1_5_sign($m) - { - // EMSA-PKCS1-v1_5 encoding - - // If the encoding operation outputs "intended encoded message length too short," output "RSA modulus - // too short" and stop. - try { - $em = $this->emsa_pkcs1_v1_5_encode($m, $this->k); - } catch (\LengthException $e) { - throw new \LengthException('RSA modulus too short'); - } - - // RSA signature - - $m = $this->os2ip($em); - $s = $this->rsasp1($m); - $s = $this->i2osp($s, $this->k); - - // Output the signature S - - return $s; - } - - /** - * Create a signature - * - * @see self::verify() - * @param string $message - * @return string - */ - public function sign($message) - { - switch ($this->signaturePadding) { - case self::SIGNATURE_PKCS1: - case self::SIGNATURE_RELAXED_PKCS1: - return $this->rsassa_pkcs1_v1_5_sign($message); - //case self::SIGNATURE_PSS: - default: - return $this->rsassa_pss_sign($message); - } - } - - /** - * RSAES-PKCS1-V1_5-DECRYPT - * - * See {@link http://tools.ietf.org/html/rfc3447#section-7.2.2 RFC3447#section-7.2.2}. - * - * @param string $c - * @return bool|string - */ - private function rsaes_pkcs1_v1_5_decrypt($c) - { - // Length checking - - if (strlen($c) != $this->k) { // or if k < 11 - throw new \LengthException('Ciphertext representative too long'); - } - - // RSA decryption - - $c = $this->os2ip($c); - $m = $this->rsadp($c); - $em = $this->i2osp($m, $this->k); - - // EME-PKCS1-v1_5 decoding - - if (ord($em[0]) != 0 || ord($em[1]) > 2) { - throw new \RuntimeException('Decryption error'); - } - - $ps = substr($em, 2, strpos($em, chr(0), 2) - 2); - $m = substr($em, strlen($ps) + 3); - - if (strlen($ps) < 8) { - throw new \RuntimeException('Decryption error'); - } - - // Output M - - return $m; - } - - /** - * RSAES-OAEP-DECRYPT - * - * See {@link http://tools.ietf.org/html/rfc3447#section-7.1.2 RFC3447#section-7.1.2}. The fact that the error - * messages aren't distinguishable from one another hinders debugging, but, to quote from RFC3447#section-7.1.2: - * - * Note. Care must be taken to ensure that an opponent cannot - * distinguish the different error conditions in Step 3.g, whether by - * error message or timing, or, more generally, learn partial - * information about the encoded message EM. Otherwise an opponent may - * be able to obtain useful information about the decryption of the - * ciphertext C, leading to a chosen-ciphertext attack such as the one - * observed by Manger [36]. - * - * @param string $c - * @return bool|string - */ - private function rsaes_oaep_decrypt($c) - { - // Length checking - - // if $l is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error - // be output. - - if (strlen($c) != $this->k || $this->k < 2 * $this->hLen + 2) { - throw new \LengthException('Ciphertext representative too long'); - } - - // RSA decryption - - $c = $this->os2ip($c); - $m = $this->rsadp($c); - $em = $this->i2osp($m, $this->k); - - // EME-OAEP decoding - - $lHash = $this->hash->hash($this->label); - $y = ord($em[0]); - $maskedSeed = substr($em, 1, $this->hLen); - $maskedDB = substr($em, $this->hLen + 1); - $seedMask = $this->mgf1($maskedDB, $this->hLen); - $seed = $maskedSeed ^ $seedMask; - $dbMask = $this->mgf1($seed, $this->k - $this->hLen - 1); - $db = $maskedDB ^ $dbMask; - $lHash2 = substr($db, 0, $this->hLen); - $m = substr($db, $this->hLen); - $hashesMatch = hash_equals($lHash, $lHash2); - $leadingZeros = 1; - $patternMatch = 0; - $offset = 0; - for ($i = 0; $i < strlen($m); $i++) { - $patternMatch |= $leadingZeros & ($m[$i] === "\1"); - $leadingZeros &= $m[$i] === "\0"; - $offset += $patternMatch ? 0 : 1; - } - - // we do | instead of || to avoid https://en.wikipedia.org/wiki/Short-circuit_evaluation - // to protect against timing attacks - if (!$hashesMatch | !$patternMatch) { - throw new \RuntimeException('Decryption error'); - } - - // Output the message M - - return substr($m, $offset + 1); - } - - /** - * Raw Encryption / Decryption - * - * Doesn't use padding and is not recommended. - * - * @param string $m - * @return bool|string - * @throws \LengthException if strlen($m) > $this->k - */ - private function raw_encrypt($m) - { - if (strlen($m) > $this->k) { - throw new \LengthException('Ciphertext representative too long'); - } - - $temp = $this->os2ip($m); - $temp = $this->rsadp($temp); - return $this->i2osp($temp, $this->k); - } - - /** - * Decryption - * - * @see self::encrypt() - * @param string $ciphertext - * @return bool|string - */ - public function decrypt($ciphertext) - { - switch ($this->encryptionPadding) { - case self::ENCRYPTION_NONE: - return $this->raw_encrypt($ciphertext); - case self::ENCRYPTION_PKCS1: - return $this->rsaes_pkcs1_v1_5_decrypt($ciphertext); - //case self::ENCRYPTION_OAEP: - default: - return $this->rsaes_oaep_decrypt($ciphertext); - } - } - - /** - * Returns the public key - * - * @return mixed - */ - public function getPublicKey() - { - $type = self::validatePlugin('Keys', 'PKCS8', 'savePublicKey'); - if (empty($this->modulus) || empty($this->publicExponent)) { - throw new \RuntimeException('Public key components not found'); - } - - $key = $type::savePublicKey($this->modulus, $this->publicExponent); - return RSA::loadFormat('PKCS8', $key) - ->withHash($this->hash->getHash()) - ->withMGFHash($this->mgfHash->getHash()) - ->withSaltLength($this->sLen) - ->withLabel($this->label) - ->withPadding($this->signaturePadding | $this->encryptionPadding); - } - - /** - * Returns the private key - * - * @param string $type - * @param array $options optional - * @return string - */ - public function toString($type, array $options = []) - { - $type = self::validatePlugin( - 'Keys', - $type, - empty($this->primes) ? 'savePublicKey' : 'savePrivateKey' - ); - - if ($type == PSS::class) { - if ($this->signaturePadding == self::SIGNATURE_PSS) { - $options += [ - 'hash' => $this->hash->getHash(), - 'MGFHash' => $this->mgfHash->getHash(), - 'saltLength' => $this->getSaltLength() - ]; - } else { - throw new UnsupportedFormatException('The PSS format can only be used when the signature method has been explicitly set to PSS'); - } - } - - if (empty($this->primes)) { - return $type::savePublicKey($this->modulus, $this->exponent, $options); - } - - return $type::savePrivateKey($this->modulus, $this->publicExponent, $this->exponent, $this->primes, $this->exponents, $this->coefficients, $this->password, $options); - - /* - $key = $type::savePrivateKey($this->modulus, $this->publicExponent, $this->exponent, $this->primes, $this->exponents, $this->coefficients, $this->password, $options); - if ($key !== false || count($this->primes) == 2) { - return $key; - } - - $nSize = $this->getSize() >> 1; - - $primes = [1 => clone self::$one, clone self::$one]; - $i = 1; - foreach ($this->primes as $prime) { - $primes[$i] = $primes[$i]->multiply($prime); - if ($primes[$i]->getLength() >= $nSize) { - $i++; - } - } - - $exponents = []; - $coefficients = [2 => $primes[2]->modInverse($primes[1])]; - - foreach ($primes as $i => $prime) { - $temp = $prime->subtract(self::$one); - $exponents[$i] = $this->modulus->modInverse($temp); - } - - return $type::savePrivateKey($this->modulus, $this->publicExponent, $this->exponent, $primes, $exponents, $coefficients, $this->password, $options); - */ - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/PublicKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/PublicKey.php deleted file mode 100644 index 58939a9..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/PublicKey.php +++ /dev/null @@ -1,513 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt\RSA; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\Common; -use phpseclib3\Crypt\Hash; -use phpseclib3\Crypt\Random; -use phpseclib3\Crypt\RSA; -use phpseclib3\Crypt\RSA\Formats\Keys\PSS; -use phpseclib3\Exception\UnsupportedAlgorithmException; -use phpseclib3\Exception\UnsupportedFormatException; -use phpseclib3\File\ASN1; -use phpseclib3\File\ASN1\Maps\DigestInfo; -use phpseclib3\Math\BigInteger; - -/** - * Raw RSA Key Handler - * - * @author Jim Wigginton - */ -final class PublicKey extends RSA implements Common\PublicKey -{ - use Common\Traits\Fingerprint; - - /** - * Exponentiate - * - * @param \phpseclib3\Math\BigInteger $x - * @return \phpseclib3\Math\BigInteger - */ - private function exponentiate(BigInteger $x) - { - return $x->modPow($this->exponent, $this->modulus); - } - - /** - * RSAVP1 - * - * See {@link http://tools.ietf.org/html/rfc3447#section-5.2.2 RFC3447#section-5.2.2}. - * - * @param \phpseclib3\Math\BigInteger $s - * @return bool|\phpseclib3\Math\BigInteger - */ - private function rsavp1($s) - { - if ($s->compare(self::$zero) < 0 || $s->compare($this->modulus) > 0) { - return false; - } - return $this->exponentiate($s); - } - - /** - * RSASSA-PKCS1-V1_5-VERIFY - * - * See {@link http://tools.ietf.org/html/rfc3447#section-8.2.2 RFC3447#section-8.2.2}. - * - * @param string $m - * @param string $s - * @throws \LengthException if the RSA modulus is too short - * @return bool - */ - private function rsassa_pkcs1_v1_5_verify($m, $s) - { - // Length checking - - if (strlen($s) != $this->k) { - return false; - } - - // RSA verification - - $s = $this->os2ip($s); - $m2 = $this->rsavp1($s); - if ($m2 === false) { - return false; - } - $em = $this->i2osp($m2, $this->k); - if ($em === false) { - return false; - } - - // EMSA-PKCS1-v1_5 encoding - - $exception = false; - - // If the encoding operation outputs "intended encoded message length too short," output "RSA modulus - // too short" and stop. - try { - $em2 = $this->emsa_pkcs1_v1_5_encode($m, $this->k); - $r1 = hash_equals($em, $em2); - } catch (\LengthException $e) { - $exception = true; - } - - try { - $em3 = $this->emsa_pkcs1_v1_5_encode_without_null($m, $this->k); - $r2 = hash_equals($em, $em3); - } catch (\LengthException $e) { - $exception = true; - } catch (UnsupportedAlgorithmException $e) { - $r2 = false; - } - - if ($exception) { - throw new \LengthException('RSA modulus too short'); - } - - // Compare - return $r1 || $r2; - } - - /** - * RSASSA-PKCS1-V1_5-VERIFY (relaxed matching) - * - * Per {@link http://tools.ietf.org/html/rfc3447#page-43 RFC3447#page-43} PKCS1 v1.5 - * specified the use BER encoding rather than DER encoding that PKCS1 v2.0 specified. - * This means that under rare conditions you can have a perfectly valid v1.5 signature - * that fails to validate with _rsassa_pkcs1_v1_5_verify(). PKCS1 v2.1 also recommends - * that if you're going to validate these types of signatures you "should indicate - * whether the underlying BER encoding is a DER encoding and hence whether the signature - * is valid with respect to the specification given in [PKCS1 v2.0+]". so if you do - * $rsa->getLastPadding() and get RSA::PADDING_RELAXED_PKCS1 back instead of - * RSA::PADDING_PKCS1... that means BER encoding was used. - * - * @param string $m - * @param string $s - * @return bool - */ - private function rsassa_pkcs1_v1_5_relaxed_verify($m, $s) - { - // Length checking - - if (strlen($s) != $this->k) { - return false; - } - - // RSA verification - - $s = $this->os2ip($s); - $m2 = $this->rsavp1($s); - if ($m2 === false) { - return false; - } - $em = $this->i2osp($m2, $this->k); - if ($em === false) { - return false; - } - - if (Strings::shift($em, 2) != "\0\1") { - return false; - } - - $em = ltrim($em, "\xFF"); - if (Strings::shift($em) != "\0") { - return false; - } - - $decoded = ASN1::decodeBER($em); - if (!is_array($decoded) || empty($decoded[0]) || strlen($em) > $decoded[0]['length']) { - return false; - } - - static $oids; - if (!isset($oids)) { - $oids = [ - 'md2' => '1.2.840.113549.2.2', - 'md4' => '1.2.840.113549.2.4', // from PKCS1 v1.5 - 'md5' => '1.2.840.113549.2.5', - 'id-sha1' => '1.3.14.3.2.26', - 'id-sha256' => '2.16.840.1.101.3.4.2.1', - 'id-sha384' => '2.16.840.1.101.3.4.2.2', - 'id-sha512' => '2.16.840.1.101.3.4.2.3', - // from PKCS1 v2.2 - 'id-sha224' => '2.16.840.1.101.3.4.2.4', - 'id-sha512/224' => '2.16.840.1.101.3.4.2.5', - 'id-sha512/256' => '2.16.840.1.101.3.4.2.6', - ]; - ASN1::loadOIDs($oids); - } - - $decoded = ASN1::asn1map($decoded[0], DigestInfo::MAP); - if (!isset($decoded) || $decoded === false) { - return false; - } - - if (!isset($oids[$decoded['digestAlgorithm']['algorithm']])) { - return false; - } - - if (isset($decoded['digestAlgorithm']['parameters']) && $decoded['digestAlgorithm']['parameters'] !== ['null' => '']) { - return false; - } - - $hash = $decoded['digestAlgorithm']['algorithm']; - $hash = substr($hash, 0, 3) == 'id-' ? - substr($hash, 3) : - $hash; - $hash = new Hash($hash); - $em = $hash->hash($m); - $em2 = $decoded['digest']; - - return hash_equals($em, $em2); - } - - /** - * EMSA-PSS-VERIFY - * - * See {@link http://tools.ietf.org/html/rfc3447#section-9.1.2 RFC3447#section-9.1.2}. - * - * @param string $m - * @param string $em - * @param int $emBits - * @return string - */ - private function emsa_pss_verify($m, $em, $emBits) - { - // if $m is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error - // be output. - - $emLen = ($emBits + 7) >> 3; // ie. ceil($emBits / 8); - $sLen = $this->sLen !== null ? $this->sLen : $this->hLen; - - $mHash = $this->hash->hash($m); - if ($emLen < $this->hLen + $sLen + 2) { - return false; - } - - if ($em[strlen($em) - 1] != chr(0xBC)) { - return false; - } - - $maskedDB = substr($em, 0, -$this->hLen - 1); - $h = substr($em, -$this->hLen - 1, $this->hLen); - $temp = chr(0xFF << ($emBits & 7)); - if ((~$maskedDB[0] & $temp) != $temp) { - return false; - } - $dbMask = $this->mgf1($h, $emLen - $this->hLen - 1); - $db = $maskedDB ^ $dbMask; - $db[0] = ~chr(0xFF << ($emBits & 7)) & $db[0]; - $temp = $emLen - $this->hLen - $sLen - 2; - if (substr($db, 0, $temp) != str_repeat(chr(0), $temp) || ord($db[$temp]) != 1) { - return false; - } - $salt = substr($db, $temp + 1); // should be $sLen long - $m2 = "\0\0\0\0\0\0\0\0" . $mHash . $salt; - $h2 = $this->hash->hash($m2); - return hash_equals($h, $h2); - } - - /** - * RSASSA-PSS-VERIFY - * - * See {@link http://tools.ietf.org/html/rfc3447#section-8.1.2 RFC3447#section-8.1.2}. - * - * @param string $m - * @param string $s - * @return bool|string - */ - private function rsassa_pss_verify($m, $s) - { - // Length checking - - if (strlen($s) != $this->k) { - return false; - } - - // RSA verification - - $modBits = strlen($this->modulus->toBits()); - - $s2 = $this->os2ip($s); - $m2 = $this->rsavp1($s2); - $em = $this->i2osp($m2, $this->k); - if ($em === false) { - return false; - } - - // EMSA-PSS verification - - return $this->emsa_pss_verify($m, $em, $modBits - 1); - } - - /** - * Verifies a signature - * - * @see self::sign() - * @param string $message - * @param string $signature - * @return bool - */ - public function verify($message, $signature) - { - switch ($this->signaturePadding) { - case self::SIGNATURE_RELAXED_PKCS1: - return $this->rsassa_pkcs1_v1_5_relaxed_verify($message, $signature); - case self::SIGNATURE_PKCS1: - return $this->rsassa_pkcs1_v1_5_verify($message, $signature); - //case self::SIGNATURE_PSS: - default: - return $this->rsassa_pss_verify($message, $signature); - } - } - - /** - * RSAES-PKCS1-V1_5-ENCRYPT - * - * See {@link http://tools.ietf.org/html/rfc3447#section-7.2.1 RFC3447#section-7.2.1}. - * - * @param string $m - * @param bool $pkcs15_compat optional - * @throws \LengthException if strlen($m) > $this->k - 11 - * @return bool|string - */ - private function rsaes_pkcs1_v1_5_encrypt($m, $pkcs15_compat = false) - { - $mLen = strlen($m); - - // Length checking - - if ($mLen > $this->k - 11) { - throw new \LengthException('Message too long'); - } - - // EME-PKCS1-v1_5 encoding - - $psLen = $this->k - $mLen - 3; - $ps = ''; - while (strlen($ps) != $psLen) { - $temp = Random::string($psLen - strlen($ps)); - $temp = str_replace("\x00", '', $temp); - $ps .= $temp; - } - $type = 2; - $em = chr(0) . chr($type) . $ps . chr(0) . $m; - - // RSA encryption - $m = $this->os2ip($em); - $c = $this->rsaep($m); - $c = $this->i2osp($c, $this->k); - - // Output the ciphertext C - - return $c; - } - - /** - * RSAES-OAEP-ENCRYPT - * - * See {@link http://tools.ietf.org/html/rfc3447#section-7.1.1 RFC3447#section-7.1.1} and - * {http://en.wikipedia.org/wiki/Optimal_Asymmetric_Encryption_Padding OAES}. - * - * @param string $m - * @throws \LengthException if strlen($m) > $this->k - 2 * $this->hLen - 2 - * @return string - */ - private function rsaes_oaep_encrypt($m) - { - $mLen = strlen($m); - - // Length checking - - // if $l is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error - // be output. - - if ($mLen > $this->k - 2 * $this->hLen - 2) { - throw new \LengthException('Message too long'); - } - - // EME-OAEP encoding - - $lHash = $this->hash->hash($this->label); - $ps = str_repeat(chr(0), $this->k - $mLen - 2 * $this->hLen - 2); - $db = $lHash . $ps . chr(1) . $m; - $seed = Random::string($this->hLen); - $dbMask = $this->mgf1($seed, $this->k - $this->hLen - 1); - $maskedDB = $db ^ $dbMask; - $seedMask = $this->mgf1($maskedDB, $this->hLen); - $maskedSeed = $seed ^ $seedMask; - $em = chr(0) . $maskedSeed . $maskedDB; - - // RSA encryption - - $m = $this->os2ip($em); - $c = $this->rsaep($m); - $c = $this->i2osp($c, $this->k); - - // Output the ciphertext C - - return $c; - } - - /** - * RSAEP - * - * See {@link http://tools.ietf.org/html/rfc3447#section-5.1.1 RFC3447#section-5.1.1}. - * - * @param \phpseclib3\Math\BigInteger $m - * @return bool|\phpseclib3\Math\BigInteger - */ - private function rsaep($m) - { - if ($m->compare(self::$zero) < 0 || $m->compare($this->modulus) > 0) { - throw new \OutOfRangeException('Message representative out of range'); - } - return $this->exponentiate($m); - } - - /** - * Raw Encryption / Decryption - * - * Doesn't use padding and is not recommended. - * - * @param string $m - * @return bool|string - * @throws \LengthException if strlen($m) > $this->k - */ - private function raw_encrypt($m) - { - if (strlen($m) > $this->k) { - throw new \LengthException('Message too long'); - } - - $temp = $this->os2ip($m); - $temp = $this->rsaep($temp); - return $this->i2osp($temp, $this->k); - } - - /** - * Encryption - * - * Both self::PADDING_OAEP and self::PADDING_PKCS1 both place limits on how long $plaintext can be. - * If $plaintext exceeds those limits it will be broken up so that it does and the resultant ciphertext's will - * be concatenated together. - * - * @see self::decrypt() - * @param string $plaintext - * @return bool|string - * @throws \LengthException if the RSA modulus is too short - */ - public function encrypt($plaintext) - { - switch ($this->encryptionPadding) { - case self::ENCRYPTION_NONE: - return $this->raw_encrypt($plaintext); - case self::ENCRYPTION_PKCS1: - return $this->rsaes_pkcs1_v1_5_encrypt($plaintext); - //case self::ENCRYPTION_OAEP: - default: - return $this->rsaes_oaep_encrypt($plaintext); - } - } - - /** - * Returns the public key - * - * The public key is only returned under two circumstances - if the private key had the public key embedded within it - * or if the public key was set via setPublicKey(). If the currently loaded key is supposed to be the public key this - * function won't return it since this library, for the most part, doesn't distinguish between public and private keys. - * - * @param string $type - * @param array $options optional - * @return mixed - */ - public function toString($type, array $options = []) - { - $type = self::validatePlugin('Keys', $type, 'savePublicKey'); - - if ($type == PSS::class) { - if ($this->signaturePadding == self::SIGNATURE_PSS) { - $options += [ - 'hash' => $this->hash->getHash(), - 'MGFHash' => $this->mgfHash->getHash(), - 'saltLength' => $this->getSaltLength() - ]; - } else { - throw new UnsupportedFormatException('The PSS format can only be used when the signature method has been explicitly set to PSS'); - } - } - - return $type::savePublicKey($this->modulus, $this->publicExponent, $options); - } - - /** - * Converts a public key to a private key - * - * @return RSA - */ - public function asPrivateKey() - { - $new = new PrivateKey(); - $new->exponent = $this->exponent; - $new->modulus = $this->modulus; - $new->k = $this->k; - $new->format = $this->format; - return $new - ->withHash($this->hash->getHash()) - ->withMGFHash($this->mgfHash->getHash()) - ->withSaltLength($this->sLen) - ->withLabel($this->label) - ->withPadding($this->signaturePadding | $this->encryptionPadding); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Random.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Random.php deleted file mode 100644 index f813a2e..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Random.php +++ /dev/null @@ -1,222 +0,0 @@ - - * - * - * - * @author Jim Wigginton - * @copyright 2007 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt; - -/** - * Pure-PHP Random Number Generator - * - * @author Jim Wigginton - */ -abstract class Random -{ - /** - * Generate a random string. - * - * Although microoptimizations are generally discouraged as they impair readability this function is ripe with - * microoptimizations because this function has the potential of being called a huge number of times. - * eg. for RSA key generation. - * - * @param int $length - * @throws \RuntimeException if a symmetric cipher is needed but not loaded - * @return string - */ - public static function string($length) - { - if (!$length) { - return ''; - } - - try { - return random_bytes($length); - } catch (\Exception $e) { - // random_compat will throw an Exception, which in PHP 5 does not implement Throwable - } catch (\Throwable $e) { - // If a sufficient source of randomness is unavailable, random_bytes() will throw an - // object that implements the Throwable interface (Exception, TypeError, Error). - // We don't actually need to do anything here. The string() method should just continue - // as normal. Note, however, that if we don't have a sufficient source of randomness for - // random_bytes(), most of the other calls here will fail too, so we'll end up using - // the PHP implementation. - } - // at this point we have no choice but to use a pure-PHP CSPRNG - - // cascade entropy across multiple PHP instances by fixing the session and collecting all - // environmental variables, including the previous session data and the current session - // data. - // - // mt_rand seeds itself by looking at the PID and the time, both of which are (relatively) - // easy to guess at. linux uses mouse clicks, keyboard timings, etc, as entropy sources, but - // PHP isn't low level to be able to use those as sources and on a web server there's not likely - // going to be a ton of keyboard or mouse action. web servers do have one thing that we can use - // however, a ton of people visiting the website. obviously you don't want to base your seeding - // solely on parameters a potential attacker sends but (1) not everything in $_SERVER is controlled - // by the user and (2) this isn't just looking at the data sent by the current user - it's based - // on the data sent by all users. one user requests the page and a hash of their info is saved. - // another user visits the page and the serialization of their data is utilized along with the - // server environment stuff and a hash of the previous http request data (which itself utilizes - // a hash of the session data before that). certainly an attacker should be assumed to have - // full control over his own http requests. he, however, is not going to have control over - // everyone's http requests. - static $crypto = false, $v; - if ($crypto === false) { - // save old session data - $old_session_id = session_id(); - $old_use_cookies = ini_get('session.use_cookies'); - $old_session_cache_limiter = session_cache_limiter(); - $_OLD_SESSION = isset($_SESSION) ? $_SESSION : false; - if ($old_session_id != '') { - session_write_close(); - } - - session_id(1); - ini_set('session.use_cookies', 0); - session_cache_limiter(''); - session_start(); - - $v = (isset($_SERVER) ? self::safe_serialize($_SERVER) : '') . - (isset($_POST) ? self::safe_serialize($_POST) : '') . - (isset($_GET) ? self::safe_serialize($_GET) : '') . - (isset($_COOKIE) ? self::safe_serialize($_COOKIE) : '') . - // as of PHP 8.1 $GLOBALS can't be accessed by reference, which eliminates - // the need for phpseclib_safe_serialize. see https://wiki.php.net/rfc/restrict_globals_usage - // for more info - (version_compare(PHP_VERSION, '8.1.0', '>=') ? serialize($GLOBALS) : self::safe_serialize($GLOBALS)) . - self::safe_serialize($_SESSION) . - self::safe_serialize($_OLD_SESSION); - $v = $seed = $_SESSION['seed'] = sha1($v, true); - if (!isset($_SESSION['count'])) { - $_SESSION['count'] = 0; - } - $_SESSION['count']++; - - session_write_close(); - - // restore old session data - if ($old_session_id != '') { - session_id($old_session_id); - session_start(); - ini_set('session.use_cookies', $old_use_cookies); - session_cache_limiter($old_session_cache_limiter); - } else { - if ($_OLD_SESSION !== false) { - $_SESSION = $_OLD_SESSION; - unset($_OLD_SESSION); - } else { - unset($_SESSION); - } - } - - // in SSH2 a shared secret and an exchange hash are generated through the key exchange process. - // the IV client to server is the hash of that "nonce" with the letter A and for the encryption key it's the letter C. - // if the hash doesn't produce enough a key or an IV that's long enough concat successive hashes of the - // original hash and the current hash. we'll be emulating that. for more info see the following URL: - // - // http://tools.ietf.org/html/rfc4253#section-7.2 - // - // see the is_string($crypto) part for an example of how to expand the keys - $key = sha1($seed . 'A', true); - $iv = sha1($seed . 'C', true); - - // ciphers are used as per the nist.gov link below. also, see this link: - // - // http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator#Designs_based_on_cryptographic_primitives - switch (true) { - case class_exists('\phpseclib3\Crypt\AES'): - $crypto = new AES('ctr'); - break; - case class_exists('\phpseclib3\Crypt\Twofish'): - $crypto = new Twofish('ctr'); - break; - case class_exists('\phpseclib3\Crypt\Blowfish'): - $crypto = new Blowfish('ctr'); - break; - case class_exists('\phpseclib3\Crypt\TripleDES'): - $crypto = new TripleDES('ctr'); - break; - case class_exists('\phpseclib3\Crypt\DES'): - $crypto = new DES('ctr'); - break; - case class_exists('\phpseclib3\Crypt\RC4'): - $crypto = new RC4(); - break; - default: - throw new \RuntimeException(__CLASS__ . ' requires at least one symmetric cipher be loaded'); - } - - $crypto->setKey(substr($key, 0, $crypto->getKeyLength() >> 3)); - $crypto->setIV(substr($iv, 0, $crypto->getBlockLength() >> 3)); - $crypto->enableContinuousBuffer(); - } - - //return $crypto->encrypt(str_repeat("\0", $length)); - - // the following is based off of ANSI X9.31: - // - // http://csrc.nist.gov/groups/STM/cavp/documents/rng/931rngext.pdf - // - // OpenSSL uses that same standard for it's random numbers: - // - // http://www.opensource.apple.com/source/OpenSSL/OpenSSL-38/openssl/fips-1.0/rand/fips_rand.c - // (do a search for "ANS X9.31 A.2.4") - $result = ''; - while (strlen($result) < $length) { - $i = $crypto->encrypt(microtime()); // strlen(microtime()) == 21 - $r = $crypto->encrypt($i ^ $v); // strlen($v) == 20 - $v = $crypto->encrypt($r ^ $i); // strlen($r) == 20 - $result .= $r; - } - - return substr($result, 0, $length); - } - - /** - * Safely serialize variables - * - * If a class has a private __sleep() it'll emit a warning - * @return mixed - * @param mixed $arr - */ - private static function safe_serialize(&$arr) - { - if (is_object($arr)) { - return ''; - } - if (!is_array($arr)) { - return serialize($arr); - } - // prevent circular array recursion - if (isset($arr['__phpseclib_marker'])) { - return ''; - } - $safearr = []; - $arr['__phpseclib_marker'] = true; - foreach (array_keys($arr) as $key) { - // do not recurse on the '__phpseclib_marker' key itself, for smaller memory usage - if ($key !== '__phpseclib_marker') { - $safearr[$key] = self::safe_serialize($arr[$key]); - } - } - unset($arr['__phpseclib_marker']); - return serialize($safearr); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Rijndael.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Rijndael.php deleted file mode 100644 index ff31f9c..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Rijndael.php +++ /dev/null @@ -1,1036 +0,0 @@ - - * setKey('abcdefghijklmnop'); - * - * $size = 10 * 1024; - * $plaintext = ''; - * for ($i = 0; $i < $size; $i++) { - * $plaintext.= 'a'; - * } - * - * echo $rijndael->decrypt($rijndael->encrypt($plaintext)); - * ?> - * - * - * @author Jim Wigginton - * @copyright 2008 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\Common\BlockCipher; -use phpseclib3\Exception\BadDecryptionException; -use phpseclib3\Exception\BadModeException; -use phpseclib3\Exception\InconsistentSetupException; -use phpseclib3\Exception\InsufficientSetupException; - -/** - * Pure-PHP implementation of Rijndael. - * - * @author Jim Wigginton - */ -class Rijndael extends BlockCipher -{ - /** - * The mcrypt specific name of the cipher - * - * Mcrypt is useable for 128/192/256-bit $block_size/$key_length. For 160/224 not. - * \phpseclib3\Crypt\Rijndael determines automatically whether mcrypt is useable - * or not for the current $block_size/$key_length. - * In case of, $cipher_name_mcrypt will be set dynamically at run time accordingly. - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::cipher_name_mcrypt - * @see \phpseclib3\Crypt\Common\SymmetricKey::engine - * @see self::isValidEngine() - * @var string - */ - protected $cipher_name_mcrypt = 'rijndael-128'; - - /** - * The Key Schedule - * - * @see self::setup() - * @var array - */ - private $w; - - /** - * The Inverse Key Schedule - * - * @see self::setup() - * @var array - */ - private $dw; - - /** - * The Block Length divided by 32 - * - * {@internal The max value is 256 / 32 = 8, the min value is 128 / 32 = 4. Exists in conjunction with $block_size - * because the encryption / decryption / key schedule creation requires this number and not $block_size. We could - * derive this from $block_size or vice versa, but that'd mean we'd have to do multiple shift operations, so in lieu - * of that, we'll just precompute it once.} - * - * @see self::setBlockLength() - * @var int - */ - private $Nb = 4; - - /** - * The Key Length (in bytes) - * - * {@internal The max value is 256 / 8 = 32, the min value is 128 / 8 = 16. Exists in conjunction with $Nk - * because the encryption / decryption / key schedule creation requires this number and not $key_length. We could - * derive this from $key_length or vice versa, but that'd mean we'd have to do multiple shift operations, so in lieu - * of that, we'll just precompute it once.} - * - * @see self::setKeyLength() - * @var int - */ - protected $key_length = 16; - - /** - * The Key Length divided by 32 - * - * @see self::setKeyLength() - * @var int - * @internal The max value is 256 / 32 = 8, the min value is 128 / 32 = 4 - */ - private $Nk = 4; - - /** - * The Number of Rounds - * - * {@internal The max value is 14, the min value is 10.} - * - * @var int - */ - private $Nr; - - /** - * Shift offsets - * - * @var array - */ - private $c; - - /** - * Holds the last used key- and block_size information - * - * @var array - */ - private $kl; - - /** - * Default Constructor. - * - * @param string $mode - * @throws \InvalidArgumentException if an invalid / unsupported mode is provided - */ - public function __construct($mode) - { - parent::__construct($mode); - - if ($this->mode == self::MODE_STREAM) { - throw new BadModeException('Block ciphers cannot be ran in stream mode'); - } - } - - /** - * Sets the key length. - * - * Valid key lengths are 128, 160, 192, 224, and 256. - * - * Note: phpseclib extends Rijndael (and AES) for using 160- and 224-bit keys but they are officially not defined - * and the most (if not all) implementations are not able using 160/224-bit keys but round/pad them up to - * 192/256 bits as, for example, mcrypt will do. - * - * That said, if you want be compatible with other Rijndael and AES implementations, - * you should not setKeyLength(160) or setKeyLength(224). - * - * Additional: In case of 160- and 224-bit keys, phpseclib will/can, for that reason, not use - * the mcrypt php extension, even if available. - * This results then in slower encryption. - * - * @throws \LengthException if the key length is invalid - * @param int $length - */ - public function setKeyLength($length) - { - switch ($length) { - case 128: - case 160: - case 192: - case 224: - case 256: - $this->key_length = $length >> 3; - break; - default: - throw new \LengthException('Key size of ' . $length . ' bits is not supported by this algorithm. Only keys of sizes 128, 160, 192, 224 or 256 bits are supported'); - } - - parent::setKeyLength($length); - } - - /** - * Sets the key. - * - * Rijndael supports five different key lengths - * - * @see setKeyLength() - * @param string $key - * @throws \LengthException if the key length isn't supported - */ - public function setKey($key) - { - switch (strlen($key)) { - case 16: - case 20: - case 24: - case 28: - case 32: - break; - default: - throw new \LengthException('Key of size ' . strlen($key) . ' not supported by this algorithm. Only keys of sizes 16, 20, 24, 28 or 32 are supported'); - } - - parent::setKey($key); - } - - /** - * Sets the block length - * - * Valid block lengths are 128, 160, 192, 224, and 256. - * - * @param int $length - */ - public function setBlockLength($length) - { - switch ($length) { - case 128: - case 160: - case 192: - case 224: - case 256: - break; - default: - throw new \LengthException('Key size of ' . $length . ' bits is not supported by this algorithm. Only keys of sizes 128, 160, 192, 224 or 256 bits are supported'); - } - - $this->Nb = $length >> 5; - $this->block_size = $length >> 3; - $this->changed = $this->nonIVChanged = true; - $this->setEngine(); - } - - /** - * Test for engine validity - * - * This is mainly just a wrapper to set things up for \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine() - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() - * @param int $engine - * @return bool - */ - protected function isValidEngineHelper($engine) - { - switch ($engine) { - case self::ENGINE_LIBSODIUM: - return function_exists('sodium_crypto_aead_aes256gcm_is_available') && - sodium_crypto_aead_aes256gcm_is_available() && - $this->mode == self::MODE_GCM && - $this->key_length == 32 && - $this->nonce && strlen($this->nonce) == 12 && - $this->block_size == 16; - case self::ENGINE_OPENSSL_GCM: - if (!extension_loaded('openssl')) { - return false; - } - $methods = openssl_get_cipher_methods(); - return $this->mode == self::MODE_GCM && - version_compare(PHP_VERSION, '7.1.0', '>=') && - in_array('aes-' . $this->getKeyLength() . '-gcm', $methods) && - $this->block_size == 16; - case self::ENGINE_OPENSSL: - if ($this->block_size != 16) { - return false; - } - $this->cipher_name_openssl_ecb = 'aes-' . ($this->key_length << 3) . '-ecb'; - $this->cipher_name_openssl = 'aes-' . ($this->key_length << 3) . '-' . $this->openssl_translate_mode(); - break; - case self::ENGINE_MCRYPT: - $this->cipher_name_mcrypt = 'rijndael-' . ($this->block_size << 3); - if ($this->key_length % 8) { // is it a 160/224-bit key? - // mcrypt is not usable for them, only for 128/192/256-bit keys - return false; - } - } - - return parent::isValidEngineHelper($engine); - } - - /** - * Encrypts a block - * - * @param string $in - * @return string - */ - protected function encryptBlock($in) - { - static $tables; - if (empty($tables)) { - $tables = &$this->getTables(); - } - $t0 = $tables[0]; - $t1 = $tables[1]; - $t2 = $tables[2]; - $t3 = $tables[3]; - $sbox = $tables[4]; - - $state = []; - $words = unpack('N*', $in); - - $c = $this->c; - $w = $this->w; - $Nb = $this->Nb; - $Nr = $this->Nr; - - // addRoundKey - $wc = $Nb - 1; - foreach ($words as $word) { - $state[] = $word ^ $w[++$wc]; - } - - // fips-197.pdf#page=19, "Figure 5. Pseudo Code for the Cipher", states that this loop has four components - - // subBytes, shiftRows, mixColumns, and addRoundKey. fips-197.pdf#page=30, "Implementation Suggestions Regarding - // Various Platforms" suggests that performs enhanced implementations are described in Rijndael-ammended.pdf. - // Rijndael-ammended.pdf#page=20, "Implementation aspects / 32-bit processor", discusses such an optimization. - // Unfortunately, the description given there is not quite correct. Per aes.spec.v316.pdf#page=19 [1], - // equation (7.4.7) is supposed to use addition instead of subtraction, so we'll do that here, as well. - - // [1] http://fp.gladman.plus.com/cryptography_technology/rijndael/aes.spec.v316.pdf - $temp = []; - for ($round = 1; $round < $Nr; ++$round) { - $i = 0; // $c[0] == 0 - $j = $c[1]; - $k = $c[2]; - $l = $c[3]; - - while ($i < $Nb) { - $temp[$i] = $t0[$state[$i] >> 24 & 0x000000FF] ^ - $t1[$state[$j] >> 16 & 0x000000FF] ^ - $t2[$state[$k] >> 8 & 0x000000FF] ^ - $t3[$state[$l] & 0x000000FF] ^ - $w[++$wc]; - ++$i; - $j = ($j + 1) % $Nb; - $k = ($k + 1) % $Nb; - $l = ($l + 1) % $Nb; - } - $state = $temp; - } - - // subWord - for ($i = 0; $i < $Nb; ++$i) { - $state[$i] = $sbox[$state[$i] & 0x000000FF] | - ($sbox[$state[$i] >> 8 & 0x000000FF] << 8) | - ($sbox[$state[$i] >> 16 & 0x000000FF] << 16) | - ($sbox[$state[$i] >> 24 & 0x000000FF] << 24); - } - - // shiftRows + addRoundKey - $i = 0; // $c[0] == 0 - $j = $c[1]; - $k = $c[2]; - $l = $c[3]; - while ($i < $Nb) { - $temp[$i] = ($state[$i] & intval(0xFF000000)) ^ - ($state[$j] & 0x00FF0000) ^ - ($state[$k] & 0x0000FF00) ^ - ($state[$l] & 0x000000FF) ^ - $w[$i]; - ++$i; - $j = ($j + 1) % $Nb; - $k = ($k + 1) % $Nb; - $l = ($l + 1) % $Nb; - } - - return pack('N*', ...$temp); - } - - /** - * Decrypts a block - * - * @param string $in - * @return string - */ - protected function decryptBlock($in) - { - static $invtables; - if (empty($invtables)) { - $invtables = &$this->getInvTables(); - } - $dt0 = $invtables[0]; - $dt1 = $invtables[1]; - $dt2 = $invtables[2]; - $dt3 = $invtables[3]; - $isbox = $invtables[4]; - - $state = []; - $words = unpack('N*', $in); - - $c = $this->c; - $dw = $this->dw; - $Nb = $this->Nb; - $Nr = $this->Nr; - - // addRoundKey - $wc = $Nb - 1; - foreach ($words as $word) { - $state[] = $word ^ $dw[++$wc]; - } - - $temp = []; - for ($round = $Nr - 1; $round > 0; --$round) { - $i = 0; // $c[0] == 0 - $j = $Nb - $c[1]; - $k = $Nb - $c[2]; - $l = $Nb - $c[3]; - - while ($i < $Nb) { - $temp[$i] = $dt0[$state[$i] >> 24 & 0x000000FF] ^ - $dt1[$state[$j] >> 16 & 0x000000FF] ^ - $dt2[$state[$k] >> 8 & 0x000000FF] ^ - $dt3[$state[$l] & 0x000000FF] ^ - $dw[++$wc]; - ++$i; - $j = ($j + 1) % $Nb; - $k = ($k + 1) % $Nb; - $l = ($l + 1) % $Nb; - } - $state = $temp; - } - - // invShiftRows + invSubWord + addRoundKey - $i = 0; // $c[0] == 0 - $j = $Nb - $c[1]; - $k = $Nb - $c[2]; - $l = $Nb - $c[3]; - - while ($i < $Nb) { - $word = ($state[$i] & intval(0xFF000000)) | - ($state[$j] & 0x00FF0000) | - ($state[$k] & 0x0000FF00) | - ($state[$l] & 0x000000FF); - - $temp[$i] = $dw[$i] ^ ($isbox[$word & 0x000000FF] | - ($isbox[$word >> 8 & 0x000000FF] << 8) | - ($isbox[$word >> 16 & 0x000000FF] << 16) | - ($isbox[$word >> 24 & 0x000000FF] << 24)); - ++$i; - $j = ($j + 1) % $Nb; - $k = ($k + 1) % $Nb; - $l = ($l + 1) % $Nb; - } - - return pack('N*', ...$temp); - } - - /** - * Setup the self::ENGINE_INTERNAL $engine - * - * (re)init, if necessary, the internal cipher $engine and flush all $buffers - * Used (only) if $engine == self::ENGINE_INTERNAL - * - * _setup() will be called each time if $changed === true - * typically this happens when using one or more of following public methods: - * - * - setKey() - * - * - setIV() - * - * - disableContinuousBuffer() - * - * - First run of encrypt() / decrypt() with no init-settings - * - * {@internal setup() is always called before en/decryption.} - * - * {@internal Could, but not must, extend by the child Crypt_* class} - * - * @see self::setKey() - * @see self::setIV() - * @see self::disableContinuousBuffer() - */ - protected function setup() - { - if (!$this->changed) { - return; - } - - parent::setup(); - - if (is_string($this->iv) && strlen($this->iv) != $this->block_size) { - throw new InconsistentSetupException('The IV length (' . strlen($this->iv) . ') does not match the block size (' . $this->block_size . ')'); - } - } - - /** - * Setup the key (expansion) - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::setupKey() - */ - protected function setupKey() - { - // Each number in $rcon is equal to the previous number multiplied by two in Rijndael's finite field. - // See http://en.wikipedia.org/wiki/Finite_field_arithmetic#Multiplicative_inverse - static $rcon; - - if (!isset($rcon)) { - $rcon = [0, - 0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, - 0x20000000, 0x40000000, 0x80000000, 0x1B000000, 0x36000000, - 0x6C000000, 0xD8000000, 0xAB000000, 0x4D000000, 0x9A000000, - 0x2F000000, 0x5E000000, 0xBC000000, 0x63000000, 0xC6000000, - 0x97000000, 0x35000000, 0x6A000000, 0xD4000000, 0xB3000000, - 0x7D000000, 0xFA000000, 0xEF000000, 0xC5000000, 0x91000000 - ]; - $rcon = array_map('intval', $rcon); - } - - if (isset($this->kl['key']) && $this->key === $this->kl['key'] && $this->key_length === $this->kl['key_length'] && $this->block_size === $this->kl['block_size']) { - // already expanded - return; - } - $this->kl = ['key' => $this->key, 'key_length' => $this->key_length, 'block_size' => $this->block_size]; - - $this->Nk = $this->key_length >> 2; - // see Rijndael-ammended.pdf#page=44 - $this->Nr = max($this->Nk, $this->Nb) + 6; - - // shift offsets for Nb = 5, 7 are defined in Rijndael-ammended.pdf#page=44, - // "Table 8: Shift offsets in Shiftrow for the alternative block lengths" - // shift offsets for Nb = 4, 6, 8 are defined in Rijndael-ammended.pdf#page=14, - // "Table 2: Shift offsets for different block lengths" - switch ($this->Nb) { - case 4: - case 5: - case 6: - $this->c = [0, 1, 2, 3]; - break; - case 7: - $this->c = [0, 1, 2, 4]; - break; - case 8: - $this->c = [0, 1, 3, 4]; - } - - $w = array_values(unpack('N*words', $this->key)); - - $length = $this->Nb * ($this->Nr + 1); - for ($i = $this->Nk; $i < $length; $i++) { - $temp = $w[$i - 1]; - if ($i % $this->Nk == 0) { - // according to , "the size of an integer is platform-dependent". - // on a 32-bit machine, it's 32-bits, and on a 64-bit machine, it's 64-bits. on a 32-bit machine, - // 0xFFFFFFFF << 8 == 0xFFFFFF00, but on a 64-bit machine, it equals 0xFFFFFFFF00. as such, doing 'and' - // with 0xFFFFFFFF (or 0xFFFFFF00) on a 32-bit machine is unnecessary, but on a 64-bit machine, it is. - $temp = (($temp << 8) & intval(0xFFFFFF00)) | (($temp >> 24) & 0x000000FF); // rotWord - $temp = $this->subWord($temp) ^ $rcon[$i / $this->Nk]; - } elseif ($this->Nk > 6 && $i % $this->Nk == 4) { - $temp = $this->subWord($temp); - } - $w[$i] = $w[$i - $this->Nk] ^ $temp; - } - - // convert the key schedule from a vector of $Nb * ($Nr + 1) length to a matrix with $Nr + 1 rows and $Nb columns - // and generate the inverse key schedule. more specifically, - // according to (section 5.3.3), - // "The key expansion for the Inverse Cipher is defined as follows: - // 1. Apply the Key Expansion. - // 2. Apply InvMixColumn to all Round Keys except the first and the last one." - // also, see fips-197.pdf#page=27, "5.3.5 Equivalent Inverse Cipher" - list($dt0, $dt1, $dt2, $dt3) = $this->getInvTables(); - $temp = $this->w = $this->dw = []; - for ($i = $row = $col = 0; $i < $length; $i++, $col++) { - if ($col == $this->Nb) { - if ($row == 0) { - $this->dw[0] = $this->w[0]; - } else { - // subWord + invMixColumn + invSubWord = invMixColumn - $j = 0; - while ($j < $this->Nb) { - $dw = $this->subWord($this->w[$row][$j]); - $temp[$j] = $dt0[$dw >> 24 & 0x000000FF] ^ - $dt1[$dw >> 16 & 0x000000FF] ^ - $dt2[$dw >> 8 & 0x000000FF] ^ - $dt3[$dw & 0x000000FF]; - $j++; - } - $this->dw[$row] = $temp; - } - - $col = 0; - $row++; - } - $this->w[$row][$col] = $w[$i]; - } - - $this->dw[$row] = $this->w[$row]; - - // Converting to 1-dim key arrays (both ascending) - $this->dw = array_reverse($this->dw); - $w = array_pop($this->w); - $dw = array_pop($this->dw); - foreach ($this->w as $r => $wr) { - foreach ($wr as $c => $wc) { - $w[] = $wc; - $dw[] = $this->dw[$r][$c]; - } - } - $this->w = $w; - $this->dw = $dw; - } - - /** - * Performs S-Box substitutions - * - * @return array - * @param int $word - */ - private function subWord($word) - { - static $sbox; - if (empty($sbox)) { - list(, , , , $sbox) = self::getTables(); - } - - return $sbox[$word & 0x000000FF] | - ($sbox[$word >> 8 & 0x000000FF] << 8) | - ($sbox[$word >> 16 & 0x000000FF] << 16) | - ($sbox[$word >> 24 & 0x000000FF] << 24); - } - - /** - * Provides the mixColumns and sboxes tables - * - * @see self::encryptBlock() - * @see self::setupInlineCrypt() - * @see self::subWord() - * @return array &$tables - */ - protected function &getTables() - { - static $tables; - if (empty($tables)) { - // according to (section 5.2.1), - // precomputed tables can be used in the mixColumns phase. in that example, they're assigned t0...t3, so - // those are the names we'll use. - $t3 = array_map('intval', [ - // with array_map('intval', ...) we ensure we have only int's and not - // some slower floats converted by php automatically on high values - 0x6363A5C6, 0x7C7C84F8, 0x777799EE, 0x7B7B8DF6, 0xF2F20DFF, 0x6B6BBDD6, 0x6F6FB1DE, 0xC5C55491, - 0x30305060, 0x01010302, 0x6767A9CE, 0x2B2B7D56, 0xFEFE19E7, 0xD7D762B5, 0xABABE64D, 0x76769AEC, - 0xCACA458F, 0x82829D1F, 0xC9C94089, 0x7D7D87FA, 0xFAFA15EF, 0x5959EBB2, 0x4747C98E, 0xF0F00BFB, - 0xADADEC41, 0xD4D467B3, 0xA2A2FD5F, 0xAFAFEA45, 0x9C9CBF23, 0xA4A4F753, 0x727296E4, 0xC0C05B9B, - 0xB7B7C275, 0xFDFD1CE1, 0x9393AE3D, 0x26266A4C, 0x36365A6C, 0x3F3F417E, 0xF7F702F5, 0xCCCC4F83, - 0x34345C68, 0xA5A5F451, 0xE5E534D1, 0xF1F108F9, 0x717193E2, 0xD8D873AB, 0x31315362, 0x15153F2A, - 0x04040C08, 0xC7C75295, 0x23236546, 0xC3C35E9D, 0x18182830, 0x9696A137, 0x05050F0A, 0x9A9AB52F, - 0x0707090E, 0x12123624, 0x80809B1B, 0xE2E23DDF, 0xEBEB26CD, 0x2727694E, 0xB2B2CD7F, 0x75759FEA, - 0x09091B12, 0x83839E1D, 0x2C2C7458, 0x1A1A2E34, 0x1B1B2D36, 0x6E6EB2DC, 0x5A5AEEB4, 0xA0A0FB5B, - 0x5252F6A4, 0x3B3B4D76, 0xD6D661B7, 0xB3B3CE7D, 0x29297B52, 0xE3E33EDD, 0x2F2F715E, 0x84849713, - 0x5353F5A6, 0xD1D168B9, 0x00000000, 0xEDED2CC1, 0x20206040, 0xFCFC1FE3, 0xB1B1C879, 0x5B5BEDB6, - 0x6A6ABED4, 0xCBCB468D, 0xBEBED967, 0x39394B72, 0x4A4ADE94, 0x4C4CD498, 0x5858E8B0, 0xCFCF4A85, - 0xD0D06BBB, 0xEFEF2AC5, 0xAAAAE54F, 0xFBFB16ED, 0x4343C586, 0x4D4DD79A, 0x33335566, 0x85859411, - 0x4545CF8A, 0xF9F910E9, 0x02020604, 0x7F7F81FE, 0x5050F0A0, 0x3C3C4478, 0x9F9FBA25, 0xA8A8E34B, - 0x5151F3A2, 0xA3A3FE5D, 0x4040C080, 0x8F8F8A05, 0x9292AD3F, 0x9D9DBC21, 0x38384870, 0xF5F504F1, - 0xBCBCDF63, 0xB6B6C177, 0xDADA75AF, 0x21216342, 0x10103020, 0xFFFF1AE5, 0xF3F30EFD, 0xD2D26DBF, - 0xCDCD4C81, 0x0C0C1418, 0x13133526, 0xECEC2FC3, 0x5F5FE1BE, 0x9797A235, 0x4444CC88, 0x1717392E, - 0xC4C45793, 0xA7A7F255, 0x7E7E82FC, 0x3D3D477A, 0x6464ACC8, 0x5D5DE7BA, 0x19192B32, 0x737395E6, - 0x6060A0C0, 0x81819819, 0x4F4FD19E, 0xDCDC7FA3, 0x22226644, 0x2A2A7E54, 0x9090AB3B, 0x8888830B, - 0x4646CA8C, 0xEEEE29C7, 0xB8B8D36B, 0x14143C28, 0xDEDE79A7, 0x5E5EE2BC, 0x0B0B1D16, 0xDBDB76AD, - 0xE0E03BDB, 0x32325664, 0x3A3A4E74, 0x0A0A1E14, 0x4949DB92, 0x06060A0C, 0x24246C48, 0x5C5CE4B8, - 0xC2C25D9F, 0xD3D36EBD, 0xACACEF43, 0x6262A6C4, 0x9191A839, 0x9595A431, 0xE4E437D3, 0x79798BF2, - 0xE7E732D5, 0xC8C8438B, 0x3737596E, 0x6D6DB7DA, 0x8D8D8C01, 0xD5D564B1, 0x4E4ED29C, 0xA9A9E049, - 0x6C6CB4D8, 0x5656FAAC, 0xF4F407F3, 0xEAEA25CF, 0x6565AFCA, 0x7A7A8EF4, 0xAEAEE947, 0x08081810, - 0xBABAD56F, 0x787888F0, 0x25256F4A, 0x2E2E725C, 0x1C1C2438, 0xA6A6F157, 0xB4B4C773, 0xC6C65197, - 0xE8E823CB, 0xDDDD7CA1, 0x74749CE8, 0x1F1F213E, 0x4B4BDD96, 0xBDBDDC61, 0x8B8B860D, 0x8A8A850F, - 0x707090E0, 0x3E3E427C, 0xB5B5C471, 0x6666AACC, 0x4848D890, 0x03030506, 0xF6F601F7, 0x0E0E121C, - 0x6161A3C2, 0x35355F6A, 0x5757F9AE, 0xB9B9D069, 0x86869117, 0xC1C15899, 0x1D1D273A, 0x9E9EB927, - 0xE1E138D9, 0xF8F813EB, 0x9898B32B, 0x11113322, 0x6969BBD2, 0xD9D970A9, 0x8E8E8907, 0x9494A733, - 0x9B9BB62D, 0x1E1E223C, 0x87879215, 0xE9E920C9, 0xCECE4987, 0x5555FFAA, 0x28287850, 0xDFDF7AA5, - 0x8C8C8F03, 0xA1A1F859, 0x89898009, 0x0D0D171A, 0xBFBFDA65, 0xE6E631D7, 0x4242C684, 0x6868B8D0, - 0x4141C382, 0x9999B029, 0x2D2D775A, 0x0F0F111E, 0xB0B0CB7B, 0x5454FCA8, 0xBBBBD66D, 0x16163A2C - ]); - - foreach ($t3 as $t3i) { - $t0[] = (($t3i << 24) & intval(0xFF000000)) | (($t3i >> 8) & 0x00FFFFFF); - $t1[] = (($t3i << 16) & intval(0xFFFF0000)) | (($t3i >> 16) & 0x0000FFFF); - $t2[] = (($t3i << 8) & intval(0xFFFFFF00)) | (($t3i >> 24) & 0x000000FF); - } - - $tables = [ - // The Precomputed mixColumns tables t0 - t3 - $t0, - $t1, - $t2, - $t3, - // The SubByte S-Box - [ - 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, 0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76, - 0xCA, 0x82, 0xC9, 0x7D, 0xFA, 0x59, 0x47, 0xF0, 0xAD, 0xD4, 0xA2, 0xAF, 0x9C, 0xA4, 0x72, 0xC0, - 0xB7, 0xFD, 0x93, 0x26, 0x36, 0x3F, 0xF7, 0xCC, 0x34, 0xA5, 0xE5, 0xF1, 0x71, 0xD8, 0x31, 0x15, - 0x04, 0xC7, 0x23, 0xC3, 0x18, 0x96, 0x05, 0x9A, 0x07, 0x12, 0x80, 0xE2, 0xEB, 0x27, 0xB2, 0x75, - 0x09, 0x83, 0x2C, 0x1A, 0x1B, 0x6E, 0x5A, 0xA0, 0x52, 0x3B, 0xD6, 0xB3, 0x29, 0xE3, 0x2F, 0x84, - 0x53, 0xD1, 0x00, 0xED, 0x20, 0xFC, 0xB1, 0x5B, 0x6A, 0xCB, 0xBE, 0x39, 0x4A, 0x4C, 0x58, 0xCF, - 0xD0, 0xEF, 0xAA, 0xFB, 0x43, 0x4D, 0x33, 0x85, 0x45, 0xF9, 0x02, 0x7F, 0x50, 0x3C, 0x9F, 0xA8, - 0x51, 0xA3, 0x40, 0x8F, 0x92, 0x9D, 0x38, 0xF5, 0xBC, 0xB6, 0xDA, 0x21, 0x10, 0xFF, 0xF3, 0xD2, - 0xCD, 0x0C, 0x13, 0xEC, 0x5F, 0x97, 0x44, 0x17, 0xC4, 0xA7, 0x7E, 0x3D, 0x64, 0x5D, 0x19, 0x73, - 0x60, 0x81, 0x4F, 0xDC, 0x22, 0x2A, 0x90, 0x88, 0x46, 0xEE, 0xB8, 0x14, 0xDE, 0x5E, 0x0B, 0xDB, - 0xE0, 0x32, 0x3A, 0x0A, 0x49, 0x06, 0x24, 0x5C, 0xC2, 0xD3, 0xAC, 0x62, 0x91, 0x95, 0xE4, 0x79, - 0xE7, 0xC8, 0x37, 0x6D, 0x8D, 0xD5, 0x4E, 0xA9, 0x6C, 0x56, 0xF4, 0xEA, 0x65, 0x7A, 0xAE, 0x08, - 0xBA, 0x78, 0x25, 0x2E, 0x1C, 0xA6, 0xB4, 0xC6, 0xE8, 0xDD, 0x74, 0x1F, 0x4B, 0xBD, 0x8B, 0x8A, - 0x70, 0x3E, 0xB5, 0x66, 0x48, 0x03, 0xF6, 0x0E, 0x61, 0x35, 0x57, 0xB9, 0x86, 0xC1, 0x1D, 0x9E, - 0xE1, 0xF8, 0x98, 0x11, 0x69, 0xD9, 0x8E, 0x94, 0x9B, 0x1E, 0x87, 0xE9, 0xCE, 0x55, 0x28, 0xDF, - 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16 - ] - ]; - } - return $tables; - } - - /** - * Provides the inverse mixColumns and inverse sboxes tables - * - * @see self::decryptBlock() - * @see self::setupInlineCrypt() - * @see self::setupKey() - * @return array &$tables - */ - protected function &getInvTables() - { - static $tables; - if (empty($tables)) { - $dt3 = array_map('intval', [ - 0xF4A75051, 0x4165537E, 0x17A4C31A, 0x275E963A, 0xAB6BCB3B, 0x9D45F11F, 0xFA58ABAC, 0xE303934B, - 0x30FA5520, 0x766DF6AD, 0xCC769188, 0x024C25F5, 0xE5D7FC4F, 0x2ACBD7C5, 0x35448026, 0x62A38FB5, - 0xB15A49DE, 0xBA1B6725, 0xEA0E9845, 0xFEC0E15D, 0x2F7502C3, 0x4CF01281, 0x4697A38D, 0xD3F9C66B, - 0x8F5FE703, 0x929C9515, 0x6D7AEBBF, 0x5259DA95, 0xBE832DD4, 0x7421D358, 0xE0692949, 0xC9C8448E, - 0xC2896A75, 0x8E7978F4, 0x583E6B99, 0xB971DD27, 0xE14FB6BE, 0x88AD17F0, 0x20AC66C9, 0xCE3AB47D, - 0xDF4A1863, 0x1A3182E5, 0x51336097, 0x537F4562, 0x6477E0B1, 0x6BAE84BB, 0x81A01CFE, 0x082B94F9, - 0x48685870, 0x45FD198F, 0xDE6C8794, 0x7BF8B752, 0x73D323AB, 0x4B02E272, 0x1F8F57E3, 0x55AB2A66, - 0xEB2807B2, 0xB5C2032F, 0xC57B9A86, 0x3708A5D3, 0x2887F230, 0xBFA5B223, 0x036ABA02, 0x16825CED, - 0xCF1C2B8A, 0x79B492A7, 0x07F2F0F3, 0x69E2A14E, 0xDAF4CD65, 0x05BED506, 0x34621FD1, 0xA6FE8AC4, - 0x2E539D34, 0xF355A0A2, 0x8AE13205, 0xF6EB75A4, 0x83EC390B, 0x60EFAA40, 0x719F065E, 0x6E1051BD, - 0x218AF93E, 0xDD063D96, 0x3E05AEDD, 0xE6BD464D, 0x548DB591, 0xC45D0571, 0x06D46F04, 0x5015FF60, - 0x98FB2419, 0xBDE997D6, 0x4043CC89, 0xD99E7767, 0xE842BDB0, 0x898B8807, 0x195B38E7, 0xC8EEDB79, - 0x7C0A47A1, 0x420FE97C, 0x841EC9F8, 0x00000000, 0x80868309, 0x2BED4832, 0x1170AC1E, 0x5A724E6C, - 0x0EFFFBFD, 0x8538560F, 0xAED51E3D, 0x2D392736, 0x0FD9640A, 0x5CA62168, 0x5B54D19B, 0x362E3A24, - 0x0A67B10C, 0x57E70F93, 0xEE96D2B4, 0x9B919E1B, 0xC0C54F80, 0xDC20A261, 0x774B695A, 0x121A161C, - 0x93BA0AE2, 0xA02AE5C0, 0x22E0433C, 0x1B171D12, 0x090D0B0E, 0x8BC7ADF2, 0xB6A8B92D, 0x1EA9C814, - 0xF1198557, 0x75074CAF, 0x99DDBBEE, 0x7F60FDA3, 0x01269FF7, 0x72F5BC5C, 0x663BC544, 0xFB7E345B, - 0x4329768B, 0x23C6DCCB, 0xEDFC68B6, 0xE4F163B8, 0x31DCCAD7, 0x63851042, 0x97224013, 0xC6112084, - 0x4A247D85, 0xBB3DF8D2, 0xF93211AE, 0x29A16DC7, 0x9E2F4B1D, 0xB230F3DC, 0x8652EC0D, 0xC1E3D077, - 0xB3166C2B, 0x70B999A9, 0x9448FA11, 0xE9642247, 0xFC8CC4A8, 0xF03F1AA0, 0x7D2CD856, 0x3390EF22, - 0x494EC787, 0x38D1C1D9, 0xCAA2FE8C, 0xD40B3698, 0xF581CFA6, 0x7ADE28A5, 0xB78E26DA, 0xADBFA43F, - 0x3A9DE42C, 0x78920D50, 0x5FCC9B6A, 0x7E466254, 0x8D13C2F6, 0xD8B8E890, 0x39F75E2E, 0xC3AFF582, - 0x5D80BE9F, 0xD0937C69, 0xD52DA96F, 0x2512B3CF, 0xAC993BC8, 0x187DA710, 0x9C636EE8, 0x3BBB7BDB, - 0x267809CD, 0x5918F46E, 0x9AB701EC, 0x4F9AA883, 0x956E65E6, 0xFFE67EAA, 0xBCCF0821, 0x15E8E6EF, - 0xE79BD9BA, 0x6F36CE4A, 0x9F09D4EA, 0xB07CD629, 0xA4B2AF31, 0x3F23312A, 0xA59430C6, 0xA266C035, - 0x4EBC3774, 0x82CAA6FC, 0x90D0B0E0, 0xA7D81533, 0x04984AF1, 0xECDAF741, 0xCD500E7F, 0x91F62F17, - 0x4DD68D76, 0xEFB04D43, 0xAA4D54CC, 0x9604DFE4, 0xD1B5E39E, 0x6A881B4C, 0x2C1FB8C1, 0x65517F46, - 0x5EEA049D, 0x8C355D01, 0x877473FA, 0x0B412EFB, 0x671D5AB3, 0xDBD25292, 0x105633E9, 0xD647136D, - 0xD7618C9A, 0xA10C7A37, 0xF8148E59, 0x133C89EB, 0xA927EECE, 0x61C935B7, 0x1CE5EDE1, 0x47B13C7A, - 0xD2DF599C, 0xF2733F55, 0x14CE7918, 0xC737BF73, 0xF7CDEA53, 0xFDAA5B5F, 0x3D6F14DF, 0x44DB8678, - 0xAFF381CA, 0x68C43EB9, 0x24342C38, 0xA3405FC2, 0x1DC37216, 0xE2250CBC, 0x3C498B28, 0x0D9541FF, - 0xA8017139, 0x0CB3DE08, 0xB4E49CD8, 0x56C19064, 0xCB84617B, 0x32B670D5, 0x6C5C7448, 0xB85742D0 - ]); - - foreach ($dt3 as $dt3i) { - $dt0[] = (($dt3i << 24) & intval(0xFF000000)) | (($dt3i >> 8) & 0x00FFFFFF); - $dt1[] = (($dt3i << 16) & intval(0xFFFF0000)) | (($dt3i >> 16) & 0x0000FFFF); - $dt2[] = (($dt3i << 8) & intval(0xFFFFFF00)) | (($dt3i >> 24) & 0x000000FF); - }; - - $tables = [ - // The Precomputed inverse mixColumns tables dt0 - dt3 - $dt0, - $dt1, - $dt2, - $dt3, - // The inverse SubByte S-Box - [ - 0x52, 0x09, 0x6A, 0xD5, 0x30, 0x36, 0xA5, 0x38, 0xBF, 0x40, 0xA3, 0x9E, 0x81, 0xF3, 0xD7, 0xFB, - 0x7C, 0xE3, 0x39, 0x82, 0x9B, 0x2F, 0xFF, 0x87, 0x34, 0x8E, 0x43, 0x44, 0xC4, 0xDE, 0xE9, 0xCB, - 0x54, 0x7B, 0x94, 0x32, 0xA6, 0xC2, 0x23, 0x3D, 0xEE, 0x4C, 0x95, 0x0B, 0x42, 0xFA, 0xC3, 0x4E, - 0x08, 0x2E, 0xA1, 0x66, 0x28, 0xD9, 0x24, 0xB2, 0x76, 0x5B, 0xA2, 0x49, 0x6D, 0x8B, 0xD1, 0x25, - 0x72, 0xF8, 0xF6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xD4, 0xA4, 0x5C, 0xCC, 0x5D, 0x65, 0xB6, 0x92, - 0x6C, 0x70, 0x48, 0x50, 0xFD, 0xED, 0xB9, 0xDA, 0x5E, 0x15, 0x46, 0x57, 0xA7, 0x8D, 0x9D, 0x84, - 0x90, 0xD8, 0xAB, 0x00, 0x8C, 0xBC, 0xD3, 0x0A, 0xF7, 0xE4, 0x58, 0x05, 0xB8, 0xB3, 0x45, 0x06, - 0xD0, 0x2C, 0x1E, 0x8F, 0xCA, 0x3F, 0x0F, 0x02, 0xC1, 0xAF, 0xBD, 0x03, 0x01, 0x13, 0x8A, 0x6B, - 0x3A, 0x91, 0x11, 0x41, 0x4F, 0x67, 0xDC, 0xEA, 0x97, 0xF2, 0xCF, 0xCE, 0xF0, 0xB4, 0xE6, 0x73, - 0x96, 0xAC, 0x74, 0x22, 0xE7, 0xAD, 0x35, 0x85, 0xE2, 0xF9, 0x37, 0xE8, 0x1C, 0x75, 0xDF, 0x6E, - 0x47, 0xF1, 0x1A, 0x71, 0x1D, 0x29, 0xC5, 0x89, 0x6F, 0xB7, 0x62, 0x0E, 0xAA, 0x18, 0xBE, 0x1B, - 0xFC, 0x56, 0x3E, 0x4B, 0xC6, 0xD2, 0x79, 0x20, 0x9A, 0xDB, 0xC0, 0xFE, 0x78, 0xCD, 0x5A, 0xF4, - 0x1F, 0xDD, 0xA8, 0x33, 0x88, 0x07, 0xC7, 0x31, 0xB1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xEC, 0x5F, - 0x60, 0x51, 0x7F, 0xA9, 0x19, 0xB5, 0x4A, 0x0D, 0x2D, 0xE5, 0x7A, 0x9F, 0x93, 0xC9, 0x9C, 0xEF, - 0xA0, 0xE0, 0x3B, 0x4D, 0xAE, 0x2A, 0xF5, 0xB0, 0xC8, 0xEB, 0xBB, 0x3C, 0x83, 0x53, 0x99, 0x61, - 0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D - ] - ]; - } - return $tables; - } - - /** - * Setup the performance-optimized function for de/encrypt() - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::setupInlineCrypt() - */ - protected function setupInlineCrypt() - { - $w = $this->w; - $dw = $this->dw; - $init_encrypt = ''; - $init_decrypt = ''; - - $Nr = $this->Nr; - $Nb = $this->Nb; - $c = $this->c; - - // Generating encrypt code: - $init_encrypt .= ' - if (empty($tables)) { - $tables = &$this->getTables(); - } - $t0 = $tables[0]; - $t1 = $tables[1]; - $t2 = $tables[2]; - $t3 = $tables[3]; - $sbox = $tables[4]; - '; - - $s = 'e'; - $e = 's'; - $wc = $Nb - 1; - - // Preround: addRoundKey - $encrypt_block = '$in = unpack("N*", $in);' . "\n"; - for ($i = 0; $i < $Nb; ++$i) { - $encrypt_block .= '$s' . $i . ' = $in[' . ($i + 1) . '] ^ ' . $w[++$wc] . ";\n"; - } - - // Mainrounds: shiftRows + subWord + mixColumns + addRoundKey - for ($round = 1; $round < $Nr; ++$round) { - list($s, $e) = [$e, $s]; - for ($i = 0; $i < $Nb; ++$i) { - $encrypt_block .= - '$' . $e . $i . ' = - $t0[($' . $s . $i . ' >> 24) & 0xff] ^ - $t1[($' . $s . (($i + $c[1]) % $Nb) . ' >> 16) & 0xff] ^ - $t2[($' . $s . (($i + $c[2]) % $Nb) . ' >> 8) & 0xff] ^ - $t3[ $' . $s . (($i + $c[3]) % $Nb) . ' & 0xff] ^ - ' . $w[++$wc] . ";\n"; - } - } - - // Finalround: subWord + shiftRows + addRoundKey - for ($i = 0; $i < $Nb; ++$i) { - $encrypt_block .= - '$' . $e . $i . ' = - $sbox[ $' . $e . $i . ' & 0xff] | - ($sbox[($' . $e . $i . ' >> 8) & 0xff] << 8) | - ($sbox[($' . $e . $i . ' >> 16) & 0xff] << 16) | - ($sbox[($' . $e . $i . ' >> 24) & 0xff] << 24);' . "\n"; - } - $encrypt_block .= '$in = pack("N*"' . "\n"; - for ($i = 0; $i < $Nb; ++$i) { - $encrypt_block .= ', - ($' . $e . $i . ' & ' . ((int)0xFF000000) . ') ^ - ($' . $e . (($i + $c[1]) % $Nb) . ' & 0x00FF0000 ) ^ - ($' . $e . (($i + $c[2]) % $Nb) . ' & 0x0000FF00 ) ^ - ($' . $e . (($i + $c[3]) % $Nb) . ' & 0x000000FF ) ^ - ' . $w[$i] . "\n"; - } - $encrypt_block .= ');'; - - // Generating decrypt code: - $init_decrypt .= ' - if (empty($invtables)) { - $invtables = &$this->getInvTables(); - } - $dt0 = $invtables[0]; - $dt1 = $invtables[1]; - $dt2 = $invtables[2]; - $dt3 = $invtables[3]; - $isbox = $invtables[4]; - '; - - $s = 'e'; - $e = 's'; - $wc = $Nb - 1; - - // Preround: addRoundKey - $decrypt_block = '$in = unpack("N*", $in);' . "\n"; - for ($i = 0; $i < $Nb; ++$i) { - $decrypt_block .= '$s' . $i . ' = $in[' . ($i + 1) . '] ^ ' . $dw[++$wc] . ';' . "\n"; - } - - // Mainrounds: shiftRows + subWord + mixColumns + addRoundKey - for ($round = 1; $round < $Nr; ++$round) { - list($s, $e) = [$e, $s]; - for ($i = 0; $i < $Nb; ++$i) { - $decrypt_block .= - '$' . $e . $i . ' = - $dt0[($' . $s . $i . ' >> 24) & 0xff] ^ - $dt1[($' . $s . (($Nb + $i - $c[1]) % $Nb) . ' >> 16) & 0xff] ^ - $dt2[($' . $s . (($Nb + $i - $c[2]) % $Nb) . ' >> 8) & 0xff] ^ - $dt3[ $' . $s . (($Nb + $i - $c[3]) % $Nb) . ' & 0xff] ^ - ' . $dw[++$wc] . ";\n"; - } - } - - // Finalround: subWord + shiftRows + addRoundKey - for ($i = 0; $i < $Nb; ++$i) { - $decrypt_block .= - '$' . $e . $i . ' = - $isbox[ $' . $e . $i . ' & 0xff] | - ($isbox[($' . $e . $i . ' >> 8) & 0xff] << 8) | - ($isbox[($' . $e . $i . ' >> 16) & 0xff] << 16) | - ($isbox[($' . $e . $i . ' >> 24) & 0xff] << 24);' . "\n"; - } - $decrypt_block .= '$in = pack("N*"' . "\n"; - for ($i = 0; $i < $Nb; ++$i) { - $decrypt_block .= ', - ($' . $e . $i . ' & ' . ((int)0xFF000000) . ') ^ - ($' . $e . (($Nb + $i - $c[1]) % $Nb) . ' & 0x00FF0000 ) ^ - ($' . $e . (($Nb + $i - $c[2]) % $Nb) . ' & 0x0000FF00 ) ^ - ($' . $e . (($Nb + $i - $c[3]) % $Nb) . ' & 0x000000FF ) ^ - ' . $dw[$i] . "\n"; - } - $decrypt_block .= ');'; - - $this->inline_crypt = $this->createInlineCryptFunction( - [ - 'init_crypt' => 'static $tables; static $invtables;', - 'init_encrypt' => $init_encrypt, - 'init_decrypt' => $init_decrypt, - 'encrypt_block' => $encrypt_block, - 'decrypt_block' => $decrypt_block - ] - ); - } - - /** - * Encrypts a message. - * - * @see self::decrypt() - * @see parent::encrypt() - * @param string $plaintext - * @return string - */ - public function encrypt($plaintext) - { - $this->setup(); - - switch ($this->engine) { - case self::ENGINE_LIBSODIUM: - $this->newtag = sodium_crypto_aead_aes256gcm_encrypt($plaintext, $this->aad, $this->nonce, $this->key); - return Strings::shift($this->newtag, strlen($plaintext)); - case self::ENGINE_OPENSSL_GCM: - return openssl_encrypt( - $plaintext, - 'aes-' . $this->getKeyLength() . '-gcm', - $this->key, - OPENSSL_RAW_DATA, - $this->nonce, - $this->newtag, - $this->aad - ); - } - - return parent::encrypt($plaintext); - } - - /** - * Decrypts a message. - * - * @see self::encrypt() - * @see parent::decrypt() - * @param string $ciphertext - * @return string - */ - public function decrypt($ciphertext) - { - $this->setup(); - - switch ($this->engine) { - case self::ENGINE_LIBSODIUM: - if ($this->oldtag === false) { - throw new InsufficientSetupException('Authentication Tag has not been set'); - } - if (strlen($this->oldtag) != 16) { - break; - } - $plaintext = sodium_crypto_aead_aes256gcm_decrypt($ciphertext . $this->oldtag, $this->aad, $this->nonce, $this->key); - if ($plaintext === false) { - $this->oldtag = false; - throw new BadDecryptionException('Error decrypting ciphertext with libsodium'); - } - return $plaintext; - case self::ENGINE_OPENSSL_GCM: - if ($this->oldtag === false) { - throw new InsufficientSetupException('Authentication Tag has not been set'); - } - $plaintext = openssl_decrypt( - $ciphertext, - 'aes-' . $this->getKeyLength() . '-gcm', - $this->key, - OPENSSL_RAW_DATA, - $this->nonce, - $this->oldtag, - $this->aad - ); - if ($plaintext === false) { - $this->oldtag = false; - throw new BadDecryptionException('Error decrypting ciphertext with OpenSSL'); - } - return $plaintext; - } - - return parent::decrypt($ciphertext); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Salsa20.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Salsa20.php deleted file mode 100644 index 0a35f47..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Salsa20.php +++ /dev/null @@ -1,526 +0,0 @@ - - * @copyright 2019 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\Common\StreamCipher; -use phpseclib3\Exception\BadDecryptionException; -use phpseclib3\Exception\InsufficientSetupException; - -/** - * Pure-PHP implementation of Salsa20. - * - * @author Jim Wigginton - */ -class Salsa20 extends StreamCipher -{ - /** - * Part 1 of the state - * - * @var string|false - */ - protected $p1 = false; - - /** - * Part 2 of the state - * - * @var string|false - */ - protected $p2 = false; - - /** - * Key Length (in bytes) - * - * @var int - */ - protected $key_length = 32; // = 256 bits - - /** - * @see \phpseclib3\Crypt\Salsa20::crypt() - */ - const ENCRYPT = 0; - - /** - * @see \phpseclib3\Crypt\Salsa20::crypt() - */ - const DECRYPT = 1; - - /** - * Encryption buffer for continuous mode - * - * @var array - */ - protected $enbuffer; - - /** - * Decryption buffer for continuous mode - * - * @var array - */ - protected $debuffer; - - /** - * Counter - * - * @var int - */ - protected $counter = 0; - - /** - * Using Generated Poly1305 Key - * - * @var boolean - */ - protected $usingGeneratedPoly1305Key = false; - - /** - * Salsa20 uses a nonce - * - * @return bool - */ - public function usesNonce() - { - return true; - } - - /** - * Sets the key. - * - * @param string $key - * @throws \LengthException if the key length isn't supported - */ - public function setKey($key) - { - switch (strlen($key)) { - case 16: - case 32: - break; - default: - throw new \LengthException('Key of size ' . strlen($key) . ' not supported by this algorithm. Only keys of sizes 16 or 32 are supported'); - } - - parent::setKey($key); - } - - /** - * Sets the nonce. - * - * @param string $nonce - */ - public function setNonce($nonce) - { - if (strlen($nonce) != 8) { - throw new \LengthException('Nonce of size ' . strlen($key) . ' not supported by this algorithm. Only an 64-bit nonce is supported'); - } - - $this->nonce = $nonce; - $this->changed = true; - $this->setEngine(); - } - - /** - * Sets the counter. - * - * @param int $counter - */ - public function setCounter($counter) - { - $this->counter = $counter; - $this->setEngine(); - } - - /** - * Creates a Poly1305 key using the method discussed in RFC8439 - * - * See https://tools.ietf.org/html/rfc8439#section-2.6.1 - */ - protected function createPoly1305Key() - { - if ($this->nonce === false) { - throw new InsufficientSetupException('No nonce has been defined'); - } - - if ($this->key === false) { - throw new InsufficientSetupException('No key has been defined'); - } - - $c = clone $this; - $c->setCounter(0); - $c->usePoly1305 = false; - $block = $c->encrypt(str_repeat("\0", 256)); - $this->setPoly1305Key(substr($block, 0, 32)); - - if ($this->counter == 0) { - $this->counter++; - } - } - - /** - * Setup the self::ENGINE_INTERNAL $engine - * - * (re)init, if necessary, the internal cipher $engine - * - * _setup() will be called each time if $changed === true - * typically this happens when using one or more of following public methods: - * - * - setKey() - * - * - setNonce() - * - * - First run of encrypt() / decrypt() with no init-settings - * - * @see self::setKey() - * @see self::setNonce() - * @see self::disableContinuousBuffer() - */ - protected function setup() - { - if (!$this->changed) { - return; - } - - $this->enbuffer = $this->debuffer = ['ciphertext' => '', 'counter' => $this->counter]; - - $this->changed = $this->nonIVChanged = false; - - if ($this->nonce === false) { - throw new InsufficientSetupException('No nonce has been defined'); - } - - if ($this->key === false) { - throw new InsufficientSetupException('No key has been defined'); - } - - if ($this->usePoly1305 && !isset($this->poly1305Key)) { - $this->usingGeneratedPoly1305Key = true; - $this->createPoly1305Key(); - } - - $key = $this->key; - if (strlen($key) == 16) { - $constant = 'expand 16-byte k'; - $key .= $key; - } else { - $constant = 'expand 32-byte k'; - } - - $this->p1 = substr($constant, 0, 4) . - substr($key, 0, 16) . - substr($constant, 4, 4) . - $this->nonce . - "\0\0\0\0"; - $this->p2 = substr($constant, 8, 4) . - substr($key, 16, 16) . - substr($constant, 12, 4); - } - - /** - * Setup the key (expansion) - */ - protected function setupKey() - { - // Salsa20 does not utilize this method - } - - /** - * Encrypts a message. - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() - * @see self::crypt() - * @param string $plaintext - * @return string $ciphertext - */ - public function encrypt($plaintext) - { - $ciphertext = $this->crypt($plaintext, self::ENCRYPT); - if (isset($this->poly1305Key)) { - $this->newtag = $this->poly1305($ciphertext); - } - return $ciphertext; - } - - /** - * Decrypts a message. - * - * $this->decrypt($this->encrypt($plaintext)) == $this->encrypt($this->encrypt($plaintext)). - * At least if the continuous buffer is disabled. - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() - * @see self::crypt() - * @param string $ciphertext - * @return string $plaintext - */ - public function decrypt($ciphertext) - { - if (isset($this->poly1305Key)) { - if ($this->oldtag === false) { - throw new InsufficientSetupException('Authentication Tag has not been set'); - } - $newtag = $this->poly1305($ciphertext); - if ($this->oldtag != substr($newtag, 0, strlen($this->oldtag))) { - $this->oldtag = false; - throw new BadDecryptionException('Derived authentication tag and supplied authentication tag do not match'); - } - $this->oldtag = false; - } - - return $this->crypt($ciphertext, self::DECRYPT); - } - - /** - * Encrypts a block - * - * @param string $in - */ - protected function encryptBlock($in) - { - // Salsa20 does not utilize this method - } - - /** - * Decrypts a block - * - * @param string $in - */ - protected function decryptBlock($in) - { - // Salsa20 does not utilize this method - } - - /** - * Encrypts or decrypts a message. - * - * @see self::encrypt() - * @see self::decrypt() - * @param string $text - * @param int $mode - * @return string $text - */ - private function crypt($text, $mode) - { - $this->setup(); - if (!$this->continuousBuffer) { - if ($this->engine == self::ENGINE_OPENSSL) { - $iv = pack('V', $this->counter) . $this->p2; - return openssl_encrypt( - $text, - $this->cipher_name_openssl, - $this->key, - OPENSSL_RAW_DATA, - $iv - ); - } - $i = $this->counter; - $blocks = str_split($text, 64); - foreach ($blocks as &$block) { - $block ^= static::salsa20($this->p1 . pack('V', $i++) . $this->p2); - } - - return implode('', $blocks); - } - - if ($mode == self::ENCRYPT) { - $buffer = &$this->enbuffer; - } else { - $buffer = &$this->debuffer; - } - if (!strlen($buffer['ciphertext'])) { - $ciphertext = ''; - } else { - $ciphertext = $text ^ Strings::shift($buffer['ciphertext'], strlen($text)); - $text = substr($text, strlen($ciphertext)); - if (!strlen($text)) { - return $ciphertext; - } - } - - $overflow = strlen($text) % 64; // & 0x3F - if ($overflow) { - $text2 = Strings::pop($text, $overflow); - if ($this->engine == self::ENGINE_OPENSSL) { - $iv = pack('V', $buffer['counter']) . $this->p2; - // at this point $text should be a multiple of 64 - $buffer['counter'] += (strlen($text) >> 6) + 1; // ie. divide by 64 - $encrypted = openssl_encrypt( - $text . str_repeat("\0", 64), - $this->cipher_name_openssl, - $this->key, - OPENSSL_RAW_DATA, - $iv - ); - $temp = Strings::pop($encrypted, 64); - } else { - $blocks = str_split($text, 64); - if (strlen($text)) { - foreach ($blocks as &$block) { - $block ^= static::salsa20($this->p1 . pack('V', $buffer['counter']++) . $this->p2); - } - } - $encrypted = implode('', $blocks); - $temp = static::salsa20($this->p1 . pack('V', $buffer['counter']++) . $this->p2); - } - $ciphertext .= $encrypted . ($text2 ^ $temp); - $buffer['ciphertext'] = substr($temp, $overflow); - } elseif (!strlen($buffer['ciphertext'])) { - if ($this->engine == self::ENGINE_OPENSSL) { - $iv = pack('V', $buffer['counter']) . $this->p2; - $buffer['counter'] += (strlen($text) >> 6); - $ciphertext .= openssl_encrypt( - $text, - $this->cipher_name_openssl, - $this->key, - OPENSSL_RAW_DATA, - $iv - ); - } else { - $blocks = str_split($text, 64); - foreach ($blocks as &$block) { - $block ^= static::salsa20($this->p1 . pack('V', $buffer['counter']++) . $this->p2); - } - $ciphertext .= implode('', $blocks); - } - } - - return $ciphertext; - } - - /** - * Left Rotate - * - * @param int $x - * @param int $n - * @return int - */ - protected static function leftRotate($x, $n) - { - if (PHP_INT_SIZE == 8) { - $r1 = $x << $n; - $r1 &= 0xFFFFFFFF; - $r2 = ($x & 0xFFFFFFFF) >> (32 - $n); - } else { - $x = (int) $x; - $r1 = $x << $n; - $r2 = $x >> (32 - $n); - $r2 &= (1 << $n) - 1; - } - return $r1 | $r2; - } - - /** - * The quarterround function - * - * @param int $a - * @param int $b - * @param int $c - * @param int $d - */ - protected static function quarterRound(&$a, &$b, &$c, &$d) - { - $b ^= self::leftRotate($a + $d, 7); - $c ^= self::leftRotate($b + $a, 9); - $d ^= self::leftRotate($c + $b, 13); - $a ^= self::leftRotate($d + $c, 18); - } - - /** - * The doubleround function - * - * @param int $x0 (by reference) - * @param int $x1 (by reference) - * @param int $x2 (by reference) - * @param int $x3 (by reference) - * @param int $x4 (by reference) - * @param int $x5 (by reference) - * @param int $x6 (by reference) - * @param int $x7 (by reference) - * @param int $x8 (by reference) - * @param int $x9 (by reference) - * @param int $x10 (by reference) - * @param int $x11 (by reference) - * @param int $x12 (by reference) - * @param int $x13 (by reference) - * @param int $x14 (by reference) - * @param int $x15 (by reference) - */ - protected static function doubleRound(&$x0, &$x1, &$x2, &$x3, &$x4, &$x5, &$x6, &$x7, &$x8, &$x9, &$x10, &$x11, &$x12, &$x13, &$x14, &$x15) - { - // columnRound - static::quarterRound($x0, $x4, $x8, $x12); - static::quarterRound($x5, $x9, $x13, $x1); - static::quarterRound($x10, $x14, $x2, $x6); - static::quarterRound($x15, $x3, $x7, $x11); - // rowRound - static::quarterRound($x0, $x1, $x2, $x3); - static::quarterRound($x5, $x6, $x7, $x4); - static::quarterRound($x10, $x11, $x8, $x9); - static::quarterRound($x15, $x12, $x13, $x14); - } - - /** - * The Salsa20 hash function function - * - * @param string $x - */ - protected static function salsa20($x) - { - $z = $x = unpack('V*', $x); - for ($i = 0; $i < 10; $i++) { - static::doubleRound($z[1], $z[2], $z[3], $z[4], $z[5], $z[6], $z[7], $z[8], $z[9], $z[10], $z[11], $z[12], $z[13], $z[14], $z[15], $z[16]); - } - - for ($i = 1; $i <= 16; $i++) { - $x[$i] += $z[$i]; - } - - return pack('V*', ...$x); - } - - /** - * Calculates Poly1305 MAC - * - * @see self::decrypt() - * @see self::encrypt() - * @param string $ciphertext - * @return string - */ - protected function poly1305($ciphertext) - { - if (!$this->usingGeneratedPoly1305Key) { - return parent::poly1305($this->aad . $ciphertext); - } else { - /* - sodium_crypto_aead_chacha20poly1305_encrypt does not calculate the poly1305 tag - the same way sodium_crypto_aead_chacha20poly1305_ietf_encrypt does. you can see - how the latter encrypts it in Salsa20::encrypt(). here's how the former encrypts - it: - - $this->newtag = $this->poly1305( - $this->aad . - pack('V', strlen($this->aad)) . "\0\0\0\0" . - $ciphertext . - pack('V', strlen($ciphertext)) . "\0\0\0\0" - ); - - phpseclib opts to use the IETF construction, even when the nonce is 64-bits - instead of 96-bits - */ - return parent::poly1305( - self::nullPad128($this->aad) . - self::nullPad128($ciphertext) . - pack('V', strlen($this->aad)) . "\0\0\0\0" . - pack('V', strlen($ciphertext)) . "\0\0\0\0" - ); - } - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/TripleDES.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/TripleDES.php deleted file mode 100644 index 1ff5ed0..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/TripleDES.php +++ /dev/null @@ -1,436 +0,0 @@ - - * setKey('abcdefghijklmnopqrstuvwx'); - * - * $size = 10 * 1024; - * $plaintext = ''; - * for ($i = 0; $i < $size; $i++) { - * $plaintext.= 'a'; - * } - * - * echo $des->decrypt($des->encrypt($plaintext)); - * ?> - * - * - * @author Jim Wigginton - * @copyright 2007 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt; - -/** - * Pure-PHP implementation of Triple DES. - * - * @author Jim Wigginton - */ -class TripleDES extends DES -{ - /** - * Encrypt / decrypt using inner chaining - * - * Inner chaining is used by SSH-1 and is generally considered to be less secure then outer chaining (self::MODE_CBC3). - */ - const MODE_3CBC = -2; - - /** - * Encrypt / decrypt using outer chaining - * - * Outer chaining is used by SSH-2 and when the mode is set to \phpseclib3\Crypt\Common\BlockCipher::MODE_CBC. - */ - const MODE_CBC3 = self::MODE_CBC; - - /** - * Key Length (in bytes) - * - * @see \phpseclib3\Crypt\TripleDES::setKeyLength() - * @var int - */ - protected $key_length = 24; - - /** - * The mcrypt specific name of the cipher - * - * @see \phpseclib3\Crypt\DES::cipher_name_mcrypt - * @see \phpseclib3\Crypt\Common\SymmetricKey::cipher_name_mcrypt - * @var string - */ - protected $cipher_name_mcrypt = 'tripledes'; - - /** - * Optimizing value while CFB-encrypting - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::cfb_init_len - * @var int - */ - protected $cfb_init_len = 750; - - /** - * max possible size of $key - * - * @see self::setKey() - * @see \phpseclib3\Crypt\DES::setKey() - * @var string - */ - protected $key_length_max = 24; - - /** - * Internal flag whether using self::MODE_3CBC or not - * - * @var bool - */ - private $mode_3cbc; - - /** - * The \phpseclib3\Crypt\DES objects - * - * Used only if $mode_3cbc === true - * - * @var array - */ - private $des; - - /** - * Default Constructor. - * - * Determines whether or not the mcrypt or OpenSSL extensions should be used. - * - * $mode could be: - * - * - ecb - * - * - cbc - * - * - ctr - * - * - cfb - * - * - ofb - * - * - 3cbc - * - * - cbc3 (same as cbc) - * - * @see \phpseclib3\Crypt\DES::__construct() - * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() - * @param string $mode - */ - public function __construct($mode) - { - switch (strtolower($mode)) { - // In case of self::MODE_3CBC, we init as CRYPT_DES_MODE_CBC - // and additional flag us internally as 3CBC - case '3cbc': - parent::__construct('cbc'); - $this->mode_3cbc = true; - - // This three $des'es will do the 3CBC work (if $key > 64bits) - $this->des = [ - new DES('cbc'), - new DES('cbc'), - new DES('cbc'), - ]; - - // we're going to be doing the padding, ourselves, so disable it in the \phpseclib3\Crypt\DES objects - $this->des[0]->disablePadding(); - $this->des[1]->disablePadding(); - $this->des[2]->disablePadding(); - break; - case 'cbc3': - $mode = 'cbc'; - // fall-through - // If not 3CBC, we init as usual - default: - parent::__construct($mode); - - if ($this->mode == self::MODE_STREAM) { - throw new BadModeException('Block ciphers cannot be ran in stream mode'); - } - } - } - - /** - * Test for engine validity - * - * This is mainly just a wrapper to set things up for \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine() - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() - * @param int $engine - * @return bool - */ - protected function isValidEngineHelper($engine) - { - if ($engine == self::ENGINE_OPENSSL) { - $this->cipher_name_openssl_ecb = 'des-ede3'; - $mode = $this->openssl_translate_mode(); - $this->cipher_name_openssl = $mode == 'ecb' ? 'des-ede3' : 'des-ede3-' . $mode; - } - - return parent::isValidEngineHelper($engine); - } - - /** - * Sets the initialization vector. - * - * SetIV is not required when \phpseclib3\Crypt\Common\SymmetricKey::MODE_ECB is being used. - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::setIV() - * @param string $iv - */ - public function setIV($iv) - { - parent::setIV($iv); - if ($this->mode_3cbc) { - $this->des[0]->setIV($iv); - $this->des[1]->setIV($iv); - $this->des[2]->setIV($iv); - } - } - - /** - * Sets the key length. - * - * Valid key lengths are 128 and 192 bits. - * - * If you want to use a 64-bit key use DES.php - * - * @see \phpseclib3\Crypt\Common\SymmetricKey:setKeyLength() - * @throws \LengthException if the key length is invalid - * @param int $length - */ - public function setKeyLength($length) - { - switch ($length) { - case 128: - case 192: - break; - default: - throw new \LengthException('Key size of ' . $length . ' bits is not supported by this algorithm. Only keys of sizes 128 or 192 bits are supported'); - } - - parent::setKeyLength($length); - } - - /** - * Sets the key. - * - * Triple DES can use 128-bit (eg. strlen($key) == 16) or 192-bit (eg. strlen($key) == 24) keys. - * - * DES also requires that every eighth bit be a parity bit, however, we'll ignore that. - * - * @see \phpseclib3\Crypt\DES::setKey() - * @see \phpseclib3\Crypt\Common\SymmetricKey::setKey() - * @throws \LengthException if the key length is invalid - * @param string $key - */ - public function setKey($key) - { - if ($this->explicit_key_length !== false && strlen($key) != $this->explicit_key_length) { - throw new \LengthException('Key length has already been set to ' . $this->explicit_key_length . ' bytes and this key is ' . strlen($key) . ' bytes'); - } - - switch (strlen($key)) { - case 16: - $key .= substr($key, 0, 8); - break; - case 24: - break; - default: - throw new \LengthException('Key of size ' . strlen($key) . ' not supported by this algorithm. Only keys of sizes 16 or 24 are supported'); - } - - // copied from self::setKey() - $this->key = $key; - $this->key_length = strlen($key); - $this->changed = $this->nonIVChanged = true; - $this->setEngine(); - - if ($this->mode_3cbc) { - $this->des[0]->setKey(substr($key, 0, 8)); - $this->des[1]->setKey(substr($key, 8, 8)); - $this->des[2]->setKey(substr($key, 16, 8)); - } - } - - /** - * Encrypts a message. - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() - * @param string $plaintext - * @return string $cipertext - */ - public function encrypt($plaintext) - { - // parent::en/decrypt() is able to do all the work for all modes and keylengths, - // except for: self::MODE_3CBC (inner chaining CBC) with a key > 64bits - - // if the key is smaller then 8, do what we'd normally do - if ($this->mode_3cbc && strlen($this->key) > 8) { - return $this->des[2]->encrypt( - $this->des[1]->decrypt( - $this->des[0]->encrypt( - $this->pad($plaintext) - ) - ) - ); - } - - return parent::encrypt($plaintext); - } - - /** - * Decrypts a message. - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() - * @param string $ciphertext - * @return string $plaintext - */ - public function decrypt($ciphertext) - { - if ($this->mode_3cbc && strlen($this->key) > 8) { - return $this->unpad( - $this->des[0]->decrypt( - $this->des[1]->encrypt( - $this->des[2]->decrypt( - str_pad($ciphertext, (strlen($ciphertext) + 7) & 0xFFFFFFF8, "\0") - ) - ) - ) - ); - } - - return parent::decrypt($ciphertext); - } - - /** - * Treat consecutive "packets" as if they are a continuous buffer. - * - * Say you have a 16-byte plaintext $plaintext. Using the default behavior, the two following code snippets - * will yield different outputs: - * - * - * echo $des->encrypt(substr($plaintext, 0, 8)); - * echo $des->encrypt(substr($plaintext, 8, 8)); - * - * - * echo $des->encrypt($plaintext); - * - * - * The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates - * another, as demonstrated with the following: - * - * - * $des->encrypt(substr($plaintext, 0, 8)); - * echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8))); - * - * - * echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8))); - * - * - * With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different - * outputs. The reason is due to the fact that the initialization vector's change after every encryption / - * decryption round when the continuous buffer is enabled. When it's disabled, they remain constant. - * - * Put another way, when the continuous buffer is enabled, the state of the \phpseclib3\Crypt\DES() object changes after each - * encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that - * continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them), - * however, they are also less intuitive and more likely to cause you problems. - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::enableContinuousBuffer() - * @see self::disableContinuousBuffer() - */ - public function enableContinuousBuffer() - { - parent::enableContinuousBuffer(); - if ($this->mode_3cbc) { - $this->des[0]->enableContinuousBuffer(); - $this->des[1]->enableContinuousBuffer(); - $this->des[2]->enableContinuousBuffer(); - } - } - - /** - * Treat consecutive packets as if they are a discontinuous buffer. - * - * The default behavior. - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::disableContinuousBuffer() - * @see self::enableContinuousBuffer() - */ - public function disableContinuousBuffer() - { - parent::disableContinuousBuffer(); - if ($this->mode_3cbc) { - $this->des[0]->disableContinuousBuffer(); - $this->des[1]->disableContinuousBuffer(); - $this->des[2]->disableContinuousBuffer(); - } - } - - /** - * Creates the key schedule - * - * @see \phpseclib3\Crypt\DES::setupKey() - * @see \phpseclib3\Crypt\Common\SymmetricKey::setupKey() - */ - protected function setupKey() - { - switch (true) { - // if $key <= 64bits we configure our internal pure-php cipher engine - // to act as regular [1]DES, not as 3DES. mcrypt.so::tripledes does the same. - case strlen($this->key) <= 8: - $this->des_rounds = 1; - break; - - // otherwise, if $key > 64bits, we configure our engine to work as 3DES. - default: - $this->des_rounds = 3; - - // (only) if 3CBC is used we have, of course, to setup the $des[0-2] keys also separately. - if ($this->mode_3cbc) { - $this->des[0]->setupKey(); - $this->des[1]->setupKey(); - $this->des[2]->setupKey(); - - // because $des[0-2] will, now, do all the work we can return here - // not need unnecessary stress parent::setupKey() with our, now unused, $key. - return; - } - } - // setup our key - parent::setupKey(); - } - - /** - * Sets the internal crypt engine - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() - * @see \phpseclib3\Crypt\Common\SymmetricKey::setPreferredEngine() - * @param int $engine - */ - public function setPreferredEngine($engine) - { - if ($this->mode_3cbc) { - $this->des[0]->setPreferredEngine($engine); - $this->des[1]->setPreferredEngine($engine); - $this->des[2]->setPreferredEngine($engine); - } - - parent::setPreferredEngine($engine); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Twofish.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Twofish.php deleted file mode 100644 index bf76563..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Crypt/Twofish.php +++ /dev/null @@ -1,816 +0,0 @@ - - * setKey('12345678901234567890123456789012'); - * - * $plaintext = str_repeat('a', 1024); - * - * echo $twofish->decrypt($twofish->encrypt($plaintext)); - * ?> - * - * - * @author Jim Wigginton - * @author Hans-Juergen Petrich - * @copyright 2007 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Crypt; - -use phpseclib3\Crypt\Common\BlockCipher; -use phpseclib3\Exception\BadModeException; - -/** - * Pure-PHP implementation of Twofish. - * - * @author Jim Wigginton - * @author Hans-Juergen Petrich - */ -class Twofish extends BlockCipher -{ - /** - * The mcrypt specific name of the cipher - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::cipher_name_mcrypt - * @var string - */ - protected $cipher_name_mcrypt = 'twofish'; - - /** - * Optimizing value while CFB-encrypting - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::cfb_init_len - * @var int - */ - protected $cfb_init_len = 800; - - /** - * Q-Table - * - * @var array - */ - private static $q0 = [ - 0xA9, 0x67, 0xB3, 0xE8, 0x04, 0xFD, 0xA3, 0x76, - 0x9A, 0x92, 0x80, 0x78, 0xE4, 0xDD, 0xD1, 0x38, - 0x0D, 0xC6, 0x35, 0x98, 0x18, 0xF7, 0xEC, 0x6C, - 0x43, 0x75, 0x37, 0x26, 0xFA, 0x13, 0x94, 0x48, - 0xF2, 0xD0, 0x8B, 0x30, 0x84, 0x54, 0xDF, 0x23, - 0x19, 0x5B, 0x3D, 0x59, 0xF3, 0xAE, 0xA2, 0x82, - 0x63, 0x01, 0x83, 0x2E, 0xD9, 0x51, 0x9B, 0x7C, - 0xA6, 0xEB, 0xA5, 0xBE, 0x16, 0x0C, 0xE3, 0x61, - 0xC0, 0x8C, 0x3A, 0xF5, 0x73, 0x2C, 0x25, 0x0B, - 0xBB, 0x4E, 0x89, 0x6B, 0x53, 0x6A, 0xB4, 0xF1, - 0xE1, 0xE6, 0xBD, 0x45, 0xE2, 0xF4, 0xB6, 0x66, - 0xCC, 0x95, 0x03, 0x56, 0xD4, 0x1C, 0x1E, 0xD7, - 0xFB, 0xC3, 0x8E, 0xB5, 0xE9, 0xCF, 0xBF, 0xBA, - 0xEA, 0x77, 0x39, 0xAF, 0x33, 0xC9, 0x62, 0x71, - 0x81, 0x79, 0x09, 0xAD, 0x24, 0xCD, 0xF9, 0xD8, - 0xE5, 0xC5, 0xB9, 0x4D, 0x44, 0x08, 0x86, 0xE7, - 0xA1, 0x1D, 0xAA, 0xED, 0x06, 0x70, 0xB2, 0xD2, - 0x41, 0x7B, 0xA0, 0x11, 0x31, 0xC2, 0x27, 0x90, - 0x20, 0xF6, 0x60, 0xFF, 0x96, 0x5C, 0xB1, 0xAB, - 0x9E, 0x9C, 0x52, 0x1B, 0x5F, 0x93, 0x0A, 0xEF, - 0x91, 0x85, 0x49, 0xEE, 0x2D, 0x4F, 0x8F, 0x3B, - 0x47, 0x87, 0x6D, 0x46, 0xD6, 0x3E, 0x69, 0x64, - 0x2A, 0xCE, 0xCB, 0x2F, 0xFC, 0x97, 0x05, 0x7A, - 0xAC, 0x7F, 0xD5, 0x1A, 0x4B, 0x0E, 0xA7, 0x5A, - 0x28, 0x14, 0x3F, 0x29, 0x88, 0x3C, 0x4C, 0x02, - 0xB8, 0xDA, 0xB0, 0x17, 0x55, 0x1F, 0x8A, 0x7D, - 0x57, 0xC7, 0x8D, 0x74, 0xB7, 0xC4, 0x9F, 0x72, - 0x7E, 0x15, 0x22, 0x12, 0x58, 0x07, 0x99, 0x34, - 0x6E, 0x50, 0xDE, 0x68, 0x65, 0xBC, 0xDB, 0xF8, - 0xC8, 0xA8, 0x2B, 0x40, 0xDC, 0xFE, 0x32, 0xA4, - 0xCA, 0x10, 0x21, 0xF0, 0xD3, 0x5D, 0x0F, 0x00, - 0x6F, 0x9D, 0x36, 0x42, 0x4A, 0x5E, 0xC1, 0xE0 - ]; - - /** - * Q-Table - * - * @var array - */ - private static $q1 = [ - 0x75, 0xF3, 0xC6, 0xF4, 0xDB, 0x7B, 0xFB, 0xC8, - 0x4A, 0xD3, 0xE6, 0x6B, 0x45, 0x7D, 0xE8, 0x4B, - 0xD6, 0x32, 0xD8, 0xFD, 0x37, 0x71, 0xF1, 0xE1, - 0x30, 0x0F, 0xF8, 0x1B, 0x87, 0xFA, 0x06, 0x3F, - 0x5E, 0xBA, 0xAE, 0x5B, 0x8A, 0x00, 0xBC, 0x9D, - 0x6D, 0xC1, 0xB1, 0x0E, 0x80, 0x5D, 0xD2, 0xD5, - 0xA0, 0x84, 0x07, 0x14, 0xB5, 0x90, 0x2C, 0xA3, - 0xB2, 0x73, 0x4C, 0x54, 0x92, 0x74, 0x36, 0x51, - 0x38, 0xB0, 0xBD, 0x5A, 0xFC, 0x60, 0x62, 0x96, - 0x6C, 0x42, 0xF7, 0x10, 0x7C, 0x28, 0x27, 0x8C, - 0x13, 0x95, 0x9C, 0xC7, 0x24, 0x46, 0x3B, 0x70, - 0xCA, 0xE3, 0x85, 0xCB, 0x11, 0xD0, 0x93, 0xB8, - 0xA6, 0x83, 0x20, 0xFF, 0x9F, 0x77, 0xC3, 0xCC, - 0x03, 0x6F, 0x08, 0xBF, 0x40, 0xE7, 0x2B, 0xE2, - 0x79, 0x0C, 0xAA, 0x82, 0x41, 0x3A, 0xEA, 0xB9, - 0xE4, 0x9A, 0xA4, 0x97, 0x7E, 0xDA, 0x7A, 0x17, - 0x66, 0x94, 0xA1, 0x1D, 0x3D, 0xF0, 0xDE, 0xB3, - 0x0B, 0x72, 0xA7, 0x1C, 0xEF, 0xD1, 0x53, 0x3E, - 0x8F, 0x33, 0x26, 0x5F, 0xEC, 0x76, 0x2A, 0x49, - 0x81, 0x88, 0xEE, 0x21, 0xC4, 0x1A, 0xEB, 0xD9, - 0xC5, 0x39, 0x99, 0xCD, 0xAD, 0x31, 0x8B, 0x01, - 0x18, 0x23, 0xDD, 0x1F, 0x4E, 0x2D, 0xF9, 0x48, - 0x4F, 0xF2, 0x65, 0x8E, 0x78, 0x5C, 0x58, 0x19, - 0x8D, 0xE5, 0x98, 0x57, 0x67, 0x7F, 0x05, 0x64, - 0xAF, 0x63, 0xB6, 0xFE, 0xF5, 0xB7, 0x3C, 0xA5, - 0xCE, 0xE9, 0x68, 0x44, 0xE0, 0x4D, 0x43, 0x69, - 0x29, 0x2E, 0xAC, 0x15, 0x59, 0xA8, 0x0A, 0x9E, - 0x6E, 0x47, 0xDF, 0x34, 0x35, 0x6A, 0xCF, 0xDC, - 0x22, 0xC9, 0xC0, 0x9B, 0x89, 0xD4, 0xED, 0xAB, - 0x12, 0xA2, 0x0D, 0x52, 0xBB, 0x02, 0x2F, 0xA9, - 0xD7, 0x61, 0x1E, 0xB4, 0x50, 0x04, 0xF6, 0xC2, - 0x16, 0x25, 0x86, 0x56, 0x55, 0x09, 0xBE, 0x91 - ]; - - /** - * M-Table - * - * @var array - */ - private static $m0 = [ - 0xBCBC3275, 0xECEC21F3, 0x202043C6, 0xB3B3C9F4, 0xDADA03DB, 0x02028B7B, 0xE2E22BFB, 0x9E9EFAC8, - 0xC9C9EC4A, 0xD4D409D3, 0x18186BE6, 0x1E1E9F6B, 0x98980E45, 0xB2B2387D, 0xA6A6D2E8, 0x2626B74B, - 0x3C3C57D6, 0x93938A32, 0x8282EED8, 0x525298FD, 0x7B7BD437, 0xBBBB3771, 0x5B5B97F1, 0x474783E1, - 0x24243C30, 0x5151E20F, 0xBABAC6F8, 0x4A4AF31B, 0xBFBF4887, 0x0D0D70FA, 0xB0B0B306, 0x7575DE3F, - 0xD2D2FD5E, 0x7D7D20BA, 0x666631AE, 0x3A3AA35B, 0x59591C8A, 0x00000000, 0xCDCD93BC, 0x1A1AE09D, - 0xAEAE2C6D, 0x7F7FABC1, 0x2B2BC7B1, 0xBEBEB90E, 0xE0E0A080, 0x8A8A105D, 0x3B3B52D2, 0x6464BAD5, - 0xD8D888A0, 0xE7E7A584, 0x5F5FE807, 0x1B1B1114, 0x2C2CC2B5, 0xFCFCB490, 0x3131272C, 0x808065A3, - 0x73732AB2, 0x0C0C8173, 0x79795F4C, 0x6B6B4154, 0x4B4B0292, 0x53536974, 0x94948F36, 0x83831F51, - 0x2A2A3638, 0xC4C49CB0, 0x2222C8BD, 0xD5D5F85A, 0xBDBDC3FC, 0x48487860, 0xFFFFCE62, 0x4C4C0796, - 0x4141776C, 0xC7C7E642, 0xEBEB24F7, 0x1C1C1410, 0x5D5D637C, 0x36362228, 0x6767C027, 0xE9E9AF8C, - 0x4444F913, 0x1414EA95, 0xF5F5BB9C, 0xCFCF18C7, 0x3F3F2D24, 0xC0C0E346, 0x7272DB3B, 0x54546C70, - 0x29294CCA, 0xF0F035E3, 0x0808FE85, 0xC6C617CB, 0xF3F34F11, 0x8C8CE4D0, 0xA4A45993, 0xCACA96B8, - 0x68683BA6, 0xB8B84D83, 0x38382820, 0xE5E52EFF, 0xADAD569F, 0x0B0B8477, 0xC8C81DC3, 0x9999FFCC, - 0x5858ED03, 0x19199A6F, 0x0E0E0A08, 0x95957EBF, 0x70705040, 0xF7F730E7, 0x6E6ECF2B, 0x1F1F6EE2, - 0xB5B53D79, 0x09090F0C, 0x616134AA, 0x57571682, 0x9F9F0B41, 0x9D9D803A, 0x111164EA, 0x2525CDB9, - 0xAFAFDDE4, 0x4545089A, 0xDFDF8DA4, 0xA3A35C97, 0xEAEAD57E, 0x353558DA, 0xEDEDD07A, 0x4343FC17, - 0xF8F8CB66, 0xFBFBB194, 0x3737D3A1, 0xFAFA401D, 0xC2C2683D, 0xB4B4CCF0, 0x32325DDE, 0x9C9C71B3, - 0x5656E70B, 0xE3E3DA72, 0x878760A7, 0x15151B1C, 0xF9F93AEF, 0x6363BFD1, 0x3434A953, 0x9A9A853E, - 0xB1B1428F, 0x7C7CD133, 0x88889B26, 0x3D3DA65F, 0xA1A1D7EC, 0xE4E4DF76, 0x8181942A, 0x91910149, - 0x0F0FFB81, 0xEEEEAA88, 0x161661EE, 0xD7D77321, 0x9797F5C4, 0xA5A5A81A, 0xFEFE3FEB, 0x6D6DB5D9, - 0x7878AEC5, 0xC5C56D39, 0x1D1DE599, 0x7676A4CD, 0x3E3EDCAD, 0xCBCB6731, 0xB6B6478B, 0xEFEF5B01, - 0x12121E18, 0x6060C523, 0x6A6AB0DD, 0x4D4DF61F, 0xCECEE94E, 0xDEDE7C2D, 0x55559DF9, 0x7E7E5A48, - 0x2121B24F, 0x03037AF2, 0xA0A02665, 0x5E5E198E, 0x5A5A6678, 0x65654B5C, 0x62624E58, 0xFDFD4519, - 0x0606F48D, 0x404086E5, 0xF2F2BE98, 0x3333AC57, 0x17179067, 0x05058E7F, 0xE8E85E05, 0x4F4F7D64, - 0x89896AAF, 0x10109563, 0x74742FB6, 0x0A0A75FE, 0x5C5C92F5, 0x9B9B74B7, 0x2D2D333C, 0x3030D6A5, - 0x2E2E49CE, 0x494989E9, 0x46467268, 0x77775544, 0xA8A8D8E0, 0x9696044D, 0x2828BD43, 0xA9A92969, - 0xD9D97929, 0x8686912E, 0xD1D187AC, 0xF4F44A15, 0x8D8D1559, 0xD6D682A8, 0xB9B9BC0A, 0x42420D9E, - 0xF6F6C16E, 0x2F2FB847, 0xDDDD06DF, 0x23233934, 0xCCCC6235, 0xF1F1C46A, 0xC1C112CF, 0x8585EBDC, - 0x8F8F9E22, 0x7171A1C9, 0x9090F0C0, 0xAAAA539B, 0x0101F189, 0x8B8BE1D4, 0x4E4E8CED, 0x8E8E6FAB, - 0xABABA212, 0x6F6F3EA2, 0xE6E6540D, 0xDBDBF252, 0x92927BBB, 0xB7B7B602, 0x6969CA2F, 0x3939D9A9, - 0xD3D30CD7, 0xA7A72361, 0xA2A2AD1E, 0xC3C399B4, 0x6C6C4450, 0x07070504, 0x04047FF6, 0x272746C2, - 0xACACA716, 0xD0D07625, 0x50501386, 0xDCDCF756, 0x84841A55, 0xE1E15109, 0x7A7A25BE, 0x1313EF91 - ]; - - /** - * M-Table - * - * @var array - */ - private static $m1 = [ - 0xA9D93939, 0x67901717, 0xB3719C9C, 0xE8D2A6A6, 0x04050707, 0xFD985252, 0xA3658080, 0x76DFE4E4, - 0x9A084545, 0x92024B4B, 0x80A0E0E0, 0x78665A5A, 0xE4DDAFAF, 0xDDB06A6A, 0xD1BF6363, 0x38362A2A, - 0x0D54E6E6, 0xC6432020, 0x3562CCCC, 0x98BEF2F2, 0x181E1212, 0xF724EBEB, 0xECD7A1A1, 0x6C774141, - 0x43BD2828, 0x7532BCBC, 0x37D47B7B, 0x269B8888, 0xFA700D0D, 0x13F94444, 0x94B1FBFB, 0x485A7E7E, - 0xF27A0303, 0xD0E48C8C, 0x8B47B6B6, 0x303C2424, 0x84A5E7E7, 0x54416B6B, 0xDF06DDDD, 0x23C56060, - 0x1945FDFD, 0x5BA33A3A, 0x3D68C2C2, 0x59158D8D, 0xF321ECEC, 0xAE316666, 0xA23E6F6F, 0x82165757, - 0x63951010, 0x015BEFEF, 0x834DB8B8, 0x2E918686, 0xD9B56D6D, 0x511F8383, 0x9B53AAAA, 0x7C635D5D, - 0xA63B6868, 0xEB3FFEFE, 0xA5D63030, 0xBE257A7A, 0x16A7ACAC, 0x0C0F0909, 0xE335F0F0, 0x6123A7A7, - 0xC0F09090, 0x8CAFE9E9, 0x3A809D9D, 0xF5925C5C, 0x73810C0C, 0x2C273131, 0x2576D0D0, 0x0BE75656, - 0xBB7B9292, 0x4EE9CECE, 0x89F10101, 0x6B9F1E1E, 0x53A93434, 0x6AC4F1F1, 0xB499C3C3, 0xF1975B5B, - 0xE1834747, 0xE66B1818, 0xBDC82222, 0x450E9898, 0xE26E1F1F, 0xF4C9B3B3, 0xB62F7474, 0x66CBF8F8, - 0xCCFF9999, 0x95EA1414, 0x03ED5858, 0x56F7DCDC, 0xD4E18B8B, 0x1C1B1515, 0x1EADA2A2, 0xD70CD3D3, - 0xFB2BE2E2, 0xC31DC8C8, 0x8E195E5E, 0xB5C22C2C, 0xE9894949, 0xCF12C1C1, 0xBF7E9595, 0xBA207D7D, - 0xEA641111, 0x77840B0B, 0x396DC5C5, 0xAF6A8989, 0x33D17C7C, 0xC9A17171, 0x62CEFFFF, 0x7137BBBB, - 0x81FB0F0F, 0x793DB5B5, 0x0951E1E1, 0xADDC3E3E, 0x242D3F3F, 0xCDA47676, 0xF99D5555, 0xD8EE8282, - 0xE5864040, 0xC5AE7878, 0xB9CD2525, 0x4D049696, 0x44557777, 0x080A0E0E, 0x86135050, 0xE730F7F7, - 0xA1D33737, 0x1D40FAFA, 0xAA346161, 0xED8C4E4E, 0x06B3B0B0, 0x706C5454, 0xB22A7373, 0xD2523B3B, - 0x410B9F9F, 0x7B8B0202, 0xA088D8D8, 0x114FF3F3, 0x3167CBCB, 0xC2462727, 0x27C06767, 0x90B4FCFC, - 0x20283838, 0xF67F0404, 0x60784848, 0xFF2EE5E5, 0x96074C4C, 0x5C4B6565, 0xB1C72B2B, 0xAB6F8E8E, - 0x9E0D4242, 0x9CBBF5F5, 0x52F2DBDB, 0x1BF34A4A, 0x5FA63D3D, 0x9359A4A4, 0x0ABCB9B9, 0xEF3AF9F9, - 0x91EF1313, 0x85FE0808, 0x49019191, 0xEE611616, 0x2D7CDEDE, 0x4FB22121, 0x8F42B1B1, 0x3BDB7272, - 0x47B82F2F, 0x8748BFBF, 0x6D2CAEAE, 0x46E3C0C0, 0xD6573C3C, 0x3E859A9A, 0x6929A9A9, 0x647D4F4F, - 0x2A948181, 0xCE492E2E, 0xCB17C6C6, 0x2FCA6969, 0xFCC3BDBD, 0x975CA3A3, 0x055EE8E8, 0x7AD0EDED, - 0xAC87D1D1, 0x7F8E0505, 0xD5BA6464, 0x1AA8A5A5, 0x4BB72626, 0x0EB9BEBE, 0xA7608787, 0x5AF8D5D5, - 0x28223636, 0x14111B1B, 0x3FDE7575, 0x2979D9D9, 0x88AAEEEE, 0x3C332D2D, 0x4C5F7979, 0x02B6B7B7, - 0xB896CACA, 0xDA583535, 0xB09CC4C4, 0x17FC4343, 0x551A8484, 0x1FF64D4D, 0x8A1C5959, 0x7D38B2B2, - 0x57AC3333, 0xC718CFCF, 0x8DF40606, 0x74695353, 0xB7749B9B, 0xC4F59797, 0x9F56ADAD, 0x72DAE3E3, - 0x7ED5EAEA, 0x154AF4F4, 0x229E8F8F, 0x12A2ABAB, 0x584E6262, 0x07E85F5F, 0x99E51D1D, 0x34392323, - 0x6EC1F6F6, 0x50446C6C, 0xDE5D3232, 0x68724646, 0x6526A0A0, 0xBC93CDCD, 0xDB03DADA, 0xF8C6BABA, - 0xC8FA9E9E, 0xA882D6D6, 0x2BCF6E6E, 0x40507070, 0xDCEB8585, 0xFE750A0A, 0x328A9393, 0xA48DDFDF, - 0xCA4C2929, 0x10141C1C, 0x2173D7D7, 0xF0CCB4B4, 0xD309D4D4, 0x5D108A8A, 0x0FE25151, 0x00000000, - 0x6F9A1919, 0x9DE01A1A, 0x368F9494, 0x42E6C7C7, 0x4AECC9C9, 0x5EFDD2D2, 0xC1AB7F7F, 0xE0D8A8A8 - ]; - - /** - * M-Table - * - * @var array - */ - private static $m2 = [ - 0xBC75BC32, 0xECF3EC21, 0x20C62043, 0xB3F4B3C9, 0xDADBDA03, 0x027B028B, 0xE2FBE22B, 0x9EC89EFA, - 0xC94AC9EC, 0xD4D3D409, 0x18E6186B, 0x1E6B1E9F, 0x9845980E, 0xB27DB238, 0xA6E8A6D2, 0x264B26B7, - 0x3CD63C57, 0x9332938A, 0x82D882EE, 0x52FD5298, 0x7B377BD4, 0xBB71BB37, 0x5BF15B97, 0x47E14783, - 0x2430243C, 0x510F51E2, 0xBAF8BAC6, 0x4A1B4AF3, 0xBF87BF48, 0x0DFA0D70, 0xB006B0B3, 0x753F75DE, - 0xD25ED2FD, 0x7DBA7D20, 0x66AE6631, 0x3A5B3AA3, 0x598A591C, 0x00000000, 0xCDBCCD93, 0x1A9D1AE0, - 0xAE6DAE2C, 0x7FC17FAB, 0x2BB12BC7, 0xBE0EBEB9, 0xE080E0A0, 0x8A5D8A10, 0x3BD23B52, 0x64D564BA, - 0xD8A0D888, 0xE784E7A5, 0x5F075FE8, 0x1B141B11, 0x2CB52CC2, 0xFC90FCB4, 0x312C3127, 0x80A38065, - 0x73B2732A, 0x0C730C81, 0x794C795F, 0x6B546B41, 0x4B924B02, 0x53745369, 0x9436948F, 0x8351831F, - 0x2A382A36, 0xC4B0C49C, 0x22BD22C8, 0xD55AD5F8, 0xBDFCBDC3, 0x48604878, 0xFF62FFCE, 0x4C964C07, - 0x416C4177, 0xC742C7E6, 0xEBF7EB24, 0x1C101C14, 0x5D7C5D63, 0x36283622, 0x672767C0, 0xE98CE9AF, - 0x441344F9, 0x149514EA, 0xF59CF5BB, 0xCFC7CF18, 0x3F243F2D, 0xC046C0E3, 0x723B72DB, 0x5470546C, - 0x29CA294C, 0xF0E3F035, 0x088508FE, 0xC6CBC617, 0xF311F34F, 0x8CD08CE4, 0xA493A459, 0xCAB8CA96, - 0x68A6683B, 0xB883B84D, 0x38203828, 0xE5FFE52E, 0xAD9FAD56, 0x0B770B84, 0xC8C3C81D, 0x99CC99FF, - 0x580358ED, 0x196F199A, 0x0E080E0A, 0x95BF957E, 0x70407050, 0xF7E7F730, 0x6E2B6ECF, 0x1FE21F6E, - 0xB579B53D, 0x090C090F, 0x61AA6134, 0x57825716, 0x9F419F0B, 0x9D3A9D80, 0x11EA1164, 0x25B925CD, - 0xAFE4AFDD, 0x459A4508, 0xDFA4DF8D, 0xA397A35C, 0xEA7EEAD5, 0x35DA3558, 0xED7AEDD0, 0x431743FC, - 0xF866F8CB, 0xFB94FBB1, 0x37A137D3, 0xFA1DFA40, 0xC23DC268, 0xB4F0B4CC, 0x32DE325D, 0x9CB39C71, - 0x560B56E7, 0xE372E3DA, 0x87A78760, 0x151C151B, 0xF9EFF93A, 0x63D163BF, 0x345334A9, 0x9A3E9A85, - 0xB18FB142, 0x7C337CD1, 0x8826889B, 0x3D5F3DA6, 0xA1ECA1D7, 0xE476E4DF, 0x812A8194, 0x91499101, - 0x0F810FFB, 0xEE88EEAA, 0x16EE1661, 0xD721D773, 0x97C497F5, 0xA51AA5A8, 0xFEEBFE3F, 0x6DD96DB5, - 0x78C578AE, 0xC539C56D, 0x1D991DE5, 0x76CD76A4, 0x3EAD3EDC, 0xCB31CB67, 0xB68BB647, 0xEF01EF5B, - 0x1218121E, 0x602360C5, 0x6ADD6AB0, 0x4D1F4DF6, 0xCE4ECEE9, 0xDE2DDE7C, 0x55F9559D, 0x7E487E5A, - 0x214F21B2, 0x03F2037A, 0xA065A026, 0x5E8E5E19, 0x5A785A66, 0x655C654B, 0x6258624E, 0xFD19FD45, - 0x068D06F4, 0x40E54086, 0xF298F2BE, 0x335733AC, 0x17671790, 0x057F058E, 0xE805E85E, 0x4F644F7D, - 0x89AF896A, 0x10631095, 0x74B6742F, 0x0AFE0A75, 0x5CF55C92, 0x9BB79B74, 0x2D3C2D33, 0x30A530D6, - 0x2ECE2E49, 0x49E94989, 0x46684672, 0x77447755, 0xA8E0A8D8, 0x964D9604, 0x284328BD, 0xA969A929, - 0xD929D979, 0x862E8691, 0xD1ACD187, 0xF415F44A, 0x8D598D15, 0xD6A8D682, 0xB90AB9BC, 0x429E420D, - 0xF66EF6C1, 0x2F472FB8, 0xDDDFDD06, 0x23342339, 0xCC35CC62, 0xF16AF1C4, 0xC1CFC112, 0x85DC85EB, - 0x8F228F9E, 0x71C971A1, 0x90C090F0, 0xAA9BAA53, 0x018901F1, 0x8BD48BE1, 0x4EED4E8C, 0x8EAB8E6F, - 0xAB12ABA2, 0x6FA26F3E, 0xE60DE654, 0xDB52DBF2, 0x92BB927B, 0xB702B7B6, 0x692F69CA, 0x39A939D9, - 0xD3D7D30C, 0xA761A723, 0xA21EA2AD, 0xC3B4C399, 0x6C506C44, 0x07040705, 0x04F6047F, 0x27C22746, - 0xAC16ACA7, 0xD025D076, 0x50865013, 0xDC56DCF7, 0x8455841A, 0xE109E151, 0x7ABE7A25, 0x139113EF - ]; - - /** - * M-Table - * - * @var array - */ - private static $m3 = [ - 0xD939A9D9, 0x90176790, 0x719CB371, 0xD2A6E8D2, 0x05070405, 0x9852FD98, 0x6580A365, 0xDFE476DF, - 0x08459A08, 0x024B9202, 0xA0E080A0, 0x665A7866, 0xDDAFE4DD, 0xB06ADDB0, 0xBF63D1BF, 0x362A3836, - 0x54E60D54, 0x4320C643, 0x62CC3562, 0xBEF298BE, 0x1E12181E, 0x24EBF724, 0xD7A1ECD7, 0x77416C77, - 0xBD2843BD, 0x32BC7532, 0xD47B37D4, 0x9B88269B, 0x700DFA70, 0xF94413F9, 0xB1FB94B1, 0x5A7E485A, - 0x7A03F27A, 0xE48CD0E4, 0x47B68B47, 0x3C24303C, 0xA5E784A5, 0x416B5441, 0x06DDDF06, 0xC56023C5, - 0x45FD1945, 0xA33A5BA3, 0x68C23D68, 0x158D5915, 0x21ECF321, 0x3166AE31, 0x3E6FA23E, 0x16578216, - 0x95106395, 0x5BEF015B, 0x4DB8834D, 0x91862E91, 0xB56DD9B5, 0x1F83511F, 0x53AA9B53, 0x635D7C63, - 0x3B68A63B, 0x3FFEEB3F, 0xD630A5D6, 0x257ABE25, 0xA7AC16A7, 0x0F090C0F, 0x35F0E335, 0x23A76123, - 0xF090C0F0, 0xAFE98CAF, 0x809D3A80, 0x925CF592, 0x810C7381, 0x27312C27, 0x76D02576, 0xE7560BE7, - 0x7B92BB7B, 0xE9CE4EE9, 0xF10189F1, 0x9F1E6B9F, 0xA93453A9, 0xC4F16AC4, 0x99C3B499, 0x975BF197, - 0x8347E183, 0x6B18E66B, 0xC822BDC8, 0x0E98450E, 0x6E1FE26E, 0xC9B3F4C9, 0x2F74B62F, 0xCBF866CB, - 0xFF99CCFF, 0xEA1495EA, 0xED5803ED, 0xF7DC56F7, 0xE18BD4E1, 0x1B151C1B, 0xADA21EAD, 0x0CD3D70C, - 0x2BE2FB2B, 0x1DC8C31D, 0x195E8E19, 0xC22CB5C2, 0x8949E989, 0x12C1CF12, 0x7E95BF7E, 0x207DBA20, - 0x6411EA64, 0x840B7784, 0x6DC5396D, 0x6A89AF6A, 0xD17C33D1, 0xA171C9A1, 0xCEFF62CE, 0x37BB7137, - 0xFB0F81FB, 0x3DB5793D, 0x51E10951, 0xDC3EADDC, 0x2D3F242D, 0xA476CDA4, 0x9D55F99D, 0xEE82D8EE, - 0x8640E586, 0xAE78C5AE, 0xCD25B9CD, 0x04964D04, 0x55774455, 0x0A0E080A, 0x13508613, 0x30F7E730, - 0xD337A1D3, 0x40FA1D40, 0x3461AA34, 0x8C4EED8C, 0xB3B006B3, 0x6C54706C, 0x2A73B22A, 0x523BD252, - 0x0B9F410B, 0x8B027B8B, 0x88D8A088, 0x4FF3114F, 0x67CB3167, 0x4627C246, 0xC06727C0, 0xB4FC90B4, - 0x28382028, 0x7F04F67F, 0x78486078, 0x2EE5FF2E, 0x074C9607, 0x4B655C4B, 0xC72BB1C7, 0x6F8EAB6F, - 0x0D429E0D, 0xBBF59CBB, 0xF2DB52F2, 0xF34A1BF3, 0xA63D5FA6, 0x59A49359, 0xBCB90ABC, 0x3AF9EF3A, - 0xEF1391EF, 0xFE0885FE, 0x01914901, 0x6116EE61, 0x7CDE2D7C, 0xB2214FB2, 0x42B18F42, 0xDB723BDB, - 0xB82F47B8, 0x48BF8748, 0x2CAE6D2C, 0xE3C046E3, 0x573CD657, 0x859A3E85, 0x29A96929, 0x7D4F647D, - 0x94812A94, 0x492ECE49, 0x17C6CB17, 0xCA692FCA, 0xC3BDFCC3, 0x5CA3975C, 0x5EE8055E, 0xD0ED7AD0, - 0x87D1AC87, 0x8E057F8E, 0xBA64D5BA, 0xA8A51AA8, 0xB7264BB7, 0xB9BE0EB9, 0x6087A760, 0xF8D55AF8, - 0x22362822, 0x111B1411, 0xDE753FDE, 0x79D92979, 0xAAEE88AA, 0x332D3C33, 0x5F794C5F, 0xB6B702B6, - 0x96CAB896, 0x5835DA58, 0x9CC4B09C, 0xFC4317FC, 0x1A84551A, 0xF64D1FF6, 0x1C598A1C, 0x38B27D38, - 0xAC3357AC, 0x18CFC718, 0xF4068DF4, 0x69537469, 0x749BB774, 0xF597C4F5, 0x56AD9F56, 0xDAE372DA, - 0xD5EA7ED5, 0x4AF4154A, 0x9E8F229E, 0xA2AB12A2, 0x4E62584E, 0xE85F07E8, 0xE51D99E5, 0x39233439, - 0xC1F66EC1, 0x446C5044, 0x5D32DE5D, 0x72466872, 0x26A06526, 0x93CDBC93, 0x03DADB03, 0xC6BAF8C6, - 0xFA9EC8FA, 0x82D6A882, 0xCF6E2BCF, 0x50704050, 0xEB85DCEB, 0x750AFE75, 0x8A93328A, 0x8DDFA48D, - 0x4C29CA4C, 0x141C1014, 0x73D72173, 0xCCB4F0CC, 0x09D4D309, 0x108A5D10, 0xE2510FE2, 0x00000000, - 0x9A196F9A, 0xE01A9DE0, 0x8F94368F, 0xE6C742E6, 0xECC94AEC, 0xFDD25EFD, 0xAB7FC1AB, 0xD8A8E0D8 - ]; - - /** - * The Key Schedule Array - * - * @var array - */ - private $K = []; - - /** - * The Key depended S-Table 0 - * - * @var array - */ - private $S0 = []; - - /** - * The Key depended S-Table 1 - * - * @var array - */ - private $S1 = []; - - /** - * The Key depended S-Table 2 - * - * @var array - */ - private $S2 = []; - - /** - * The Key depended S-Table 3 - * - * @var array - */ - private $S3 = []; - - /** - * Holds the last used key - * - * @var array - */ - private $kl; - - /** - * The Key Length (in bytes) - * - * @see Crypt_Twofish::setKeyLength() - * @var int - */ - protected $key_length = 16; - - /** - * Default Constructor. - * - * @param string $mode - * @throws BadModeException if an invalid / unsupported mode is provided - */ - public function __construct($mode) - { - parent::__construct($mode); - - if ($this->mode == self::MODE_STREAM) { - throw new BadModeException('Block ciphers cannot be ran in stream mode'); - } - } - - /** - * Initialize Static Variables - */ - protected static function initialize_static_variables() - { - if (is_float(self::$m3[0])) { - self::$m0 = array_map('intval', self::$m0); - self::$m1 = array_map('intval', self::$m1); - self::$m2 = array_map('intval', self::$m2); - self::$m3 = array_map('intval', self::$m3); - self::$q0 = array_map('intval', self::$q0); - self::$q1 = array_map('intval', self::$q1); - } - - parent::initialize_static_variables(); - } - - /** - * Sets the key length. - * - * Valid key lengths are 128, 192 or 256 bits - * - * @param int $length - */ - public function setKeyLength($length) - { - switch ($length) { - case 128: - case 192: - case 256: - break; - default: - throw new \LengthException('Key of size ' . $length . ' not supported by this algorithm. Only keys of sizes 16, 24 or 32 supported'); - } - - parent::setKeyLength($length); - } - - /** - * Sets the key. - * - * Rijndael supports five different key lengths - * - * @see setKeyLength() - * @param string $key - * @throws \LengthException if the key length isn't supported - */ - public function setKey($key) - { - switch (strlen($key)) { - case 16: - case 24: - case 32: - break; - default: - throw new \LengthException('Key of size ' . strlen($key) . ' not supported by this algorithm. Only keys of sizes 16, 24 or 32 supported'); - } - - parent::setKey($key); - } - - /** - * Setup the key (expansion) - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::_setupKey() - */ - protected function setupKey() - { - if (isset($this->kl['key']) && $this->key === $this->kl['key']) { - // already expanded - return; - } - $this->kl = ['key' => $this->key]; - - /* Key expanding and generating the key-depended s-boxes */ - $le_longs = unpack('V*', $this->key); - $key = unpack('C*', $this->key); - $m0 = self::$m0; - $m1 = self::$m1; - $m2 = self::$m2; - $m3 = self::$m3; - $q0 = self::$q0; - $q1 = self::$q1; - - $K = $S0 = $S1 = $S2 = $S3 = []; - - switch (strlen($this->key)) { - case 16: - list($s7, $s6, $s5, $s4) = $this->mdsrem($le_longs[1], $le_longs[2]); - list($s3, $s2, $s1, $s0) = $this->mdsrem($le_longs[3], $le_longs[4]); - for ($i = 0, $j = 1; $i < 40; $i += 2, $j += 2) { - $A = $m0[$q0[$q0[$i] ^ $key[ 9]] ^ $key[1]] ^ - $m1[$q0[$q1[$i] ^ $key[10]] ^ $key[2]] ^ - $m2[$q1[$q0[$i] ^ $key[11]] ^ $key[3]] ^ - $m3[$q1[$q1[$i] ^ $key[12]] ^ $key[4]]; - $B = $m0[$q0[$q0[$j] ^ $key[13]] ^ $key[5]] ^ - $m1[$q0[$q1[$j] ^ $key[14]] ^ $key[6]] ^ - $m2[$q1[$q0[$j] ^ $key[15]] ^ $key[7]] ^ - $m3[$q1[$q1[$j] ^ $key[16]] ^ $key[8]]; - $B = ($B << 8) | ($B >> 24 & 0xff); - $A = self::safe_intval($A + $B); - $K[] = $A; - $A = self::safe_intval($A + $B); - $K[] = ($A << 9 | $A >> 23 & 0x1ff); - } - for ($i = 0; $i < 256; ++$i) { - $S0[$i] = $m0[$q0[$q0[$i] ^ $s4] ^ $s0]; - $S1[$i] = $m1[$q0[$q1[$i] ^ $s5] ^ $s1]; - $S2[$i] = $m2[$q1[$q0[$i] ^ $s6] ^ $s2]; - $S3[$i] = $m3[$q1[$q1[$i] ^ $s7] ^ $s3]; - } - break; - case 24: - list($sb, $sa, $s9, $s8) = $this->mdsrem($le_longs[1], $le_longs[2]); - list($s7, $s6, $s5, $s4) = $this->mdsrem($le_longs[3], $le_longs[4]); - list($s3, $s2, $s1, $s0) = $this->mdsrem($le_longs[5], $le_longs[6]); - for ($i = 0, $j = 1; $i < 40; $i += 2, $j += 2) { - $A = $m0[$q0[$q0[$q1[$i] ^ $key[17]] ^ $key[ 9]] ^ $key[1]] ^ - $m1[$q0[$q1[$q1[$i] ^ $key[18]] ^ $key[10]] ^ $key[2]] ^ - $m2[$q1[$q0[$q0[$i] ^ $key[19]] ^ $key[11]] ^ $key[3]] ^ - $m3[$q1[$q1[$q0[$i] ^ $key[20]] ^ $key[12]] ^ $key[4]]; - $B = $m0[$q0[$q0[$q1[$j] ^ $key[21]] ^ $key[13]] ^ $key[5]] ^ - $m1[$q0[$q1[$q1[$j] ^ $key[22]] ^ $key[14]] ^ $key[6]] ^ - $m2[$q1[$q0[$q0[$j] ^ $key[23]] ^ $key[15]] ^ $key[7]] ^ - $m3[$q1[$q1[$q0[$j] ^ $key[24]] ^ $key[16]] ^ $key[8]]; - $B = ($B << 8) | ($B >> 24 & 0xff); - $A = self::safe_intval($A + $B); - $K[] = $A; - $A = self::safe_intval($A + $B); - $K[] = ($A << 9 | $A >> 23 & 0x1ff); - } - for ($i = 0; $i < 256; ++$i) { - $S0[$i] = $m0[$q0[$q0[$q1[$i] ^ $s8] ^ $s4] ^ $s0]; - $S1[$i] = $m1[$q0[$q1[$q1[$i] ^ $s9] ^ $s5] ^ $s1]; - $S2[$i] = $m2[$q1[$q0[$q0[$i] ^ $sa] ^ $s6] ^ $s2]; - $S3[$i] = $m3[$q1[$q1[$q0[$i] ^ $sb] ^ $s7] ^ $s3]; - } - break; - default: // 32 - list($sf, $se, $sd, $sc) = $this->mdsrem($le_longs[1], $le_longs[2]); - list($sb, $sa, $s9, $s8) = $this->mdsrem($le_longs[3], $le_longs[4]); - list($s7, $s6, $s5, $s4) = $this->mdsrem($le_longs[5], $le_longs[6]); - list($s3, $s2, $s1, $s0) = $this->mdsrem($le_longs[7], $le_longs[8]); - for ($i = 0, $j = 1; $i < 40; $i += 2, $j += 2) { - $A = $m0[$q0[$q0[$q1[$q1[$i] ^ $key[25]] ^ $key[17]] ^ $key[ 9]] ^ $key[1]] ^ - $m1[$q0[$q1[$q1[$q0[$i] ^ $key[26]] ^ $key[18]] ^ $key[10]] ^ $key[2]] ^ - $m2[$q1[$q0[$q0[$q0[$i] ^ $key[27]] ^ $key[19]] ^ $key[11]] ^ $key[3]] ^ - $m3[$q1[$q1[$q0[$q1[$i] ^ $key[28]] ^ $key[20]] ^ $key[12]] ^ $key[4]]; - $B = $m0[$q0[$q0[$q1[$q1[$j] ^ $key[29]] ^ $key[21]] ^ $key[13]] ^ $key[5]] ^ - $m1[$q0[$q1[$q1[$q0[$j] ^ $key[30]] ^ $key[22]] ^ $key[14]] ^ $key[6]] ^ - $m2[$q1[$q0[$q0[$q0[$j] ^ $key[31]] ^ $key[23]] ^ $key[15]] ^ $key[7]] ^ - $m3[$q1[$q1[$q0[$q1[$j] ^ $key[32]] ^ $key[24]] ^ $key[16]] ^ $key[8]]; - $B = ($B << 8) | ($B >> 24 & 0xff); - $A = self::safe_intval($A + $B); - $K[] = $A; - $A = self::safe_intval($A + $B); - $K[] = ($A << 9 | $A >> 23 & 0x1ff); - } - for ($i = 0; $i < 256; ++$i) { - $S0[$i] = $m0[$q0[$q0[$q1[$q1[$i] ^ $sc] ^ $s8] ^ $s4] ^ $s0]; - $S1[$i] = $m1[$q0[$q1[$q1[$q0[$i] ^ $sd] ^ $s9] ^ $s5] ^ $s1]; - $S2[$i] = $m2[$q1[$q0[$q0[$q0[$i] ^ $se] ^ $sa] ^ $s6] ^ $s2]; - $S3[$i] = $m3[$q1[$q1[$q0[$q1[$i] ^ $sf] ^ $sb] ^ $s7] ^ $s3]; - } - } - - $this->K = $K; - $this->S0 = $S0; - $this->S1 = $S1; - $this->S2 = $S2; - $this->S3 = $S3; - } - - /** - * _mdsrem function using by the twofish cipher algorithm - * - * @param string $A - * @param string $B - * @return array - */ - private function mdsrem($A, $B) - { - // No gain by unrolling this loop. - for ($i = 0; $i < 8; ++$i) { - // Get most significant coefficient. - $t = 0xff & ($B >> 24); - - // Shift the others up. - $B = ($B << 8) | (0xff & ($A >> 24)); - $A <<= 8; - - $u = $t << 1; - - // Subtract the modular polynomial on overflow. - if ($t & 0x80) { - $u ^= 0x14d; - } - - // Remove t * (a * x^2 + 1). - $B ^= $t ^ ($u << 16); - - // Form u = a*t + t/a = t*(a + 1/a). - $u ^= 0x7fffffff & ($t >> 1); - - // Add the modular polynomial on underflow. - if ($t & 0x01) { - $u ^= 0xa6 ; - } - - // Remove t * (a + 1/a) * (x^3 + x). - $B ^= ($u << 24) | ($u << 8); - } - - return [ - 0xff & $B >> 24, - 0xff & $B >> 16, - 0xff & $B >> 8, - 0xff & $B]; - } - - /** - * Encrypts a block - * - * @param string $in - * @return string - */ - protected function encryptBlock($in) - { - $S0 = $this->S0; - $S1 = $this->S1; - $S2 = $this->S2; - $S3 = $this->S3; - $K = $this->K; - - $in = unpack("V4", $in); - $R0 = $K[0] ^ $in[1]; - $R1 = $K[1] ^ $in[2]; - $R2 = $K[2] ^ $in[3]; - $R3 = $K[3] ^ $in[4]; - - $ki = 7; - while ($ki < 39) { - $t0 = $S0[ $R0 & 0xff] ^ - $S1[($R0 >> 8) & 0xff] ^ - $S2[($R0 >> 16) & 0xff] ^ - $S3[($R0 >> 24) & 0xff]; - $t1 = $S0[($R1 >> 24) & 0xff] ^ - $S1[ $R1 & 0xff] ^ - $S2[($R1 >> 8) & 0xff] ^ - $S3[($R1 >> 16) & 0xff]; - $R2 ^= self::safe_intval($t0 + $t1 + $K[++$ki]); - $R2 = ($R2 >> 1 & 0x7fffffff) | ($R2 << 31); - $R3 = ((($R3 >> 31) & 1) | ($R3 << 1)) ^ self::safe_intval($t0 + ($t1 << 1) + $K[++$ki]); - - $t0 = $S0[ $R2 & 0xff] ^ - $S1[($R2 >> 8) & 0xff] ^ - $S2[($R2 >> 16) & 0xff] ^ - $S3[($R2 >> 24) & 0xff]; - $t1 = $S0[($R3 >> 24) & 0xff] ^ - $S1[ $R3 & 0xff] ^ - $S2[($R3 >> 8) & 0xff] ^ - $S3[($R3 >> 16) & 0xff]; - $R0 ^= self::safe_intval($t0 + $t1 + $K[++$ki]); - $R0 = ($R0 >> 1 & 0x7fffffff) | ($R0 << 31); - $R1 = ((($R1 >> 31) & 1) | ($R1 << 1)) ^ self::safe_intval($t0 + ($t1 << 1) + $K[++$ki]); - } - - // @codingStandardsIgnoreStart - return pack("V4", $K[4] ^ $R2, - $K[5] ^ $R3, - $K[6] ^ $R0, - $K[7] ^ $R1); - // @codingStandardsIgnoreEnd - } - - /** - * Decrypts a block - * - * @param string $in - * @return string - */ - protected function decryptBlock($in) - { - $S0 = $this->S0; - $S1 = $this->S1; - $S2 = $this->S2; - $S3 = $this->S3; - $K = $this->K; - - $in = unpack("V4", $in); - $R0 = $K[4] ^ $in[1]; - $R1 = $K[5] ^ $in[2]; - $R2 = $K[6] ^ $in[3]; - $R3 = $K[7] ^ $in[4]; - - $ki = 40; - while ($ki > 8) { - $t0 = $S0[$R0 & 0xff] ^ - $S1[$R0 >> 8 & 0xff] ^ - $S2[$R0 >> 16 & 0xff] ^ - $S3[$R0 >> 24 & 0xff]; - $t1 = $S0[$R1 >> 24 & 0xff] ^ - $S1[$R1 & 0xff] ^ - $S2[$R1 >> 8 & 0xff] ^ - $S3[$R1 >> 16 & 0xff]; - $R3 ^= self::safe_intval($t0 + ($t1 << 1) + $K[--$ki]); - $R3 = $R3 >> 1 & 0x7fffffff | $R3 << 31; - $R2 = ($R2 >> 31 & 0x1 | $R2 << 1) ^ self::safe_intval($t0 + $t1 + $K[--$ki]); - - $t0 = $S0[$R2 & 0xff] ^ - $S1[$R2 >> 8 & 0xff] ^ - $S2[$R2 >> 16 & 0xff] ^ - $S3[$R2 >> 24 & 0xff]; - $t1 = $S0[$R3 >> 24 & 0xff] ^ - $S1[$R3 & 0xff] ^ - $S2[$R3 >> 8 & 0xff] ^ - $S3[$R3 >> 16 & 0xff]; - $R1 ^= self::safe_intval($t0 + ($t1 << 1) + $K[--$ki]); - $R1 = $R1 >> 1 & 0x7fffffff | $R1 << 31; - $R0 = ($R0 >> 31 & 0x1 | $R0 << 1) ^ self::safe_intval($t0 + $t1 + $K[--$ki]); - } - - // @codingStandardsIgnoreStart - return pack("V4", $K[0] ^ $R2, - $K[1] ^ $R3, - $K[2] ^ $R0, - $K[3] ^ $R1); - // @codingStandardsIgnoreEnd - } - - /** - * Setup the performance-optimized function for de/encrypt() - * - * @see \phpseclib3\Crypt\Common\SymmetricKey::_setupInlineCrypt() - */ - protected function setupInlineCrypt() - { - $K = $this->K; - $init_crypt = ' - static $S0, $S1, $S2, $S3; - if (!$S0) { - for ($i = 0; $i < 256; ++$i) { - $S0[] = (int)$this->S0[$i]; - $S1[] = (int)$this->S1[$i]; - $S2[] = (int)$this->S2[$i]; - $S3[] = (int)$this->S3[$i]; - } - } - '; - - $safeint = self::safe_intval_inline(); - - // Generating encrypt code: - $encrypt_block = ' - $in = unpack("V4", $in); - $R0 = ' . $K[0] . ' ^ $in[1]; - $R1 = ' . $K[1] . ' ^ $in[2]; - $R2 = ' . $K[2] . ' ^ $in[3]; - $R3 = ' . $K[3] . ' ^ $in[4]; - '; - for ($ki = 7, $i = 0; $i < 8; ++$i) { - $encrypt_block .= ' - $t0 = $S0[ $R0 & 0xff] ^ - $S1[($R0 >> 8) & 0xff] ^ - $S2[($R0 >> 16) & 0xff] ^ - $S3[($R0 >> 24) & 0xff]; - $t1 = $S0[($R1 >> 24) & 0xff] ^ - $S1[ $R1 & 0xff] ^ - $S2[($R1 >> 8) & 0xff] ^ - $S3[($R1 >> 16) & 0xff]; - $R2^= ' . sprintf($safeint, '$t0 + $t1 + ' . $K[++$ki]) . '; - $R2 = ($R2 >> 1 & 0x7fffffff) | ($R2 << 31); - $R3 = ((($R3 >> 31) & 1) | ($R3 << 1)) ^ ' . sprintf($safeint, '($t0 + ($t1 << 1) + ' . $K[++$ki] . ')') . '; - - $t0 = $S0[ $R2 & 0xff] ^ - $S1[($R2 >> 8) & 0xff] ^ - $S2[($R2 >> 16) & 0xff] ^ - $S3[($R2 >> 24) & 0xff]; - $t1 = $S0[($R3 >> 24) & 0xff] ^ - $S1[ $R3 & 0xff] ^ - $S2[($R3 >> 8) & 0xff] ^ - $S3[($R3 >> 16) & 0xff]; - $R0^= ' . sprintf($safeint, '($t0 + $t1 + ' . $K[++$ki] . ')') . '; - $R0 = ($R0 >> 1 & 0x7fffffff) | ($R0 << 31); - $R1 = ((($R1 >> 31) & 1) | ($R1 << 1)) ^ ' . sprintf($safeint, '($t0 + ($t1 << 1) + ' . $K[++$ki] . ')') . '; - '; - } - $encrypt_block .= ' - $in = pack("V4", ' . $K[4] . ' ^ $R2, - ' . $K[5] . ' ^ $R3, - ' . $K[6] . ' ^ $R0, - ' . $K[7] . ' ^ $R1); - '; - - // Generating decrypt code: - $decrypt_block = ' - $in = unpack("V4", $in); - $R0 = ' . $K[4] . ' ^ $in[1]; - $R1 = ' . $K[5] . ' ^ $in[2]; - $R2 = ' . $K[6] . ' ^ $in[3]; - $R3 = ' . $K[7] . ' ^ $in[4]; - '; - for ($ki = 40, $i = 0; $i < 8; ++$i) { - $decrypt_block .= ' - $t0 = $S0[$R0 & 0xff] ^ - $S1[$R0 >> 8 & 0xff] ^ - $S2[$R0 >> 16 & 0xff] ^ - $S3[$R0 >> 24 & 0xff]; - $t1 = $S0[$R1 >> 24 & 0xff] ^ - $S1[$R1 & 0xff] ^ - $S2[$R1 >> 8 & 0xff] ^ - $S3[$R1 >> 16 & 0xff]; - $R3^= ' . sprintf($safeint, '$t0 + ($t1 << 1) + ' . $K[--$ki]) . '; - $R3 = $R3 >> 1 & 0x7fffffff | $R3 << 31; - $R2 = ($R2 >> 31 & 0x1 | $R2 << 1) ^ ' . sprintf($safeint, '($t0 + $t1 + ' . $K[--$ki] . ')') . '; - - $t0 = $S0[$R2 & 0xff] ^ - $S1[$R2 >> 8 & 0xff] ^ - $S2[$R2 >> 16 & 0xff] ^ - $S3[$R2 >> 24 & 0xff]; - $t1 = $S0[$R3 >> 24 & 0xff] ^ - $S1[$R3 & 0xff] ^ - $S2[$R3 >> 8 & 0xff] ^ - $S3[$R3 >> 16 & 0xff]; - $R1^= ' . sprintf($safeint, '$t0 + ($t1 << 1) + ' . $K[--$ki]) . '; - $R1 = $R1 >> 1 & 0x7fffffff | $R1 << 31; - $R0 = ($R0 >> 31 & 0x1 | $R0 << 1) ^ ' . sprintf($safeint, '($t0 + $t1 + ' . $K[--$ki] . ')') . '; - '; - } - $decrypt_block .= ' - $in = pack("V4", ' . $K[0] . ' ^ $R2, - ' . $K[1] . ' ^ $R3, - ' . $K[2] . ' ^ $R0, - ' . $K[3] . ' ^ $R1); - '; - - $this->inline_crypt = $this->createInlineCryptFunction( - [ - 'init_crypt' => $init_crypt, - 'init_encrypt' => '', - 'init_decrypt' => '', - 'encrypt_block' => $encrypt_block, - 'decrypt_block' => $decrypt_block - ] - ); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/BadConfigurationException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/BadConfigurationException.php deleted file mode 100644 index 1aabcae..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/BadConfigurationException.php +++ /dev/null @@ -1,23 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Exception; - -/** - * BadConfigurationException - * - * @author Jim Wigginton - */ -class BadConfigurationException extends \RuntimeException -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/BadDecryptionException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/BadDecryptionException.php deleted file mode 100644 index 88331dc..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/BadDecryptionException.php +++ /dev/null @@ -1,23 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Exception; - -/** - * BadDecryptionException - * - * @author Jim Wigginton - */ -class BadDecryptionException extends \RuntimeException -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/BadModeException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/BadModeException.php deleted file mode 100644 index 87689b2..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/BadModeException.php +++ /dev/null @@ -1,23 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Exception; - -/** - * BadModeException - * - * @author Jim Wigginton - */ -class BadModeException extends \RuntimeException -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/ConnectionClosedException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/ConnectionClosedException.php deleted file mode 100644 index 6aaccba..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/ConnectionClosedException.php +++ /dev/null @@ -1,23 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Exception; - -/** - * ConnectionClosedException - * - * @author Jim Wigginton - */ -class ConnectionClosedException extends \RuntimeException -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/FileNotFoundException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/FileNotFoundException.php deleted file mode 100644 index 66e7270..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/FileNotFoundException.php +++ /dev/null @@ -1,23 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Exception; - -/** - * FileNotFoundException - * - * @author Jim Wigginton - */ -class FileNotFoundException extends \RuntimeException -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/InconsistentSetupException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/InconsistentSetupException.php deleted file mode 100644 index 23c38fb..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/InconsistentSetupException.php +++ /dev/null @@ -1,23 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Exception; - -/** - * InconsistentSetupException - * - * @author Jim Wigginton - */ -class InconsistentSetupException extends \RuntimeException -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/InsufficientSetupException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/InsufficientSetupException.php deleted file mode 100644 index 4f4114d..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/InsufficientSetupException.php +++ /dev/null @@ -1,23 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Exception; - -/** - * InsufficientSetupException - * - * @author Jim Wigginton - */ -class InsufficientSetupException extends \RuntimeException -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/NoKeyLoadedException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/NoKeyLoadedException.php deleted file mode 100644 index 7ec2fe9..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/NoKeyLoadedException.php +++ /dev/null @@ -1,23 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Exception; - -/** - * NoKeyLoadedException - * - * @author Jim Wigginton - */ -class NoKeyLoadedException extends \RuntimeException -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/NoSupportedAlgorithmsException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/NoSupportedAlgorithmsException.php deleted file mode 100644 index b3ea8f3..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/NoSupportedAlgorithmsException.php +++ /dev/null @@ -1,23 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Exception; - -/** - * NoSupportedAlgorithmsException - * - * @author Jim Wigginton - */ -class NoSupportedAlgorithmsException extends \RuntimeException -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnableToConnectException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnableToConnectException.php deleted file mode 100644 index bfa005b..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnableToConnectException.php +++ /dev/null @@ -1,23 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Exception; - -/** - * UnableToConnectException - * - * @author Jim Wigginton - */ -class UnableToConnectException extends \RuntimeException -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedAlgorithmException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedAlgorithmException.php deleted file mode 100644 index 210a9a5..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedAlgorithmException.php +++ /dev/null @@ -1,23 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Exception; - -/** - * UnsupportedAlgorithmException - * - * @author Jim Wigginton - */ -class UnsupportedAlgorithmException extends \RuntimeException -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedCurveException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedCurveException.php deleted file mode 100644 index 9915215..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedCurveException.php +++ /dev/null @@ -1,23 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Exception; - -/** - * UnsupportedCurveException - * - * @author Jim Wigginton - */ -class UnsupportedCurveException extends \RuntimeException -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedFormatException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedFormatException.php deleted file mode 100644 index e207d7e..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedFormatException.php +++ /dev/null @@ -1,23 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Exception; - -/** - * UnsupportedFormatException - * - * @author Jim Wigginton - */ -class UnsupportedFormatException extends \RuntimeException -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedOperationException.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedOperationException.php deleted file mode 100644 index 9a11544..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Exception/UnsupportedOperationException.php +++ /dev/null @@ -1,23 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Exception; - -/** - * UnsupportedOperationException - * - * @author Jim Wigginton - */ -class UnsupportedOperationException extends \RuntimeException -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ANSI.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ANSI.php deleted file mode 100644 index 5803a37..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ANSI.php +++ /dev/null @@ -1,551 +0,0 @@ - - * @copyright 2012 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File; - -/** - * Pure-PHP ANSI Decoder - * - * @author Jim Wigginton - */ -class ANSI -{ - /** - * Max Width - * - * @var int - */ - private $max_x; - - /** - * Max Height - * - * @var int - */ - private $max_y; - - /** - * Max History - * - * @var int - */ - private $max_history; - - /** - * History - * - * @var array - */ - private $history; - - /** - * History Attributes - * - * @var array - */ - private $history_attrs; - - /** - * Current Column - * - * @var int - */ - private $x; - - /** - * Current Row - * - * @var int - */ - private $y; - - /** - * Old Column - * - * @var int - */ - private $old_x; - - /** - * Old Row - * - * @var int - */ - private $old_y; - - /** - * An empty attribute cell - * - * @var object - */ - private $base_attr_cell; - - /** - * The current attribute cell - * - * @var object - */ - private $attr_cell; - - /** - * An empty attribute row - * - * @var array - */ - private $attr_row; - - /** - * The current screen text - * - * @var list - */ - private $screen; - - /** - * The current screen attributes - * - * @var array - */ - private $attrs; - - /** - * Current ANSI code - * - * @var string - */ - private $ansi; - - /** - * Tokenization - * - * @var array - */ - private $tokenization; - - /** - * Default Constructor. - * - * @return \phpseclib3\File\ANSI - */ - public function __construct() - { - $attr_cell = new \stdClass(); - $attr_cell->bold = false; - $attr_cell->underline = false; - $attr_cell->blink = false; - $attr_cell->background = 'black'; - $attr_cell->foreground = 'white'; - $attr_cell->reverse = false; - $this->base_attr_cell = clone $attr_cell; - $this->attr_cell = clone $attr_cell; - - $this->setHistory(200); - $this->setDimensions(80, 24); - } - - /** - * Set terminal width and height - * - * Resets the screen as well - * - * @param int $x - * @param int $y - */ - public function setDimensions($x, $y) - { - $this->max_x = $x - 1; - $this->max_y = $y - 1; - $this->x = $this->y = 0; - $this->history = $this->history_attrs = []; - $this->attr_row = array_fill(0, $this->max_x + 2, $this->base_attr_cell); - $this->screen = array_fill(0, $this->max_y + 1, ''); - $this->attrs = array_fill(0, $this->max_y + 1, $this->attr_row); - $this->ansi = ''; - } - - /** - * Set the number of lines that should be logged past the terminal height - * - * @param int $history - */ - public function setHistory($history) - { - $this->max_history = $history; - } - - /** - * Load a string - * - * @param string $source - */ - public function loadString($source) - { - $this->setDimensions($this->max_x + 1, $this->max_y + 1); - $this->appendString($source); - } - - /** - * Appdend a string - * - * @param string $source - */ - public function appendString($source) - { - $this->tokenization = ['']; - for ($i = 0; $i < strlen($source); $i++) { - if (strlen($this->ansi)) { - $this->ansi .= $source[$i]; - $chr = ord($source[$i]); - // http://en.wikipedia.org/wiki/ANSI_escape_code#Sequence_elements - // single character CSI's not currently supported - switch (true) { - case $this->ansi == "\x1B=": - $this->ansi = ''; - continue 2; - case strlen($this->ansi) == 2 && $chr >= 64 && $chr <= 95 && $chr != ord('['): - case strlen($this->ansi) > 2 && $chr >= 64 && $chr <= 126: - break; - default: - continue 2; - } - $this->tokenization[] = $this->ansi; - $this->tokenization[] = ''; - // http://ascii-table.com/ansi-escape-sequences-vt-100.php - switch ($this->ansi) { - case "\x1B[H": // Move cursor to upper left corner - $this->old_x = $this->x; - $this->old_y = $this->y; - $this->x = $this->y = 0; - break; - case "\x1B[J": // Clear screen from cursor down - $this->history = array_merge($this->history, array_slice(array_splice($this->screen, $this->y + 1), 0, $this->old_y)); - $this->screen = array_merge($this->screen, array_fill($this->y, $this->max_y, '')); - - $this->history_attrs = array_merge($this->history_attrs, array_slice(array_splice($this->attrs, $this->y + 1), 0, $this->old_y)); - $this->attrs = array_merge($this->attrs, array_fill($this->y, $this->max_y, $this->attr_row)); - - if (count($this->history) == $this->max_history) { - array_shift($this->history); - array_shift($this->history_attrs); - } - // fall-through - case "\x1B[K": // Clear screen from cursor right - $this->screen[$this->y] = substr($this->screen[$this->y], 0, $this->x); - - array_splice($this->attrs[$this->y], $this->x + 1, $this->max_x - $this->x, array_fill($this->x, $this->max_x - ($this->x - 1), $this->base_attr_cell)); - break; - case "\x1B[2K": // Clear entire line - $this->screen[$this->y] = str_repeat(' ', $this->x); - $this->attrs[$this->y] = $this->attr_row; - break; - case "\x1B[?1h": // set cursor key to application - case "\x1B[?25h": // show the cursor - case "\x1B(B": // set united states g0 character set - break; - case "\x1BE": // Move to next line - $this->newLine(); - $this->x = 0; - break; - default: - switch (true) { - case preg_match('#\x1B\[(\d+)B#', $this->ansi, $match): // Move cursor down n lines - $this->old_y = $this->y; - $this->y += (int) $match[1]; - break; - case preg_match('#\x1B\[(\d+);(\d+)H#', $this->ansi, $match): // Move cursor to screen location v,h - $this->old_x = $this->x; - $this->old_y = $this->y; - $this->x = $match[2] - 1; - $this->y = (int) $match[1] - 1; - break; - case preg_match('#\x1B\[(\d+)C#', $this->ansi, $match): // Move cursor right n lines - $this->old_x = $this->x; - $this->x += $match[1]; - break; - case preg_match('#\x1B\[(\d+)D#', $this->ansi, $match): // Move cursor left n lines - $this->old_x = $this->x; - $this->x -= $match[1]; - if ($this->x < 0) { - $this->x = 0; - } - break; - case preg_match('#\x1B\[(\d+);(\d+)r#', $this->ansi, $match): // Set top and bottom lines of a window - break; - case preg_match('#\x1B\[(\d*(?:;\d*)*)m#', $this->ansi, $match): // character attributes - $attr_cell = &$this->attr_cell; - $mods = explode(';', $match[1]); - foreach ($mods as $mod) { - switch ($mod) { - case '': - case '0': // Turn off character attributes - $attr_cell = clone $this->base_attr_cell; - break; - case '1': // Turn bold mode on - $attr_cell->bold = true; - break; - case '4': // Turn underline mode on - $attr_cell->underline = true; - break; - case '5': // Turn blinking mode on - $attr_cell->blink = true; - break; - case '7': // Turn reverse video on - $attr_cell->reverse = !$attr_cell->reverse; - $temp = $attr_cell->background; - $attr_cell->background = $attr_cell->foreground; - $attr_cell->foreground = $temp; - break; - default: // set colors - //$front = $attr_cell->reverse ? &$attr_cell->background : &$attr_cell->foreground; - $front = &$attr_cell->{ $attr_cell->reverse ? 'background' : 'foreground' }; - //$back = $attr_cell->reverse ? &$attr_cell->foreground : &$attr_cell->background; - $back = &$attr_cell->{ $attr_cell->reverse ? 'foreground' : 'background' }; - switch ($mod) { - // @codingStandardsIgnoreStart - case '30': $front = 'black'; break; - case '31': $front = 'red'; break; - case '32': $front = 'green'; break; - case '33': $front = 'yellow'; break; - case '34': $front = 'blue'; break; - case '35': $front = 'magenta'; break; - case '36': $front = 'cyan'; break; - case '37': $front = 'white'; break; - - case '40': $back = 'black'; break; - case '41': $back = 'red'; break; - case '42': $back = 'green'; break; - case '43': $back = 'yellow'; break; - case '44': $back = 'blue'; break; - case '45': $back = 'magenta'; break; - case '46': $back = 'cyan'; break; - case '47': $back = 'white'; break; - // @codingStandardsIgnoreEnd - - default: - //user_error('Unsupported attribute: ' . $mod); - $this->ansi = ''; - break 2; - } - } - } - break; - default: - //user_error("{$this->ansi} is unsupported\r\n"); - } - } - $this->ansi = ''; - continue; - } - - $this->tokenization[count($this->tokenization) - 1] .= $source[$i]; - switch ($source[$i]) { - case "\r": - $this->x = 0; - break; - case "\n": - $this->newLine(); - break; - case "\x08": // backspace - if ($this->x) { - $this->x--; - $this->attrs[$this->y][$this->x] = clone $this->base_attr_cell; - $this->screen[$this->y] = substr_replace( - $this->screen[$this->y], - $source[$i], - $this->x, - 1 - ); - } - break; - case "\x0F": // shift - break; - case "\x1B": // start ANSI escape code - $this->tokenization[count($this->tokenization) - 1] = substr($this->tokenization[count($this->tokenization) - 1], 0, -1); - //if (!strlen($this->tokenization[count($this->tokenization) - 1])) { - // array_pop($this->tokenization); - //} - $this->ansi .= "\x1B"; - break; - default: - $this->attrs[$this->y][$this->x] = clone $this->attr_cell; - if ($this->x > strlen($this->screen[$this->y])) { - $this->screen[$this->y] = str_repeat(' ', $this->x); - } - $this->screen[$this->y] = substr_replace( - $this->screen[$this->y], - $source[$i], - $this->x, - 1 - ); - - if ($this->x > $this->max_x) { - $this->x = 0; - $this->newLine(); - } else { - $this->x++; - } - } - } - } - - /** - * Add a new line - * - * Also update the $this->screen and $this->history buffers - * - */ - private function newLine() - { - //if ($this->y < $this->max_y) { - // $this->y++; - //} - - while ($this->y >= $this->max_y) { - $this->history = array_merge($this->history, [array_shift($this->screen)]); - $this->screen[] = ''; - - $this->history_attrs = array_merge($this->history_attrs, [array_shift($this->attrs)]); - $this->attrs[] = $this->attr_row; - - if (count($this->history) >= $this->max_history) { - array_shift($this->history); - array_shift($this->history_attrs); - } - - $this->y--; - } - $this->y++; - } - - /** - * Returns the current coordinate without preformating - * - * @param \stdClass $last_attr - * @param \stdClass $cur_attr - * @param string $char - * @return string - */ - private function processCoordinate(\stdClass $last_attr, \stdClass $cur_attr, $char) - { - $output = ''; - - if ($last_attr != $cur_attr) { - $close = $open = ''; - if ($last_attr->foreground != $cur_attr->foreground) { - if ($cur_attr->foreground != 'white') { - $open .= ''; - } - if ($last_attr->foreground != 'white') { - $close = '' . $close; - } - } - if ($last_attr->background != $cur_attr->background) { - if ($cur_attr->background != 'black') { - $open .= ''; - } - if ($last_attr->background != 'black') { - $close = '' . $close; - } - } - if ($last_attr->bold != $cur_attr->bold) { - if ($cur_attr->bold) { - $open .= ''; - } else { - $close = '' . $close; - } - } - if ($last_attr->underline != $cur_attr->underline) { - if ($cur_attr->underline) { - $open .= ''; - } else { - $close = '' . $close; - } - } - if ($last_attr->blink != $cur_attr->blink) { - if ($cur_attr->blink) { - $open .= ''; - } else { - $close = '' . $close; - } - } - $output .= $close . $open; - } - - $output .= htmlspecialchars($char); - - return $output; - } - - /** - * Returns the current screen without preformating - * - * @return string - */ - private function getScreenHelper() - { - $output = ''; - $last_attr = $this->base_attr_cell; - for ($i = 0; $i <= $this->max_y; $i++) { - for ($j = 0; $j <= $this->max_x; $j++) { - $cur_attr = $this->attrs[$i][$j]; - $output .= $this->processCoordinate($last_attr, $cur_attr, isset($this->screen[$i][$j]) ? $this->screen[$i][$j] : ''); - $last_attr = $this->attrs[$i][$j]; - } - $output .= "\r\n"; - } - $output = substr($output, 0, -2); - // close any remaining open tags - $output .= $this->processCoordinate($last_attr, $this->base_attr_cell, ''); - return rtrim($output); - } - - /** - * Returns the current screen - * - * @return string - */ - public function getScreen() - { - return '
' . $this->getScreenHelper() . '
'; - } - - /** - * Returns the current screen and the x previous lines - * - * @return string - */ - public function getHistory() - { - $scrollback = ''; - $last_attr = $this->base_attr_cell; - for ($i = 0; $i < count($this->history); $i++) { - for ($j = 0; $j <= $this->max_x + 1; $j++) { - $cur_attr = $this->history_attrs[$i][$j]; - $scrollback .= $this->processCoordinate($last_attr, $cur_attr, isset($this->history[$i][$j]) ? $this->history[$i][$j] : ''); - $last_attr = $this->history_attrs[$i][$j]; - } - $scrollback .= "\r\n"; - } - $base_attr_cell = $this->base_attr_cell; - $this->base_attr_cell = $last_attr; - $scrollback .= $this->getScreen(); - $this->base_attr_cell = $base_attr_cell; - - return '
' . $scrollback . '
'; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1.php deleted file mode 100644 index 3096ff1..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1.php +++ /dev/null @@ -1,1508 +0,0 @@ - - * @copyright 2012 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\File\ASN1\Element; -use phpseclib3\Math\BigInteger; - -/** - * Pure-PHP ASN.1 Parser - * - * @author Jim Wigginton - */ -abstract class ASN1 -{ - // Tag Classes - // http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#page=12 - const CLASS_UNIVERSAL = 0; - const CLASS_APPLICATION = 1; - const CLASS_CONTEXT_SPECIFIC = 2; - const CLASS_PRIVATE = 3; - - // Tag Classes - // http://www.obj-sys.com/asn1tutorial/node124.html - const TYPE_BOOLEAN = 1; - const TYPE_INTEGER = 2; - const TYPE_BIT_STRING = 3; - const TYPE_OCTET_STRING = 4; - const TYPE_NULL = 5; - const TYPE_OBJECT_IDENTIFIER = 6; - //const TYPE_OBJECT_DESCRIPTOR = 7; - //const TYPE_INSTANCE_OF = 8; // EXTERNAL - const TYPE_REAL = 9; - const TYPE_ENUMERATED = 10; - //const TYPE_EMBEDDED = 11; - const TYPE_UTF8_STRING = 12; - //const TYPE_RELATIVE_OID = 13; - const TYPE_SEQUENCE = 16; // SEQUENCE OF - const TYPE_SET = 17; // SET OF - - // More Tag Classes - // http://www.obj-sys.com/asn1tutorial/node10.html - const TYPE_NUMERIC_STRING = 18; - const TYPE_PRINTABLE_STRING = 19; - const TYPE_TELETEX_STRING = 20; // T61String - const TYPE_VIDEOTEX_STRING = 21; - const TYPE_IA5_STRING = 22; - const TYPE_UTC_TIME = 23; - const TYPE_GENERALIZED_TIME = 24; - const TYPE_GRAPHIC_STRING = 25; - const TYPE_VISIBLE_STRING = 26; // ISO646String - const TYPE_GENERAL_STRING = 27; - const TYPE_UNIVERSAL_STRING = 28; - //const TYPE_CHARACTER_STRING = 29; - const TYPE_BMP_STRING = 30; - - // Tag Aliases - // These tags are kinda place holders for other tags. - const TYPE_CHOICE = -1; - const TYPE_ANY = -2; - - /** - * ASN.1 object identifiers - * - * @var array - * @link http://en.wikipedia.org/wiki/Object_identifier - */ - private static $oids = []; - - /** - * ASN.1 object identifier reverse mapping - * - * @var array - */ - private static $reverseOIDs = []; - - /** - * Default date format - * - * @var string - * @link http://php.net/class.datetime - */ - private static $format = 'D, d M Y H:i:s O'; - - /** - * Filters - * - * If the mapping type is self::TYPE_ANY what do we actually encode it as? - * - * @var array - * @see self::encode_der() - */ - private static $filters; - - /** - * Current Location of most recent ASN.1 encode process - * - * Useful for debug purposes - * - * @var array - * @see self::encode_der() - */ - private static $location; - - /** - * DER Encoded String - * - * In case we need to create ASN1\Element object's.. - * - * @var string - * @see self::decodeDER() - */ - private static $encoded; - - /** - * Type mapping table for the ANY type. - * - * Structured or unknown types are mapped to a \phpseclib3\File\ASN1\Element. - * Unambiguous types get the direct mapping (int/real/bool). - * Others are mapped as a choice, with an extra indexing level. - * - * @var array - */ - const ANY_MAP = [ - self::TYPE_BOOLEAN => true, - self::TYPE_INTEGER => true, - self::TYPE_BIT_STRING => 'bitString', - self::TYPE_OCTET_STRING => 'octetString', - self::TYPE_NULL => 'null', - self::TYPE_OBJECT_IDENTIFIER => 'objectIdentifier', - self::TYPE_REAL => true, - self::TYPE_ENUMERATED => 'enumerated', - self::TYPE_UTF8_STRING => 'utf8String', - self::TYPE_NUMERIC_STRING => 'numericString', - self::TYPE_PRINTABLE_STRING => 'printableString', - self::TYPE_TELETEX_STRING => 'teletexString', - self::TYPE_VIDEOTEX_STRING => 'videotexString', - self::TYPE_IA5_STRING => 'ia5String', - self::TYPE_UTC_TIME => 'utcTime', - self::TYPE_GENERALIZED_TIME => 'generalTime', - self::TYPE_GRAPHIC_STRING => 'graphicString', - self::TYPE_VISIBLE_STRING => 'visibleString', - self::TYPE_GENERAL_STRING => 'generalString', - self::TYPE_UNIVERSAL_STRING => 'universalString', - //self::TYPE_CHARACTER_STRING => 'characterString', - self::TYPE_BMP_STRING => 'bmpString' - ]; - - /** - * String type to character size mapping table. - * - * Non-convertable types are absent from this table. - * size == 0 indicates variable length encoding. - * - * @var array - */ - const STRING_TYPE_SIZE = [ - self::TYPE_UTF8_STRING => 0, - self::TYPE_BMP_STRING => 2, - self::TYPE_UNIVERSAL_STRING => 4, - self::TYPE_PRINTABLE_STRING => 1, - self::TYPE_TELETEX_STRING => 1, - self::TYPE_IA5_STRING => 1, - self::TYPE_VISIBLE_STRING => 1, - ]; - - /** - * Parse BER-encoding - * - * Serves a similar purpose to openssl's asn1parse - * - * @param Element|string $encoded - * @return ?array - */ - public static function decodeBER($encoded) - { - if ($encoded instanceof Element) { - $encoded = $encoded->element; - } - - self::$encoded = $encoded; - - $decoded = self::decode_ber($encoded); - if ($decoded === false) { - return null; - } - - return [$decoded]; - } - - /** - * Parse BER-encoding (Helper function) - * - * Sometimes we want to get the BER encoding of a particular tag. $start lets us do that without having to reencode. - * $encoded is passed by reference for the recursive calls done for self::TYPE_BIT_STRING and - * self::TYPE_OCTET_STRING. In those cases, the indefinite length is used. - * - * @param string $encoded - * @param int $start - * @param int $encoded_pos - * @return array|bool - */ - private static function decode_ber($encoded, $start = 0, $encoded_pos = 0) - { - $current = ['start' => $start]; - - if (!isset($encoded[$encoded_pos])) { - return false; - } - $type = ord($encoded[$encoded_pos++]); - $startOffset = 1; - - $constructed = ($type >> 5) & 1; - - $tag = $type & 0x1F; - if ($tag == 0x1F) { - $tag = 0; - // process septets (since the eighth bit is ignored, it's not an octet) - do { - if (!isset($encoded[$encoded_pos])) { - return false; - } - $temp = ord($encoded[$encoded_pos++]); - $startOffset++; - $loop = $temp >> 7; - $tag <<= 7; - $temp &= 0x7F; - // "bits 7 to 1 of the first subsequent octet shall not all be zero" - if ($startOffset == 2 && $temp == 0) { - return false; - } - $tag |= $temp; - } while ($loop); - } - - $start += $startOffset; - - // Length, as discussed in paragraph 8.1.3 of X.690-0207.pdf#page=13 - if (!isset($encoded[$encoded_pos])) { - return false; - } - $length = ord($encoded[$encoded_pos++]); - $start++; - if ($length == 0x80) { // indefinite length - // "[A sender shall] use the indefinite form (see 8.1.3.6) if the encoding is constructed and is not all - // immediately available." -- paragraph 8.1.3.2.c - $length = strlen($encoded) - $encoded_pos; - } elseif ($length & 0x80) { // definite length, long form - // technically, the long form of the length can be represented by up to 126 octets (bytes), but we'll only - // support it up to four. - $length &= 0x7F; - $temp = substr($encoded, $encoded_pos, $length); - $encoded_pos += $length; - // tags of indefinte length don't really have a header length; this length includes the tag - $current += ['headerlength' => $length + 2]; - $start += $length; - extract(unpack('Nlength', substr(str_pad($temp, 4, chr(0), STR_PAD_LEFT), -4))); - /** @var integer $length */ - } else { - $current += ['headerlength' => 2]; - } - - if ($length > (strlen($encoded) - $encoded_pos)) { - return false; - } - - $content = substr($encoded, $encoded_pos, $length); - $content_pos = 0; - - // at this point $length can be overwritten. it's only accurate for definite length things as is - - /* Class is UNIVERSAL, APPLICATION, PRIVATE, or CONTEXT-SPECIFIC. The UNIVERSAL class is restricted to the ASN.1 - built-in types. It defines an application-independent data type that must be distinguishable from all other - data types. The other three classes are user defined. The APPLICATION class distinguishes data types that - have a wide, scattered use within a particular presentation context. PRIVATE distinguishes data types within - a particular organization or country. CONTEXT-SPECIFIC distinguishes members of a sequence or set, the - alternatives of a CHOICE, or universally tagged set members. Only the class number appears in braces for this - data type; the term CONTEXT-SPECIFIC does not appear. - - -- http://www.obj-sys.com/asn1tutorial/node12.html */ - $class = ($type >> 6) & 3; - switch ($class) { - case self::CLASS_APPLICATION: - case self::CLASS_PRIVATE: - case self::CLASS_CONTEXT_SPECIFIC: - if (!$constructed) { - return [ - 'type' => $class, - 'constant' => $tag, - 'content' => $content, - 'length' => $length + $start - $current['start'] - ] + $current; - } - - $newcontent = []; - $remainingLength = $length; - while ($remainingLength > 0) { - $temp = self::decode_ber($content, $start, $content_pos); - if ($temp === false) { - break; - } - $length = $temp['length']; - // end-of-content octets - see paragraph 8.1.5 - if (substr($content, $content_pos + $length, 2) == "\0\0") { - $length += 2; - $start += $length; - $newcontent[] = $temp; - break; - } - $start += $length; - $remainingLength -= $length; - $newcontent[] = $temp; - $content_pos += $length; - } - - return [ - 'type' => $class, - 'constant' => $tag, - // the array encapsulation is for BC with the old format - 'content' => $newcontent, - // the only time when $content['headerlength'] isn't defined is when the length is indefinite. - // the absence of $content['headerlength'] is how we know if something is indefinite or not. - // technically, it could be defined to be 2 and then another indicator could be used but whatever. - 'length' => $start - $current['start'] - ] + $current; - } - - $current += ['type' => $tag]; - - // decode UNIVERSAL tags - switch ($tag) { - case self::TYPE_BOOLEAN: - // "The contents octets shall consist of a single octet." -- paragraph 8.2.1 - if ($constructed || strlen($content) != 1) { - return false; - } - $current['content'] = (bool) ord($content[$content_pos]); - break; - case self::TYPE_INTEGER: - case self::TYPE_ENUMERATED: - if ($constructed) { - return false; - } - $current['content'] = new BigInteger(substr($content, $content_pos), -256); - break; - case self::TYPE_REAL: // not currently supported - return false; - case self::TYPE_BIT_STRING: - // The initial octet shall encode, as an unsigned binary integer with bit 1 as the least significant bit, - // the number of unused bits in the final subsequent octet. The number shall be in the range zero to - // seven. - if (!$constructed) { - $current['content'] = substr($content, $content_pos); - } else { - $temp = self::decode_ber($content, $start, $content_pos); - if ($temp === false) { - return false; - } - $length -= (strlen($content) - $content_pos); - $last = count($temp) - 1; - for ($i = 0; $i < $last; $i++) { - // all subtags should be bit strings - if ($temp[$i]['type'] != self::TYPE_BIT_STRING) { - return false; - } - $current['content'] .= substr($temp[$i]['content'], 1); - } - // all subtags should be bit strings - if ($temp[$last]['type'] != self::TYPE_BIT_STRING) { - return false; - } - $current['content'] = $temp[$last]['content'][0] . $current['content'] . substr($temp[$i]['content'], 1); - } - break; - case self::TYPE_OCTET_STRING: - if (!$constructed) { - $current['content'] = substr($content, $content_pos); - } else { - $current['content'] = ''; - $length = 0; - while (substr($content, $content_pos, 2) != "\0\0") { - $temp = self::decode_ber($content, $length + $start, $content_pos); - if ($temp === false) { - return false; - } - $content_pos += $temp['length']; - // all subtags should be octet strings - if ($temp['type'] != self::TYPE_OCTET_STRING) { - return false; - } - $current['content'] .= $temp['content']; - $length += $temp['length']; - } - if (substr($content, $content_pos, 2) == "\0\0") { - $length += 2; // +2 for the EOC - } - } - break; - case self::TYPE_NULL: - // "The contents octets shall not contain any octets." -- paragraph 8.8.2 - if ($constructed || strlen($content)) { - return false; - } - break; - case self::TYPE_SEQUENCE: - case self::TYPE_SET: - if (!$constructed) { - return false; - } - $offset = 0; - $current['content'] = []; - $content_len = strlen($content); - while ($content_pos < $content_len) { - // if indefinite length construction was used and we have an end-of-content string next - // see paragraphs 8.1.1.3, 8.1.3.2, 8.1.3.6, 8.1.5, and (for an example) 8.6.4.2 - if (!isset($current['headerlength']) && substr($content, $content_pos, 2) == "\0\0") { - $length = $offset + 2; // +2 for the EOC - break 2; - } - $temp = self::decode_ber($content, $start + $offset, $content_pos); - if ($temp === false) { - return false; - } - $content_pos += $temp['length']; - $current['content'][] = $temp; - $offset += $temp['length']; - } - break; - case self::TYPE_OBJECT_IDENTIFIER: - if ($constructed) { - return false; - } - $current['content'] = self::decodeOID(substr($content, $content_pos)); - if ($current['content'] === false) { - return false; - } - break; - /* Each character string type shall be encoded as if it had been declared: - [UNIVERSAL x] IMPLICIT OCTET STRING - - -- X.690-0207.pdf#page=23 (paragraph 8.21.3) - - Per that, we're not going to do any validation. If there are any illegal characters in the string, - we don't really care */ - case self::TYPE_NUMERIC_STRING: - // 0,1,2,3,4,5,6,7,8,9, and space - case self::TYPE_PRINTABLE_STRING: - // Upper and lower case letters, digits, space, apostrophe, left/right parenthesis, plus sign, comma, - // hyphen, full stop, solidus, colon, equal sign, question mark - case self::TYPE_TELETEX_STRING: - // The Teletex character set in CCITT's T61, space, and delete - // see http://en.wikipedia.org/wiki/Teletex#Character_sets - case self::TYPE_VIDEOTEX_STRING: - // The Videotex character set in CCITT's T.100 and T.101, space, and delete - case self::TYPE_VISIBLE_STRING: - // Printing character sets of international ASCII, and space - case self::TYPE_IA5_STRING: - // International Alphabet 5 (International ASCII) - case self::TYPE_GRAPHIC_STRING: - // All registered G sets, and space - case self::TYPE_GENERAL_STRING: - // All registered C and G sets, space and delete - case self::TYPE_UTF8_STRING: - // ???? - case self::TYPE_BMP_STRING: - if ($constructed) { - return false; - } - $current['content'] = substr($content, $content_pos); - break; - case self::TYPE_UTC_TIME: - case self::TYPE_GENERALIZED_TIME: - if ($constructed) { - return false; - } - $current['content'] = self::decodeTime(substr($content, $content_pos), $tag); - break; - default: - return false; - } - - $start += $length; - - // ie. length is the length of the full TLV encoding - it's not just the length of the value - return $current + ['length' => $start - $current['start']]; - } - - /** - * ASN.1 Map - * - * Provides an ASN.1 semantic mapping ($mapping) from a parsed BER-encoding to a human readable format. - * - * "Special" mappings may be applied on a per tag-name basis via $special. - * - * @param array $decoded - * @param array $mapping - * @param array $special - * @return array|bool|Element|string|null - */ - public static function asn1map(array $decoded, $mapping, $special = []) - { - if (isset($mapping['explicit']) && is_array($decoded['content'])) { - $decoded = $decoded['content'][0]; - } - - switch (true) { - case $mapping['type'] == self::TYPE_ANY: - $intype = $decoded['type']; - // !isset(self::ANY_MAP[$intype]) produces a fatal error on PHP 5.6 - if (isset($decoded['constant']) || !array_key_exists($intype, self::ANY_MAP) || (ord(self::$encoded[$decoded['start']]) & 0x20)) { - return new Element(substr(self::$encoded, $decoded['start'], $decoded['length'])); - } - $inmap = self::ANY_MAP[$intype]; - if (is_string($inmap)) { - return [$inmap => self::asn1map($decoded, ['type' => $intype] + $mapping, $special)]; - } - break; - case $mapping['type'] == self::TYPE_CHOICE: - foreach ($mapping['children'] as $key => $option) { - switch (true) { - case isset($option['constant']) && $option['constant'] == $decoded['constant']: - case !isset($option['constant']) && $option['type'] == $decoded['type']: - $value = self::asn1map($decoded, $option, $special); - break; - case !isset($option['constant']) && $option['type'] == self::TYPE_CHOICE: - $v = self::asn1map($decoded, $option, $special); - if (isset($v)) { - $value = $v; - } - } - if (isset($value)) { - if (isset($special[$key])) { - $value = $special[$key]($value); - } - return [$key => $value]; - } - } - return null; - case isset($mapping['implicit']): - case isset($mapping['explicit']): - case $decoded['type'] == $mapping['type']: - break; - default: - // if $decoded['type'] and $mapping['type'] are both strings, but different types of strings, - // let it through - switch (true) { - case $decoded['type'] < 18: // self::TYPE_NUMERIC_STRING == 18 - case $decoded['type'] > 30: // self::TYPE_BMP_STRING == 30 - case $mapping['type'] < 18: - case $mapping['type'] > 30: - return null; - } - } - - if (isset($mapping['implicit'])) { - $decoded['type'] = $mapping['type']; - } - - switch ($decoded['type']) { - case self::TYPE_SEQUENCE: - $map = []; - - // ignore the min and max - if (isset($mapping['min']) && isset($mapping['max'])) { - $child = $mapping['children']; - foreach ($decoded['content'] as $content) { - if (($map[] = self::asn1map($content, $child, $special)) === null) { - return null; - } - } - - return $map; - } - - $n = count($decoded['content']); - $i = 0; - - foreach ($mapping['children'] as $key => $child) { - $maymatch = $i < $n; // Match only existing input. - if ($maymatch) { - $temp = $decoded['content'][$i]; - - if ($child['type'] != self::TYPE_CHOICE) { - // Get the mapping and input class & constant. - $childClass = $tempClass = self::CLASS_UNIVERSAL; - $constant = null; - if (isset($temp['constant'])) { - $tempClass = $temp['type']; - } - if (isset($child['class'])) { - $childClass = $child['class']; - $constant = $child['cast']; - } elseif (isset($child['constant'])) { - $childClass = self::CLASS_CONTEXT_SPECIFIC; - $constant = $child['constant']; - } - - if (isset($constant) && isset($temp['constant'])) { - // Can only match if constants and class match. - $maymatch = $constant == $temp['constant'] && $childClass == $tempClass; - } else { - // Can only match if no constant expected and type matches or is generic. - $maymatch = !isset($child['constant']) && array_search($child['type'], [$temp['type'], self::TYPE_ANY, self::TYPE_CHOICE]) !== false; - } - } - } - - if ($maymatch) { - // Attempt submapping. - $candidate = self::asn1map($temp, $child, $special); - $maymatch = $candidate !== null; - } - - if ($maymatch) { - // Got the match: use it. - if (isset($special[$key])) { - $candidate = $special[$key]($candidate); - } - $map[$key] = $candidate; - $i++; - } elseif (isset($child['default'])) { - $map[$key] = $child['default']; - } elseif (!isset($child['optional'])) { - return null; // Syntax error. - } - } - - // Fail mapping if all input items have not been consumed. - return $i < $n ? null : $map; - - // the main diff between sets and sequences is the encapsulation of the foreach in another for loop - case self::TYPE_SET: - $map = []; - - // ignore the min and max - if (isset($mapping['min']) && isset($mapping['max'])) { - $child = $mapping['children']; - foreach ($decoded['content'] as $content) { - if (($map[] = self::asn1map($content, $child, $special)) === null) { - return null; - } - } - - return $map; - } - - for ($i = 0; $i < count($decoded['content']); $i++) { - $temp = $decoded['content'][$i]; - $tempClass = self::CLASS_UNIVERSAL; - if (isset($temp['constant'])) { - $tempClass = $temp['type']; - } - - foreach ($mapping['children'] as $key => $child) { - if (isset($map[$key])) { - continue; - } - $maymatch = true; - if ($child['type'] != self::TYPE_CHOICE) { - $childClass = self::CLASS_UNIVERSAL; - $constant = null; - if (isset($child['class'])) { - $childClass = $child['class']; - $constant = $child['cast']; - } elseif (isset($child['constant'])) { - $childClass = self::CLASS_CONTEXT_SPECIFIC; - $constant = $child['constant']; - } - - if (isset($constant) && isset($temp['constant'])) { - // Can only match if constants and class match. - $maymatch = $constant == $temp['constant'] && $childClass == $tempClass; - } else { - // Can only match if no constant expected and type matches or is generic. - $maymatch = !isset($child['constant']) && array_search($child['type'], [$temp['type'], self::TYPE_ANY, self::TYPE_CHOICE]) !== false; - } - } - - if ($maymatch) { - // Attempt submapping. - $candidate = self::asn1map($temp, $child, $special); - $maymatch = $candidate !== null; - } - - if (!$maymatch) { - break; - } - - // Got the match: use it. - if (isset($special[$key])) { - $candidate = $special[$key]($candidate); - } - $map[$key] = $candidate; - break; - } - } - - foreach ($mapping['children'] as $key => $child) { - if (!isset($map[$key])) { - if (isset($child['default'])) { - $map[$key] = $child['default']; - } elseif (!isset($child['optional'])) { - return null; - } - } - } - return $map; - case self::TYPE_OBJECT_IDENTIFIER: - return isset(self::$oids[$decoded['content']]) ? self::$oids[$decoded['content']] : $decoded['content']; - case self::TYPE_UTC_TIME: - case self::TYPE_GENERALIZED_TIME: - // for explicitly tagged optional stuff - if (is_array($decoded['content'])) { - $decoded['content'] = $decoded['content'][0]['content']; - } - // for implicitly tagged optional stuff - // in theory, doing isset($mapping['implicit']) would work but malformed certs do exist - // in the wild that OpenSSL decodes without issue so we'll support them as well - if (!is_object($decoded['content'])) { - $decoded['content'] = self::decodeTime($decoded['content'], $decoded['type']); - } - return $decoded['content'] ? $decoded['content']->format(self::$format) : false; - case self::TYPE_BIT_STRING: - if (isset($mapping['mapping'])) { - $offset = ord($decoded['content'][0]); - $size = (strlen($decoded['content']) - 1) * 8 - $offset; - /* - From X.680-0207.pdf#page=46 (21.7): - - "When a "NamedBitList" is used in defining a bitstring type ASN.1 encoding rules are free to add (or remove) - arbitrarily any trailing 0 bits to (or from) values that are being encoded or decoded. Application designers should - therefore ensure that different semantics are not associated with such values which differ only in the number of trailing - 0 bits." - */ - $bits = count($mapping['mapping']) == $size ? [] : array_fill(0, count($mapping['mapping']) - $size, false); - for ($i = strlen($decoded['content']) - 1; $i > 0; $i--) { - $current = ord($decoded['content'][$i]); - for ($j = $offset; $j < 8; $j++) { - $bits[] = (bool) ($current & (1 << $j)); - } - $offset = 0; - } - $values = []; - $map = array_reverse($mapping['mapping']); - foreach ($map as $i => $value) { - if ($bits[$i]) { - $values[] = $value; - } - } - return $values; - } - // fall-through - case self::TYPE_OCTET_STRING: - return $decoded['content']; - case self::TYPE_NULL: - return ''; - case self::TYPE_BOOLEAN: - case self::TYPE_NUMERIC_STRING: - case self::TYPE_PRINTABLE_STRING: - case self::TYPE_TELETEX_STRING: - case self::TYPE_VIDEOTEX_STRING: - case self::TYPE_IA5_STRING: - case self::TYPE_GRAPHIC_STRING: - case self::TYPE_VISIBLE_STRING: - case self::TYPE_GENERAL_STRING: - case self::TYPE_UNIVERSAL_STRING: - case self::TYPE_UTF8_STRING: - case self::TYPE_BMP_STRING: - return $decoded['content']; - case self::TYPE_INTEGER: - case self::TYPE_ENUMERATED: - $temp = $decoded['content']; - if (isset($mapping['implicit'])) { - $temp = new BigInteger($decoded['content'], -256); - } - if (isset($mapping['mapping'])) { - $temp = (int) $temp->toString(); - return isset($mapping['mapping'][$temp]) ? - $mapping['mapping'][$temp] : - false; - } - return $temp; - } - } - - /** - * DER-decode the length - * - * DER supports lengths up to (2**8)**127, however, we'll only support lengths up to (2**8)**4. See - * {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 paragraph 8.1.3} for more information. - * - * @param string $string - * @return int - */ - public static function decodeLength(&$string) - { - $length = ord(Strings::shift($string)); - if ($length & 0x80) { // definite length, long form - $length &= 0x7F; - $temp = Strings::shift($string, $length); - list(, $length) = unpack('N', substr(str_pad($temp, 4, chr(0), STR_PAD_LEFT), -4)); - } - return $length; - } - - /** - * ASN.1 Encode - * - * DER-encodes an ASN.1 semantic mapping ($mapping). Some libraries would probably call this function - * an ASN.1 compiler. - * - * "Special" mappings can be applied via $special. - * - * @param Element|string|array $source - * @param array $mapping - * @param array $special - * @return string - */ - public static function encodeDER($source, $mapping, $special = []) - { - self::$location = []; - return self::encode_der($source, $mapping, null, $special); - } - - /** - * ASN.1 Encode (Helper function) - * - * @param Element|string|array|null $source - * @param array $mapping - * @param int $idx - * @param array $special - * @return string - */ - private static function encode_der($source, array $mapping, $idx = null, array $special = []) - { - if ($source instanceof Element) { - return $source->element; - } - - // do not encode (implicitly optional) fields with value set to default - if (isset($mapping['default']) && $source === $mapping['default']) { - return ''; - } - - if (isset($idx)) { - if (isset($special[$idx])) { - $source = $special[$idx]($source); - } - self::$location[] = $idx; - } - - $tag = $mapping['type']; - - switch ($tag) { - case self::TYPE_SET: // Children order is not important, thus process in sequence. - case self::TYPE_SEQUENCE: - $tag |= 0x20; // set the constructed bit - - // ignore the min and max - if (isset($mapping['min']) && isset($mapping['max'])) { - $value = []; - $child = $mapping['children']; - - foreach ($source as $content) { - $temp = self::encode_der($content, $child, null, $special); - if ($temp === false) { - return false; - } - $value[] = $temp; - } - /* "The encodings of the component values of a set-of value shall appear in ascending order, the encodings being compared - as octet strings with the shorter components being padded at their trailing end with 0-octets. - NOTE - The padding octets are for comparison purposes only and do not appear in the encodings." - - -- sec 11.6 of http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf */ - if ($mapping['type'] == self::TYPE_SET) { - sort($value); - } - $value = implode('', $value); - break; - } - - $value = ''; - foreach ($mapping['children'] as $key => $child) { - if (!array_key_exists($key, $source)) { - if (!isset($child['optional'])) { - return false; - } - continue; - } - - $temp = self::encode_der($source[$key], $child, $key, $special); - if ($temp === false) { - return false; - } - - // An empty child encoding means it has been optimized out. - // Else we should have at least one tag byte. - if ($temp === '') { - continue; - } - - // if isset($child['constant']) is true then isset($child['optional']) should be true as well - if (isset($child['constant'])) { - /* - From X.680-0207.pdf#page=58 (30.6): - - "The tagging construction specifies explicit tagging if any of the following holds: - ... - c) the "Tag Type" alternative is used and the value of "TagDefault" for the module is IMPLICIT TAGS or - AUTOMATIC TAGS, but the type defined by "Type" is an untagged choice type, an untagged open type, or - an untagged "DummyReference" (see ITU-T Rec. X.683 | ISO/IEC 8824-4, 8.3)." - */ - if (isset($child['explicit']) || $child['type'] == self::TYPE_CHOICE) { - $subtag = chr((self::CLASS_CONTEXT_SPECIFIC << 6) | 0x20 | $child['constant']); - $temp = $subtag . self::encodeLength(strlen($temp)) . $temp; - } else { - $subtag = chr((self::CLASS_CONTEXT_SPECIFIC << 6) | (ord($temp[0]) & 0x20) | $child['constant']); - $temp = $subtag . substr($temp, 1); - } - } - $value .= $temp; - } - break; - case self::TYPE_CHOICE: - $temp = false; - - foreach ($mapping['children'] as $key => $child) { - if (!isset($source[$key])) { - continue; - } - - $temp = self::encode_der($source[$key], $child, $key, $special); - if ($temp === false) { - return false; - } - - // An empty child encoding means it has been optimized out. - // Else we should have at least one tag byte. - if ($temp === '') { - continue; - } - - $tag = ord($temp[0]); - - // if isset($child['constant']) is true then isset($child['optional']) should be true as well - if (isset($child['constant'])) { - if (isset($child['explicit']) || $child['type'] == self::TYPE_CHOICE) { - $subtag = chr((self::CLASS_CONTEXT_SPECIFIC << 6) | 0x20 | $child['constant']); - $temp = $subtag . self::encodeLength(strlen($temp)) . $temp; - } else { - $subtag = chr((self::CLASS_CONTEXT_SPECIFIC << 6) | (ord($temp[0]) & 0x20) | $child['constant']); - $temp = $subtag . substr($temp, 1); - } - } - } - - if (isset($idx)) { - array_pop(self::$location); - } - - if ($temp && isset($mapping['cast'])) { - $temp[0] = chr(($mapping['class'] << 6) | ($tag & 0x20) | $mapping['cast']); - } - - return $temp; - case self::TYPE_INTEGER: - case self::TYPE_ENUMERATED: - if (!isset($mapping['mapping'])) { - if (is_numeric($source)) { - $source = new BigInteger($source); - } - $value = $source->toBytes(true); - } else { - $value = array_search($source, $mapping['mapping']); - if ($value === false) { - return false; - } - $value = new BigInteger($value); - $value = $value->toBytes(true); - } - if (!strlen($value)) { - $value = chr(0); - } - break; - case self::TYPE_UTC_TIME: - case self::TYPE_GENERALIZED_TIME: - $format = $mapping['type'] == self::TYPE_UTC_TIME ? 'y' : 'Y'; - $format .= 'mdHis'; - // if $source does _not_ include timezone information within it then assume that the timezone is GMT - $date = new \DateTime($source, new \DateTimeZone('GMT')); - // if $source _does_ include timezone information within it then convert the time to GMT - $date->setTimezone(new \DateTimeZone('GMT')); - $value = $date->format($format) . 'Z'; - break; - case self::TYPE_BIT_STRING: - if (isset($mapping['mapping'])) { - $bits = array_fill(0, count($mapping['mapping']), 0); - $size = 0; - for ($i = 0; $i < count($mapping['mapping']); $i++) { - if (in_array($mapping['mapping'][$i], $source)) { - $bits[$i] = 1; - $size = $i; - } - } - - if (isset($mapping['min']) && $mapping['min'] >= 1 && $size < $mapping['min']) { - $size = $mapping['min'] - 1; - } - - $offset = 8 - (($size + 1) & 7); - $offset = $offset !== 8 ? $offset : 0; - - $value = chr($offset); - - for ($i = $size + 1; $i < count($mapping['mapping']); $i++) { - unset($bits[$i]); - } - - $bits = implode('', array_pad($bits, $size + $offset + 1, 0)); - $bytes = explode(' ', rtrim(chunk_split($bits, 8, ' '))); - foreach ($bytes as $byte) { - $value .= chr(bindec($byte)); - } - - break; - } - // fall-through - case self::TYPE_OCTET_STRING: - /* The initial octet shall encode, as an unsigned binary integer with bit 1 as the least significant bit, - the number of unused bits in the final subsequent octet. The number shall be in the range zero to seven. - - -- http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#page=16 */ - $value = $source; - break; - case self::TYPE_OBJECT_IDENTIFIER: - $value = self::encodeOID($source); - break; - case self::TYPE_ANY: - $loc = self::$location; - if (isset($idx)) { - array_pop(self::$location); - } - - switch (true) { - case !isset($source): - return self::encode_der(null, ['type' => self::TYPE_NULL] + $mapping, null, $special); - case is_int($source): - case $source instanceof BigInteger: - return self::encode_der($source, ['type' => self::TYPE_INTEGER] + $mapping, null, $special); - case is_float($source): - return self::encode_der($source, ['type' => self::TYPE_REAL] + $mapping, null, $special); - case is_bool($source): - return self::encode_der($source, ['type' => self::TYPE_BOOLEAN] + $mapping, null, $special); - case is_array($source) && count($source) == 1: - $typename = implode('', array_keys($source)); - $outtype = array_search($typename, self::ANY_MAP, true); - if ($outtype !== false) { - return self::encode_der($source[$typename], ['type' => $outtype] + $mapping, null, $special); - } - } - - $filters = self::$filters; - foreach ($loc as $part) { - if (!isset($filters[$part])) { - $filters = false; - break; - } - $filters = $filters[$part]; - } - if ($filters === false) { - throw new \RuntimeException('No filters defined for ' . implode('/', $loc)); - } - return self::encode_der($source, $filters + $mapping, null, $special); - case self::TYPE_NULL: - $value = ''; - break; - case self::TYPE_NUMERIC_STRING: - case self::TYPE_TELETEX_STRING: - case self::TYPE_PRINTABLE_STRING: - case self::TYPE_UNIVERSAL_STRING: - case self::TYPE_UTF8_STRING: - case self::TYPE_BMP_STRING: - case self::TYPE_IA5_STRING: - case self::TYPE_VISIBLE_STRING: - case self::TYPE_VIDEOTEX_STRING: - case self::TYPE_GRAPHIC_STRING: - case self::TYPE_GENERAL_STRING: - $value = $source; - break; - case self::TYPE_BOOLEAN: - $value = $source ? "\xFF" : "\x00"; - break; - default: - throw new \RuntimeException('Mapping provides no type definition for ' . implode('/', self::$location)); - } - - if (isset($idx)) { - array_pop(self::$location); - } - - if (isset($mapping['cast'])) { - if (isset($mapping['explicit']) || $mapping['type'] == self::TYPE_CHOICE) { - $value = chr($tag) . self::encodeLength(strlen($value)) . $value; - $tag = ($mapping['class'] << 6) | 0x20 | $mapping['cast']; - } else { - $tag = ($mapping['class'] << 6) | (ord($temp[0]) & 0x20) | $mapping['cast']; - } - } - - return chr($tag) . self::encodeLength(strlen($value)) . $value; - } - - /** - * BER-decode the OID - * - * Called by _decode_ber() - * - * @param string $content - * @return string - */ - public static function decodeOID($content) - { - static $eighty; - if (!$eighty) { - $eighty = new BigInteger(80); - } - - $oid = []; - $pos = 0; - $len = strlen($content); - - if (ord($content[$len - 1]) & 0x80) { - return false; - } - - $n = new BigInteger(); - while ($pos < $len) { - $temp = ord($content[$pos++]); - $n = $n->bitwise_leftShift(7); - $n = $n->bitwise_or(new BigInteger($temp & 0x7F)); - if (~$temp & 0x80) { - $oid[] = $n; - $n = new BigInteger(); - } - } - $part1 = array_shift($oid); - $first = floor(ord($content[0]) / 40); - /* - "This packing of the first two object identifier components recognizes that only three values are allocated from the root - node, and at most 39 subsequent values from nodes reached by X = 0 and X = 1." - - -- https://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#page=22 - */ - if ($first <= 2) { // ie. 0 <= ord($content[0]) < 120 (0x78) - array_unshift($oid, ord($content[0]) % 40); - array_unshift($oid, $first); - } else { - array_unshift($oid, $part1->subtract($eighty)); - array_unshift($oid, 2); - } - - return implode('.', $oid); - } - - /** - * DER-encode the OID - * - * Called by _encode_der() - * - * @param string $source - * @return string - */ - public static function encodeOID($source) - { - static $mask, $zero, $forty; - if (!$mask) { - $mask = new BigInteger(0x7F); - $zero = new BigInteger(); - $forty = new BigInteger(40); - } - - if (!preg_match('#(?:\d+\.)+#', $source)) { - $oid = isset(self::$reverseOIDs[$source]) ? self::$reverseOIDs[$source] : false; - } else { - $oid = $source; - } - if ($oid === false) { - throw new \RuntimeException('Invalid OID'); - } - - $parts = explode('.', $oid); - $part1 = array_shift($parts); - $part2 = array_shift($parts); - - $first = new BigInteger($part1); - $first = $first->multiply($forty); - $first = $first->add(new BigInteger($part2)); - - array_unshift($parts, $first->toString()); - - $value = ''; - foreach ($parts as $part) { - if (!$part) { - $temp = "\0"; - } else { - $temp = ''; - $part = new BigInteger($part); - while (!$part->equals($zero)) { - $submask = $part->bitwise_and($mask); - $submask->setPrecision(8); - $temp = (chr(0x80) | $submask->toBytes()) . $temp; - $part = $part->bitwise_rightShift(7); - } - $temp[strlen($temp) - 1] = $temp[strlen($temp) - 1] & chr(0x7F); - } - $value .= $temp; - } - - return $value; - } - - /** - * BER-decode the time - * - * Called by _decode_ber() and in the case of implicit tags asn1map(). - * - * @param string $content - * @param int $tag - * @return \DateTime|false - */ - private static function decodeTime($content, $tag) - { - /* UTCTime: - http://tools.ietf.org/html/rfc5280#section-4.1.2.5.1 - http://www.obj-sys.com/asn1tutorial/node15.html - - GeneralizedTime: - http://tools.ietf.org/html/rfc5280#section-4.1.2.5.2 - http://www.obj-sys.com/asn1tutorial/node14.html */ - - $format = 'YmdHis'; - - if ($tag == self::TYPE_UTC_TIME) { - // https://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#page=28 says "the seconds - // element shall always be present" but none-the-less I've seen X509 certs where it isn't and if the - // browsers parse it phpseclib ought to too - if (preg_match('#^(\d{10})(Z|[+-]\d{4})$#', $content, $matches)) { - $content = $matches[1] . '00' . $matches[2]; - } - $prefix = substr($content, 0, 2) >= 50 ? '19' : '20'; - $content = $prefix . $content; - } elseif (strpos($content, '.') !== false) { - $format .= '.u'; - } - - if ($content[strlen($content) - 1] == 'Z') { - $content = substr($content, 0, -1) . '+0000'; - } - - if (strpos($content, '-') !== false || strpos($content, '+') !== false) { - $format .= 'O'; - } - - // error supression isn't necessary as of PHP 7.0: - // http://php.net/manual/en/migration70.other-changes.php - return @\DateTime::createFromFormat($format, $content); - } - - /** - * Set the time format - * - * Sets the time / date format for asn1map(). - * - * @param string $format - */ - public static function setTimeFormat($format) - { - self::$format = $format; - } - - /** - * Load OIDs - * - * Load the relevant OIDs for a particular ASN.1 semantic mapping. - * Previously loaded OIDs are retained. - * - * @param array $oids - */ - public static function loadOIDs(array $oids) - { - self::$reverseOIDs += $oids; - self::$oids = array_flip(self::$reverseOIDs); - } - - /** - * Set filters - * - * See \phpseclib3\File\X509, etc, for an example. - * Previously loaded filters are not retained. - * - * @param array $filters - */ - public static function setFilters(array $filters) - { - self::$filters = $filters; - } - - /** - * String type conversion - * - * This is a lazy conversion, dealing only with character size. - * No real conversion table is used. - * - * @param string $in - * @param int $from - * @param int $to - * @return string - */ - public static function convert($in, $from = self::TYPE_UTF8_STRING, $to = self::TYPE_UTF8_STRING) - { - // isset(self::STRING_TYPE_SIZE[$from] returns a fatal error on PHP 5.6 - if (!array_key_exists($from, self::STRING_TYPE_SIZE) || !array_key_exists($to, self::STRING_TYPE_SIZE)) { - return false; - } - $insize = self::STRING_TYPE_SIZE[$from]; - $outsize = self::STRING_TYPE_SIZE[$to]; - $inlength = strlen($in); - $out = ''; - - for ($i = 0; $i < $inlength;) { - if ($inlength - $i < $insize) { - return false; - } - - // Get an input character as a 32-bit value. - $c = ord($in[$i++]); - switch (true) { - case $insize == 4: - $c = ($c << 8) | ord($in[$i++]); - $c = ($c << 8) | ord($in[$i++]); - // fall-through - case $insize == 2: - $c = ($c << 8) | ord($in[$i++]); - // fall-through - case $insize == 1: - break; - case ($c & 0x80) == 0x00: - break; - case ($c & 0x40) == 0x00: - return false; - default: - $bit = 6; - do { - if ($bit > 25 || $i >= $inlength || (ord($in[$i]) & 0xC0) != 0x80) { - return false; - } - $c = ($c << 6) | (ord($in[$i++]) & 0x3F); - $bit += 5; - $mask = 1 << $bit; - } while ($c & $bit); - $c &= $mask - 1; - break; - } - - // Convert and append the character to output string. - $v = ''; - switch (true) { - case $outsize == 4: - $v .= chr($c & 0xFF); - $c >>= 8; - $v .= chr($c & 0xFF); - $c >>= 8; - // fall-through - case $outsize == 2: - $v .= chr($c & 0xFF); - $c >>= 8; - // fall-through - case $outsize == 1: - $v .= chr($c & 0xFF); - $c >>= 8; - if ($c) { - return false; - } - break; - case ($c & (PHP_INT_SIZE == 8 ? 0x80000000 : (1 << 31))) != 0: - return false; - case $c >= 0x04000000: - $v .= chr(0x80 | ($c & 0x3F)); - $c = ($c >> 6) | 0x04000000; - // fall-through - case $c >= 0x00200000: - $v .= chr(0x80 | ($c & 0x3F)); - $c = ($c >> 6) | 0x00200000; - // fall-through - case $c >= 0x00010000: - $v .= chr(0x80 | ($c & 0x3F)); - $c = ($c >> 6) | 0x00010000; - // fall-through - case $c >= 0x00000800: - $v .= chr(0x80 | ($c & 0x3F)); - $c = ($c >> 6) | 0x00000800; - // fall-through - case $c >= 0x00000080: - $v .= chr(0x80 | ($c & 0x3F)); - $c = ($c >> 6) | 0x000000C0; - // fall-through - default: - $v .= chr($c); - break; - } - $out .= strrev($v); - } - return $out; - } - - /** - * Extract raw BER from Base64 encoding - * - * @param string $str - * @return string - */ - public static function extractBER($str) - { - /* X.509 certs are assumed to be base64 encoded but sometimes they'll have additional things in them - * above and beyond the ceritificate. - * ie. some may have the following preceding the -----BEGIN CERTIFICATE----- line: - * - * Bag Attributes - * localKeyID: 01 00 00 00 - * subject=/O=organization/OU=org unit/CN=common name - * issuer=/O=organization/CN=common name - */ - if (strlen($str) > ini_get('pcre.backtrack_limit')) { - $temp = $str; - } else { - $temp = preg_replace('#.*?^-+[^-]+-+[\r\n ]*$#ms', '', $str, 1); - $temp = preg_replace('#-+END.*[\r\n ]*.*#ms', '', $temp, 1); - } - // remove new lines - $temp = str_replace(["\r", "\n", ' '], '', $temp); - // remove the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- stuff - $temp = preg_replace('#^-+[^-]+-+|-+[^-]+-+$#', '', $temp); - $temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? Strings::base64_decode($temp) : false; - return $temp != false ? $temp : $str; - } - - /** - * DER-encode the length - * - * DER supports lengths up to (2**8)**127, however, we'll only support lengths up to (2**8)**4. See - * {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 paragraph 8.1.3} for more information. - * - * @param int $length - * @return string - */ - public static function encodeLength($length) - { - if ($length <= 0x7F) { - return chr($length); - } - - $temp = ltrim(pack('N', $length), chr(0)); - return pack('Ca*', 0x80 | strlen($temp), $temp); - } - - /** - * Returns the OID corresponding to a name - * - * What's returned in the associative array returned by loadX509() (or load*()) is either a name or an OID if - * no OID to name mapping is available. The problem with this is that what may be an unmapped OID in one version - * of phpseclib may not be unmapped in the next version, so apps that are looking at this OID may not be able - * to work from version to version. - * - * This method will return the OID if a name is passed to it and if no mapping is avialable it'll assume that - * what's being passed to it already is an OID and return that instead. A few examples. - * - * getOID('2.16.840.1.101.3.4.2.1') == '2.16.840.1.101.3.4.2.1' - * getOID('id-sha256') == '2.16.840.1.101.3.4.2.1' - * getOID('zzz') == 'zzz' - * - * @param string $name - * @return string - */ - public static function getOID($name) - { - return isset(self::$reverseOIDs[$name]) ? self::$reverseOIDs[$name] : $name; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Element.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Element.php deleted file mode 100644 index 6540b42..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Element.php +++ /dev/null @@ -1,43 +0,0 @@ - - * @copyright 2012 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1; - -/** - * ASN.1 Raw Element - * - * An ASN.1 ANY mapping will return an ASN1\Element object. Use of this object - * will also bypass the normal encoding rules in ASN1::encodeDER() - * - * @author Jim Wigginton - */ -class Element -{ - /** - * Raw element value - * - * @var string - */ - public $element; - - /** - * Constructor - * - * @param string $encoded - * @return \phpseclib3\File\ASN1\Element - */ - public function __construct($encoded) - { - $this->element = $encoded; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AccessDescription.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AccessDescription.php deleted file mode 100644 index 1cbc5a5..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AccessDescription.php +++ /dev/null @@ -1,32 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * AccessDescription - * - * @author Jim Wigginton - */ -abstract class AccessDescription -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'accessMethod' => ['type' => ASN1::TYPE_OBJECT_IDENTIFIER], - 'accessLocation' => GeneralName::MAP - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AdministrationDomainName.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AdministrationDomainName.php deleted file mode 100644 index 04183a1..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AdministrationDomainName.php +++ /dev/null @@ -1,36 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * AdministrationDomainName - * - * @author Jim Wigginton - */ -abstract class AdministrationDomainName -{ - const MAP = [ - 'type' => ASN1::TYPE_CHOICE, - // if class isn't present it's assumed to be \phpseclib3\File\ASN1::CLASS_UNIVERSAL or - // (if constant is present) \phpseclib3\File\ASN1::CLASS_CONTEXT_SPECIFIC - 'class' => ASN1::CLASS_APPLICATION, - 'cast' => 2, - 'children' => [ - 'numeric' => ['type' => ASN1::TYPE_NUMERIC_STRING], - 'printable' => ['type' => ASN1::TYPE_PRINTABLE_STRING] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AlgorithmIdentifier.php deleted file mode 100644 index 0da7eb1..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AlgorithmIdentifier.php +++ /dev/null @@ -1,35 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * AlgorithmIdentifier - * - * @author Jim Wigginton - */ -abstract class AlgorithmIdentifier -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'algorithm' => ['type' => ASN1::TYPE_OBJECT_IDENTIFIER], - 'parameters' => [ - 'type' => ASN1::TYPE_ANY, - 'optional' => true - ] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AnotherName.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AnotherName.php deleted file mode 100644 index d96c170..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AnotherName.php +++ /dev/null @@ -1,37 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * AnotherName - * - * @author Jim Wigginton - */ -abstract class AnotherName -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'type-id' => ['type' => ASN1::TYPE_OBJECT_IDENTIFIER], - 'value' => [ - 'type' => ASN1::TYPE_ANY, - 'constant' => 0, - 'optional' => true, - 'explicit' => true - ] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Attribute.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Attribute.php deleted file mode 100644 index 38a6aee..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Attribute.php +++ /dev/null @@ -1,37 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * Attribute - * - * @author Jim Wigginton - */ -abstract class Attribute -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'type' => AttributeType::MAP, - 'value' => [ - 'type' => ASN1::TYPE_SET, - 'min' => 1, - 'max' => -1, - 'children' => AttributeValue::MAP - ] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AttributeType.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AttributeType.php deleted file mode 100644 index 5cbc2bc..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AttributeType.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * AttributeType - * - * @author Jim Wigginton - */ -abstract class AttributeType -{ - const MAP = ['type' => ASN1::TYPE_OBJECT_IDENTIFIER]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AttributeTypeAndValue.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AttributeTypeAndValue.php deleted file mode 100644 index fe414f1..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AttributeTypeAndValue.php +++ /dev/null @@ -1,32 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * AttributeTypeAndValue - * - * @author Jim Wigginton - */ -abstract class AttributeTypeAndValue -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'type' => AttributeType::MAP, - 'value' => AttributeValue::MAP - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AttributeValue.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AttributeValue.php deleted file mode 100644 index 3b3b6d2..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AttributeValue.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * AttributeValue - * - * @author Jim Wigginton - */ -abstract class AttributeValue -{ - const MAP = ['type' => ASN1::TYPE_ANY]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Attributes.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Attributes.php deleted file mode 100644 index cd53ecf..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Attributes.php +++ /dev/null @@ -1,31 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * Attributes - * - * @author Jim Wigginton - */ -abstract class Attributes -{ - const MAP = [ - 'type' => ASN1::TYPE_SET, - 'min' => 1, - 'max' => -1, - 'children' => Attribute::MAP - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AuthorityInfoAccessSyntax.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AuthorityInfoAccessSyntax.php deleted file mode 100644 index 3e80a55..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AuthorityInfoAccessSyntax.php +++ /dev/null @@ -1,31 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * AuthorityInfoAccessSyntax - * - * @author Jim Wigginton - */ -abstract class AuthorityInfoAccessSyntax -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 1, - 'max' => -1, - 'children' => AccessDescription::MAP - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AuthorityKeyIdentifier.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AuthorityKeyIdentifier.php deleted file mode 100644 index e7ec5b2..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/AuthorityKeyIdentifier.php +++ /dev/null @@ -1,45 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * AuthorityKeyIdentifier - * - * @author Jim Wigginton - */ -abstract class AuthorityKeyIdentifier -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'keyIdentifier' => [ - 'constant' => 0, - 'optional' => true, - 'implicit' => true - ] + KeyIdentifier::MAP, - 'authorityCertIssuer' => [ - 'constant' => 1, - 'optional' => true, - 'implicit' => true - ] + GeneralNames::MAP, - 'authorityCertSerialNumber' => [ - 'constant' => 2, - 'optional' => true, - 'implicit' => true - ] + CertificateSerialNumber::MAP - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BaseDistance.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BaseDistance.php deleted file mode 100644 index e59668a..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BaseDistance.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * BaseDistance - * - * @author Jim Wigginton - */ -abstract class BaseDistance -{ - const MAP = ['type' => ASN1::TYPE_INTEGER]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BasicConstraints.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BasicConstraints.php deleted file mode 100644 index 587ef1b..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BasicConstraints.php +++ /dev/null @@ -1,39 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * BasicConstraints - * - * @author Jim Wigginton - */ -abstract class BasicConstraints -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'cA' => [ - 'type' => ASN1::TYPE_BOOLEAN, - 'optional' => true, - 'default' => false - ], - 'pathLenConstraint' => [ - 'type' => ASN1::TYPE_INTEGER, - 'optional' => true - ] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BuiltInDomainDefinedAttribute.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BuiltInDomainDefinedAttribute.php deleted file mode 100644 index e81bc78..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BuiltInDomainDefinedAttribute.php +++ /dev/null @@ -1,32 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * BuiltInDomainDefinedAttribute - * - * @author Jim Wigginton - */ -abstract class BuiltInDomainDefinedAttribute -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'type' => ['type' => ASN1::TYPE_PRINTABLE_STRING], - 'value' => ['type' => ASN1::TYPE_PRINTABLE_STRING] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BuiltInDomainDefinedAttributes.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BuiltInDomainDefinedAttributes.php deleted file mode 100644 index 471e88f..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BuiltInDomainDefinedAttributes.php +++ /dev/null @@ -1,31 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * BuiltInDomainDefinedAttributes - * - * @author Jim Wigginton - */ -abstract class BuiltInDomainDefinedAttributes -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 1, - 'max' => 4, // ub-domain-defined-attributes - 'children' => BuiltInDomainDefinedAttribute::MAP - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BuiltInStandardAttributes.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BuiltInStandardAttributes.php deleted file mode 100644 index 752f400..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/BuiltInStandardAttributes.php +++ /dev/null @@ -1,67 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * BuiltInStandardAttributes - * - * @author Jim Wigginton - */ -abstract class BuiltInStandardAttributes -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'country-name' => ['optional' => true] + CountryName::MAP, - 'administration-domain-name' => ['optional' => true] + AdministrationDomainName::MAP, - 'network-address' => [ - 'constant' => 0, - 'optional' => true, - 'implicit' => true - ] + NetworkAddress::MAP, - 'terminal-identifier' => [ - 'constant' => 1, - 'optional' => true, - 'implicit' => true - ] + TerminalIdentifier::MAP, - 'private-domain-name' => [ - 'constant' => 2, - 'optional' => true, - 'explicit' => true - ] + PrivateDomainName::MAP, - 'organization-name' => [ - 'constant' => 3, - 'optional' => true, - 'implicit' => true - ] + OrganizationName::MAP, - 'numeric-user-identifier' => [ - 'constant' => 4, - 'optional' => true, - 'implicit' => true - ] + NumericUserIdentifier::MAP, - 'personal-name' => [ - 'constant' => 5, - 'optional' => true, - 'implicit' => true - ] + PersonalName::MAP, - 'organizational-unit-names' => [ - 'constant' => 6, - 'optional' => true, - 'implicit' => true - ] + OrganizationalUnitNames::MAP - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CPSuri.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CPSuri.php deleted file mode 100644 index 56e5888..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CPSuri.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * CPSuri - * - * @author Jim Wigginton - */ -abstract class CPSuri -{ - const MAP = ['type' => ASN1::TYPE_IA5_STRING]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CRLDistributionPoints.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CRLDistributionPoints.php deleted file mode 100644 index 79860b2..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CRLDistributionPoints.php +++ /dev/null @@ -1,31 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * CRLDistributionPoints - * - * @author Jim Wigginton - */ -abstract class CRLDistributionPoints -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 1, - 'max' => -1, - 'children' => DistributionPoint::MAP - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CRLNumber.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CRLNumber.php deleted file mode 100644 index f6cb956..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CRLNumber.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * CRLNumber - * - * @author Jim Wigginton - */ -abstract class CRLNumber -{ - const MAP = ['type' => ASN1::TYPE_INTEGER]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CRLReason.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CRLReason.php deleted file mode 100644 index d373652..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CRLReason.php +++ /dev/null @@ -1,41 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * CRLReason - * - * @author Jim Wigginton - */ -abstract class CRLReason -{ - const MAP = [ - 'type' => ASN1::TYPE_ENUMERATED, - 'mapping' => [ - 'unspecified', - 'keyCompromise', - 'cACompromise', - 'affiliationChanged', - 'superseded', - 'cessationOfOperation', - 'certificateHold', - // Value 7 is not used. - 8 => 'removeFromCRL', - 'privilegeWithdrawn', - 'aACompromise' - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertPolicyId.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertPolicyId.php deleted file mode 100644 index d7e7776..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertPolicyId.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * CertPolicyId - * - * @author Jim Wigginton - */ -abstract class CertPolicyId -{ - const MAP = ['type' => ASN1::TYPE_OBJECT_IDENTIFIER]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Certificate.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Certificate.php deleted file mode 100644 index 01943a0..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Certificate.php +++ /dev/null @@ -1,33 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * Certificate - * - * @author Jim Wigginton - */ -abstract class Certificate -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'tbsCertificate' => TBSCertificate::MAP, - 'signatureAlgorithm' => AlgorithmIdentifier::MAP, - 'signature' => ['type' => ASN1::TYPE_BIT_STRING] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificateIssuer.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificateIssuer.php deleted file mode 100644 index ccd68dd..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificateIssuer.php +++ /dev/null @@ -1,24 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -/** - * CertificateIssuer - * - * @author Jim Wigginton - */ -abstract class CertificateIssuer -{ - const MAP = GeneralNames::MAP; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificateList.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificateList.php deleted file mode 100644 index d54ed6d..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificateList.php +++ /dev/null @@ -1,33 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * CertificateList - * - * @author Jim Wigginton - */ -abstract class CertificateList -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'tbsCertList' => TBSCertList::MAP, - 'signatureAlgorithm' => AlgorithmIdentifier::MAP, - 'signature' => ['type' => ASN1::TYPE_BIT_STRING] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificatePolicies.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificatePolicies.php deleted file mode 100644 index ec0fa6b..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificatePolicies.php +++ /dev/null @@ -1,31 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * CertificatePolicies - * - * @author Jim Wigginton - */ -abstract class CertificatePolicies -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 1, - 'max' => -1, - 'children' => PolicyInformation::MAP - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificateSerialNumber.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificateSerialNumber.php deleted file mode 100644 index 06ec944..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificateSerialNumber.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * CertificateSerialNumber - * - * @author Jim Wigginton - */ -abstract class CertificateSerialNumber -{ - const MAP = ['type' => ASN1::TYPE_INTEGER]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificationRequest.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificationRequest.php deleted file mode 100644 index 2da70ed..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificationRequest.php +++ /dev/null @@ -1,33 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * CertificationRequest - * - * @author Jim Wigginton - */ -abstract class CertificationRequest -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'certificationRequestInfo' => CertificationRequestInfo::MAP, - 'signatureAlgorithm' => AlgorithmIdentifier::MAP, - 'signature' => ['type' => ASN1::TYPE_BIT_STRING] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificationRequestInfo.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificationRequestInfo.php deleted file mode 100644 index ce6dc88..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CertificationRequestInfo.php +++ /dev/null @@ -1,41 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * CertificationRequestInfo - * - * @author Jim Wigginton - */ -abstract class CertificationRequestInfo -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'version' => [ - 'type' => ASN1::TYPE_INTEGER, - 'mapping' => ['v1'] - ], - 'subject' => Name::MAP, - 'subjectPKInfo' => SubjectPublicKeyInfo::MAP, - 'attributes' => [ - 'constant' => 0, - 'optional' => true, - 'implicit' => true - ] + Attributes::MAP, - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Characteristic_two.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Characteristic_two.php deleted file mode 100644 index 5bf59bb..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Characteristic_two.php +++ /dev/null @@ -1,36 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * Characteristic_two - * - * @author Jim Wigginton - */ -abstract class Characteristic_two -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'm' => ['type' => ASN1::TYPE_INTEGER], // field size 2**m - 'basis' => ['type' => ASN1::TYPE_OBJECT_IDENTIFIER], - 'parameters' => [ - 'type' => ASN1::TYPE_ANY, - 'optional' => true - ] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CountryName.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CountryName.php deleted file mode 100644 index 737d844..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/CountryName.php +++ /dev/null @@ -1,36 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * CountryName - * - * @author Jim Wigginton - */ -abstract class CountryName -{ - const MAP = [ - 'type' => ASN1::TYPE_CHOICE, - // if class isn't present it's assumed to be \phpseclib3\File\ASN1::CLASS_UNIVERSAL or - // (if constant is present) \phpseclib3\File\ASN1::CLASS_CONTEXT_SPECIFIC - 'class' => ASN1::CLASS_APPLICATION, - 'cast' => 1, - 'children' => [ - 'x121-dcc-code' => ['type' => ASN1::TYPE_NUMERIC_STRING], - 'iso-3166-alpha2-code' => ['type' => ASN1::TYPE_PRINTABLE_STRING] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Curve.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Curve.php deleted file mode 100644 index 621f103..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Curve.php +++ /dev/null @@ -1,36 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * Curve - * - * @author Jim Wigginton - */ -abstract class Curve -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'a' => FieldElement::MAP, - 'b' => FieldElement::MAP, - 'seed' => [ - 'type' => ASN1::TYPE_BIT_STRING, - 'optional' => true - ] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DHParameter.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DHParameter.php deleted file mode 100644 index 26863db..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DHParameter.php +++ /dev/null @@ -1,38 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * DHParameter - * - * @author Jim Wigginton - */ -abstract class DHParameter -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'prime' => ['type' => ASN1::TYPE_INTEGER], - 'base' => ['type' => ASN1::TYPE_INTEGER], - 'privateValueLength' => [ - 'type' => ASN1::TYPE_INTEGER, - 'optional' => true - ] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DSAParams.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DSAParams.php deleted file mode 100644 index 7af397b..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DSAParams.php +++ /dev/null @@ -1,33 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * DSAParams - * - * @author Jim Wigginton - */ -abstract class DSAParams -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'p' => ['type' => ASN1::TYPE_INTEGER], - 'q' => ['type' => ASN1::TYPE_INTEGER], - 'g' => ['type' => ASN1::TYPE_INTEGER] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DSAPrivateKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DSAPrivateKey.php deleted file mode 100644 index d97cd02..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DSAPrivateKey.php +++ /dev/null @@ -1,36 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * DSAPrivateKey - * - * @author Jim Wigginton - */ -abstract class DSAPrivateKey -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'version' => ['type' => ASN1::TYPE_INTEGER], - 'p' => ['type' => ASN1::TYPE_INTEGER], - 'q' => ['type' => ASN1::TYPE_INTEGER], - 'g' => ['type' => ASN1::TYPE_INTEGER], - 'y' => ['type' => ASN1::TYPE_INTEGER], - 'x' => ['type' => ASN1::TYPE_INTEGER] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DSAPublicKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DSAPublicKey.php deleted file mode 100644 index f795747..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DSAPublicKey.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * DSAPublicKey - * - * @author Jim Wigginton - */ -abstract class DSAPublicKey -{ - const MAP = ['type' => ASN1::TYPE_INTEGER]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DigestInfo.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DigestInfo.php deleted file mode 100644 index b38ff3c..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DigestInfo.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * DigestInfo - * - * from https://tools.ietf.org/html/rfc2898#appendix-A.3 - * - * @author Jim Wigginton - */ -abstract class DigestInfo -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'digestAlgorithm' => AlgorithmIdentifier::MAP, - 'digest' => ['type' => ASN1::TYPE_OCTET_STRING] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DirectoryString.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DirectoryString.php deleted file mode 100644 index 45218e3..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DirectoryString.php +++ /dev/null @@ -1,35 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * DirectoryString - * - * @author Jim Wigginton - */ -abstract class DirectoryString -{ - const MAP = [ - 'type' => ASN1::TYPE_CHOICE, - 'children' => [ - 'teletexString' => ['type' => ASN1::TYPE_TELETEX_STRING], - 'printableString' => ['type' => ASN1::TYPE_PRINTABLE_STRING], - 'universalString' => ['type' => ASN1::TYPE_UNIVERSAL_STRING], - 'utf8String' => ['type' => ASN1::TYPE_UTF8_STRING], - 'bmpString' => ['type' => ASN1::TYPE_BMP_STRING] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DisplayText.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DisplayText.php deleted file mode 100644 index a13e6a6..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DisplayText.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * DisplayText - * - * @author Jim Wigginton - */ -abstract class DisplayText -{ - const MAP = [ - 'type' => ASN1::TYPE_CHOICE, - 'children' => [ - 'ia5String' => ['type' => ASN1::TYPE_IA5_STRING], - 'visibleString' => ['type' => ASN1::TYPE_VISIBLE_STRING], - 'bmpString' => ['type' => ASN1::TYPE_BMP_STRING], - 'utf8String' => ['type' => ASN1::TYPE_UTF8_STRING] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DistributionPoint.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DistributionPoint.php deleted file mode 100644 index 4d9af6b..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DistributionPoint.php +++ /dev/null @@ -1,45 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * DistributionPoint - * - * @author Jim Wigginton - */ -abstract class DistributionPoint -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'distributionPoint' => [ - 'constant' => 0, - 'optional' => true, - 'explicit' => true - ] + DistributionPointName::MAP, - 'reasons' => [ - 'constant' => 1, - 'optional' => true, - 'implicit' => true - ] + ReasonFlags::MAP, - 'cRLIssuer' => [ - 'constant' => 2, - 'optional' => true, - 'implicit' => true - ] + GeneralNames::MAP - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DistributionPointName.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DistributionPointName.php deleted file mode 100644 index bc0cec8..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DistributionPointName.php +++ /dev/null @@ -1,40 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * DistributionPointName - * - * @author Jim Wigginton - */ -abstract class DistributionPointName -{ - const MAP = [ - 'type' => ASN1::TYPE_CHOICE, - 'children' => [ - 'fullName' => [ - 'constant' => 0, - 'optional' => true, - 'implicit' => true - ] + GeneralNames::MAP, - 'nameRelativeToCRLIssuer' => [ - 'constant' => 1, - 'optional' => true, - 'implicit' => true - ] + RelativeDistinguishedName::MAP - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DssSigValue.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DssSigValue.php deleted file mode 100644 index 2af7408..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/DssSigValue.php +++ /dev/null @@ -1,32 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * DssSigValue - * - * @author Jim Wigginton - */ -abstract class DssSigValue -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'r' => ['type' => ASN1::TYPE_INTEGER], - 's' => ['type' => ASN1::TYPE_INTEGER] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ECParameters.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ECParameters.php deleted file mode 100644 index f25f6fa..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ECParameters.php +++ /dev/null @@ -1,45 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * ECParameters - * - * ECParameters ::= CHOICE { - * namedCurve OBJECT IDENTIFIER - * -- implicitCurve NULL - * -- specifiedCurve SpecifiedECDomain - * } - * -- implicitCurve and specifiedCurve MUST NOT be used in PKIX. - * -- Details for SpecifiedECDomain can be found in [X9.62]. - * -- Any future additions to this CHOICE should be coordinated - * -- with ANSI X9. - * - * @author Jim Wigginton - */ -abstract class ECParameters -{ - const MAP = [ - 'type' => ASN1::TYPE_CHOICE, - 'children' => [ - 'namedCurve' => ['type' => ASN1::TYPE_OBJECT_IDENTIFIER], - 'implicitCurve' => ['type' => ASN1::TYPE_NULL], - 'specifiedCurve' => SpecifiedECDomain::MAP - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ECPoint.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ECPoint.php deleted file mode 100644 index fb11db8..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ECPoint.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * ECPoint - * - * @author Jim Wigginton - */ -abstract class ECPoint -{ - const MAP = ['type' => ASN1::TYPE_OCTET_STRING]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ECPrivateKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ECPrivateKey.php deleted file mode 100644 index 7454f38..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ECPrivateKey.php +++ /dev/null @@ -1,48 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * ECPrivateKey - * - * @author Jim Wigginton - */ -abstract class ECPrivateKey -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'version' => [ - 'type' => ASN1::TYPE_INTEGER, - 'mapping' => [1 => 'ecPrivkeyVer1'] - ], - 'privateKey' => ['type' => ASN1::TYPE_OCTET_STRING], - 'parameters' => [ - 'constant' => 0, - 'optional' => true, - 'explicit' => true - ] + ECParameters::MAP, - 'publicKey' => [ - 'type' => ASN1::TYPE_BIT_STRING, - 'constant' => 1, - 'optional' => true, - 'explicit' => true - ] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EDIPartyName.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EDIPartyName.php deleted file mode 100644 index ea7dcf1..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EDIPartyName.php +++ /dev/null @@ -1,42 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * EDIPartyName - * - * @author Jim Wigginton - */ -abstract class EDIPartyName -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'nameAssigner' => [ - 'constant' => 0, - 'optional' => true, - 'implicit' => true - ] + DirectoryString::MAP, - // partyName is technically required but \phpseclib3\File\ASN1 doesn't currently support non-optional constants and - // setting it to optional gets the job done in any event. - 'partyName' => [ - 'constant' => 1, - 'optional' => true, - 'implicit' => true - ] + DirectoryString::MAP - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EcdsaSigValue.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EcdsaSigValue.php deleted file mode 100644 index 8ab9ff1..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EcdsaSigValue.php +++ /dev/null @@ -1,32 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * EcdsaSigValue - * - * @author Jim Wigginton - */ -abstract class EcdsaSigValue -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'r' => ['type' => ASN1::TYPE_INTEGER], - 's' => ['type' => ASN1::TYPE_INTEGER] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EncryptedData.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EncryptedData.php deleted file mode 100644 index 8d8739e..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EncryptedData.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * EncryptedData - * - * @author Jim Wigginton - */ -abstract class EncryptedData -{ - const MAP = ['type' => ASN1::TYPE_OCTET_STRING]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EncryptedPrivateKeyInfo.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EncryptedPrivateKeyInfo.php deleted file mode 100644 index 2c93567..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/EncryptedPrivateKeyInfo.php +++ /dev/null @@ -1,32 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * EncryptedPrivateKeyInfo - * - * @author Jim Wigginton - */ -abstract class EncryptedPrivateKeyInfo -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'encryptionAlgorithm' => AlgorithmIdentifier::MAP, - 'encryptedData' => EncryptedData::MAP - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ExtKeyUsageSyntax.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ExtKeyUsageSyntax.php deleted file mode 100644 index f9bc5de..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ExtKeyUsageSyntax.php +++ /dev/null @@ -1,31 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * ExtKeyUsageSyntax - * - * @author Jim Wigginton - */ -abstract class ExtKeyUsageSyntax -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 1, - 'max' => -1, - 'children' => KeyPurposeId::MAP - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Extension.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Extension.php deleted file mode 100644 index e32668f..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Extension.php +++ /dev/null @@ -1,43 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * Extension - * - * A certificate using system MUST reject the certificate if it encounters - * a critical extension it does not recognize; however, a non-critical - * extension may be ignored if it is not recognized. - * - * http://tools.ietf.org/html/rfc5280#section-4.2 - * - * @author Jim Wigginton - */ -abstract class Extension -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'extnId' => ['type' => ASN1::TYPE_OBJECT_IDENTIFIER], - 'critical' => [ - 'type' => ASN1::TYPE_BOOLEAN, - 'optional' => true, - 'default' => false - ], - 'extnValue' => ['type' => ASN1::TYPE_OCTET_STRING] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ExtensionAttribute.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ExtensionAttribute.php deleted file mode 100644 index 565b36d..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ExtensionAttribute.php +++ /dev/null @@ -1,42 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * ExtensionAttribute - * - * @author Jim Wigginton - */ -abstract class ExtensionAttribute -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'extension-attribute-type' => [ - 'type' => ASN1::TYPE_PRINTABLE_STRING, - 'constant' => 0, - 'optional' => true, - 'implicit' => true - ], - 'extension-attribute-value' => [ - 'type' => ASN1::TYPE_ANY, - 'constant' => 1, - 'optional' => true, - 'explicit' => true - ] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ExtensionAttributes.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ExtensionAttributes.php deleted file mode 100644 index a2e9bfa..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ExtensionAttributes.php +++ /dev/null @@ -1,31 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * ExtensionAttributes - * - * @author Jim Wigginton - */ -abstract class ExtensionAttributes -{ - const MAP = [ - 'type' => ASN1::TYPE_SET, - 'min' => 1, - 'max' => 256, // ub-extension-attributes - 'children' => ExtensionAttribute::MAP - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Extensions.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Extensions.php deleted file mode 100644 index 5015c97..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Extensions.php +++ /dev/null @@ -1,33 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * Extensions - * - * @author Jim Wigginton - */ -abstract class Extensions -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 1, - // technically, it's MAX, but we'll assume anything < 0 is MAX - 'max' => -1, - // if 'children' isn't an array then 'min' and 'max' must be defined - 'children' => Extension::MAP - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/FieldElement.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/FieldElement.php deleted file mode 100644 index 3173407..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/FieldElement.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * FieldElement - * - * @author Jim Wigginton - */ -abstract class FieldElement -{ - const MAP = ['type' => ASN1::TYPE_OCTET_STRING]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/FieldID.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/FieldID.php deleted file mode 100644 index e32a9c0..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/FieldID.php +++ /dev/null @@ -1,35 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * FieldID - * - * @author Jim Wigginton - */ -abstract class FieldID -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'fieldType' => ['type' => ASN1::TYPE_OBJECT_IDENTIFIER], - 'parameters' => [ - 'type' => ASN1::TYPE_ANY, - 'optional' => true - ] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralName.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralName.php deleted file mode 100644 index 57d86da..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralName.php +++ /dev/null @@ -1,80 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * GeneralName - * - * @author Jim Wigginton - */ -abstract class GeneralName -{ - const MAP = [ - 'type' => ASN1::TYPE_CHOICE, - 'children' => [ - 'otherName' => [ - 'constant' => 0, - 'optional' => true, - 'implicit' => true - ] + AnotherName::MAP, - 'rfc822Name' => [ - 'type' => ASN1::TYPE_IA5_STRING, - 'constant' => 1, - 'optional' => true, - 'implicit' => true - ], - 'dNSName' => [ - 'type' => ASN1::TYPE_IA5_STRING, - 'constant' => 2, - 'optional' => true, - 'implicit' => true - ], - 'x400Address' => [ - 'constant' => 3, - 'optional' => true, - 'implicit' => true - ] + ORAddress::MAP, - 'directoryName' => [ - 'constant' => 4, - 'optional' => true, - 'explicit' => true - ] + Name::MAP, - 'ediPartyName' => [ - 'constant' => 5, - 'optional' => true, - 'implicit' => true - ] + EDIPartyName::MAP, - 'uniformResourceIdentifier' => [ - 'type' => ASN1::TYPE_IA5_STRING, - 'constant' => 6, - 'optional' => true, - 'implicit' => true - ], - 'iPAddress' => [ - 'type' => ASN1::TYPE_OCTET_STRING, - 'constant' => 7, - 'optional' => true, - 'implicit' => true - ], - 'registeredID' => [ - 'type' => ASN1::TYPE_OBJECT_IDENTIFIER, - 'constant' => 8, - 'optional' => true, - 'implicit' => true - ] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralNames.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralNames.php deleted file mode 100644 index 5d93153..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralNames.php +++ /dev/null @@ -1,31 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * GeneralNames - * - * @author Jim Wigginton - */ -abstract class GeneralNames -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 1, - 'max' => -1, - 'children' => GeneralName::MAP - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralSubtree.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralSubtree.php deleted file mode 100644 index 5388db5..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralSubtree.php +++ /dev/null @@ -1,42 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * GeneralSubtree - * - * @author Jim Wigginton - */ -abstract class GeneralSubtree -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'base' => GeneralName::MAP, - 'minimum' => [ - 'constant' => 0, - 'optional' => true, - 'implicit' => true, - 'default' => '0' - ] + BaseDistance::MAP, - 'maximum' => [ - 'constant' => 1, - 'optional' => true, - 'implicit' => true, - ] + BaseDistance::MAP - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralSubtrees.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralSubtrees.php deleted file mode 100644 index 27548cf..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/GeneralSubtrees.php +++ /dev/null @@ -1,31 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * GeneralSubtrees - * - * @author Jim Wigginton - */ -abstract class GeneralSubtrees -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 1, - 'max' => -1, - 'children' => GeneralSubtree::MAP - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/HashAlgorithm.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/HashAlgorithm.php deleted file mode 100644 index deb13ca..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/HashAlgorithm.php +++ /dev/null @@ -1,24 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -/** - * HashAglorithm - * - * @author Jim Wigginton - */ -abstract class HashAlgorithm -{ - const MAP = AlgorithmIdentifier::MAP; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/HoldInstructionCode.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/HoldInstructionCode.php deleted file mode 100644 index 88d6ff3..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/HoldInstructionCode.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * HoldInstructionCode - * - * @author Jim Wigginton - */ -abstract class HoldInstructionCode -{ - const MAP = ['type' => ASN1::TYPE_OBJECT_IDENTIFIER]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/InvalidityDate.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/InvalidityDate.php deleted file mode 100644 index f34b5f7..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/InvalidityDate.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * InvalidityDate - * - * @author Jim Wigginton - */ -abstract class InvalidityDate -{ - const MAP = ['type' => ASN1::TYPE_GENERALIZED_TIME]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/IssuerAltName.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/IssuerAltName.php deleted file mode 100644 index e9d0324..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/IssuerAltName.php +++ /dev/null @@ -1,24 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -/** - * IssuerAltName - * - * @author Jim Wigginton - */ -abstract class IssuerAltName -{ - const MAP = GeneralNames::MAP; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/IssuingDistributionPoint.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/IssuingDistributionPoint.php deleted file mode 100644 index 415996f..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/IssuingDistributionPoint.php +++ /dev/null @@ -1,68 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * IssuingDistributionPoint - * - * @author Jim Wigginton - */ -abstract class IssuingDistributionPoint -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'distributionPoint' => [ - 'constant' => 0, - 'optional' => true, - 'explicit' => true - ] + DistributionPointName::MAP, - 'onlyContainsUserCerts' => [ - 'type' => ASN1::TYPE_BOOLEAN, - 'constant' => 1, - 'optional' => true, - 'default' => false, - 'implicit' => true - ], - 'onlyContainsCACerts' => [ - 'type' => ASN1::TYPE_BOOLEAN, - 'constant' => 2, - 'optional' => true, - 'default' => false, - 'implicit' => true - ], - 'onlySomeReasons' => [ - 'constant' => 3, - 'optional' => true, - 'implicit' => true - ] + ReasonFlags::MAP, - 'indirectCRL' => [ - 'type' => ASN1::TYPE_BOOLEAN, - 'constant' => 4, - 'optional' => true, - 'default' => false, - 'implicit' => true - ], - 'onlyContainsAttributeCerts' => [ - 'type' => ASN1::TYPE_BOOLEAN, - 'constant' => 5, - 'optional' => true, - 'default' => false, - 'implicit' => true - ] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/KeyIdentifier.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/KeyIdentifier.php deleted file mode 100644 index 82a4151..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/KeyIdentifier.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * KeyIdentifier - * - * @author Jim Wigginton - */ -abstract class KeyIdentifier -{ - const MAP = ['type' => ASN1::TYPE_OCTET_STRING]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/KeyPurposeId.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/KeyPurposeId.php deleted file mode 100644 index b8509f1..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/KeyPurposeId.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * KeyPurposeId - * - * @author Jim Wigginton - */ -abstract class KeyPurposeId -{ - const MAP = ['type' => ASN1::TYPE_OBJECT_IDENTIFIER]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/KeyUsage.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/KeyUsage.php deleted file mode 100644 index 827ce03..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/KeyUsage.php +++ /dev/null @@ -1,39 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * KeyUsage - * - * @author Jim Wigginton - */ -abstract class KeyUsage -{ - const MAP = [ - 'type' => ASN1::TYPE_BIT_STRING, - 'mapping' => [ - 'digitalSignature', - 'nonRepudiation', - 'keyEncipherment', - 'dataEncipherment', - 'keyAgreement', - 'keyCertSign', - 'cRLSign', - 'encipherOnly', - 'decipherOnly' - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/MaskGenAlgorithm.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/MaskGenAlgorithm.php deleted file mode 100644 index ea3f998..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/MaskGenAlgorithm.php +++ /dev/null @@ -1,24 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -/** - * MaskGenAglorithm - * - * @author Jim Wigginton - */ -abstract class MaskGenAlgorithm -{ - const MAP = AlgorithmIdentifier::MAP; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Name.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Name.php deleted file mode 100644 index a6a9009..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Name.php +++ /dev/null @@ -1,31 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * Name - * - * @author Jim Wigginton - */ -abstract class Name -{ - const MAP = [ - 'type' => ASN1::TYPE_CHOICE, - 'children' => [ - 'rdnSequence' => RDNSequence::MAP - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NameConstraints.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NameConstraints.php deleted file mode 100644 index 80486f9..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NameConstraints.php +++ /dev/null @@ -1,40 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * NameConstraints - * - * @author Jim Wigginton - */ -abstract class NameConstraints -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'permittedSubtrees' => [ - 'constant' => 0, - 'optional' => true, - 'implicit' => true - ] + GeneralSubtrees::MAP, - 'excludedSubtrees' => [ - 'constant' => 1, - 'optional' => true, - 'implicit' => true - ] + GeneralSubtrees::MAP - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NetworkAddress.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NetworkAddress.php deleted file mode 100644 index 6c68df0..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NetworkAddress.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * NetworkAddress - * - * @author Jim Wigginton - */ -abstract class NetworkAddress -{ - const MAP = ['type' => ASN1::TYPE_NUMERIC_STRING]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NoticeReference.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NoticeReference.php deleted file mode 100644 index 9eec123..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NoticeReference.php +++ /dev/null @@ -1,37 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * NoticeReference - * - * @author Jim Wigginton - */ -abstract class NoticeReference -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'organization' => DisplayText::MAP, - 'noticeNumbers' => [ - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 1, - 'max' => 200, - 'children' => ['type' => ASN1::TYPE_INTEGER] - ] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NumericUserIdentifier.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NumericUserIdentifier.php deleted file mode 100644 index 635a89d..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/NumericUserIdentifier.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * NumericUserIdentifier - * - * @author Jim Wigginton - */ -abstract class NumericUserIdentifier -{ - const MAP = ['type' => ASN1::TYPE_NUMERIC_STRING]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ORAddress.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ORAddress.php deleted file mode 100644 index b853abe..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ORAddress.php +++ /dev/null @@ -1,33 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * ORAddress - * - * @author Jim Wigginton - */ -abstract class ORAddress -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'built-in-standard-attributes' => BuiltInStandardAttributes::MAP, - 'built-in-domain-defined-attributes' => ['optional' => true] + BuiltInDomainDefinedAttributes::MAP, - 'extension-attributes' => ['optional' => true] + ExtensionAttributes::MAP - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OneAsymmetricKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OneAsymmetricKey.php deleted file mode 100644 index 5953024..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OneAsymmetricKey.php +++ /dev/null @@ -1,48 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * OneAsymmetricKey - * - * @author Jim Wigginton - */ -abstract class OneAsymmetricKey -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'version' => [ - 'type' => ASN1::TYPE_INTEGER, - 'mapping' => ['v1', 'v2'] - ], - 'privateKeyAlgorithm' => AlgorithmIdentifier::MAP, - 'privateKey' => PrivateKey::MAP, - 'attributes' => [ - 'constant' => 0, - 'optional' => true, - 'implicit' => true - ] + Attributes::MAP, - 'publicKey' => [ - 'constant' => 1, - 'optional' => true, - 'implicit' => true - ] + PublicKey::MAP - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OrganizationName.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OrganizationName.php deleted file mode 100644 index b5cc949..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OrganizationName.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * OrganizationName - * - * @author Jim Wigginton - */ -abstract class OrganizationName -{ - const MAP = ['type' => ASN1::TYPE_PRINTABLE_STRING]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OrganizationalUnitNames.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OrganizationalUnitNames.php deleted file mode 100644 index b3e5780..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OrganizationalUnitNames.php +++ /dev/null @@ -1,31 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * OrganizationalUnitNames - * - * @author Jim Wigginton - */ -abstract class OrganizationalUnitNames -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 1, - 'max' => 4, // ub-organizational-units - 'children' => ['type' => ASN1::TYPE_PRINTABLE_STRING] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OtherPrimeInfo.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OtherPrimeInfo.php deleted file mode 100644 index 5d56560..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OtherPrimeInfo.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * OtherPrimeInfo - * - * @author Jim Wigginton - */ -abstract class OtherPrimeInfo -{ - // version must be multi if otherPrimeInfos present - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'prime' => ['type' => ASN1::TYPE_INTEGER], // ri - 'exponent' => ['type' => ASN1::TYPE_INTEGER], // di - 'coefficient' => ['type' => ASN1::TYPE_INTEGER] // ti - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OtherPrimeInfos.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OtherPrimeInfos.php deleted file mode 100644 index 9802a80..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/OtherPrimeInfos.php +++ /dev/null @@ -1,32 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * OtherPrimeInfos - * - * @author Jim Wigginton - */ -abstract class OtherPrimeInfos -{ - // version must be multi if otherPrimeInfos present - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 1, - 'max' => -1, - 'children' => OtherPrimeInfo::MAP - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBEParameter.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBEParameter.php deleted file mode 100644 index 8eb27cf..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBEParameter.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * PBEParameter - * - * from https://tools.ietf.org/html/rfc2898#appendix-A.3 - * - * @author Jim Wigginton - */ -abstract class PBEParameter -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'salt' => ['type' => ASN1::TYPE_OCTET_STRING], - 'iterationCount' => ['type' => ASN1::TYPE_INTEGER] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBES2params.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBES2params.php deleted file mode 100644 index bd31699..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBES2params.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * PBES2params - * - * from https://tools.ietf.org/html/rfc2898#appendix-A.3 - * - * @author Jim Wigginton - */ -abstract class PBES2params -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'keyDerivationFunc' => AlgorithmIdentifier::MAP, - 'encryptionScheme' => AlgorithmIdentifier::MAP - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBKDF2params.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBKDF2params.php deleted file mode 100644 index 2dafed9..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBKDF2params.php +++ /dev/null @@ -1,41 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * PBKDF2params - * - * from https://tools.ietf.org/html/rfc2898#appendix-A.3 - * - * @author Jim Wigginton - */ -abstract class PBKDF2params -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - // technically, this is a CHOICE in RFC2898 but the other "choice" is, currently, more of a placeholder - // in the RFC - 'salt' => ['type' => ASN1::TYPE_OCTET_STRING], - 'iterationCount' => ['type' => ASN1::TYPE_INTEGER], - 'keyLength' => [ - 'type' => ASN1::TYPE_INTEGER, - 'optional' => true - ], - 'prf' => AlgorithmIdentifier::MAP + ['optional' => true] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBMAC1params.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBMAC1params.php deleted file mode 100644 index 91319f5..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PBMAC1params.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * PBMAC1params - * - * from https://tools.ietf.org/html/rfc2898#appendix-A.3 - * - * @author Jim Wigginton - */ -abstract class PBMAC1params -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'keyDerivationFunc' => AlgorithmIdentifier::MAP, - 'messageAuthScheme' => AlgorithmIdentifier::MAP - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PKCS9String.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PKCS9String.php deleted file mode 100644 index 87d0862..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PKCS9String.php +++ /dev/null @@ -1,32 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * PKCS9String - * - * @author Jim Wigginton - */ -abstract class PKCS9String -{ - const MAP = [ - 'type' => ASN1::TYPE_CHOICE, - 'children' => [ - 'ia5String' => ['type' => ASN1::TYPE_IA5_STRING], - 'directoryString' => DirectoryString::MAP - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Pentanomial.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Pentanomial.php deleted file mode 100644 index b8c8c02..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Pentanomial.php +++ /dev/null @@ -1,33 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * Pentanomial - * - * @author Jim Wigginton - */ -abstract class Pentanomial -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'k1' => ['type' => ASN1::TYPE_INTEGER], // k1 > 0 - 'k2' => ['type' => ASN1::TYPE_INTEGER], // k2 > k1 - 'k3' => ['type' => ASN1::TYPE_INTEGER], // k3 > h2 - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PersonalName.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PersonalName.php deleted file mode 100644 index 14e2860..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PersonalName.php +++ /dev/null @@ -1,54 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * PersonalName - * - * @author Jim Wigginton - */ -abstract class PersonalName -{ - const MAP = [ - 'type' => ASN1::TYPE_SET, - 'children' => [ - 'surname' => [ - 'type' => ASN1::TYPE_PRINTABLE_STRING, - 'constant' => 0, - 'optional' => true, - 'implicit' => true - ], - 'given-name' => [ - 'type' => ASN1::TYPE_PRINTABLE_STRING, - 'constant' => 1, - 'optional' => true, - 'implicit' => true - ], - 'initials' => [ - 'type' => ASN1::TYPE_PRINTABLE_STRING, - 'constant' => 2, - 'optional' => true, - 'implicit' => true - ], - 'generation-qualifier' => [ - 'type' => ASN1::TYPE_PRINTABLE_STRING, - 'constant' => 3, - 'optional' => true, - 'implicit' => true - ] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyInformation.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyInformation.php deleted file mode 100644 index 1625d19..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyInformation.php +++ /dev/null @@ -1,38 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * PolicyInformation - * - * @author Jim Wigginton - */ -abstract class PolicyInformation -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'policyIdentifier' => CertPolicyId::MAP, - 'policyQualifiers' => [ - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 0, - 'max' => -1, - 'optional' => true, - 'children' => PolicyQualifierInfo::MAP - ] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyMappings.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyMappings.php deleted file mode 100644 index d30b852..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyMappings.php +++ /dev/null @@ -1,37 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * PolicyMappings - * - * @author Jim Wigginton - */ -abstract class PolicyMappings -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 1, - 'max' => -1, - 'children' => [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'issuerDomainPolicy' => CertPolicyId::MAP, - 'subjectDomainPolicy' => CertPolicyId::MAP - ] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyQualifierId.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyQualifierId.php deleted file mode 100644 index 7b7cd6a..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyQualifierId.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * PolicyQualifierId - * - * @author Jim Wigginton - */ -abstract class PolicyQualifierId -{ - const MAP = ['type' => ASN1::TYPE_OBJECT_IDENTIFIER]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyQualifierInfo.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyQualifierInfo.php deleted file mode 100644 index d227702..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PolicyQualifierInfo.php +++ /dev/null @@ -1,32 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * PolicyQualifierInfo - * - * @author Jim Wigginton - */ -abstract class PolicyQualifierInfo -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'policyQualifierId' => PolicyQualifierId::MAP, - 'qualifier' => ['type' => ASN1::TYPE_ANY] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PostalAddress.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PostalAddress.php deleted file mode 100644 index 142b309..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PostalAddress.php +++ /dev/null @@ -1,32 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * PostalAddress - * - * @author Jim Wigginton - */ -abstract class PostalAddress -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'optional' => true, - 'min' => 1, - 'max' => -1, - 'children' => DirectoryString::MAP - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Prime_p.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Prime_p.php deleted file mode 100644 index 7743034..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Prime_p.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * Prime_p - * - * @author Jim Wigginton - */ -abstract class Prime_p -{ - const MAP = ['type' => ASN1::TYPE_INTEGER]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateDomainName.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateDomainName.php deleted file mode 100644 index 195dcaa..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateDomainName.php +++ /dev/null @@ -1,32 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * PrivateDomainName - * - * @author Jim Wigginton - */ -abstract class PrivateDomainName -{ - const MAP = [ - 'type' => ASN1::TYPE_CHOICE, - 'children' => [ - 'numeric' => ['type' => ASN1::TYPE_NUMERIC_STRING], - 'printable' => ['type' => ASN1::TYPE_PRINTABLE_STRING] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateKey.php deleted file mode 100644 index 3c89594..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateKey.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * PrivateKey - * - * @author Jim Wigginton - */ -abstract class PrivateKey -{ - const MAP = ['type' => ASN1::TYPE_OCTET_STRING]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateKeyInfo.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateKeyInfo.php deleted file mode 100644 index b440b78..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateKeyInfo.php +++ /dev/null @@ -1,41 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * PrivateKeyInfo - * - * @author Jim Wigginton - */ -abstract class PrivateKeyInfo -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'version' => [ - 'type' => ASN1::TYPE_INTEGER, - 'mapping' => ['v1'] - ], - 'privateKeyAlgorithm' => AlgorithmIdentifier::MAP, - 'privateKey' => PrivateKey::MAP, - 'attributes' => [ - 'constant' => 0, - 'optional' => true, - 'implicit' => true - ] + Attributes::MAP - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateKeyUsagePeriod.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateKeyUsagePeriod.php deleted file mode 100644 index 5b87036..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PrivateKeyUsagePeriod.php +++ /dev/null @@ -1,40 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * PrivateKeyUsagePeriod - * - * @author Jim Wigginton - */ -abstract class PrivateKeyUsagePeriod -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'notBefore' => [ - 'constant' => 0, - 'optional' => true, - 'implicit' => true, - 'type' => ASN1::TYPE_GENERALIZED_TIME], - 'notAfter' => [ - 'constant' => 1, - 'optional' => true, - 'implicit' => true, - 'type' => ASN1::TYPE_GENERALIZED_TIME] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PublicKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PublicKey.php deleted file mode 100644 index 4840920..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PublicKey.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * PublicKey - * - * @author Jim Wigginton - */ -abstract class PublicKey -{ - const MAP = ['type' => ASN1::TYPE_BIT_STRING]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PublicKeyAndChallenge.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PublicKeyAndChallenge.php deleted file mode 100644 index 432581e..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PublicKeyAndChallenge.php +++ /dev/null @@ -1,32 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * PublicKeyAndChallenge - * - * @author Jim Wigginton - */ -abstract class PublicKeyAndChallenge -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'spki' => SubjectPublicKeyInfo::MAP, - 'challenge' => ['type' => ASN1::TYPE_IA5_STRING] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PublicKeyInfo.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PublicKeyInfo.php deleted file mode 100644 index b39a341..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/PublicKeyInfo.php +++ /dev/null @@ -1,35 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * PublicKeyInfo - * - * this format is not formally defined anywhere but is none-the-less the form you - * get when you do "openssl rsa -in private.pem -outform PEM -pubout" - * - * @author Jim Wigginton - */ -abstract class PublicKeyInfo -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'publicKeyAlgorithm' => AlgorithmIdentifier::MAP, - 'publicKey' => ['type' => ASN1::TYPE_BIT_STRING] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RC2CBCParameter.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RC2CBCParameter.php deleted file mode 100644 index 48649ab..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RC2CBCParameter.php +++ /dev/null @@ -1,37 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * RC2CBCParameter - * - * from https://tools.ietf.org/html/rfc2898#appendix-A.3 - * - * @author Jim Wigginton - */ -abstract class RC2CBCParameter -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'rc2ParametersVersion' => [ - 'type' => ASN1::TYPE_INTEGER, - 'optional' => true - ], - 'iv' => ['type' => ASN1::TYPE_OCTET_STRING] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RDNSequence.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RDNSequence.php deleted file mode 100644 index 04b071c..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RDNSequence.php +++ /dev/null @@ -1,38 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * RDNSequence - * - * In practice, RDNs containing multiple name-value pairs (called "multivalued RDNs") are rare, - * but they can be useful at times when either there is no unique attribute in the entry or you - * want to ensure that the entry's DN contains some useful identifying information. - * - * - https://www.opends.org/wiki/page/DefinitionRelativeDistinguishedName - * - * @author Jim Wigginton - */ -abstract class RDNSequence -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - // RDNSequence does not define a min or a max, which means it doesn't have one - 'min' => 0, - 'max' => -1, - 'children' => RelativeDistinguishedName::MAP - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RSAPrivateKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RSAPrivateKey.php deleted file mode 100644 index 8c19c65..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RSAPrivateKey.php +++ /dev/null @@ -1,44 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * RSAPrivateKey - * - * @author Jim Wigginton - */ -abstract class RSAPrivateKey -{ - // version must be multi if otherPrimeInfos present - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'version' => [ - 'type' => ASN1::TYPE_INTEGER, - 'mapping' => ['two-prime', 'multi'] - ], - 'modulus' => ['type' => ASN1::TYPE_INTEGER], // n - 'publicExponent' => ['type' => ASN1::TYPE_INTEGER], // e - 'privateExponent' => ['type' => ASN1::TYPE_INTEGER], // d - 'prime1' => ['type' => ASN1::TYPE_INTEGER], // p - 'prime2' => ['type' => ASN1::TYPE_INTEGER], // q - 'exponent1' => ['type' => ASN1::TYPE_INTEGER], // d mod (p-1) - 'exponent2' => ['type' => ASN1::TYPE_INTEGER], // d mod (q-1) - 'coefficient' => ['type' => ASN1::TYPE_INTEGER], // (inverse of q) mod p - 'otherPrimeInfos' => OtherPrimeInfos::MAP + ['optional' => true] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RSAPublicKey.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RSAPublicKey.php deleted file mode 100644 index b14c32c..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RSAPublicKey.php +++ /dev/null @@ -1,32 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * RSAPublicKey - * - * @author Jim Wigginton - */ -abstract class RSAPublicKey -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'modulus' => ['type' => ASN1::TYPE_INTEGER], - 'publicExponent' => ['type' => ASN1::TYPE_INTEGER] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RSASSA_PSS_params.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RSASSA_PSS_params.php deleted file mode 100644 index 1a784bf..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RSASSA_PSS_params.php +++ /dev/null @@ -1,58 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * RSASSA_PSS_params - * - * @author Jim Wigginton - */ -abstract class RSASSA_PSS_params -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'hashAlgorithm' => [ - 'constant' => 0, - 'optional' => true, - 'explicit' => true, - //'default' => 'sha1Identifier' - ] + HashAlgorithm::MAP, - 'maskGenAlgorithm' => [ - 'constant' => 1, - 'optional' => true, - 'explicit' => true, - //'default' => 'mgf1SHA1Identifier' - ] + MaskGenAlgorithm::MAP, - 'saltLength' => [ - 'type' => ASN1::TYPE_INTEGER, - 'constant' => 2, - 'optional' => true, - 'explicit' => true, - 'default' => 20 - ], - 'trailerField' => [ - 'type' => ASN1::TYPE_INTEGER, - 'constant' => 3, - 'optional' => true, - 'explicit' => true, - 'default' => 1 - ] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ReasonFlags.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ReasonFlags.php deleted file mode 100644 index 2e62fcd..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/ReasonFlags.php +++ /dev/null @@ -1,39 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * ReasonFlags - * - * @author Jim Wigginton - */ -abstract class ReasonFlags -{ - const MAP = [ - 'type' => ASN1::TYPE_BIT_STRING, - 'mapping' => [ - 'unused', - 'keyCompromise', - 'cACompromise', - 'affiliationChanged', - 'superseded', - 'cessationOfOperation', - 'certificateHold', - 'privilegeWithdrawn', - 'aACompromise' - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RelativeDistinguishedName.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RelativeDistinguishedName.php deleted file mode 100644 index a0421f7..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RelativeDistinguishedName.php +++ /dev/null @@ -1,37 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * RelativeDistinguishedName - * - * In practice, RDNs containing multiple name-value pairs (called "multivalued RDNs") are rare, - * but they can be useful at times when either there is no unique attribute in the entry or you - * want to ensure that the entry's DN contains some useful identifying information. - * - * - https://www.opends.org/wiki/page/DefinitionRelativeDistinguishedName - * - * @author Jim Wigginton - */ -abstract class RelativeDistinguishedName -{ - const MAP = [ - 'type' => ASN1::TYPE_SET, - 'min' => 1, - 'max' => -1, - 'children' => AttributeTypeAndValue::MAP - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RevokedCertificate.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RevokedCertificate.php deleted file mode 100644 index ff759eb..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/RevokedCertificate.php +++ /dev/null @@ -1,35 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * RevokedCertificate - * - * @author Jim Wigginton - */ -abstract class RevokedCertificate -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'userCertificate' => CertificateSerialNumber::MAP, - 'revocationDate' => Time::MAP, - 'crlEntryExtensions' => [ - 'optional' => true - ] + Extensions::MAP - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SignedPublicKeyAndChallenge.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SignedPublicKeyAndChallenge.php deleted file mode 100644 index 0f482a2..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SignedPublicKeyAndChallenge.php +++ /dev/null @@ -1,33 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * SignedPublicKeyAndChallenge - * - * @author Jim Wigginton - */ -abstract class SignedPublicKeyAndChallenge -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'publicKeyAndChallenge' => PublicKeyAndChallenge::MAP, - 'signatureAlgorithm' => AlgorithmIdentifier::MAP, - 'signature' => ['type' => ASN1::TYPE_BIT_STRING] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SpecifiedECDomain.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SpecifiedECDomain.php deleted file mode 100644 index 7408a56..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SpecifiedECDomain.php +++ /dev/null @@ -1,45 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * SpecifiedECDomain - * - * @author Jim Wigginton - */ -abstract class SpecifiedECDomain -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'version' => [ - 'type' => ASN1::TYPE_INTEGER, - 'mapping' => [1 => 'ecdpVer1', 'ecdpVer2', 'ecdpVer3'] - ], - 'fieldID' => FieldID::MAP, - 'curve' => Curve::MAP, - 'base' => ECPoint::MAP, - 'order' => ['type' => ASN1::TYPE_INTEGER], - 'cofactor' => [ - 'type' => ASN1::TYPE_INTEGER, - 'optional' => true - ], - 'hash' => ['optional' => true] + HashAlgorithm::MAP - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectAltName.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectAltName.php deleted file mode 100644 index 39138a9..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectAltName.php +++ /dev/null @@ -1,24 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -/** - * SubjectAltName - * - * @author Jim Wigginton - */ -abstract class SubjectAltName -{ - const MAP = GeneralNames::MAP; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectDirectoryAttributes.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectDirectoryAttributes.php deleted file mode 100644 index f2e206f..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectDirectoryAttributes.php +++ /dev/null @@ -1,31 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * SubjectDirectoryAttributes - * - * @author Jim Wigginton - */ -abstract class SubjectDirectoryAttributes -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 1, - 'max' => -1, - 'children' => Attribute::MAP - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectInfoAccessSyntax.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectInfoAccessSyntax.php deleted file mode 100644 index 1ff241f..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectInfoAccessSyntax.php +++ /dev/null @@ -1,31 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * SubjectInfoAccessSyntax - * - * @author Jim Wigginton - */ -abstract class SubjectInfoAccessSyntax -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 1, - 'max' => -1, - 'children' => AccessDescription::MAP - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectPublicKeyInfo.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectPublicKeyInfo.php deleted file mode 100644 index 0d53d54..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/SubjectPublicKeyInfo.php +++ /dev/null @@ -1,32 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * SubjectPublicKeyInfo - * - * @author Jim Wigginton - */ -abstract class SubjectPublicKeyInfo -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'algorithm' => AlgorithmIdentifier::MAP, - 'subjectPublicKey' => ['type' => ASN1::TYPE_BIT_STRING] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TBSCertList.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TBSCertList.php deleted file mode 100644 index 49b3cfc..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TBSCertList.php +++ /dev/null @@ -1,54 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * TBSCertList - * - * @author Jim Wigginton - */ -abstract class TBSCertList -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'version' => [ - 'type' => ASN1::TYPE_INTEGER, - 'mapping' => ['v1', 'v2', 'v3'], - 'optional' => true, - 'default' => 'v2' - ], - 'signature' => AlgorithmIdentifier::MAP, - 'issuer' => Name::MAP, - 'thisUpdate' => Time::MAP, - 'nextUpdate' => [ - 'optional' => true - ] + Time::MAP, - 'revokedCertificates' => [ - 'type' => ASN1::TYPE_SEQUENCE, - 'optional' => true, - 'min' => 0, - 'max' => -1, - 'children' => RevokedCertificate::MAP - ], - 'crlExtensions' => [ - 'constant' => 0, - 'optional' => true, - 'explicit' => true - ] + Extensions::MAP - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TBSCertificate.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TBSCertificate.php deleted file mode 100644 index 007360c..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TBSCertificate.php +++ /dev/null @@ -1,65 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * TBSCertificate - * - * @author Jim Wigginton - */ -abstract class TBSCertificate -{ - // assert($TBSCertificate['children']['signature'] == $Certificate['children']['signatureAlgorithm']) - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - // technically, default implies optional, but we'll define it as being optional, none-the-less, just to - // reenforce that fact - 'version' => [ - 'type' => ASN1::TYPE_INTEGER, - 'constant' => 0, - 'optional' => true, - 'explicit' => true, - 'mapping' => ['v1', 'v2', 'v3'], - 'default' => 'v1' - ], - 'serialNumber' => CertificateSerialNumber::MAP, - 'signature' => AlgorithmIdentifier::MAP, - 'issuer' => Name::MAP, - 'validity' => Validity::MAP, - 'subject' => Name::MAP, - 'subjectPublicKeyInfo' => SubjectPublicKeyInfo::MAP, - // implicit means that the T in the TLV structure is to be rewritten, regardless of the type - 'issuerUniqueID' => [ - 'constant' => 1, - 'optional' => true, - 'implicit' => true - ] + UniqueIdentifier::MAP, - 'subjectUniqueID' => [ - 'constant' => 2, - 'optional' => true, - 'implicit' => true - ] + UniqueIdentifier::MAP, - // doesn't use the EXPLICIT keyword but if - // it's not IMPLICIT, it's EXPLICIT - 'extensions' => [ - 'constant' => 3, - 'optional' => true, - 'explicit' => true - ] + Extensions::MAP - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TerminalIdentifier.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TerminalIdentifier.php deleted file mode 100644 index 7f6d9d2..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TerminalIdentifier.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * TerminalIdentifier - * - * @author Jim Wigginton - */ -abstract class TerminalIdentifier -{ - const MAP = ['type' => ASN1::TYPE_PRINTABLE_STRING]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Time.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Time.php deleted file mode 100644 index 744ee70..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Time.php +++ /dev/null @@ -1,32 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * Time - * - * @author Jim Wigginton - */ -abstract class Time -{ - const MAP = [ - 'type' => ASN1::TYPE_CHOICE, - 'children' => [ - 'utcTime' => ['type' => ASN1::TYPE_UTC_TIME], - 'generalTime' => ['type' => ASN1::TYPE_GENERALIZED_TIME] - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Trinomial.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Trinomial.php deleted file mode 100644 index 33baa91..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Trinomial.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * Trinomial - * - * @author Jim Wigginton - */ -abstract class Trinomial -{ - const MAP = ['type' => ASN1::TYPE_INTEGER]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/UniqueIdentifier.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/UniqueIdentifier.php deleted file mode 100644 index f4c954b..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/UniqueIdentifier.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * UniqueIdentifier - * - * @author Jim Wigginton - */ -abstract class UniqueIdentifier -{ - const MAP = ['type' => ASN1::TYPE_BIT_STRING]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/UserNotice.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/UserNotice.php deleted file mode 100644 index 98d527b..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/UserNotice.php +++ /dev/null @@ -1,38 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * UserNotice - * - * @author Jim Wigginton - */ -abstract class UserNotice -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'noticeRef' => [ - 'optional' => true, - 'implicit' => true - ] + NoticeReference::MAP, - 'explicitText' => [ - 'optional' => true, - 'implicit' => true - ] + DisplayText::MAP - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Validity.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Validity.php deleted file mode 100644 index 8ef64cf..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/Validity.php +++ /dev/null @@ -1,32 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * Validity - * - * @author Jim Wigginton - */ -abstract class Validity -{ - const MAP = [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'notBefore' => Time::MAP, - 'notAfter' => Time::MAP - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/netscape_ca_policy_url.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/netscape_ca_policy_url.php deleted file mode 100644 index 2ab1572..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/netscape_ca_policy_url.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * netscape_ca_policy_url - * - * @author Jim Wigginton - */ -abstract class netscape_ca_policy_url -{ - const MAP = ['type' => ASN1::TYPE_IA5_STRING]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/netscape_cert_type.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/netscape_cert_type.php deleted file mode 100644 index 49e8da4..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/netscape_cert_type.php +++ /dev/null @@ -1,40 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * netscape_cert_type - * - * mapping is from - * - * @author Jim Wigginton - */ -abstract class netscape_cert_type -{ - const MAP = [ - 'type' => ASN1::TYPE_BIT_STRING, - 'mapping' => [ - 'SSLClient', - 'SSLServer', - 'Email', - 'ObjectSigning', - 'Reserved', - 'SSLCA', - 'EmailCA', - 'ObjectSigningCA' - ] - ]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/netscape_comment.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/netscape_comment.php deleted file mode 100644 index d3ff4dd..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/netscape_comment.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @copyright 2016 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File\ASN1\Maps; - -use phpseclib3\File\ASN1; - -/** - * netscape_comment - * - * @author Jim Wigginton - */ -abstract class netscape_comment -{ - const MAP = ['type' => ASN1::TYPE_IA5_STRING]; -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/X509.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/X509.php deleted file mode 100644 index 5e2f073..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/File/X509.php +++ /dev/null @@ -1,4006 +0,0 @@ - - * @copyright 2012 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\File; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\Common\PrivateKey; -use phpseclib3\Crypt\Common\PublicKey; -use phpseclib3\Crypt\DSA; -use phpseclib3\Crypt\EC; -use phpseclib3\Crypt\Hash; -use phpseclib3\Crypt\PublicKeyLoader; -use phpseclib3\Crypt\Random; -use phpseclib3\Crypt\RSA; -use phpseclib3\Crypt\RSA\Formats\Keys\PSS; -use phpseclib3\Exception\UnsupportedAlgorithmException; -use phpseclib3\File\ASN1\Element; -use phpseclib3\File\ASN1\Maps; -use phpseclib3\Math\BigInteger; - -/** - * Pure-PHP X.509 Parser - * - * @author Jim Wigginton - */ -class X509 -{ - /** - * Flag to only accept signatures signed by certificate authorities - * - * Not really used anymore but retained all the same to suppress E_NOTICEs from old installs - * - */ - const VALIDATE_SIGNATURE_BY_CA = 1; - - /** - * Return internal array representation - * - * @see \phpseclib3\File\X509::getDN() - */ - const DN_ARRAY = 0; - /** - * Return string - * - * @see \phpseclib3\File\X509::getDN() - */ - const DN_STRING = 1; - /** - * Return ASN.1 name string - * - * @see \phpseclib3\File\X509::getDN() - */ - const DN_ASN1 = 2; - /** - * Return OpenSSL compatible array - * - * @see \phpseclib3\File\X509::getDN() - */ - const DN_OPENSSL = 3; - /** - * Return canonical ASN.1 RDNs string - * - * @see \phpseclib3\File\X509::getDN() - */ - const DN_CANON = 4; - /** - * Return name hash for file indexing - * - * @see \phpseclib3\File\X509::getDN() - */ - const DN_HASH = 5; - - /** - * Save as PEM - * - * ie. a base64-encoded PEM with a header and a footer - * - * @see \phpseclib3\File\X509::saveX509() - * @see \phpseclib3\File\X509::saveCSR() - * @see \phpseclib3\File\X509::saveCRL() - */ - const FORMAT_PEM = 0; - /** - * Save as DER - * - * @see \phpseclib3\File\X509::saveX509() - * @see \phpseclib3\File\X509::saveCSR() - * @see \phpseclib3\File\X509::saveCRL() - */ - const FORMAT_DER = 1; - /** - * Save as a SPKAC - * - * @see \phpseclib3\File\X509::saveX509() - * @see \phpseclib3\File\X509::saveCSR() - * @see \phpseclib3\File\X509::saveCRL() - * - * Only works on CSRs. Not currently supported. - */ - const FORMAT_SPKAC = 2; - /** - * Auto-detect the format - * - * Used only by the load*() functions - * - * @see \phpseclib3\File\X509::saveX509() - * @see \phpseclib3\File\X509::saveCSR() - * @see \phpseclib3\File\X509::saveCRL() - */ - const FORMAT_AUTO_DETECT = 3; - - /** - * Attribute value disposition. - * If disposition is >= 0, this is the index of the target value. - */ - const ATTR_ALL = -1; // All attribute values (array). - const ATTR_APPEND = -2; // Add a value. - const ATTR_REPLACE = -3; // Clear first, then add a value. - - /** - * Distinguished Name - * - * @var array - */ - private $dn; - - /** - * Public key - * - * @var string|PublicKey - */ - private $publicKey; - - /** - * Private key - * - * @var string|PrivateKey - */ - private $privateKey; - - /** - * The certificate authorities - * - * @var array - */ - private $CAs = []; - - /** - * The currently loaded certificate - * - * @var array - */ - private $currentCert; - - /** - * The signature subject - * - * There's no guarantee \phpseclib3\File\X509 is going to re-encode an X.509 cert in the same way it was originally - * encoded so we take save the portion of the original cert that the signature would have made for. - * - * @var string - */ - private $signatureSubject; - - /** - * Certificate Start Date - * - * @var string - */ - private $startDate; - - /** - * Certificate End Date - * - * @var string|Element - */ - private $endDate; - - /** - * Serial Number - * - * @var string - */ - private $serialNumber; - - /** - * Key Identifier - * - * See {@link http://tools.ietf.org/html/rfc5280#section-4.2.1.1 RFC5280#section-4.2.1.1} and - * {@link http://tools.ietf.org/html/rfc5280#section-4.2.1.2 RFC5280#section-4.2.1.2}. - * - * @var string - */ - private $currentKeyIdentifier; - - /** - * CA Flag - * - * @var bool - */ - private $caFlag = false; - - /** - * SPKAC Challenge - * - * @var string - */ - private $challenge; - - /** - * @var array - */ - private $extensionValues = []; - - /** - * OIDs loaded - * - * @var bool - */ - private static $oidsLoaded = false; - - /** - * Recursion Limit - * - * @var int - */ - private static $recur_limit = 5; - - /** - * URL fetch flag - * - * @var bool - */ - private static $disable_url_fetch = false; - - /** - * @var array - */ - private static $extensions = []; - - /** - * @var ?array - */ - private $ipAddresses = null; - - /** - * @var ?array - */ - private $domains = null; - - /** - * Default Constructor. - * - * @return \phpseclib3\File\X509 - */ - public function __construct() - { - // Explicitly Tagged Module, 1988 Syntax - // http://tools.ietf.org/html/rfc5280#appendix-A.1 - - if (!self::$oidsLoaded) { - // OIDs from RFC5280 and those RFCs mentioned in RFC5280#section-4.1.1.2 - ASN1::loadOIDs([ - //'id-pkix' => '1.3.6.1.5.5.7', - //'id-pe' => '1.3.6.1.5.5.7.1', - //'id-qt' => '1.3.6.1.5.5.7.2', - //'id-kp' => '1.3.6.1.5.5.7.3', - //'id-ad' => '1.3.6.1.5.5.7.48', - 'id-qt-cps' => '1.3.6.1.5.5.7.2.1', - 'id-qt-unotice' => '1.3.6.1.5.5.7.2.2', - 'id-ad-ocsp' => '1.3.6.1.5.5.7.48.1', - 'id-ad-caIssuers' => '1.3.6.1.5.5.7.48.2', - 'id-ad-timeStamping' => '1.3.6.1.5.5.7.48.3', - 'id-ad-caRepository' => '1.3.6.1.5.5.7.48.5', - //'id-at' => '2.5.4', - 'id-at-name' => '2.5.4.41', - 'id-at-surname' => '2.5.4.4', - 'id-at-givenName' => '2.5.4.42', - 'id-at-initials' => '2.5.4.43', - 'id-at-generationQualifier' => '2.5.4.44', - 'id-at-commonName' => '2.5.4.3', - 'id-at-localityName' => '2.5.4.7', - 'id-at-stateOrProvinceName' => '2.5.4.8', - 'id-at-organizationName' => '2.5.4.10', - 'id-at-organizationalUnitName' => '2.5.4.11', - 'id-at-title' => '2.5.4.12', - 'id-at-description' => '2.5.4.13', - 'id-at-dnQualifier' => '2.5.4.46', - 'id-at-countryName' => '2.5.4.6', - 'id-at-serialNumber' => '2.5.4.5', - 'id-at-pseudonym' => '2.5.4.65', - 'id-at-postalCode' => '2.5.4.17', - 'id-at-streetAddress' => '2.5.4.9', - 'id-at-uniqueIdentifier' => '2.5.4.45', - 'id-at-role' => '2.5.4.72', - 'id-at-postalAddress' => '2.5.4.16', - 'jurisdictionOfIncorporationCountryName' => '1.3.6.1.4.1.311.60.2.1.3', - 'jurisdictionOfIncorporationStateOrProvinceName' => '1.3.6.1.4.1.311.60.2.1.2', - 'jurisdictionLocalityName' => '1.3.6.1.4.1.311.60.2.1.1', - 'id-at-businessCategory' => '2.5.4.15', - - //'id-domainComponent' => '0.9.2342.19200300.100.1.25', - //'pkcs-9' => '1.2.840.113549.1.9', - 'pkcs-9-at-emailAddress' => '1.2.840.113549.1.9.1', - //'id-ce' => '2.5.29', - 'id-ce-authorityKeyIdentifier' => '2.5.29.35', - 'id-ce-subjectKeyIdentifier' => '2.5.29.14', - 'id-ce-keyUsage' => '2.5.29.15', - 'id-ce-privateKeyUsagePeriod' => '2.5.29.16', - 'id-ce-certificatePolicies' => '2.5.29.32', - //'anyPolicy' => '2.5.29.32.0', - - 'id-ce-policyMappings' => '2.5.29.33', - - 'id-ce-subjectAltName' => '2.5.29.17', - 'id-ce-issuerAltName' => '2.5.29.18', - 'id-ce-subjectDirectoryAttributes' => '2.5.29.9', - 'id-ce-basicConstraints' => '2.5.29.19', - 'id-ce-nameConstraints' => '2.5.29.30', - 'id-ce-policyConstraints' => '2.5.29.36', - 'id-ce-cRLDistributionPoints' => '2.5.29.31', - 'id-ce-extKeyUsage' => '2.5.29.37', - //'anyExtendedKeyUsage' => '2.5.29.37.0', - 'id-kp-serverAuth' => '1.3.6.1.5.5.7.3.1', - 'id-kp-clientAuth' => '1.3.6.1.5.5.7.3.2', - 'id-kp-codeSigning' => '1.3.6.1.5.5.7.3.3', - 'id-kp-emailProtection' => '1.3.6.1.5.5.7.3.4', - 'id-kp-timeStamping' => '1.3.6.1.5.5.7.3.8', - 'id-kp-OCSPSigning' => '1.3.6.1.5.5.7.3.9', - 'id-ce-inhibitAnyPolicy' => '2.5.29.54', - 'id-ce-freshestCRL' => '2.5.29.46', - 'id-pe-authorityInfoAccess' => '1.3.6.1.5.5.7.1.1', - 'id-pe-subjectInfoAccess' => '1.3.6.1.5.5.7.1.11', - 'id-ce-cRLNumber' => '2.5.29.20', - 'id-ce-issuingDistributionPoint' => '2.5.29.28', - 'id-ce-deltaCRLIndicator' => '2.5.29.27', - 'id-ce-cRLReasons' => '2.5.29.21', - 'id-ce-certificateIssuer' => '2.5.29.29', - 'id-ce-holdInstructionCode' => '2.5.29.23', - //'holdInstruction' => '1.2.840.10040.2', - 'id-holdinstruction-none' => '1.2.840.10040.2.1', - 'id-holdinstruction-callissuer' => '1.2.840.10040.2.2', - 'id-holdinstruction-reject' => '1.2.840.10040.2.3', - 'id-ce-invalidityDate' => '2.5.29.24', - - 'rsaEncryption' => '1.2.840.113549.1.1.1', - 'md2WithRSAEncryption' => '1.2.840.113549.1.1.2', - 'md5WithRSAEncryption' => '1.2.840.113549.1.1.4', - 'sha1WithRSAEncryption' => '1.2.840.113549.1.1.5', - 'sha224WithRSAEncryption' => '1.2.840.113549.1.1.14', - 'sha256WithRSAEncryption' => '1.2.840.113549.1.1.11', - 'sha384WithRSAEncryption' => '1.2.840.113549.1.1.12', - 'sha512WithRSAEncryption' => '1.2.840.113549.1.1.13', - - 'id-ecPublicKey' => '1.2.840.10045.2.1', - 'ecdsa-with-SHA1' => '1.2.840.10045.4.1', - // from https://tools.ietf.org/html/rfc5758#section-3.2 - 'ecdsa-with-SHA224' => '1.2.840.10045.4.3.1', - 'ecdsa-with-SHA256' => '1.2.840.10045.4.3.2', - 'ecdsa-with-SHA384' => '1.2.840.10045.4.3.3', - 'ecdsa-with-SHA512' => '1.2.840.10045.4.3.4', - - 'id-dsa' => '1.2.840.10040.4.1', - 'id-dsa-with-sha1' => '1.2.840.10040.4.3', - // from https://tools.ietf.org/html/rfc5758#section-3.1 - 'id-dsa-with-sha224' => '2.16.840.1.101.3.4.3.1', - 'id-dsa-with-sha256' => '2.16.840.1.101.3.4.3.2', - - // from https://tools.ietf.org/html/rfc8410: - 'id-Ed25519' => '1.3.101.112', - 'id-Ed448' => '1.3.101.113', - - 'id-RSASSA-PSS' => '1.2.840.113549.1.1.10', - - //'id-sha224' => '2.16.840.1.101.3.4.2.4', - //'id-sha256' => '2.16.840.1.101.3.4.2.1', - //'id-sha384' => '2.16.840.1.101.3.4.2.2', - //'id-sha512' => '2.16.840.1.101.3.4.2.3', - //'id-GostR3411-94-with-GostR3410-94' => '1.2.643.2.2.4', - //'id-GostR3411-94-with-GostR3410-2001' => '1.2.643.2.2.3', - //'id-GostR3410-2001' => '1.2.643.2.2.20', - //'id-GostR3410-94' => '1.2.643.2.2.19', - // Netscape Object Identifiers from "Netscape Certificate Extensions" - 'netscape' => '2.16.840.1.113730', - 'netscape-cert-extension' => '2.16.840.1.113730.1', - 'netscape-cert-type' => '2.16.840.1.113730.1.1', - 'netscape-comment' => '2.16.840.1.113730.1.13', - 'netscape-ca-policy-url' => '2.16.840.1.113730.1.8', - // the following are X.509 extensions not supported by phpseclib - 'id-pe-logotype' => '1.3.6.1.5.5.7.1.12', - 'entrustVersInfo' => '1.2.840.113533.7.65.0', - 'verisignPrivate' => '2.16.840.1.113733.1.6.9', - // for Certificate Signing Requests - // see http://tools.ietf.org/html/rfc2985 - 'pkcs-9-at-unstructuredName' => '1.2.840.113549.1.9.2', // PKCS #9 unstructured name - 'pkcs-9-at-challengePassword' => '1.2.840.113549.1.9.7', // Challenge password for certificate revocations - 'pkcs-9-at-extensionRequest' => '1.2.840.113549.1.9.14' // Certificate extension request - ]); - } - } - - /** - * Load X.509 certificate - * - * Returns an associative array describing the X.509 cert or a false if the cert failed to load - * - * @param array|string $cert - * @param int $mode - * @return mixed - */ - public function loadX509($cert, $mode = self::FORMAT_AUTO_DETECT) - { - if (is_array($cert) && isset($cert['tbsCertificate'])) { - unset($this->currentCert); - unset($this->currentKeyIdentifier); - $this->dn = $cert['tbsCertificate']['subject']; - if (!isset($this->dn)) { - return false; - } - $this->currentCert = $cert; - - $currentKeyIdentifier = $this->getExtension('id-ce-subjectKeyIdentifier'); - $this->currentKeyIdentifier = is_string($currentKeyIdentifier) ? $currentKeyIdentifier : null; - - unset($this->signatureSubject); - - return $cert; - } - - if ($mode != self::FORMAT_DER) { - $newcert = ASN1::extractBER($cert); - if ($mode == self::FORMAT_PEM && $cert == $newcert) { - return false; - } - $cert = $newcert; - } - - if ($cert === false) { - $this->currentCert = false; - return false; - } - - $decoded = ASN1::decodeBER($cert); - - if ($decoded) { - $x509 = ASN1::asn1map($decoded[0], Maps\Certificate::MAP); - } - if (!isset($x509) || $x509 === false) { - $this->currentCert = false; - return false; - } - - $this->signatureSubject = substr($cert, $decoded[0]['content'][0]['start'], $decoded[0]['content'][0]['length']); - - if ($this->isSubArrayValid($x509, 'tbsCertificate/extensions')) { - $this->mapInExtensions($x509, 'tbsCertificate/extensions'); - } - $this->mapInDNs($x509, 'tbsCertificate/issuer/rdnSequence'); - $this->mapInDNs($x509, 'tbsCertificate/subject/rdnSequence'); - - $key = $x509['tbsCertificate']['subjectPublicKeyInfo']; - $key = ASN1::encodeDER($key, Maps\SubjectPublicKeyInfo::MAP); - $x509['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'] = - "-----BEGIN PUBLIC KEY-----\r\n" . - chunk_split(base64_encode($key), 64) . - "-----END PUBLIC KEY-----"; - - $this->currentCert = $x509; - $this->dn = $x509['tbsCertificate']['subject']; - - $currentKeyIdentifier = $this->getExtension('id-ce-subjectKeyIdentifier'); - $this->currentKeyIdentifier = is_string($currentKeyIdentifier) ? $currentKeyIdentifier : null; - - return $x509; - } - - /** - * Save X.509 certificate - * - * @param array $cert - * @param int $format optional - * @return string - */ - public function saveX509(array $cert, $format = self::FORMAT_PEM) - { - if (!is_array($cert) || !isset($cert['tbsCertificate'])) { - return false; - } - - switch (true) { - // "case !$a: case !$b: break; default: whatever();" is the same thing as "if ($a && $b) whatever()" - case !($algorithm = $this->subArray($cert, 'tbsCertificate/subjectPublicKeyInfo/algorithm/algorithm')): - case is_object($cert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey']): - break; - default: - $cert['tbsCertificate']['subjectPublicKeyInfo'] = new Element( - base64_decode(preg_replace('#-.+-|[\r\n]#', '', $cert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'])) - ); - } - - if ($algorithm == 'rsaEncryption') { - $cert['signatureAlgorithm']['parameters'] = null; - $cert['tbsCertificate']['signature']['parameters'] = null; - } - - $filters = []; - $type_utf8_string = ['type' => ASN1::TYPE_UTF8_STRING]; - $filters['tbsCertificate']['signature']['parameters'] = $type_utf8_string; - $filters['tbsCertificate']['signature']['issuer']['rdnSequence']['value'] = $type_utf8_string; - $filters['tbsCertificate']['issuer']['rdnSequence']['value'] = $type_utf8_string; - $filters['tbsCertificate']['subject']['rdnSequence']['value'] = $type_utf8_string; - $filters['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['parameters'] = $type_utf8_string; - $filters['signatureAlgorithm']['parameters'] = $type_utf8_string; - $filters['authorityCertIssuer']['directoryName']['rdnSequence']['value'] = $type_utf8_string; - //$filters['policyQualifiers']['qualifier'] = $type_utf8_string; - $filters['distributionPoint']['fullName']['directoryName']['rdnSequence']['value'] = $type_utf8_string; - $filters['directoryName']['rdnSequence']['value'] = $type_utf8_string; - - foreach (self::$extensions as $extension) { - $filters['tbsCertificate']['extensions'][] = $extension; - } - - /* in the case of policyQualifiers/qualifier, the type has to be \phpseclib3\File\ASN1::TYPE_IA5_STRING. - \phpseclib3\File\ASN1::TYPE_PRINTABLE_STRING will cause OpenSSL's X.509 parser to spit out random - characters. - */ - $filters['policyQualifiers']['qualifier'] - = ['type' => ASN1::TYPE_IA5_STRING]; - - ASN1::setFilters($filters); - - $this->mapOutExtensions($cert, 'tbsCertificate/extensions'); - $this->mapOutDNs($cert, 'tbsCertificate/issuer/rdnSequence'); - $this->mapOutDNs($cert, 'tbsCertificate/subject/rdnSequence'); - - $cert = ASN1::encodeDER($cert, Maps\Certificate::MAP); - - switch ($format) { - case self::FORMAT_DER: - return $cert; - // case self::FORMAT_PEM: - default: - return "-----BEGIN CERTIFICATE-----\r\n" . chunk_split(Strings::base64_encode($cert), 64) . '-----END CERTIFICATE-----'; - } - } - - /** - * Map extension values from octet string to extension-specific internal - * format. - * - * @param array $root (by reference) - * @param string $path - */ - private function mapInExtensions(array &$root, $path) - { - $extensions = &$this->subArrayUnchecked($root, $path); - - if ($extensions) { - for ($i = 0; $i < count($extensions); $i++) { - $id = $extensions[$i]['extnId']; - $value = &$extensions[$i]['extnValue']; - /* [extnValue] contains the DER encoding of an ASN.1 value - corresponding to the extension type identified by extnID */ - $map = $this->getMapping($id); - if (!is_bool($map)) { - $decoder = $id == 'id-ce-nameConstraints' ? - [static::class, 'decodeNameConstraintIP'] : - [static::class, 'decodeIP']; - $decoded = ASN1::decodeBER($value); - if (!$decoded) { - continue; - } - $mapped = ASN1::asn1map($decoded[0], $map, ['iPAddress' => $decoder]); - $value = $mapped === false ? $decoded[0] : $mapped; - - if ($id == 'id-ce-certificatePolicies') { - for ($j = 0; $j < count($value); $j++) { - if (!isset($value[$j]['policyQualifiers'])) { - continue; - } - for ($k = 0; $k < count($value[$j]['policyQualifiers']); $k++) { - $subid = $value[$j]['policyQualifiers'][$k]['policyQualifierId']; - $map = $this->getMapping($subid); - $subvalue = &$value[$j]['policyQualifiers'][$k]['qualifier']; - if ($map !== false) { - $decoded = ASN1::decodeBER($subvalue); - if (!$decoded) { - continue; - } - $mapped = ASN1::asn1map($decoded[0], $map); - $subvalue = $mapped === false ? $decoded[0] : $mapped; - } - } - } - } - } - } - } - } - - /** - * Map extension values from extension-specific internal format to - * octet string. - * - * @param array $root (by reference) - * @param string $path - */ - private function mapOutExtensions(array &$root, $path) - { - $extensions = &$this->subArray($root, $path, !empty($this->extensionValues)); - - foreach ($this->extensionValues as $id => $data) { - extract($data); - $newext = [ - 'extnId' => $id, - 'extnValue' => $value, - 'critical' => $critical - ]; - if ($replace) { - foreach ($extensions as $key => $value) { - if ($value['extnId'] == $id) { - $extensions[$key] = $newext; - continue 2; - } - } - } - $extensions[] = $newext; - } - - if (is_array($extensions)) { - $size = count($extensions); - for ($i = 0; $i < $size; $i++) { - if ($extensions[$i] instanceof Element) { - continue; - } - - $id = $extensions[$i]['extnId']; - $value = &$extensions[$i]['extnValue']; - - switch ($id) { - case 'id-ce-certificatePolicies': - for ($j = 0; $j < count($value); $j++) { - if (!isset($value[$j]['policyQualifiers'])) { - continue; - } - for ($k = 0; $k < count($value[$j]['policyQualifiers']); $k++) { - $subid = $value[$j]['policyQualifiers'][$k]['policyQualifierId']; - $map = $this->getMapping($subid); - $subvalue = &$value[$j]['policyQualifiers'][$k]['qualifier']; - if ($map !== false) { - // by default \phpseclib3\File\ASN1 will try to render qualifier as a \phpseclib3\File\ASN1::TYPE_IA5_STRING since it's - // actual type is \phpseclib3\File\ASN1::TYPE_ANY - $subvalue = new Element(ASN1::encodeDER($subvalue, $map)); - } - } - } - break; - case 'id-ce-authorityKeyIdentifier': // use 00 as the serial number instead of an empty string - if (isset($value['authorityCertSerialNumber'])) { - if ($value['authorityCertSerialNumber']->toBytes() == '') { - $temp = chr((ASN1::CLASS_CONTEXT_SPECIFIC << 6) | 2) . "\1\0"; - $value['authorityCertSerialNumber'] = new Element($temp); - } - } - } - - /* [extnValue] contains the DER encoding of an ASN.1 value - corresponding to the extension type identified by extnID */ - $map = $this->getMapping($id); - if (is_bool($map)) { - if (!$map) { - //user_error($id . ' is not a currently supported extension'); - unset($extensions[$i]); - } - } else { - $value = ASN1::encodeDER($value, $map, ['iPAddress' => [static::class, 'encodeIP']]); - } - } - } - } - - /** - * Map attribute values from ANY type to attribute-specific internal - * format. - * - * @param array $root (by reference) - * @param string $path - */ - private function mapInAttributes(&$root, $path) - { - $attributes = &$this->subArray($root, $path); - - if (is_array($attributes)) { - for ($i = 0; $i < count($attributes); $i++) { - $id = $attributes[$i]['type']; - /* $value contains the DER encoding of an ASN.1 value - corresponding to the attribute type identified by type */ - $map = $this->getMapping($id); - if (is_array($attributes[$i]['value'])) { - $values = &$attributes[$i]['value']; - for ($j = 0; $j < count($values); $j++) { - $value = ASN1::encodeDER($values[$j], Maps\AttributeValue::MAP); - $decoded = ASN1::decodeBER($value); - if (!is_bool($map)) { - if (!$decoded) { - continue; - } - $mapped = ASN1::asn1map($decoded[0], $map); - if ($mapped !== false) { - $values[$j] = $mapped; - } - if ($id == 'pkcs-9-at-extensionRequest' && $this->isSubArrayValid($values, $j)) { - $this->mapInExtensions($values, $j); - } - } elseif ($map) { - $values[$j] = $value; - } - } - } - } - } - } - - /** - * Map attribute values from attribute-specific internal format to - * ANY type. - * - * @param array $root (by reference) - * @param string $path - */ - private function mapOutAttributes(&$root, $path) - { - $attributes = &$this->subArray($root, $path); - - if (is_array($attributes)) { - $size = count($attributes); - for ($i = 0; $i < $size; $i++) { - /* [value] contains the DER encoding of an ASN.1 value - corresponding to the attribute type identified by type */ - $id = $attributes[$i]['type']; - $map = $this->getMapping($id); - if ($map === false) { - //user_error($id . ' is not a currently supported attribute', E_USER_NOTICE); - unset($attributes[$i]); - } elseif (is_array($attributes[$i]['value'])) { - $values = &$attributes[$i]['value']; - for ($j = 0; $j < count($values); $j++) { - switch ($id) { - case 'pkcs-9-at-extensionRequest': - $this->mapOutExtensions($values, $j); - break; - } - - if (!is_bool($map)) { - $temp = ASN1::encodeDER($values[$j], $map); - $decoded = ASN1::decodeBER($temp); - if (!$decoded) { - continue; - } - $values[$j] = ASN1::asn1map($decoded[0], Maps\AttributeValue::MAP); - } - } - } - } - } - } - - /** - * Map DN values from ANY type to DN-specific internal - * format. - * - * @param array $root (by reference) - * @param string $path - */ - private function mapInDNs(array &$root, $path) - { - $dns = &$this->subArray($root, $path); - - if (is_array($dns)) { - for ($i = 0; $i < count($dns); $i++) { - for ($j = 0; $j < count($dns[$i]); $j++) { - $type = $dns[$i][$j]['type']; - $value = &$dns[$i][$j]['value']; - if (is_object($value) && $value instanceof Element) { - $map = $this->getMapping($type); - if (!is_bool($map)) { - $decoded = ASN1::decodeBER($value); - if (!$decoded) { - continue; - } - $value = ASN1::asn1map($decoded[0], $map); - } - } - } - } - } - } - - /** - * Map DN values from DN-specific internal format to - * ANY type. - * - * @param array $root (by reference) - * @param string $path - */ - private function mapOutDNs(array &$root, $path) - { - $dns = &$this->subArray($root, $path); - - if (is_array($dns)) { - $size = count($dns); - for ($i = 0; $i < $size; $i++) { - for ($j = 0; $j < count($dns[$i]); $j++) { - $type = $dns[$i][$j]['type']; - $value = &$dns[$i][$j]['value']; - if (is_object($value) && $value instanceof Element) { - continue; - } - - $map = $this->getMapping($type); - if (!is_bool($map)) { - $value = new Element(ASN1::encodeDER($value, $map)); - } - } - } - } - } - - /** - * Associate an extension ID to an extension mapping - * - * @param string $extnId - * @return mixed - */ - private function getMapping($extnId) - { - if (!is_string($extnId)) { // eg. if it's a \phpseclib3\File\ASN1\Element object - return true; - } - - if (isset(self::$extensions[$extnId])) { - return self::$extensions[$extnId]; - } - - switch ($extnId) { - case 'id-ce-keyUsage': - return Maps\KeyUsage::MAP; - case 'id-ce-basicConstraints': - return Maps\BasicConstraints::MAP; - case 'id-ce-subjectKeyIdentifier': - return Maps\KeyIdentifier::MAP; - case 'id-ce-cRLDistributionPoints': - return Maps\CRLDistributionPoints::MAP; - case 'id-ce-authorityKeyIdentifier': - return Maps\AuthorityKeyIdentifier::MAP; - case 'id-ce-certificatePolicies': - return Maps\CertificatePolicies::MAP; - case 'id-ce-extKeyUsage': - return Maps\ExtKeyUsageSyntax::MAP; - case 'id-pe-authorityInfoAccess': - return Maps\AuthorityInfoAccessSyntax::MAP; - case 'id-ce-subjectAltName': - return Maps\SubjectAltName::MAP; - case 'id-ce-subjectDirectoryAttributes': - return Maps\SubjectDirectoryAttributes::MAP; - case 'id-ce-privateKeyUsagePeriod': - return Maps\PrivateKeyUsagePeriod::MAP; - case 'id-ce-issuerAltName': - return Maps\IssuerAltName::MAP; - case 'id-ce-policyMappings': - return Maps\PolicyMappings::MAP; - case 'id-ce-nameConstraints': - return Maps\NameConstraints::MAP; - - case 'netscape-cert-type': - return Maps\netscape_cert_type::MAP; - case 'netscape-comment': - return Maps\netscape_comment::MAP; - case 'netscape-ca-policy-url': - return Maps\netscape_ca_policy_url::MAP; - - // since id-qt-cps isn't a constructed type it will have already been decoded as a string by the time it gets - // back around to asn1map() and we don't want it decoded again. - //case 'id-qt-cps': - // return Maps\CPSuri::MAP; - case 'id-qt-unotice': - return Maps\UserNotice::MAP; - - // the following OIDs are unsupported but we don't want them to give notices when calling saveX509(). - case 'id-pe-logotype': // http://www.ietf.org/rfc/rfc3709.txt - case 'entrustVersInfo': - // http://support.microsoft.com/kb/287547 - case '1.3.6.1.4.1.311.20.2': // szOID_ENROLL_CERTTYPE_EXTENSION - case '1.3.6.1.4.1.311.21.1': // szOID_CERTSRV_CA_VERSION - // "SET Secure Electronic Transaction Specification" - // http://www.maithean.com/docs/set_bk3.pdf - case '2.23.42.7.0': // id-set-hashedRootKey - // "Certificate Transparency" - // https://tools.ietf.org/html/rfc6962 - case '1.3.6.1.4.1.11129.2.4.2': - // "Qualified Certificate statements" - // https://tools.ietf.org/html/rfc3739#section-3.2.6 - case '1.3.6.1.5.5.7.1.3': - return true; - - // CSR attributes - case 'pkcs-9-at-unstructuredName': - return Maps\PKCS9String::MAP; - case 'pkcs-9-at-challengePassword': - return Maps\DirectoryString::MAP; - case 'pkcs-9-at-extensionRequest': - return Maps\Extensions::MAP; - - // CRL extensions. - case 'id-ce-cRLNumber': - return Maps\CRLNumber::MAP; - case 'id-ce-deltaCRLIndicator': - return Maps\CRLNumber::MAP; - case 'id-ce-issuingDistributionPoint': - return Maps\IssuingDistributionPoint::MAP; - case 'id-ce-freshestCRL': - return Maps\CRLDistributionPoints::MAP; - case 'id-ce-cRLReasons': - return Maps\CRLReason::MAP; - case 'id-ce-invalidityDate': - return Maps\InvalidityDate::MAP; - case 'id-ce-certificateIssuer': - return Maps\CertificateIssuer::MAP; - case 'id-ce-holdInstructionCode': - return Maps\HoldInstructionCode::MAP; - case 'id-at-postalAddress': - return Maps\PostalAddress::MAP; - } - - return false; - } - - /** - * Load an X.509 certificate as a certificate authority - * - * @param string $cert - * @return bool - */ - public function loadCA($cert) - { - $olddn = $this->dn; - $oldcert = $this->currentCert; - $oldsigsubj = $this->signatureSubject; - $oldkeyid = $this->currentKeyIdentifier; - - $cert = $this->loadX509($cert); - if (!$cert) { - $this->dn = $olddn; - $this->currentCert = $oldcert; - $this->signatureSubject = $oldsigsubj; - $this->currentKeyIdentifier = $oldkeyid; - - return false; - } - - /* From RFC5280 "PKIX Certificate and CRL Profile": - - If the keyUsage extension is present, then the subject public key - MUST NOT be used to verify signatures on certificates or CRLs unless - the corresponding keyCertSign or cRLSign bit is set. */ - //$keyUsage = $this->getExtension('id-ce-keyUsage'); - //if ($keyUsage && !in_array('keyCertSign', $keyUsage)) { - // return false; - //} - - /* From RFC5280 "PKIX Certificate and CRL Profile": - - The cA boolean indicates whether the certified public key may be used - to verify certificate signatures. If the cA boolean is not asserted, - then the keyCertSign bit in the key usage extension MUST NOT be - asserted. If the basic constraints extension is not present in a - version 3 certificate, or the extension is present but the cA boolean - is not asserted, then the certified public key MUST NOT be used to - verify certificate signatures. */ - //$basicConstraints = $this->getExtension('id-ce-basicConstraints'); - //if (!$basicConstraints || !$basicConstraints['cA']) { - // return false; - //} - - $this->CAs[] = $cert; - - $this->dn = $olddn; - $this->currentCert = $oldcert; - $this->signatureSubject = $oldsigsubj; - - return true; - } - - /** - * Validate an X.509 certificate against a URL - * - * From RFC2818 "HTTP over TLS": - * - * Matching is performed using the matching rules specified by - * [RFC2459]. If more than one identity of a given type is present in - * the certificate (e.g., more than one dNSName name, a match in any one - * of the set is considered acceptable.) Names may contain the wildcard - * character * which is considered to match any single domain name - * component or component fragment. E.g., *.a.com matches foo.a.com but - * not bar.foo.a.com. f*.com matches foo.com but not bar.com. - * - * @param string $url - * @return bool - */ - public function validateURL($url) - { - if (!is_array($this->currentCert) || !isset($this->currentCert['tbsCertificate'])) { - return false; - } - - $components = parse_url($url); - if (!isset($components['host'])) { - return false; - } - - if ($names = $this->getExtension('id-ce-subjectAltName')) { - foreach ($names as $name) { - foreach ($name as $key => $value) { - $value = preg_quote($value); - $value = str_replace('\*', '[^.]*', $value); - switch ($key) { - case 'dNSName': - /* From RFC2818 "HTTP over TLS": - - If a subjectAltName extension of type dNSName is present, that MUST - be used as the identity. Otherwise, the (most specific) Common Name - field in the Subject field of the certificate MUST be used. Although - the use of the Common Name is existing practice, it is deprecated and - Certification Authorities are encouraged to use the dNSName instead. */ - if (preg_match('#^' . $value . '$#', $components['host'])) { - return true; - } - break; - case 'iPAddress': - /* From RFC2818 "HTTP over TLS": - - In some cases, the URI is specified as an IP address rather than a - hostname. In this case, the iPAddress subjectAltName must be present - in the certificate and must exactly match the IP in the URI. */ - if (preg_match('#(?:\d{1-3}\.){4}#', $components['host'] . '.') && preg_match('#^' . $value . '$#', $components['host'])) { - return true; - } - } - } - } - return false; - } - - if ($value = $this->getDNProp('id-at-commonName')) { - $value = str_replace(['.', '*'], ['\.', '[^.]*'], $value[0]); - return preg_match('#^' . $value . '$#', $components['host']) === 1; - } - - return false; - } - - /** - * Validate a date - * - * If $date isn't defined it is assumed to be the current date. - * - * @param \DateTimeInterface|string $date optional - * @return bool - */ - public function validateDate($date = null) - { - if (!is_array($this->currentCert) || !isset($this->currentCert['tbsCertificate'])) { - return false; - } - - if (!isset($date)) { - $date = new \DateTimeImmutable('now', new \DateTimeZone(@date_default_timezone_get())); - } - - $notBefore = $this->currentCert['tbsCertificate']['validity']['notBefore']; - $notBefore = isset($notBefore['generalTime']) ? $notBefore['generalTime'] : $notBefore['utcTime']; - - $notAfter = $this->currentCert['tbsCertificate']['validity']['notAfter']; - $notAfter = isset($notAfter['generalTime']) ? $notAfter['generalTime'] : $notAfter['utcTime']; - - if (is_string($date)) { - $date = new \DateTimeImmutable($date, new \DateTimeZone(@date_default_timezone_get())); - } - - $notBefore = new \DateTimeImmutable($notBefore, new \DateTimeZone(@date_default_timezone_get())); - $notAfter = new \DateTimeImmutable($notAfter, new \DateTimeZone(@date_default_timezone_get())); - - return $date >= $notBefore && $date <= $notAfter; - } - - /** - * Fetches a URL - * - * @param string $url - * @return bool|string - */ - private static function fetchURL($url) - { - if (self::$disable_url_fetch) { - return false; - } - - $parts = parse_url($url); - $data = ''; - switch ($parts['scheme']) { - case 'http': - $fsock = @fsockopen($parts['host'], isset($parts['port']) ? $parts['port'] : 80); - if (!$fsock) { - return false; - } - $path = $parts['path']; - if (isset($parts['query'])) { - $path .= '?' . $parts['query']; - } - fputs($fsock, "GET $path HTTP/1.0\r\n"); - fputs($fsock, "Host: $parts[host]\r\n\r\n"); - $line = fgets($fsock, 1024); - if (strlen($line) < 3) { - return false; - } - preg_match('#HTTP/1.\d (\d{3})#', $line, $temp); - if ($temp[1] != '200') { - return false; - } - - // skip the rest of the headers in the http response - while (!feof($fsock) && fgets($fsock, 1024) != "\r\n") { - } - - while (!feof($fsock)) { - $temp = fread($fsock, 1024); - if ($temp === false) { - return false; - } - $data .= $temp; - } - - break; - //case 'ftp': - //case 'ldap': - //default: - } - - return $data; - } - - /** - * Validates an intermediate cert as identified via authority info access extension - * - * See https://tools.ietf.org/html/rfc4325 for more info - * - * @param bool $caonly - * @param int $count - * @return bool - */ - private function testForIntermediate($caonly, $count) - { - $opts = $this->getExtension('id-pe-authorityInfoAccess'); - if (!is_array($opts)) { - return false; - } - foreach ($opts as $opt) { - if ($opt['accessMethod'] == 'id-ad-caIssuers') { - // accessLocation is a GeneralName. GeneralName fields support stuff like email addresses, IP addresses, LDAP, - // etc, but we're only supporting URI's. URI's and LDAP are the only thing https://tools.ietf.org/html/rfc4325 - // discusses - if (isset($opt['accessLocation']['uniformResourceIdentifier'])) { - $url = $opt['accessLocation']['uniformResourceIdentifier']; - break; - } - } - } - - if (!isset($url)) { - return false; - } - - $cert = static::fetchURL($url); - if (!is_string($cert)) { - return false; - } - - $parent = new static(); - $parent->CAs = $this->CAs; - /* - "Conforming applications that support HTTP or FTP for accessing - certificates MUST be able to accept .cer files and SHOULD be able - to accept .p7c files." -- https://tools.ietf.org/html/rfc4325 - - A .p7c file is 'a "certs-only" CMS message as specified in RFC 2797" - - These are currently unsupported - */ - if (!is_array($parent->loadX509($cert))) { - return false; - } - - if (!$parent->validateSignatureCountable($caonly, ++$count)) { - return false; - } - - $this->CAs[] = $parent->currentCert; - //$this->loadCA($cert); - - return true; - } - - /** - * Validate a signature - * - * Works on X.509 certs, CSR's and CRL's. - * Returns true if the signature is verified, false if it is not correct or null on error - * - * By default returns false for self-signed certs. Call validateSignature(false) to make this support - * self-signed. - * - * The behavior of this function is inspired by {@link http://php.net/openssl-verify openssl_verify}. - * - * @param bool $caonly optional - * @return mixed - */ - public function validateSignature($caonly = true) - { - return $this->validateSignatureCountable($caonly, 0); - } - - /** - * Validate a signature - * - * Performs said validation whilst keeping track of how many times validation method is called - * - * @param bool $caonly - * @param int $count - * @return mixed - */ - private function validateSignatureCountable($caonly, $count) - { - if (!is_array($this->currentCert) || !isset($this->signatureSubject)) { - return null; - } - - if ($count == self::$recur_limit) { - return false; - } - - /* TODO: - "emailAddress attribute values are not case-sensitive (e.g., "subscriber@example.com" is the same as "SUBSCRIBER@EXAMPLE.COM")." - -- http://tools.ietf.org/html/rfc5280#section-4.1.2.6 - - implement pathLenConstraint in the id-ce-basicConstraints extension */ - - switch (true) { - case isset($this->currentCert['tbsCertificate']): - // self-signed cert - switch (true) { - case !defined('FILE_X509_IGNORE_TYPE') && $this->currentCert['tbsCertificate']['issuer'] === $this->currentCert['tbsCertificate']['subject']: - case defined('FILE_X509_IGNORE_TYPE') && $this->getIssuerDN(self::DN_STRING) === $this->getDN(self::DN_STRING): - $authorityKey = $this->getExtension('id-ce-authorityKeyIdentifier'); - $subjectKeyID = $this->getExtension('id-ce-subjectKeyIdentifier'); - switch (true) { - case !is_array($authorityKey): - case !$subjectKeyID: - case isset($authorityKey['keyIdentifier']) && $authorityKey['keyIdentifier'] === $subjectKeyID: - $signingCert = $this->currentCert; // working cert - } - } - - if (!empty($this->CAs)) { - for ($i = 0; $i < count($this->CAs); $i++) { - // even if the cert is a self-signed one we still want to see if it's a CA; - // if not, we'll conditionally return an error - $ca = $this->CAs[$i]; - switch (true) { - case !defined('FILE_X509_IGNORE_TYPE') && $this->currentCert['tbsCertificate']['issuer'] === $ca['tbsCertificate']['subject']: - case defined('FILE_X509_IGNORE_TYPE') && $this->getDN(self::DN_STRING, $this->currentCert['tbsCertificate']['issuer']) === $this->getDN(self::DN_STRING, $ca['tbsCertificate']['subject']): - $authorityKey = $this->getExtension('id-ce-authorityKeyIdentifier'); - $subjectKeyID = $this->getExtension('id-ce-subjectKeyIdentifier', $ca); - switch (true) { - case !is_array($authorityKey): - case !$subjectKeyID: - case isset($authorityKey['keyIdentifier']) && $authorityKey['keyIdentifier'] === $subjectKeyID: - if (is_array($authorityKey) && isset($authorityKey['authorityCertSerialNumber']) && !$authorityKey['authorityCertSerialNumber']->equals($ca['tbsCertificate']['serialNumber'])) { - break 2; // serial mismatch - check other ca - } - $signingCert = $ca; // working cert - break 3; - } - } - } - if (count($this->CAs) == $i && $caonly) { - return $this->testForIntermediate($caonly, $count) && $this->validateSignature($caonly); - } - } elseif (!isset($signingCert) || $caonly) { - return $this->testForIntermediate($caonly, $count) && $this->validateSignature($caonly); - } - return $this->validateSignatureHelper( - $signingCert['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm'], - $signingCert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'], - $this->currentCert['signatureAlgorithm']['algorithm'], - substr($this->currentCert['signature'], 1), - $this->signatureSubject - ); - case isset($this->currentCert['certificationRequestInfo']): - return $this->validateSignatureHelper( - $this->currentCert['certificationRequestInfo']['subjectPKInfo']['algorithm']['algorithm'], - $this->currentCert['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey'], - $this->currentCert['signatureAlgorithm']['algorithm'], - substr($this->currentCert['signature'], 1), - $this->signatureSubject - ); - case isset($this->currentCert['publicKeyAndChallenge']): - return $this->validateSignatureHelper( - $this->currentCert['publicKeyAndChallenge']['spki']['algorithm']['algorithm'], - $this->currentCert['publicKeyAndChallenge']['spki']['subjectPublicKey'], - $this->currentCert['signatureAlgorithm']['algorithm'], - substr($this->currentCert['signature'], 1), - $this->signatureSubject - ); - case isset($this->currentCert['tbsCertList']): - if (!empty($this->CAs)) { - for ($i = 0; $i < count($this->CAs); $i++) { - $ca = $this->CAs[$i]; - switch (true) { - case !defined('FILE_X509_IGNORE_TYPE') && $this->currentCert['tbsCertList']['issuer'] === $ca['tbsCertificate']['subject']: - case defined('FILE_X509_IGNORE_TYPE') && $this->getDN(self::DN_STRING, $this->currentCert['tbsCertList']['issuer']) === $this->getDN(self::DN_STRING, $ca['tbsCertificate']['subject']): - $authorityKey = $this->getExtension('id-ce-authorityKeyIdentifier'); - $subjectKeyID = $this->getExtension('id-ce-subjectKeyIdentifier', $ca); - switch (true) { - case !is_array($authorityKey): - case !$subjectKeyID: - case isset($authorityKey['keyIdentifier']) && $authorityKey['keyIdentifier'] === $subjectKeyID: - if (is_array($authorityKey) && isset($authorityKey['authorityCertSerialNumber']) && !$authorityKey['authorityCertSerialNumber']->equals($ca['tbsCertificate']['serialNumber'])) { - break 2; // serial mismatch - check other ca - } - $signingCert = $ca; // working cert - break 3; - } - } - } - } - if (!isset($signingCert)) { - return false; - } - return $this->validateSignatureHelper( - $signingCert['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm'], - $signingCert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'], - $this->currentCert['signatureAlgorithm']['algorithm'], - substr($this->currentCert['signature'], 1), - $this->signatureSubject - ); - default: - return false; - } - } - - /** - * Validates a signature - * - * Returns true if the signature is verified and false if it is not correct. - * If the algorithms are unsupposed an exception is thrown. - * - * @param string $publicKeyAlgorithm - * @param string $publicKey - * @param string $signatureAlgorithm - * @param string $signature - * @param string $signatureSubject - * @throws \phpseclib3\Exception\UnsupportedAlgorithmException if the algorithm is unsupported - * @return bool - */ - private function validateSignatureHelper($publicKeyAlgorithm, $publicKey, $signatureAlgorithm, $signature, $signatureSubject) - { - switch ($publicKeyAlgorithm) { - case 'id-RSASSA-PSS': - $key = RSA::loadFormat('PSS', $publicKey); - break; - case 'rsaEncryption': - $key = RSA::loadFormat('PKCS8', $publicKey); - switch ($signatureAlgorithm) { - case 'id-RSASSA-PSS': - break; - case 'md2WithRSAEncryption': - case 'md5WithRSAEncryption': - case 'sha1WithRSAEncryption': - case 'sha224WithRSAEncryption': - case 'sha256WithRSAEncryption': - case 'sha384WithRSAEncryption': - case 'sha512WithRSAEncryption': - $key = $key - ->withHash(preg_replace('#WithRSAEncryption$#', '', $signatureAlgorithm)) - ->withPadding(RSA::SIGNATURE_PKCS1); - break; - default: - throw new UnsupportedAlgorithmException('Signature algorithm unsupported'); - } - break; - case 'id-Ed25519': - case 'id-Ed448': - $key = EC::loadFormat('PKCS8', $publicKey); - break; - case 'id-ecPublicKey': - $key = EC::loadFormat('PKCS8', $publicKey); - switch ($signatureAlgorithm) { - case 'ecdsa-with-SHA1': - case 'ecdsa-with-SHA224': - case 'ecdsa-with-SHA256': - case 'ecdsa-with-SHA384': - case 'ecdsa-with-SHA512': - $key = $key - ->withHash(preg_replace('#^ecdsa-with-#', '', strtolower($signatureAlgorithm))); - break; - default: - throw new UnsupportedAlgorithmException('Signature algorithm unsupported'); - } - break; - case 'id-dsa': - $key = DSA::loadFormat('PKCS8', $publicKey); - switch ($signatureAlgorithm) { - case 'id-dsa-with-sha1': - case 'id-dsa-with-sha224': - case 'id-dsa-with-sha256': - $key = $key - ->withHash(preg_replace('#^id-dsa-with-#', '', strtolower($signatureAlgorithm))); - break; - default: - throw new UnsupportedAlgorithmException('Signature algorithm unsupported'); - } - break; - default: - throw new UnsupportedAlgorithmException('Public key algorithm unsupported'); - } - - return $key->verify($signatureSubject, $signature); - } - - /** - * Sets the recursion limit - * - * When validating a signature it may be necessary to download intermediate certs from URI's. - * An intermediate cert that linked to itself would result in an infinite loop so to prevent - * that we set a recursion limit. A negative number means that there is no recursion limit. - * - * @param int $count - */ - public static function setRecurLimit($count) - { - self::$recur_limit = $count; - } - - /** - * Prevents URIs from being automatically retrieved - * - */ - public static function disableURLFetch() - { - self::$disable_url_fetch = true; - } - - /** - * Allows URIs to be automatically retrieved - * - */ - public static function enableURLFetch() - { - self::$disable_url_fetch = false; - } - - /** - * Decodes an IP address - * - * Takes in a base64 encoded "blob" and returns a human readable IP address - * - * @param string $ip - * @return string - */ - public static function decodeIP($ip) - { - return inet_ntop($ip); - } - - /** - * Decodes an IP address in a name constraints extension - * - * Takes in a base64 encoded "blob" and returns a human readable IP address / mask - * - * @param string $ip - * @return array - */ - public static function decodeNameConstraintIP($ip) - { - $size = strlen($ip) >> 1; - $mask = substr($ip, $size); - $ip = substr($ip, 0, $size); - return [inet_ntop($ip), inet_ntop($mask)]; - } - - /** - * Encodes an IP address - * - * Takes a human readable IP address into a base64-encoded "blob" - * - * @param string|array $ip - * @return string - */ - public static function encodeIP($ip) - { - return is_string($ip) ? - inet_pton($ip) : - inet_pton($ip[0]) . inet_pton($ip[1]); - } - - /** - * "Normalizes" a Distinguished Name property - * - * @param string $propName - * @return mixed - */ - private function translateDNProp($propName) - { - switch (strtolower($propName)) { - case 'jurisdictionofincorporationcountryname': - case 'jurisdictioncountryname': - case 'jurisdictionc': - return 'jurisdictionOfIncorporationCountryName'; - case 'jurisdictionofincorporationstateorprovincename': - case 'jurisdictionstateorprovincename': - case 'jurisdictionst': - return 'jurisdictionOfIncorporationStateOrProvinceName'; - case 'jurisdictionlocalityname': - case 'jurisdictionl': - return 'jurisdictionLocalityName'; - case 'id-at-businesscategory': - case 'businesscategory': - return 'id-at-businessCategory'; - case 'id-at-countryname': - case 'countryname': - case 'c': - return 'id-at-countryName'; - case 'id-at-organizationname': - case 'organizationname': - case 'o': - return 'id-at-organizationName'; - case 'id-at-dnqualifier': - case 'dnqualifier': - return 'id-at-dnQualifier'; - case 'id-at-commonname': - case 'commonname': - case 'cn': - return 'id-at-commonName'; - case 'id-at-stateorprovincename': - case 'stateorprovincename': - case 'state': - case 'province': - case 'provincename': - case 'st': - return 'id-at-stateOrProvinceName'; - case 'id-at-localityname': - case 'localityname': - case 'l': - return 'id-at-localityName'; - case 'id-emailaddress': - case 'emailaddress': - return 'pkcs-9-at-emailAddress'; - case 'id-at-serialnumber': - case 'serialnumber': - return 'id-at-serialNumber'; - case 'id-at-postalcode': - case 'postalcode': - return 'id-at-postalCode'; - case 'id-at-streetaddress': - case 'streetaddress': - return 'id-at-streetAddress'; - case 'id-at-name': - case 'name': - return 'id-at-name'; - case 'id-at-givenname': - case 'givenname': - return 'id-at-givenName'; - case 'id-at-surname': - case 'surname': - case 'sn': - return 'id-at-surname'; - case 'id-at-initials': - case 'initials': - return 'id-at-initials'; - case 'id-at-generationqualifier': - case 'generationqualifier': - return 'id-at-generationQualifier'; - case 'id-at-organizationalunitname': - case 'organizationalunitname': - case 'ou': - return 'id-at-organizationalUnitName'; - case 'id-at-pseudonym': - case 'pseudonym': - return 'id-at-pseudonym'; - case 'id-at-title': - case 'title': - return 'id-at-title'; - case 'id-at-description': - case 'description': - return 'id-at-description'; - case 'id-at-role': - case 'role': - return 'id-at-role'; - case 'id-at-uniqueidentifier': - case 'uniqueidentifier': - case 'x500uniqueidentifier': - return 'id-at-uniqueIdentifier'; - case 'postaladdress': - case 'id-at-postaladdress': - return 'id-at-postalAddress'; - default: - return false; - } - } - - /** - * Set a Distinguished Name property - * - * @param string $propName - * @param mixed $propValue - * @param string $type optional - * @return bool - */ - public function setDNProp($propName, $propValue, $type = 'utf8String') - { - if (empty($this->dn)) { - $this->dn = ['rdnSequence' => []]; - } - - if (($propName = $this->translateDNProp($propName)) === false) { - return false; - } - - foreach ((array) $propValue as $v) { - if (!is_array($v) && isset($type)) { - $v = [$type => $v]; - } - $this->dn['rdnSequence'][] = [ - [ - 'type' => $propName, - 'value' => $v - ] - ]; - } - - return true; - } - - /** - * Remove Distinguished Name properties - * - * @param string $propName - */ - public function removeDNProp($propName) - { - if (empty($this->dn)) { - return; - } - - if (($propName = $this->translateDNProp($propName)) === false) { - return; - } - - $dn = &$this->dn['rdnSequence']; - $size = count($dn); - for ($i = 0; $i < $size; $i++) { - if ($dn[$i][0]['type'] == $propName) { - unset($dn[$i]); - } - } - - $dn = array_values($dn); - // fix for https://bugs.php.net/75433 affecting PHP 7.2 - if (!isset($dn[0])) { - $dn = array_splice($dn, 0, 0); - } - } - - /** - * Get Distinguished Name properties - * - * @param string $propName - * @param array $dn optional - * @param bool $withType optional - * @return mixed - */ - public function getDNProp($propName, array $dn = null, $withType = false) - { - if (!isset($dn)) { - $dn = $this->dn; - } - - if (empty($dn)) { - return false; - } - - if (($propName = $this->translateDNProp($propName)) === false) { - return false; - } - - $filters = []; - $filters['value'] = ['type' => ASN1::TYPE_UTF8_STRING]; - ASN1::setFilters($filters); - $this->mapOutDNs($dn, 'rdnSequence'); - $dn = $dn['rdnSequence']; - $result = []; - for ($i = 0; $i < count($dn); $i++) { - if ($dn[$i][0]['type'] == $propName) { - $v = $dn[$i][0]['value']; - if (!$withType) { - if (is_array($v)) { - foreach ($v as $type => $s) { - $type = array_search($type, ASN1::ANY_MAP); - if ($type !== false && array_key_exists($type, ASN1::STRING_TYPE_SIZE)) { - $s = ASN1::convert($s, $type); - if ($s !== false) { - $v = $s; - break; - } - } - } - if (is_array($v)) { - $v = array_pop($v); // Always strip data type. - } - } elseif (is_object($v) && $v instanceof Element) { - $map = $this->getMapping($propName); - if (!is_bool($map)) { - $decoded = ASN1::decodeBER($v); - if (!$decoded) { - return false; - } - $v = ASN1::asn1map($decoded[0], $map); - } - } - } - $result[] = $v; - } - } - - return $result; - } - - /** - * Set a Distinguished Name - * - * @param mixed $dn - * @param bool $merge optional - * @param string $type optional - * @return bool - */ - public function setDN($dn, $merge = false, $type = 'utf8String') - { - if (!$merge) { - $this->dn = null; - } - - if (is_array($dn)) { - if (isset($dn['rdnSequence'])) { - $this->dn = $dn; // No merge here. - return true; - } - - // handles stuff generated by openssl_x509_parse() - foreach ($dn as $prop => $value) { - if (!$this->setDNProp($prop, $value, $type)) { - return false; - } - } - return true; - } - - // handles everything else - $results = preg_split('#((?:^|, *|/)(?:C=|O=|OU=|CN=|L=|ST=|SN=|postalCode=|streetAddress=|emailAddress=|serialNumber=|organizationalUnitName=|title=|description=|role=|x500UniqueIdentifier=|postalAddress=))#', $dn, -1, PREG_SPLIT_DELIM_CAPTURE); - for ($i = 1; $i < count($results); $i += 2) { - $prop = trim($results[$i], ', =/'); - $value = $results[$i + 1]; - if (!$this->setDNProp($prop, $value, $type)) { - return false; - } - } - - return true; - } - - /** - * Get the Distinguished Name for a certificates subject - * - * @param mixed $format optional - * @param array $dn optional - * @return array|bool|string - */ - public function getDN($format = self::DN_ARRAY, array $dn = null) - { - if (!isset($dn)) { - $dn = isset($this->currentCert['tbsCertList']) ? $this->currentCert['tbsCertList']['issuer'] : $this->dn; - } - - switch ((int) $format) { - case self::DN_ARRAY: - return $dn; - case self::DN_ASN1: - $filters = []; - $filters['rdnSequence']['value'] = ['type' => ASN1::TYPE_UTF8_STRING]; - ASN1::setFilters($filters); - $this->mapOutDNs($dn, 'rdnSequence'); - return ASN1::encodeDER($dn, Maps\Name::MAP); - case self::DN_CANON: - // No SEQUENCE around RDNs and all string values normalized as - // trimmed lowercase UTF-8 with all spacing as one blank. - // constructed RDNs will not be canonicalized - $filters = []; - $filters['value'] = ['type' => ASN1::TYPE_UTF8_STRING]; - ASN1::setFilters($filters); - $result = ''; - $this->mapOutDNs($dn, 'rdnSequence'); - foreach ($dn['rdnSequence'] as $rdn) { - foreach ($rdn as $i => $attr) { - $attr = &$rdn[$i]; - if (is_array($attr['value'])) { - foreach ($attr['value'] as $type => $v) { - $type = array_search($type, ASN1::ANY_MAP, true); - if ($type !== false && array_key_exists($type, ASN1::STRING_TYPE_SIZE)) { - $v = ASN1::convert($v, $type); - if ($v !== false) { - $v = preg_replace('/\s+/', ' ', $v); - $attr['value'] = strtolower(trim($v)); - break; - } - } - } - } - } - $result .= ASN1::encodeDER($rdn, Maps\RelativeDistinguishedName::MAP); - } - return $result; - case self::DN_HASH: - $dn = $this->getDN(self::DN_CANON, $dn); - $hash = new Hash('sha1'); - $hash = $hash->hash($dn); - extract(unpack('Vhash', $hash)); - return strtolower(Strings::bin2hex(pack('N', $hash))); - } - - // Default is to return a string. - $start = true; - $output = ''; - - $result = []; - $filters = []; - $filters['rdnSequence']['value'] = ['type' => ASN1::TYPE_UTF8_STRING]; - ASN1::setFilters($filters); - $this->mapOutDNs($dn, 'rdnSequence'); - - foreach ($dn['rdnSequence'] as $field) { - $prop = $field[0]['type']; - $value = $field[0]['value']; - - $delim = ', '; - switch ($prop) { - case 'id-at-countryName': - $desc = 'C'; - break; - case 'id-at-stateOrProvinceName': - $desc = 'ST'; - break; - case 'id-at-organizationName': - $desc = 'O'; - break; - case 'id-at-organizationalUnitName': - $desc = 'OU'; - break; - case 'id-at-commonName': - $desc = 'CN'; - break; - case 'id-at-localityName': - $desc = 'L'; - break; - case 'id-at-surname': - $desc = 'SN'; - break; - case 'id-at-uniqueIdentifier': - $delim = '/'; - $desc = 'x500UniqueIdentifier'; - break; - case 'id-at-postalAddress': - $delim = '/'; - $desc = 'postalAddress'; - break; - default: - $delim = '/'; - $desc = preg_replace('#.+-([^-]+)$#', '$1', $prop); - } - - if (!$start) { - $output .= $delim; - } - if (is_array($value)) { - foreach ($value as $type => $v) { - $type = array_search($type, ASN1::ANY_MAP, true); - if ($type !== false && array_key_exists($type, ASN1::STRING_TYPE_SIZE)) { - $v = ASN1::convert($v, $type); - if ($v !== false) { - $value = $v; - break; - } - } - } - if (is_array($value)) { - $value = array_pop($value); // Always strip data type. - } - } elseif (is_object($value) && $value instanceof Element) { - $callback = function ($x) { - return '\x' . bin2hex($x[0]); - }; - $value = strtoupper(preg_replace_callback('#[^\x20-\x7E]#', $callback, $value->element)); - } - $output .= $desc . '=' . $value; - $result[$desc] = isset($result[$desc]) ? - array_merge((array) $result[$desc], [$value]) : - $value; - $start = false; - } - - return $format == self::DN_OPENSSL ? $result : $output; - } - - /** - * Get the Distinguished Name for a certificate/crl issuer - * - * @param int $format optional - * @return mixed - */ - public function getIssuerDN($format = self::DN_ARRAY) - { - switch (true) { - case !isset($this->currentCert) || !is_array($this->currentCert): - break; - case isset($this->currentCert['tbsCertificate']): - return $this->getDN($format, $this->currentCert['tbsCertificate']['issuer']); - case isset($this->currentCert['tbsCertList']): - return $this->getDN($format, $this->currentCert['tbsCertList']['issuer']); - } - - return false; - } - - /** - * Get the Distinguished Name for a certificate/csr subject - * Alias of getDN() - * - * @param int $format optional - * @return mixed - */ - public function getSubjectDN($format = self::DN_ARRAY) - { - switch (true) { - case !empty($this->dn): - return $this->getDN($format); - case !isset($this->currentCert) || !is_array($this->currentCert): - break; - case isset($this->currentCert['tbsCertificate']): - return $this->getDN($format, $this->currentCert['tbsCertificate']['subject']); - case isset($this->currentCert['certificationRequestInfo']): - return $this->getDN($format, $this->currentCert['certificationRequestInfo']['subject']); - } - - return false; - } - - /** - * Get an individual Distinguished Name property for a certificate/crl issuer - * - * @param string $propName - * @param bool $withType optional - * @return mixed - */ - public function getIssuerDNProp($propName, $withType = false) - { - switch (true) { - case !isset($this->currentCert) || !is_array($this->currentCert): - break; - case isset($this->currentCert['tbsCertificate']): - return $this->getDNProp($propName, $this->currentCert['tbsCertificate']['issuer'], $withType); - case isset($this->currentCert['tbsCertList']): - return $this->getDNProp($propName, $this->currentCert['tbsCertList']['issuer'], $withType); - } - - return false; - } - - /** - * Get an individual Distinguished Name property for a certificate/csr subject - * - * @param string $propName - * @param bool $withType optional - * @return mixed - */ - public function getSubjectDNProp($propName, $withType = false) - { - switch (true) { - case !empty($this->dn): - return $this->getDNProp($propName, null, $withType); - case !isset($this->currentCert) || !is_array($this->currentCert): - break; - case isset($this->currentCert['tbsCertificate']): - return $this->getDNProp($propName, $this->currentCert['tbsCertificate']['subject'], $withType); - case isset($this->currentCert['certificationRequestInfo']): - return $this->getDNProp($propName, $this->currentCert['certificationRequestInfo']['subject'], $withType); - } - - return false; - } - - /** - * Get the certificate chain for the current cert - * - * @return mixed - */ - public function getChain() - { - $chain = [$this->currentCert]; - - if (!is_array($this->currentCert) || !isset($this->currentCert['tbsCertificate'])) { - return false; - } - while (true) { - $currentCert = $chain[count($chain) - 1]; - for ($i = 0; $i < count($this->CAs); $i++) { - $ca = $this->CAs[$i]; - if ($currentCert['tbsCertificate']['issuer'] === $ca['tbsCertificate']['subject']) { - $authorityKey = $this->getExtension('id-ce-authorityKeyIdentifier', $currentCert); - $subjectKeyID = $this->getExtension('id-ce-subjectKeyIdentifier', $ca); - switch (true) { - case !is_array($authorityKey): - case is_array($authorityKey) && isset($authorityKey['keyIdentifier']) && $authorityKey['keyIdentifier'] === $subjectKeyID: - if ($currentCert === $ca) { - break 3; - } - $chain[] = $ca; - break 2; - } - } - } - if ($i == count($this->CAs)) { - break; - } - } - foreach ($chain as $key => $value) { - $chain[$key] = new X509(); - $chain[$key]->loadX509($value); - } - return $chain; - } - - /** - * Returns the current cert - * - * @return array|bool - */ - public function &getCurrentCert() - { - return $this->currentCert; - } - - /** - * Set public key - * - * Key needs to be a \phpseclib3\Crypt\RSA object - * - * @param PublicKey $key - * @return void - */ - public function setPublicKey(PublicKey $key) - { - $this->publicKey = $key; - } - - /** - * Set private key - * - * Key needs to be a \phpseclib3\Crypt\RSA object - * - * @param PrivateKey $key - */ - public function setPrivateKey(PrivateKey $key) - { - $this->privateKey = $key; - } - - /** - * Set challenge - * - * Used for SPKAC CSR's - * - * @param string $challenge - */ - public function setChallenge($challenge) - { - $this->challenge = $challenge; - } - - /** - * Gets the public key - * - * Returns a \phpseclib3\Crypt\RSA object or a false. - * - * @return mixed - */ - public function getPublicKey() - { - if (isset($this->publicKey)) { - return $this->publicKey; - } - - if (isset($this->currentCert) && is_array($this->currentCert)) { - $paths = [ - 'tbsCertificate/subjectPublicKeyInfo', - 'certificationRequestInfo/subjectPKInfo', - 'publicKeyAndChallenge/spki' - ]; - foreach ($paths as $path) { - $keyinfo = $this->subArray($this->currentCert, $path); - if (!empty($keyinfo)) { - break; - } - } - } - if (empty($keyinfo)) { - return false; - } - - $key = $keyinfo['subjectPublicKey']; - - switch ($keyinfo['algorithm']['algorithm']) { - case 'id-RSASSA-PSS': - return RSA::loadFormat('PSS', $key); - case 'rsaEncryption': - return RSA::loadFormat('PKCS8', $key)->withPadding(RSA::SIGNATURE_PKCS1); - case 'id-ecPublicKey': - case 'id-Ed25519': - case 'id-Ed448': - return EC::loadFormat('PKCS8', $key); - case 'id-dsa': - return DSA::loadFormat('PKCS8', $key); - } - - return false; - } - - /** - * Load a Certificate Signing Request - * - * @param string $csr - * @param int $mode - * @return mixed - */ - public function loadCSR($csr, $mode = self::FORMAT_AUTO_DETECT) - { - if (is_array($csr) && isset($csr['certificationRequestInfo'])) { - unset($this->currentCert); - unset($this->currentKeyIdentifier); - unset($this->signatureSubject); - $this->dn = $csr['certificationRequestInfo']['subject']; - if (!isset($this->dn)) { - return false; - } - - $this->currentCert = $csr; - return $csr; - } - - // see http://tools.ietf.org/html/rfc2986 - - if ($mode != self::FORMAT_DER) { - $newcsr = ASN1::extractBER($csr); - if ($mode == self::FORMAT_PEM && $csr == $newcsr) { - return false; - } - $csr = $newcsr; - } - $orig = $csr; - - if ($csr === false) { - $this->currentCert = false; - return false; - } - - $decoded = ASN1::decodeBER($csr); - - if (!$decoded) { - $this->currentCert = false; - return false; - } - - $csr = ASN1::asn1map($decoded[0], Maps\CertificationRequest::MAP); - if (!isset($csr) || $csr === false) { - $this->currentCert = false; - return false; - } - - $this->mapInAttributes($csr, 'certificationRequestInfo/attributes'); - $this->mapInDNs($csr, 'certificationRequestInfo/subject/rdnSequence'); - - $this->dn = $csr['certificationRequestInfo']['subject']; - - $this->signatureSubject = substr($orig, $decoded[0]['content'][0]['start'], $decoded[0]['content'][0]['length']); - - $key = $csr['certificationRequestInfo']['subjectPKInfo']; - $key = ASN1::encodeDER($key, Maps\SubjectPublicKeyInfo::MAP); - $csr['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey'] = - "-----BEGIN PUBLIC KEY-----\r\n" . - chunk_split(base64_encode($key), 64) . - "-----END PUBLIC KEY-----"; - - $this->currentKeyIdentifier = null; - $this->currentCert = $csr; - - $this->publicKey = null; - $this->publicKey = $this->getPublicKey(); - - return $csr; - } - - /** - * Save CSR request - * - * @param array $csr - * @param int $format optional - * @return string - */ - public function saveCSR(array $csr, $format = self::FORMAT_PEM) - { - if (!is_array($csr) || !isset($csr['certificationRequestInfo'])) { - return false; - } - - switch (true) { - case !($algorithm = $this->subArray($csr, 'certificationRequestInfo/subjectPKInfo/algorithm/algorithm')): - case is_object($csr['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey']): - break; - default: - $csr['certificationRequestInfo']['subjectPKInfo'] = new Element( - base64_decode(preg_replace('#-.+-|[\r\n]#', '', $csr['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey'])) - ); - } - - $filters = []; - $filters['certificationRequestInfo']['subject']['rdnSequence']['value'] - = ['type' => ASN1::TYPE_UTF8_STRING]; - - ASN1::setFilters($filters); - - $this->mapOutDNs($csr, 'certificationRequestInfo/subject/rdnSequence'); - $this->mapOutAttributes($csr, 'certificationRequestInfo/attributes'); - $csr = ASN1::encodeDER($csr, Maps\CertificationRequest::MAP); - - switch ($format) { - case self::FORMAT_DER: - return $csr; - // case self::FORMAT_PEM: - default: - return "-----BEGIN CERTIFICATE REQUEST-----\r\n" . chunk_split(Strings::base64_encode($csr), 64) . '-----END CERTIFICATE REQUEST-----'; - } - } - - /** - * Load a SPKAC CSR - * - * SPKAC's are produced by the HTML5 keygen element: - * - * https://developer.mozilla.org/en-US/docs/HTML/Element/keygen - * - * @param string $spkac - * @return mixed - */ - public function loadSPKAC($spkac) - { - if (is_array($spkac) && isset($spkac['publicKeyAndChallenge'])) { - unset($this->currentCert); - unset($this->currentKeyIdentifier); - unset($this->signatureSubject); - $this->currentCert = $spkac; - return $spkac; - } - - // see http://www.w3.org/html/wg/drafts/html/master/forms.html#signedpublickeyandchallenge - - // OpenSSL produces SPKAC's that are preceded by the string SPKAC= - $temp = preg_replace('#(?:SPKAC=)|[ \r\n\\\]#', '', $spkac); - $temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? Strings::base64_decode($temp) : false; - if ($temp != false) { - $spkac = $temp; - } - $orig = $spkac; - - if ($spkac === false) { - $this->currentCert = false; - return false; - } - - $decoded = ASN1::decodeBER($spkac); - - if (!$decoded) { - $this->currentCert = false; - return false; - } - - $spkac = ASN1::asn1map($decoded[0], Maps\SignedPublicKeyAndChallenge::MAP); - - if (!isset($spkac) || !is_array($spkac)) { - $this->currentCert = false; - return false; - } - - $this->signatureSubject = substr($orig, $decoded[0]['content'][0]['start'], $decoded[0]['content'][0]['length']); - - $key = $spkac['publicKeyAndChallenge']['spki']; - $key = ASN1::encodeDER($key, Maps\SubjectPublicKeyInfo::MAP); - $spkac['publicKeyAndChallenge']['spki']['subjectPublicKey'] = - "-----BEGIN PUBLIC KEY-----\r\n" . - chunk_split(base64_encode($key), 64) . - "-----END PUBLIC KEY-----"; - - $this->currentKeyIdentifier = null; - $this->currentCert = $spkac; - - $this->publicKey = null; - $this->publicKey = $this->getPublicKey(); - - return $spkac; - } - - /** - * Save a SPKAC CSR request - * - * @param array $spkac - * @param int $format optional - * @return string - */ - public function saveSPKAC(array $spkac, $format = self::FORMAT_PEM) - { - if (!is_array($spkac) || !isset($spkac['publicKeyAndChallenge'])) { - return false; - } - - $algorithm = $this->subArray($spkac, 'publicKeyAndChallenge/spki/algorithm/algorithm'); - switch (true) { - case !$algorithm: - case is_object($spkac['publicKeyAndChallenge']['spki']['subjectPublicKey']): - break; - default: - $spkac['publicKeyAndChallenge']['spki'] = new Element( - base64_decode(preg_replace('#-.+-|[\r\n]#', '', $spkac['publicKeyAndChallenge']['spki']['subjectPublicKey'])) - ); - } - - $spkac = ASN1::encodeDER($spkac, Maps\SignedPublicKeyAndChallenge::MAP); - - switch ($format) { - case self::FORMAT_DER: - return $spkac; - // case self::FORMAT_PEM: - default: - // OpenSSL's implementation of SPKAC requires the SPKAC be preceded by SPKAC= and since there are pretty much - // no other SPKAC decoders phpseclib will use that same format - return 'SPKAC=' . Strings::base64_encode($spkac); - } - } - - /** - * Load a Certificate Revocation List - * - * @param string $crl - * @param int $mode - * @return mixed - */ - public function loadCRL($crl, $mode = self::FORMAT_AUTO_DETECT) - { - if (is_array($crl) && isset($crl['tbsCertList'])) { - $this->currentCert = $crl; - unset($this->signatureSubject); - return $crl; - } - - if ($mode != self::FORMAT_DER) { - $newcrl = ASN1::extractBER($crl); - if ($mode == self::FORMAT_PEM && $crl == $newcrl) { - return false; - } - $crl = $newcrl; - } - $orig = $crl; - - if ($crl === false) { - $this->currentCert = false; - return false; - } - - $decoded = ASN1::decodeBER($crl); - - if (!$decoded) { - $this->currentCert = false; - return false; - } - - $crl = ASN1::asn1map($decoded[0], Maps\CertificateList::MAP); - if (!isset($crl) || $crl === false) { - $this->currentCert = false; - return false; - } - - $this->signatureSubject = substr($orig, $decoded[0]['content'][0]['start'], $decoded[0]['content'][0]['length']); - - $this->mapInDNs($crl, 'tbsCertList/issuer/rdnSequence'); - if ($this->isSubArrayValid($crl, 'tbsCertList/crlExtensions')) { - $this->mapInExtensions($crl, 'tbsCertList/crlExtensions'); - } - if ($this->isSubArrayValid($crl, 'tbsCertList/revokedCertificates')) { - $rclist_ref = &$this->subArrayUnchecked($crl, 'tbsCertList/revokedCertificates'); - if ($rclist_ref) { - $rclist = $crl['tbsCertList']['revokedCertificates']; - foreach ($rclist as $i => $extension) { - if ($this->isSubArrayValid($rclist, "$i/crlEntryExtensions")) { - $this->mapInExtensions($rclist_ref, "$i/crlEntryExtensions"); - } - } - } - } - - $this->currentKeyIdentifier = null; - $this->currentCert = $crl; - - return $crl; - } - - /** - * Save Certificate Revocation List. - * - * @param array $crl - * @param int $format optional - * @return string - */ - public function saveCRL(array $crl, $format = self::FORMAT_PEM) - { - if (!is_array($crl) || !isset($crl['tbsCertList'])) { - return false; - } - - $filters = []; - $filters['tbsCertList']['issuer']['rdnSequence']['value'] - = ['type' => ASN1::TYPE_UTF8_STRING]; - $filters['tbsCertList']['signature']['parameters'] - = ['type' => ASN1::TYPE_UTF8_STRING]; - $filters['signatureAlgorithm']['parameters'] - = ['type' => ASN1::TYPE_UTF8_STRING]; - - if (empty($crl['tbsCertList']['signature']['parameters'])) { - $filters['tbsCertList']['signature']['parameters'] - = ['type' => ASN1::TYPE_NULL]; - } - - if (empty($crl['signatureAlgorithm']['parameters'])) { - $filters['signatureAlgorithm']['parameters'] - = ['type' => ASN1::TYPE_NULL]; - } - - ASN1::setFilters($filters); - - $this->mapOutDNs($crl, 'tbsCertList/issuer/rdnSequence'); - $this->mapOutExtensions($crl, 'tbsCertList/crlExtensions'); - $rclist = &$this->subArray($crl, 'tbsCertList/revokedCertificates'); - if (is_array($rclist)) { - foreach ($rclist as $i => $extension) { - $this->mapOutExtensions($rclist, "$i/crlEntryExtensions"); - } - } - - $crl = ASN1::encodeDER($crl, Maps\CertificateList::MAP); - - switch ($format) { - case self::FORMAT_DER: - return $crl; - // case self::FORMAT_PEM: - default: - return "-----BEGIN X509 CRL-----\r\n" . chunk_split(Strings::base64_encode($crl), 64) . '-----END X509 CRL-----'; - } - } - - /** - * Helper function to build a time field according to RFC 3280 section - * - 4.1.2.5 Validity - * - 5.1.2.4 This Update - * - 5.1.2.5 Next Update - * - 5.1.2.6 Revoked Certificates - * by choosing utcTime iff year of date given is before 2050 and generalTime else. - * - * @param string $date in format date('D, d M Y H:i:s O') - * @return array|Element - */ - private function timeField($date) - { - if ($date instanceof Element) { - return $date; - } - $dateObj = new \DateTimeImmutable($date, new \DateTimeZone('GMT')); - $year = $dateObj->format('Y'); // the same way ASN1.php parses this - if ($year < 2050) { - return ['utcTime' => $date]; - } else { - return ['generalTime' => $date]; - } - } - - /** - * Sign an X.509 certificate - * - * $issuer's private key needs to be loaded. - * $subject can be either an existing X.509 cert (if you want to resign it), - * a CSR or something with the DN and public key explicitly set. - * - * @return mixed - */ - public function sign(X509 $issuer, X509 $subject) - { - if (!is_object($issuer->privateKey) || empty($issuer->dn)) { - return false; - } - - if (isset($subject->publicKey) && !($subjectPublicKey = $subject->formatSubjectPublicKey())) { - return false; - } - - $currentCert = isset($this->currentCert) ? $this->currentCert : null; - $signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject : null; - $signatureAlgorithm = self::identifySignatureAlgorithm($issuer->privateKey); - - if (isset($subject->currentCert) && is_array($subject->currentCert) && isset($subject->currentCert['tbsCertificate'])) { - $this->currentCert = $subject->currentCert; - $this->currentCert['tbsCertificate']['signature'] = $signatureAlgorithm; - $this->currentCert['signatureAlgorithm'] = $signatureAlgorithm; - - if (!empty($this->startDate)) { - $this->currentCert['tbsCertificate']['validity']['notBefore'] = $this->timeField($this->startDate); - } - if (!empty($this->endDate)) { - $this->currentCert['tbsCertificate']['validity']['notAfter'] = $this->timeField($this->endDate); - } - if (!empty($this->serialNumber)) { - $this->currentCert['tbsCertificate']['serialNumber'] = $this->serialNumber; - } - if (!empty($subject->dn)) { - $this->currentCert['tbsCertificate']['subject'] = $subject->dn; - } - if (!empty($subject->publicKey)) { - $this->currentCert['tbsCertificate']['subjectPublicKeyInfo'] = $subjectPublicKey; - } - $this->removeExtension('id-ce-authorityKeyIdentifier'); - if (isset($subject->domains)) { - $this->removeExtension('id-ce-subjectAltName'); - } - } elseif (isset($subject->currentCert) && is_array($subject->currentCert) && isset($subject->currentCert['tbsCertList'])) { - return false; - } else { - if (!isset($subject->publicKey)) { - return false; - } - - $startDate = new \DateTimeImmutable('now', new \DateTimeZone(@date_default_timezone_get())); - $startDate = !empty($this->startDate) ? $this->startDate : $startDate->format('D, d M Y H:i:s O'); - - $endDate = new \DateTimeImmutable('+1 year', new \DateTimeZone(@date_default_timezone_get())); - $endDate = !empty($this->endDate) ? $this->endDate : $endDate->format('D, d M Y H:i:s O'); - - /* "The serial number MUST be a positive integer" - "Conforming CAs MUST NOT use serialNumber values longer than 20 octets." - -- https://tools.ietf.org/html/rfc5280#section-4.1.2.2 - - for the integer to be positive the leading bit needs to be 0 hence the - application of a bitmap - */ - $serialNumber = !empty($this->serialNumber) ? - $this->serialNumber : - new BigInteger(Random::string(20) & ("\x7F" . str_repeat("\xFF", 19)), 256); - - $this->currentCert = [ - 'tbsCertificate' => - [ - 'version' => 'v3', - 'serialNumber' => $serialNumber, // $this->setSerialNumber() - 'signature' => $signatureAlgorithm, - 'issuer' => false, // this is going to be overwritten later - 'validity' => [ - 'notBefore' => $this->timeField($startDate), // $this->setStartDate() - 'notAfter' => $this->timeField($endDate) // $this->setEndDate() - ], - 'subject' => $subject->dn, - 'subjectPublicKeyInfo' => $subjectPublicKey - ], - 'signatureAlgorithm' => $signatureAlgorithm, - 'signature' => false // this is going to be overwritten later - ]; - - // Copy extensions from CSR. - $csrexts = $subject->getAttribute('pkcs-9-at-extensionRequest', 0); - - if (!empty($csrexts)) { - $this->currentCert['tbsCertificate']['extensions'] = $csrexts; - } - } - - $this->currentCert['tbsCertificate']['issuer'] = $issuer->dn; - - if (isset($issuer->currentKeyIdentifier)) { - $this->setExtension('id-ce-authorityKeyIdentifier', [ - //'authorityCertIssuer' => array( - // array( - // 'directoryName' => $issuer->dn - // ) - //), - 'keyIdentifier' => $issuer->currentKeyIdentifier - ]); - //$extensions = &$this->currentCert['tbsCertificate']['extensions']; - //if (isset($issuer->serialNumber)) { - // $extensions[count($extensions) - 1]['authorityCertSerialNumber'] = $issuer->serialNumber; - //} - //unset($extensions); - } - - if (isset($subject->currentKeyIdentifier)) { - $this->setExtension('id-ce-subjectKeyIdentifier', $subject->currentKeyIdentifier); - } - - $altName = []; - - if (isset($subject->domains) && count($subject->domains)) { - $altName = array_map(['\phpseclib3\File\X509', 'dnsName'], $subject->domains); - } - - if (isset($subject->ipAddresses) && count($subject->ipAddresses)) { - // should an IP address appear as the CN if no domain name is specified? idk - //$ips = count($subject->domains) ? $subject->ipAddresses : array_slice($subject->ipAddresses, 1); - $ipAddresses = []; - foreach ($subject->ipAddresses as $ipAddress) { - $encoded = $subject->ipAddress($ipAddress); - if ($encoded !== false) { - $ipAddresses[] = $encoded; - } - } - if (count($ipAddresses)) { - $altName = array_merge($altName, $ipAddresses); - } - } - - if (!empty($altName)) { - $this->setExtension('id-ce-subjectAltName', $altName); - } - - if ($this->caFlag) { - $keyUsage = $this->getExtension('id-ce-keyUsage'); - if (!$keyUsage) { - $keyUsage = []; - } - - $this->setExtension( - 'id-ce-keyUsage', - array_values(array_unique(array_merge($keyUsage, ['cRLSign', 'keyCertSign']))) - ); - - $basicConstraints = $this->getExtension('id-ce-basicConstraints'); - if (!$basicConstraints) { - $basicConstraints = []; - } - - $this->setExtension( - 'id-ce-basicConstraints', - array_merge(['cA' => true], $basicConstraints), - true - ); - - if (!isset($subject->currentKeyIdentifier)) { - $this->setExtension('id-ce-subjectKeyIdentifier', $this->computeKeyIdentifier($this->currentCert), false, false); - } - } - - // resync $this->signatureSubject - // save $tbsCertificate in case there are any \phpseclib3\File\ASN1\Element objects in it - $tbsCertificate = $this->currentCert['tbsCertificate']; - $this->loadX509($this->saveX509($this->currentCert)); - - $result = $this->currentCert; - $this->currentCert['signature'] = $result['signature'] = "\0" . $issuer->privateKey->sign($this->signatureSubject); - $result['tbsCertificate'] = $tbsCertificate; - - $this->currentCert = $currentCert; - $this->signatureSubject = $signatureSubject; - - return $result; - } - - /** - * Sign a CSR - * - * @return mixed - */ - public function signCSR() - { - if (!is_object($this->privateKey) || empty($this->dn)) { - return false; - } - - $origPublicKey = $this->publicKey; - $this->publicKey = $this->privateKey->getPublicKey(); - $publicKey = $this->formatSubjectPublicKey(); - $this->publicKey = $origPublicKey; - - $currentCert = isset($this->currentCert) ? $this->currentCert : null; - $signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject : null; - $signatureAlgorithm = self::identifySignatureAlgorithm($this->privateKey); - - if (isset($this->currentCert) && is_array($this->currentCert) && isset($this->currentCert['certificationRequestInfo'])) { - $this->currentCert['signatureAlgorithm'] = $signatureAlgorithm; - if (!empty($this->dn)) { - $this->currentCert['certificationRequestInfo']['subject'] = $this->dn; - } - $this->currentCert['certificationRequestInfo']['subjectPKInfo'] = $publicKey; - } else { - $this->currentCert = [ - 'certificationRequestInfo' => - [ - 'version' => 'v1', - 'subject' => $this->dn, - 'subjectPKInfo' => $publicKey - ], - 'signatureAlgorithm' => $signatureAlgorithm, - 'signature' => false // this is going to be overwritten later - ]; - } - - // resync $this->signatureSubject - // save $certificationRequestInfo in case there are any \phpseclib3\File\ASN1\Element objects in it - $certificationRequestInfo = $this->currentCert['certificationRequestInfo']; - $this->loadCSR($this->saveCSR($this->currentCert)); - - $result = $this->currentCert; - $this->currentCert['signature'] = $result['signature'] = "\0" . $this->privateKey->sign($this->signatureSubject); - $result['certificationRequestInfo'] = $certificationRequestInfo; - - $this->currentCert = $currentCert; - $this->signatureSubject = $signatureSubject; - - return $result; - } - - /** - * Sign a SPKAC - * - * @return mixed - */ - public function signSPKAC() - { - if (!is_object($this->privateKey)) { - return false; - } - - $origPublicKey = $this->publicKey; - $this->publicKey = $this->privateKey->getPublicKey(); - $publicKey = $this->formatSubjectPublicKey(); - $this->publicKey = $origPublicKey; - - $currentCert = isset($this->currentCert) ? $this->currentCert : null; - $signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject : null; - $signatureAlgorithm = self::identifySignatureAlgorithm($this->privateKey); - - // re-signing a SPKAC seems silly but since everything else supports re-signing why not? - if (isset($this->currentCert) && is_array($this->currentCert) && isset($this->currentCert['publicKeyAndChallenge'])) { - $this->currentCert['signatureAlgorithm'] = $signatureAlgorithm; - $this->currentCert['publicKeyAndChallenge']['spki'] = $publicKey; - if (!empty($this->challenge)) { - // the bitwise AND ensures that the output is a valid IA5String - $this->currentCert['publicKeyAndChallenge']['challenge'] = $this->challenge & str_repeat("\x7F", strlen($this->challenge)); - } - } else { - $this->currentCert = [ - 'publicKeyAndChallenge' => - [ - 'spki' => $publicKey, - // quoting , - // "A challenge string that is submitted along with the public key. Defaults to an empty string if not specified." - // both Firefox and OpenSSL ("openssl spkac -key private.key") behave this way - // we could alternatively do this instead if we ignored the specs: - // Random::string(8) & str_repeat("\x7F", 8) - 'challenge' => !empty($this->challenge) ? $this->challenge : '' - ], - 'signatureAlgorithm' => $signatureAlgorithm, - 'signature' => false // this is going to be overwritten later - ]; - } - - // resync $this->signatureSubject - // save $publicKeyAndChallenge in case there are any \phpseclib3\File\ASN1\Element objects in it - $publicKeyAndChallenge = $this->currentCert['publicKeyAndChallenge']; - $this->loadSPKAC($this->saveSPKAC($this->currentCert)); - - $result = $this->currentCert; - $this->currentCert['signature'] = $result['signature'] = "\0" . $this->privateKey->sign($this->signatureSubject); - $result['publicKeyAndChallenge'] = $publicKeyAndChallenge; - - $this->currentCert = $currentCert; - $this->signatureSubject = $signatureSubject; - - return $result; - } - - /** - * Sign a CRL - * - * $issuer's private key needs to be loaded. - * - * @return mixed - */ - public function signCRL(X509 $issuer, X509 $crl) - { - if (!is_object($issuer->privateKey) || empty($issuer->dn)) { - return false; - } - - $currentCert = isset($this->currentCert) ? $this->currentCert : null; - $signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject : null; - $signatureAlgorithm = self::identifySignatureAlgorithm($issuer->privateKey); - - $thisUpdate = new \DateTimeImmutable('now', new \DateTimeZone(@date_default_timezone_get())); - $thisUpdate = !empty($this->startDate) ? $this->startDate : $thisUpdate->format('D, d M Y H:i:s O'); - - if (isset($crl->currentCert) && is_array($crl->currentCert) && isset($crl->currentCert['tbsCertList'])) { - $this->currentCert = $crl->currentCert; - $this->currentCert['tbsCertList']['signature'] = $signatureAlgorithm; - $this->currentCert['signatureAlgorithm'] = $signatureAlgorithm; - } else { - $this->currentCert = [ - 'tbsCertList' => - [ - 'version' => 'v2', - 'signature' => $signatureAlgorithm, - 'issuer' => false, // this is going to be overwritten later - 'thisUpdate' => $this->timeField($thisUpdate) // $this->setStartDate() - ], - 'signatureAlgorithm' => $signatureAlgorithm, - 'signature' => false // this is going to be overwritten later - ]; - } - - $tbsCertList = &$this->currentCert['tbsCertList']; - $tbsCertList['issuer'] = $issuer->dn; - $tbsCertList['thisUpdate'] = $this->timeField($thisUpdate); - - if (!empty($this->endDate)) { - $tbsCertList['nextUpdate'] = $this->timeField($this->endDate); // $this->setEndDate() - } else { - unset($tbsCertList['nextUpdate']); - } - - if (!empty($this->serialNumber)) { - $crlNumber = $this->serialNumber; - } else { - $crlNumber = $this->getExtension('id-ce-cRLNumber'); - // "The CRL number is a non-critical CRL extension that conveys a - // monotonically increasing sequence number for a given CRL scope and - // CRL issuer. This extension allows users to easily determine when a - // particular CRL supersedes another CRL." - // -- https://tools.ietf.org/html/rfc5280#section-5.2.3 - $crlNumber = $crlNumber !== false ? $crlNumber->add(new BigInteger(1)) : null; - } - - $this->removeExtension('id-ce-authorityKeyIdentifier'); - $this->removeExtension('id-ce-issuerAltName'); - - // Be sure version >= v2 if some extension found. - $version = isset($tbsCertList['version']) ? $tbsCertList['version'] : 0; - if (!$version) { - if (!empty($tbsCertList['crlExtensions'])) { - $version = 1; // v2. - } elseif (!empty($tbsCertList['revokedCertificates'])) { - foreach ($tbsCertList['revokedCertificates'] as $cert) { - if (!empty($cert['crlEntryExtensions'])) { - $version = 1; // v2. - } - } - } - - if ($version) { - $tbsCertList['version'] = $version; - } - } - - // Store additional extensions. - if (!empty($tbsCertList['version'])) { // At least v2. - if (!empty($crlNumber)) { - $this->setExtension('id-ce-cRLNumber', $crlNumber); - } - - if (isset($issuer->currentKeyIdentifier)) { - $this->setExtension('id-ce-authorityKeyIdentifier', [ - //'authorityCertIssuer' => array( - // ] - // 'directoryName' => $issuer->dn - // ] - //), - 'keyIdentifier' => $issuer->currentKeyIdentifier - ]); - //$extensions = &$tbsCertList['crlExtensions']; - //if (isset($issuer->serialNumber)) { - // $extensions[count($extensions) - 1]['authorityCertSerialNumber'] = $issuer->serialNumber; - //} - //unset($extensions); - } - - $issuerAltName = $this->getExtension('id-ce-subjectAltName', $issuer->currentCert); - - if ($issuerAltName !== false) { - $this->setExtension('id-ce-issuerAltName', $issuerAltName); - } - } - - if (empty($tbsCertList['revokedCertificates'])) { - unset($tbsCertList['revokedCertificates']); - } - - unset($tbsCertList); - - // resync $this->signatureSubject - // save $tbsCertList in case there are any \phpseclib3\File\ASN1\Element objects in it - $tbsCertList = $this->currentCert['tbsCertList']; - $this->loadCRL($this->saveCRL($this->currentCert)); - - $result = $this->currentCert; - $this->currentCert['signature'] = $result['signature'] = "\0" . $issuer->privateKey->sign($this->signatureSubject); - $result['tbsCertList'] = $tbsCertList; - - $this->currentCert = $currentCert; - $this->signatureSubject = $signatureSubject; - - return $result; - } - - /** - * Identify signature algorithm from key settings - * - * @param PrivateKey $key - * @throws \phpseclib3\Exception\UnsupportedAlgorithmException if the algorithm is unsupported - * @return array - */ - private static function identifySignatureAlgorithm(PrivateKey $key) - { - if ($key instanceof RSA) { - if ($key->getPadding() & RSA::SIGNATURE_PSS) { - $r = PSS::load($key->withPassword()->toString('PSS')); - return [ - 'algorithm' => 'id-RSASSA-PSS', - 'parameters' => PSS::savePSSParams($r) - ]; - } - switch ($key->getHash()) { - case 'md2': - case 'md5': - case 'sha1': - case 'sha224': - case 'sha256': - case 'sha384': - case 'sha512': - return ['algorithm' => $key->getHash() . 'WithRSAEncryption']; - } - throw new UnsupportedAlgorithmException('The only supported hash algorithms for RSA are: md2, md5, sha1, sha224, sha256, sha384, sha512'); - } - - if ($key instanceof DSA) { - switch ($key->getHash()) { - case 'sha1': - case 'sha224': - case 'sha256': - return ['algorithm' => 'id-dsa-with-' . $key->getHash()]; - } - throw new UnsupportedAlgorithmException('The only supported hash algorithms for DSA are: sha1, sha224, sha256'); - } - - if ($key instanceof EC) { - switch ($key->getCurve()) { - case 'Ed25519': - case 'Ed448': - return ['algorithm' => 'id-' . $key->getCurve()]; - } - switch ($key->getHash()) { - case 'sha1': - case 'sha224': - case 'sha256': - case 'sha384': - case 'sha512': - return ['algorithm' => 'ecdsa-with-' . strtoupper($key->getHash())]; - } - throw new UnsupportedAlgorithmException('The only supported hash algorithms for EC are: sha1, sha224, sha256, sha384, sha512'); - } - - throw new UnsupportedAlgorithmException('The only supported public key classes are: RSA, DSA, EC'); - } - - /** - * Set certificate start date - * - * @param \DateTimeInterface|string $date - */ - public function setStartDate($date) - { - if (!is_object($date) || !($date instanceof \DateTimeInterface)) { - $date = new \DateTimeImmutable($date, new \DateTimeZone(@date_default_timezone_get())); - } - - $this->startDate = $date->format('D, d M Y H:i:s O'); - } - - /** - * Set certificate end date - * - * @param \DateTimeInterface|string $date - */ - public function setEndDate($date) - { - /* - To indicate that a certificate has no well-defined expiration date, - the notAfter SHOULD be assigned the GeneralizedTime value of - 99991231235959Z. - - -- http://tools.ietf.org/html/rfc5280#section-4.1.2.5 - */ - if (is_string($date) && strtolower($date) === 'lifetime') { - $temp = '99991231235959Z'; - $temp = chr(ASN1::TYPE_GENERALIZED_TIME) . ASN1::encodeLength(strlen($temp)) . $temp; - $this->endDate = new Element($temp); - } else { - if (!is_object($date) || !($date instanceof \DateTimeInterface)) { - $date = new \DateTimeImmutable($date, new \DateTimeZone(@date_default_timezone_get())); - } - - $this->endDate = $date->format('D, d M Y H:i:s O'); - } - } - - /** - * Set Serial Number - * - * @param string $serial - * @param int $base optional - */ - public function setSerialNumber($serial, $base = -256) - { - $this->serialNumber = new BigInteger($serial, $base); - } - - /** - * Turns the certificate into a certificate authority - * - */ - public function makeCA() - { - $this->caFlag = true; - } - - /** - * Check for validity of subarray - * - * This is intended for use in conjunction with _subArrayUnchecked(), - * implementing the checks included in _subArray() but without copying - * a potentially large array by passing its reference by-value to is_array(). - * - * @param array $root - * @param string $path - * @return boolean - */ - private function isSubArrayValid(array $root, $path) - { - if (!is_array($root)) { - return false; - } - - foreach (explode('/', $path) as $i) { - if (!is_array($root)) { - return false; - } - - if (!isset($root[$i])) { - return true; - } - - $root = $root[$i]; - } - - return true; - } - - /** - * Get a reference to a subarray - * - * This variant of _subArray() does no is_array() checking, - * so $root should be checked with _isSubArrayValid() first. - * - * This is here for performance reasons: - * Passing a reference (i.e. $root) by-value (i.e. to is_array()) - * creates a copy. If $root is an especially large array, this is expensive. - * - * @param array $root - * @param string $path absolute path with / as component separator - * @param bool $create optional - * @return array|false - */ - private function &subArrayUnchecked(array &$root, $path, $create = false) - { - $false = false; - - foreach (explode('/', $path) as $i) { - if (!isset($root[$i])) { - if (!$create) { - return $false; - } - - $root[$i] = []; - } - - $root = &$root[$i]; - } - - return $root; - } - - /** - * Get a reference to a subarray - * - * @param array $root - * @param string $path absolute path with / as component separator - * @param bool $create optional - * @return array|false - */ - private function &subArray(array &$root = null, $path, $create = false) - { - $false = false; - - if (!is_array($root)) { - return $false; - } - - foreach (explode('/', $path) as $i) { - if (!is_array($root)) { - return $false; - } - - if (!isset($root[$i])) { - if (!$create) { - return $false; - } - - $root[$i] = []; - } - - $root = &$root[$i]; - } - - return $root; - } - - /** - * Get a reference to an extension subarray - * - * @param array $root - * @param string $path optional absolute path with / as component separator - * @param bool $create optional - * @return array|false - */ - private function &extensions(array &$root = null, $path = null, $create = false) - { - if (!isset($root)) { - $root = $this->currentCert; - } - - switch (true) { - case !empty($path): - case !is_array($root): - break; - case isset($root['tbsCertificate']): - $path = 'tbsCertificate/extensions'; - break; - case isset($root['tbsCertList']): - $path = 'tbsCertList/crlExtensions'; - break; - case isset($root['certificationRequestInfo']): - $pth = 'certificationRequestInfo/attributes'; - $attributes = &$this->subArray($root, $pth, $create); - - if (is_array($attributes)) { - foreach ($attributes as $key => $value) { - if ($value['type'] == 'pkcs-9-at-extensionRequest') { - $path = "$pth/$key/value/0"; - break 2; - } - } - if ($create) { - $key = count($attributes); - $attributes[] = ['type' => 'pkcs-9-at-extensionRequest', 'value' => []]; - $path = "$pth/$key/value/0"; - } - } - break; - } - - $extensions = &$this->subArray($root, $path, $create); - - if (!is_array($extensions)) { - $false = false; - return $false; - } - - return $extensions; - } - - /** - * Remove an Extension - * - * @param string $id - * @param string $path optional - * @return bool - */ - private function removeExtensionHelper($id, $path = null) - { - $extensions = &$this->extensions($this->currentCert, $path); - - if (!is_array($extensions)) { - return false; - } - - $result = false; - foreach ($extensions as $key => $value) { - if ($value['extnId'] == $id) { - unset($extensions[$key]); - $result = true; - } - } - - $extensions = array_values($extensions); - // fix for https://bugs.php.net/75433 affecting PHP 7.2 - if (!isset($extensions[0])) { - $extensions = array_splice($extensions, 0, 0); - } - return $result; - } - - /** - * Get an Extension - * - * Returns the extension if it exists and false if not - * - * @param string $id - * @param array $cert optional - * @param string $path optional - * @return mixed - */ - private function getExtensionHelper($id, array $cert = null, $path = null) - { - $extensions = $this->extensions($cert, $path); - - if (!is_array($extensions)) { - return false; - } - - foreach ($extensions as $key => $value) { - if ($value['extnId'] == $id) { - return $value['extnValue']; - } - } - - return false; - } - - /** - * Returns a list of all extensions in use - * - * @param array $cert optional - * @param string $path optional - * @return array - */ - private function getExtensionsHelper(array $cert = null, $path = null) - { - $exts = $this->extensions($cert, $path); - $extensions = []; - - if (is_array($exts)) { - foreach ($exts as $extension) { - $extensions[] = $extension['extnId']; - } - } - - return $extensions; - } - - /** - * Set an Extension - * - * @param string $id - * @param mixed $value - * @param bool $critical optional - * @param bool $replace optional - * @param string $path optional - * @return bool - */ - private function setExtensionHelper($id, $value, $critical = false, $replace = true, $path = null) - { - $extensions = &$this->extensions($this->currentCert, $path, true); - - if (!is_array($extensions)) { - return false; - } - - $newext = ['extnId' => $id, 'critical' => $critical, 'extnValue' => $value]; - - foreach ($extensions as $key => $value) { - if ($value['extnId'] == $id) { - if (!$replace) { - return false; - } - - $extensions[$key] = $newext; - return true; - } - } - - $extensions[] = $newext; - return true; - } - - /** - * Remove a certificate, CSR or CRL Extension - * - * @param string $id - * @return bool - */ - public function removeExtension($id) - { - return $this->removeExtensionHelper($id); - } - - /** - * Get a certificate, CSR or CRL Extension - * - * Returns the extension if it exists and false if not - * - * @param string $id - * @param array $cert optional - * @param string $path - * @return mixed - */ - public function getExtension($id, array $cert = null, $path = null) - { - return $this->getExtensionHelper($id, $cert, $path); - } - - /** - * Returns a list of all extensions in use in certificate, CSR or CRL - * - * @param array $cert optional - * @param string $path optional - * @return array - */ - public function getExtensions(array $cert = null, $path = null) - { - return $this->getExtensionsHelper($cert, $path); - } - - /** - * Set a certificate, CSR or CRL Extension - * - * @param string $id - * @param mixed $value - * @param bool $critical optional - * @param bool $replace optional - * @return bool - */ - public function setExtension($id, $value, $critical = false, $replace = true) - { - return $this->setExtensionHelper($id, $value, $critical, $replace); - } - - /** - * Remove a CSR attribute. - * - * @param string $id - * @param int $disposition optional - * @return bool - */ - public function removeAttribute($id, $disposition = self::ATTR_ALL) - { - $attributes = &$this->subArray($this->currentCert, 'certificationRequestInfo/attributes'); - - if (!is_array($attributes)) { - return false; - } - - $result = false; - foreach ($attributes as $key => $attribute) { - if ($attribute['type'] == $id) { - $n = count($attribute['value']); - switch (true) { - case $disposition == self::ATTR_APPEND: - case $disposition == self::ATTR_REPLACE: - return false; - case $disposition >= $n: - $disposition -= $n; - break; - case $disposition == self::ATTR_ALL: - case $n == 1: - unset($attributes[$key]); - $result = true; - break; - default: - unset($attributes[$key]['value'][$disposition]); - $attributes[$key]['value'] = array_values($attributes[$key]['value']); - $result = true; - break; - } - if ($result && $disposition != self::ATTR_ALL) { - break; - } - } - } - - $attributes = array_values($attributes); - return $result; - } - - /** - * Get a CSR attribute - * - * Returns the attribute if it exists and false if not - * - * @param string $id - * @param int $disposition optional - * @param array $csr optional - * @return mixed - */ - public function getAttribute($id, $disposition = self::ATTR_ALL, array $csr = null) - { - if (empty($csr)) { - $csr = $this->currentCert; - } - - $attributes = $this->subArray($csr, 'certificationRequestInfo/attributes'); - - if (!is_array($attributes)) { - return false; - } - - foreach ($attributes as $key => $attribute) { - if ($attribute['type'] == $id) { - $n = count($attribute['value']); - switch (true) { - case $disposition == self::ATTR_APPEND: - case $disposition == self::ATTR_REPLACE: - return false; - case $disposition == self::ATTR_ALL: - return $attribute['value']; - case $disposition >= $n: - $disposition -= $n; - break; - default: - return $attribute['value'][$disposition]; - } - } - } - - return false; - } - - /** - * Returns a list of all CSR attributes in use - * - * @param array $csr optional - * @return array - */ - public function getAttributes(array $csr = null) - { - if (empty($csr)) { - $csr = $this->currentCert; - } - - $attributes = $this->subArray($csr, 'certificationRequestInfo/attributes'); - $attrs = []; - - if (is_array($attributes)) { - foreach ($attributes as $attribute) { - $attrs[] = $attribute['type']; - } - } - - return $attrs; - } - - /** - * Set a CSR attribute - * - * @param string $id - * @param mixed $value - * @param int $disposition optional - * @return bool - */ - public function setAttribute($id, $value, $disposition = self::ATTR_ALL) - { - $attributes = &$this->subArray($this->currentCert, 'certificationRequestInfo/attributes', true); - - if (!is_array($attributes)) { - return false; - } - - switch ($disposition) { - case self::ATTR_REPLACE: - $disposition = self::ATTR_APPEND; - // fall-through - case self::ATTR_ALL: - $this->removeAttribute($id); - break; - } - - foreach ($attributes as $key => $attribute) { - if ($attribute['type'] == $id) { - $n = count($attribute['value']); - switch (true) { - case $disposition == self::ATTR_APPEND: - $last = $key; - break; - case $disposition >= $n: - $disposition -= $n; - break; - default: - $attributes[$key]['value'][$disposition] = $value; - return true; - } - } - } - - switch (true) { - case $disposition >= 0: - return false; - case isset($last): - $attributes[$last]['value'][] = $value; - break; - default: - $attributes[] = ['type' => $id, 'value' => $disposition == self::ATTR_ALL ? $value : [$value]]; - break; - } - - return true; - } - - /** - * Sets the subject key identifier - * - * This is used by the id-ce-authorityKeyIdentifier and the id-ce-subjectKeyIdentifier extensions. - * - * @param string $value - */ - public function setKeyIdentifier($value) - { - if (empty($value)) { - unset($this->currentKeyIdentifier); - } else { - $this->currentKeyIdentifier = $value; - } - } - - /** - * Compute a public key identifier. - * - * Although key identifiers may be set to any unique value, this function - * computes key identifiers from public key according to the two - * recommended methods (4.2.1.2 RFC 3280). - * Highly polymorphic: try to accept all possible forms of key: - * - Key object - * - \phpseclib3\File\X509 object with public or private key defined - * - Certificate or CSR array - * - \phpseclib3\File\ASN1\Element object - * - PEM or DER string - * - * @param mixed $key optional - * @param int $method optional - * @return string binary key identifier - */ - public function computeKeyIdentifier($key = null, $method = 1) - { - if (is_null($key)) { - $key = $this; - } - - switch (true) { - case is_string($key): - break; - case is_array($key) && isset($key['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey']): - return $this->computeKeyIdentifier($key['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'], $method); - case is_array($key) && isset($key['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey']): - return $this->computeKeyIdentifier($key['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey'], $method); - case !is_object($key): - return false; - case $key instanceof Element: - // Assume the element is a bitstring-packed key. - $decoded = ASN1::decodeBER($key->element); - if (!$decoded) { - return false; - } - $raw = ASN1::asn1map($decoded[0], ['type' => ASN1::TYPE_BIT_STRING]); - if (empty($raw)) { - return false; - } - // If the key is private, compute identifier from its corresponding public key. - $key = PublicKeyLoader::load($raw); - if ($key instanceof PrivateKey) { // If private. - return $this->computeKeyIdentifier($key, $method); - } - $key = $raw; // Is a public key. - break; - case $key instanceof X509: - if (isset($key->publicKey)) { - return $this->computeKeyIdentifier($key->publicKey, $method); - } - if (isset($key->privateKey)) { - return $this->computeKeyIdentifier($key->privateKey, $method); - } - if (isset($key->currentCert['tbsCertificate']) || isset($key->currentCert['certificationRequestInfo'])) { - return $this->computeKeyIdentifier($key->currentCert, $method); - } - return false; - default: // Should be a key object (i.e.: \phpseclib3\Crypt\RSA). - $key = $key->getPublicKey(); - break; - } - - // If in PEM format, convert to binary. - $key = ASN1::extractBER($key); - - // Now we have the key string: compute its sha-1 sum. - $hash = new Hash('sha1'); - $hash = $hash->hash($key); - - if ($method == 2) { - $hash = substr($hash, -8); - $hash[0] = chr((ord($hash[0]) & 0x0F) | 0x40); - } - - return $hash; - } - - /** - * Format a public key as appropriate - * - * @return array|false - */ - private function formatSubjectPublicKey() - { - $format = $this->publicKey instanceof RSA && ($this->publicKey->getPadding() & RSA::SIGNATURE_PSS) ? - 'PSS' : - 'PKCS8'; - - $publicKey = base64_decode(preg_replace('#-.+-|[\r\n]#', '', $this->publicKey->toString($format))); - - $decoded = ASN1::decodeBER($publicKey); - if (!$decoded) { - return false; - } - $mapped = ASN1::asn1map($decoded[0], Maps\SubjectPublicKeyInfo::MAP); - if (!is_array($mapped)) { - return false; - } - - $mapped['subjectPublicKey'] = $this->publicKey->toString($format); - - return $mapped; - } - - /** - * Set the domain name's which the cert is to be valid for - * - * @param mixed ...$domains - * @return void - */ - public function setDomain(...$domains) - { - $this->domains = $domains; - $this->removeDNProp('id-at-commonName'); - $this->setDNProp('id-at-commonName', $this->domains[0]); - } - - /** - * Set the IP Addresses's which the cert is to be valid for - * - * @param mixed[] ...$ipAddresses - */ - public function setIPAddress(...$ipAddresses) - { - $this->ipAddresses = $ipAddresses; - /* - if (!isset($this->domains)) { - $this->removeDNProp('id-at-commonName'); - $this->setDNProp('id-at-commonName', $this->ipAddresses[0]); - } - */ - } - - /** - * Helper function to build domain array - * - * @param string $domain - * @return array - */ - private static function dnsName($domain) - { - return ['dNSName' => $domain]; - } - - /** - * Helper function to build IP Address array - * - * (IPv6 is not currently supported) - * - * @param string $address - * @return array - */ - private function iPAddress($address) - { - return ['iPAddress' => $address]; - } - - /** - * Get the index of a revoked certificate. - * - * @param array $rclist - * @param string $serial - * @param bool $create optional - * @return int|false - */ - private function revokedCertificate(array &$rclist, $serial, $create = false) - { - $serial = new BigInteger($serial); - - foreach ($rclist as $i => $rc) { - if (!($serial->compare($rc['userCertificate']))) { - return $i; - } - } - - if (!$create) { - return false; - } - - $i = count($rclist); - $revocationDate = new \DateTimeImmutable('now', new \DateTimeZone(@date_default_timezone_get())); - $rclist[] = ['userCertificate' => $serial, - 'revocationDate' => $this->timeField($revocationDate->format('D, d M Y H:i:s O'))]; - return $i; - } - - /** - * Revoke a certificate. - * - * @param string $serial - * @param string $date optional - * @return bool - */ - public function revoke($serial, $date = null) - { - if (isset($this->currentCert['tbsCertList'])) { - if (is_array($rclist = &$this->subArray($this->currentCert, 'tbsCertList/revokedCertificates', true))) { - if ($this->revokedCertificate($rclist, $serial) === false) { // If not yet revoked - if (($i = $this->revokedCertificate($rclist, $serial, true)) !== false) { - if (!empty($date)) { - $rclist[$i]['revocationDate'] = $this->timeField($date); - } - - return true; - } - } - } - } - - return false; - } - - /** - * Unrevoke a certificate. - * - * @param string $serial - * @return bool - */ - public function unrevoke($serial) - { - if (is_array($rclist = &$this->subArray($this->currentCert, 'tbsCertList/revokedCertificates'))) { - if (($i = $this->revokedCertificate($rclist, $serial)) !== false) { - unset($rclist[$i]); - $rclist = array_values($rclist); - return true; - } - } - - return false; - } - - /** - * Get a revoked certificate. - * - * @param string $serial - * @return mixed - */ - public function getRevoked($serial) - { - if (is_array($rclist = $this->subArray($this->currentCert, 'tbsCertList/revokedCertificates'))) { - if (($i = $this->revokedCertificate($rclist, $serial)) !== false) { - return $rclist[$i]; - } - } - - return false; - } - - /** - * List revoked certificates - * - * @param array $crl optional - * @return array|bool - */ - public function listRevoked(array $crl = null) - { - if (!isset($crl)) { - $crl = $this->currentCert; - } - - if (!isset($crl['tbsCertList'])) { - return false; - } - - $result = []; - - if (is_array($rclist = $this->subArray($crl, 'tbsCertList/revokedCertificates'))) { - foreach ($rclist as $rc) { - $result[] = $rc['userCertificate']->toString(); - } - } - - return $result; - } - - /** - * Remove a Revoked Certificate Extension - * - * @param string $serial - * @param string $id - * @return bool - */ - public function removeRevokedCertificateExtension($serial, $id) - { - if (is_array($rclist = &$this->subArray($this->currentCert, 'tbsCertList/revokedCertificates'))) { - if (($i = $this->revokedCertificate($rclist, $serial)) !== false) { - return $this->removeExtensionHelper($id, "tbsCertList/revokedCertificates/$i/crlEntryExtensions"); - } - } - - return false; - } - - /** - * Get a Revoked Certificate Extension - * - * Returns the extension if it exists and false if not - * - * @param string $serial - * @param string $id - * @param array $crl optional - * @return mixed - */ - public function getRevokedCertificateExtension($serial, $id, array $crl = null) - { - if (!isset($crl)) { - $crl = $this->currentCert; - } - - if (is_array($rclist = $this->subArray($crl, 'tbsCertList/revokedCertificates'))) { - if (($i = $this->revokedCertificate($rclist, $serial)) !== false) { - return $this->getExtension($id, $crl, "tbsCertList/revokedCertificates/$i/crlEntryExtensions"); - } - } - - return false; - } - - /** - * Returns a list of all extensions in use for a given revoked certificate - * - * @param string $serial - * @param array $crl optional - * @return array|bool - */ - public function getRevokedCertificateExtensions($serial, array $crl = null) - { - if (!isset($crl)) { - $crl = $this->currentCert; - } - - if (is_array($rclist = $this->subArray($crl, 'tbsCertList/revokedCertificates'))) { - if (($i = $this->revokedCertificate($rclist, $serial)) !== false) { - return $this->getExtensions($crl, "tbsCertList/revokedCertificates/$i/crlEntryExtensions"); - } - } - - return false; - } - - /** - * Set a Revoked Certificate Extension - * - * @param string $serial - * @param string $id - * @param mixed $value - * @param bool $critical optional - * @param bool $replace optional - * @return bool - */ - public function setRevokedCertificateExtension($serial, $id, $value, $critical = false, $replace = true) - { - if (isset($this->currentCert['tbsCertList'])) { - if (is_array($rclist = &$this->subArray($this->currentCert, 'tbsCertList/revokedCertificates', true))) { - if (($i = $this->revokedCertificate($rclist, $serial, true)) !== false) { - return $this->setExtensionHelper($id, $value, $critical, $replace, "tbsCertList/revokedCertificates/$i/crlEntryExtensions"); - } - } - } - - return false; - } - - /** - * Register the mapping for a custom/unsupported extension. - * - * @param string $id - * @param array $mapping - */ - public static function registerExtension($id, array $mapping) - { - if (isset(self::$extensions[$id]) && self::$extensions[$id] !== $mapping) { - throw new \RuntimeException( - 'Extension ' . $id . ' has already been defined with a different mapping.' - ); - } - - self::$extensions[$id] = $mapping; - } - - /** - * Register the mapping for a custom/unsupported extension. - * - * @param string $id - * - * @return array|null - */ - public static function getRegisteredExtension($id) - { - return isset(self::$extensions[$id]) ? self::$extensions[$id] : null; - } - - /** - * Register the mapping for a custom/unsupported extension. - * - * @param string $id - * @param mixed $value - * @param bool $critical - * @param bool $replace - */ - public function setExtensionValue($id, $value, $critical = false, $replace = false) - { - $this->extensionValues[$id] = compact('critical', 'replace', 'value'); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger.php deleted file mode 100644 index 67d4788..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger.php +++ /dev/null @@ -1,892 +0,0 @@ - - * add($b); - * - * echo $c->toString(); // outputs 5 - * ?> - * - * - * @author Jim Wigginton - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - */ - -namespace phpseclib3\Math; - -use phpseclib3\Exception\BadConfigurationException; -use phpseclib3\Math\BigInteger\Engines\Engine; - -/** - * Pure-PHP arbitrary precision integer arithmetic library. Supports base-2, base-10, base-16, and base-256 - * numbers. - * - * @author Jim Wigginton - */ -class BigInteger implements \JsonSerializable -{ - /** - * Main Engine - * - * @var class-string - */ - private static $mainEngine; - - /** - * Selected Engines - * - * @var list - */ - private static $engines; - - /** - * The actual BigInteger object - * - * @var object - */ - private $value; - - /** - * Mode independent value used for serialization. - * - * @see self::__sleep() - * @see self::__wakeup() - * @var string - */ - private $hex; - - /** - * Precision (used only for serialization) - * - * @see self::__sleep() - * @see self::__wakeup() - * @var int - */ - private $precision; - - /** - * Sets engine type. - * - * Throws an exception if the type is invalid - * - * @param string $main - * @param list $modexps optional - * @return void - */ - public static function setEngine($main, array $modexps = ['DefaultEngine']) - { - self::$engines = []; - - $fqmain = 'phpseclib3\\Math\\BigInteger\\Engines\\' . $main; - if (!class_exists($fqmain) || !method_exists($fqmain, 'isValidEngine')) { - throw new \InvalidArgumentException("$main is not a valid engine"); - } - if (!$fqmain::isValidEngine()) { - throw new BadConfigurationException("$main is not setup correctly on this system"); - } - /** @var class-string $fqmain */ - self::$mainEngine = $fqmain; - - $found = false; - foreach ($modexps as $modexp) { - try { - $fqmain::setModExpEngine($modexp); - $found = true; - break; - } catch (\Exception $e) { - } - } - - if (!$found) { - throw new BadConfigurationException("No valid modular exponentiation engine found for $main"); - } - - self::$engines = [$main, $modexp]; - } - - /** - * Returns the engine type - * - * @return string[] - */ - public static function getEngine() - { - self::initialize_static_variables(); - - return self::$engines; - } - - /** - * Initialize static variables - */ - private static function initialize_static_variables() - { - if (!isset(self::$mainEngine)) { - $engines = [ - ['GMP', ['DefaultEngine']], - ['PHP64', ['OpenSSL']], - ['BCMath', ['OpenSSL']], - ['PHP32', ['OpenSSL']], - ['PHP64', ['DefaultEngine']], - ['PHP32', ['DefaultEngine']] - ]; - - foreach ($engines as $engine) { - try { - self::setEngine($engine[0], $engine[1]); - return; - } catch (\Exception $e) { - } - } - - throw new \UnexpectedValueException('No valid BigInteger found. This is only possible when JIT is enabled on Windows and neither the GMP or BCMath extensions are available so either disable JIT or install GMP / BCMath'); - } - } - - /** - * Converts base-2, base-10, base-16, and binary strings (base-256) to BigIntegers. - * - * If the second parameter - $base - is negative, then it will be assumed that the number's are encoded using - * two's compliment. The sole exception to this is -10, which is treated the same as 10 is. - * - * @param string|int|BigInteger\Engines\Engine $x Base-10 number or base-$base number if $base set. - * @param int $base - */ - public function __construct($x = 0, $base = 10) - { - self::initialize_static_variables(); - - if ($x instanceof self::$mainEngine) { - $this->value = clone $x; - } elseif ($x instanceof BigInteger\Engines\Engine) { - $this->value = new static("$x"); - $this->value->setPrecision($x->getPrecision()); - } else { - $this->value = new self::$mainEngine($x, $base); - } - } - - /** - * Converts a BigInteger to a base-10 number. - * - * @return string - */ - public function toString() - { - return $this->value->toString(); - } - - /** - * __toString() magic method - */ - public function __toString() - { - return (string)$this->value; - } - - /** - * __debugInfo() magic method - * - * Will be called, automatically, when print_r() or var_dump() are called - */ - public function __debugInfo() - { - return $this->value->__debugInfo(); - } - - /** - * Converts a BigInteger to a byte string (eg. base-256). - * - * @param bool $twos_compliment - * @return string - */ - public function toBytes($twos_compliment = false) - { - return $this->value->toBytes($twos_compliment); - } - - /** - * Converts a BigInteger to a hex string (eg. base-16). - * - * @param bool $twos_compliment - * @return string - */ - public function toHex($twos_compliment = false) - { - return $this->value->toHex($twos_compliment); - } - - /** - * Converts a BigInteger to a bit string (eg. base-2). - * - * Negative numbers are saved as positive numbers, unless $twos_compliment is set to true, at which point, they're - * saved as two's compliment. - * - * @param bool $twos_compliment - * @return string - */ - public function toBits($twos_compliment = false) - { - return $this->value->toBits($twos_compliment); - } - - /** - * Adds two BigIntegers. - * - * @param BigInteger $y - * @return BigInteger - */ - public function add(BigInteger $y) - { - return new static($this->value->add($y->value)); - } - - /** - * Subtracts two BigIntegers. - * - * @param BigInteger $y - * @return BigInteger - */ - public function subtract(BigInteger $y) - { - return new static($this->value->subtract($y->value)); - } - - /** - * Multiplies two BigIntegers - * - * @param BigInteger $x - * @return BigInteger - */ - public function multiply(BigInteger $x) - { - return new static($this->value->multiply($x->value)); - } - - /** - * Divides two BigIntegers. - * - * Returns an array whose first element contains the quotient and whose second element contains the - * "common residue". If the remainder would be positive, the "common residue" and the remainder are the - * same. If the remainder would be negative, the "common residue" is equal to the sum of the remainder - * and the divisor (basically, the "common residue" is the first positive modulo). - * - * Here's an example: - * - * divide($b); - * - * echo $quotient->toString(); // outputs 0 - * echo "\r\n"; - * echo $remainder->toString(); // outputs 10 - * ?> - * - * - * @param BigInteger $y - * @return BigInteger[] - */ - public function divide(BigInteger $y) - { - list($q, $r) = $this->value->divide($y->value); - return [ - new static($q), - new static($r) - ]; - } - - /** - * Calculates modular inverses. - * - * Say you have (30 mod 17 * x mod 17) mod 17 == 1. x can be found using modular inverses. - * - * @param BigInteger $n - * @return BigInteger - */ - public function modInverse(BigInteger $n) - { - return new static($this->value->modInverse($n->value)); - } - - /** - * Calculates modular inverses. - * - * Say you have (30 mod 17 * x mod 17) mod 17 == 1. x can be found using modular inverses. - * - * @param BigInteger $n - * @return BigInteger[] - */ - public function extendedGCD(BigInteger $n) - { - extract($this->value->extendedGCD($n->value)); - /** - * @var BigInteger $gcd - * @var BigInteger $x - * @var BigInteger $y - */ - return [ - 'gcd' => new static($gcd), - 'x' => new static($x), - 'y' => new static($y) - ]; - } - - /** - * Calculates the greatest common divisor - * - * Say you have 693 and 609. The GCD is 21. - * - * @param BigInteger $n - * @return BigInteger - */ - public function gcd(BigInteger $n) - { - return new static($this->value->gcd($n->value)); - } - - /** - * Absolute value. - * - * @return BigInteger - */ - public function abs() - { - return new static($this->value->abs()); - } - - /** - * Set Precision - * - * Some bitwise operations give different results depending on the precision being used. Examples include left - * shift, not, and rotates. - * - * @param int $bits - */ - public function setPrecision($bits) - { - $this->value->setPrecision($bits); - } - - /** - * Get Precision - * - * Returns the precision if it exists, false if it doesn't - * - * @return int|bool - */ - public function getPrecision() - { - return $this->value->getPrecision(); - } - - /** - * Serialize - * - * Will be called, automatically, when serialize() is called on a BigInteger object. - * - * __sleep() / __wakeup() have been around since PHP 4.0 - * - * \Serializable was introduced in PHP 5.1 and deprecated in PHP 8.1: - * https://wiki.php.net/rfc/phase_out_serializable - * - * __serialize() / __unserialize() were introduced in PHP 7.4: - * https://wiki.php.net/rfc/custom_object_serialization - * - * @return array - */ - public function __sleep() - { - $this->hex = $this->toHex(true); - $vars = ['hex']; - if ($this->getPrecision() > 0) { - $vars[] = 'precision'; - } - return $vars; - } - - /** - * Serialize - * - * Will be called, automatically, when unserialize() is called on a BigInteger object. - */ - public function __wakeup() - { - $temp = new static($this->hex, -16); - $this->value = $temp->value; - if ($this->precision > 0) { - // recalculate $this->bitmask - $this->setPrecision($this->precision); - } - } - - /** - * JSON Serialize - * - * Will be called, automatically, when json_encode() is called on a BigInteger object. - * - * @return array{hex: string, precision?: int] - */ - #[\ReturnTypeWillChange] - public function jsonSerialize() - { - $result = ['hex' => $this->toHex(true)]; - if ($this->precision > 0) { - $result['precision'] = $this->getPrecision(); - } - return $result; - } - - /** - * Performs modular exponentiation. - * - * @param BigInteger $e - * @param BigInteger $n - * @return BigInteger - */ - public function powMod(BigInteger $e, BigInteger $n) - { - return new static($this->value->powMod($e->value, $n->value)); - } - - /** - * Performs modular exponentiation. - * - * @param BigInteger $e - * @param BigInteger $n - * @return BigInteger - */ - public function modPow(BigInteger $e, BigInteger $n) - { - return new static($this->value->modPow($e->value, $n->value)); - } - - /** - * Compares two numbers. - * - * Although one might think !$x->compare($y) means $x != $y, it, in fact, means the opposite. The reason for this - * is demonstrated thusly: - * - * $x > $y: $x->compare($y) > 0 - * $x < $y: $x->compare($y) < 0 - * $x == $y: $x->compare($y) == 0 - * - * Note how the same comparison operator is used. If you want to test for equality, use $x->equals($y). - * - * {@internal Could return $this->subtract($x), but that's not as fast as what we do do.} - * - * @param BigInteger $y - * @return int in case < 0 if $this is less than $y; > 0 if $this is greater than $y, and 0 if they are equal. - * @see self::equals() - */ - public function compare(BigInteger $y) - { - return $this->value->compare($y->value); - } - - /** - * Tests the equality of two numbers. - * - * If you need to see if one number is greater than or less than another number, use BigInteger::compare() - * - * @param BigInteger $x - * @return bool - */ - public function equals(BigInteger $x) - { - return $this->value->equals($x->value); - } - - /** - * Logical Not - * - * @return BigInteger - */ - public function bitwise_not() - { - return new static($this->value->bitwise_not()); - } - - /** - * Logical And - * - * @param BigInteger $x - * @return BigInteger - */ - public function bitwise_and(BigInteger $x) - { - return new static($this->value->bitwise_and($x->value)); - } - - /** - * Logical Or - * - * @param BigInteger $x - * @return BigInteger - */ - public function bitwise_or(BigInteger $x) - { - return new static($this->value->bitwise_or($x->value)); - } - - /** - * Logical Exclusive Or - * - * @param BigInteger $x - * @return BigInteger - */ - public function bitwise_xor(BigInteger $x) - { - return new static($this->value->bitwise_xor($x->value)); - } - - /** - * Logical Right Shift - * - * Shifts BigInteger's by $shift bits, effectively dividing by 2**$shift. - * - * @param int $shift - * @return BigInteger - */ - public function bitwise_rightShift($shift) - { - return new static($this->value->bitwise_rightShift($shift)); - } - - /** - * Logical Left Shift - * - * Shifts BigInteger's by $shift bits, effectively multiplying by 2**$shift. - * - * @param int $shift - * @return BigInteger - */ - public function bitwise_leftShift($shift) - { - return new static($this->value->bitwise_leftShift($shift)); - } - - /** - * Logical Left Rotate - * - * Instead of the top x bits being dropped they're appended to the shifted bit string. - * - * @param int $shift - * @return BigInteger - */ - public function bitwise_leftRotate($shift) - { - return new static($this->value->bitwise_leftRotate($shift)); - } - - /** - * Logical Right Rotate - * - * Instead of the bottom x bits being dropped they're prepended to the shifted bit string. - * - * @param int $shift - * @return BigInteger - */ - public function bitwise_rightRotate($shift) - { - return new static($this->value->bitwise_rightRotate($shift)); - } - - /** - * Returns the smallest and largest n-bit number - * - * @param int $bits - * @return BigInteger[] - */ - public static function minMaxBits($bits) - { - self::initialize_static_variables(); - - $class = self::$mainEngine; - extract($class::minMaxBits($bits)); - /** @var BigInteger $min - * @var BigInteger $max - */ - return [ - 'min' => new static($min), - 'max' => new static($max) - ]; - } - - /** - * Return the size of a BigInteger in bits - * - * @return int - */ - public function getLength() - { - return $this->value->getLength(); - } - - /** - * Return the size of a BigInteger in bytes - * - * @return int - */ - public function getLengthInBytes() - { - return $this->value->getLengthInBytes(); - } - - /** - * Generates a random number of a certain size - * - * Bit length is equal to $size - * - * @param int $size - * @return BigInteger - */ - public static function random($size) - { - self::initialize_static_variables(); - - $class = self::$mainEngine; - return new static($class::random($size)); - } - - /** - * Generates a random prime number of a certain size - * - * Bit length is equal to $size - * - * @param int $size - * @return BigInteger - */ - public static function randomPrime($size) - { - self::initialize_static_variables(); - - $class = self::$mainEngine; - return new static($class::randomPrime($size)); - } - - /** - * Generate a random prime number between a range - * - * If there's not a prime within the given range, false will be returned. - * - * @param BigInteger $min - * @param BigInteger $max - * @return false|BigInteger - */ - public static function randomRangePrime(BigInteger $min, BigInteger $max) - { - $class = self::$mainEngine; - return new static($class::randomRangePrime($min->value, $max->value)); - } - - /** - * Generate a random number between a range - * - * Returns a random number between $min and $max where $min and $max - * can be defined using one of the two methods: - * - * BigInteger::randomRange($min, $max) - * BigInteger::randomRange($max, $min) - * - * @param BigInteger $min - * @param BigInteger $max - * @return BigInteger - */ - public static function randomRange(BigInteger $min, BigInteger $max) - { - $class = self::$mainEngine; - return new static($class::randomRange($min->value, $max->value)); - } - - /** - * Checks a numer to see if it's prime - * - * Assuming the $t parameter is not set, this function has an error rate of 2**-80. The main motivation for the - * $t parameter is distributability. BigInteger::randomPrime() can be distributed across multiple pageloads - * on a website instead of just one. - * - * @param int|bool $t - * @return bool - */ - public function isPrime($t = false) - { - return $this->value->isPrime($t); - } - - /** - * Calculates the nth root of a biginteger. - * - * Returns the nth root of a positive biginteger, where n defaults to 2 - * - * @param int $n optional - * @return BigInteger - */ - public function root($n = 2) - { - return new static($this->value->root($n)); - } - - /** - * Performs exponentiation. - * - * @param BigInteger $n - * @return BigInteger - */ - public function pow(BigInteger $n) - { - return new static($this->value->pow($n->value)); - } - - /** - * Return the minimum BigInteger between an arbitrary number of BigIntegers. - * - * @param BigInteger ...$nums - * @return BigInteger - */ - public static function min(BigInteger ...$nums) - { - $class = self::$mainEngine; - $nums = array_map(function ($num) { - return $num->value; - }, $nums); - return new static($class::min(...$nums)); - } - - /** - * Return the maximum BigInteger between an arbitrary number of BigIntegers. - * - * @param BigInteger ...$nums - * @return BigInteger - */ - public static function max(BigInteger ...$nums) - { - $class = self::$mainEngine; - $nums = array_map(function ($num) { - return $num->value; - }, $nums); - return new static($class::max(...$nums)); - } - - /** - * Tests BigInteger to see if it is between two integers, inclusive - * - * @param BigInteger $min - * @param BigInteger $max - * @return bool - */ - public function between(BigInteger $min, BigInteger $max) - { - return $this->value->between($min->value, $max->value); - } - - /** - * Clone - */ - public function __clone() - { - $this->value = clone $this->value; - } - - /** - * Is Odd? - * - * @return bool - */ - public function isOdd() - { - return $this->value->isOdd(); - } - - /** - * Tests if a bit is set - * - * @param int $x - * @return bool - */ - public function testBit($x) - { - return $this->value->testBit($x); - } - - /** - * Is Negative? - * - * @return bool - */ - public function isNegative() - { - return $this->value->isNegative(); - } - - /** - * Negate - * - * Given $k, returns -$k - * - * @return BigInteger - */ - public function negate() - { - return new static($this->value->negate()); - } - - /** - * Scan for 1 and right shift by that amount - * - * ie. $s = gmp_scan1($n, 0) and $r = gmp_div_q($n, gmp_pow(gmp_init('2'), $s)); - * - * @param BigInteger $r - * @return int - */ - public static function scan1divide(BigInteger $r) - { - $class = self::$mainEngine; - return $class::scan1divide($r->value); - } - - /** - * Create Recurring Modulo Function - * - * Sometimes it may be desirable to do repeated modulos with the same number outside of - * modular exponentiation - * - * @return callable - */ - public function createRecurringModuloFunction() - { - $func = $this->value->createRecurringModuloFunction(); - return function (BigInteger $x) use ($func) { - return new static($func($x->value)); - }; - } - - /** - * Bitwise Split - * - * Splits BigInteger's into chunks of $split bits - * - * @param int $split - * @return BigInteger[] - */ - public function bitwise_split($split) - { - return array_map(function ($val) { - return new static($val); - }, $this->value->bitwise_split($split)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath.php deleted file mode 100644 index 7c5ca9f..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath.php +++ /dev/null @@ -1,697 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Math\BigInteger\Engines; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Exception\BadConfigurationException; - -/** - * BCMath Engine. - * - * @author Jim Wigginton - */ -class BCMath extends Engine -{ - /** - * Can Bitwise operations be done fast? - * - * @see parent::bitwise_leftRotate() - * @see parent::bitwise_rightRotate() - */ - const FAST_BITWISE = false; - - /** - * Engine Directory - * - * @see parent::setModExpEngine - */ - const ENGINE_DIR = 'BCMath'; - - /** - * Test for engine validity - * - * @return bool - * @see parent::__construct() - */ - public static function isValidEngine() - { - return extension_loaded('bcmath'); - } - - /** - * Default constructor - * - * @param mixed $x integer Base-10 number or base-$base number if $base set. - * @param int $base - * @see parent::__construct() - */ - public function __construct($x = 0, $base = 10) - { - if (!isset(static::$isValidEngine[static::class])) { - static::$isValidEngine[static::class] = self::isValidEngine(); - } - if (!static::$isValidEngine[static::class]) { - throw new BadConfigurationException('BCMath is not setup correctly on this system'); - } - - $this->value = '0'; - - parent::__construct($x, $base); - } - - /** - * Initialize a BCMath BigInteger Engine instance - * - * @param int $base - * @see parent::__construct() - */ - protected function initialize($base) - { - switch (abs($base)) { - case 256: - // round $len to the nearest 4 - $len = (strlen($this->value) + 3) & ~3; - - $x = str_pad($this->value, $len, chr(0), STR_PAD_LEFT); - - $this->value = '0'; - for ($i = 0; $i < $len; $i += 4) { - $this->value = bcmul($this->value, '4294967296', 0); // 4294967296 == 2**32 - $this->value = bcadd( - $this->value, - 0x1000000 * ord($x[$i]) + ((ord($x[$i + 1]) << 16) | (ord( - $x[$i + 2] - ) << 8) | ord($x[$i + 3])), - 0 - ); - } - - if ($this->is_negative) { - $this->value = '-' . $this->value; - } - break; - case 16: - $x = (strlen($this->value) & 1) ? '0' . $this->value : $this->value; - $temp = new self(Strings::hex2bin($x), 256); - $this->value = $this->is_negative ? '-' . $temp->value : $temp->value; - $this->is_negative = false; - break; - case 10: - // explicitly casting $x to a string is necessary, here, since doing $x[0] on -1 yields different - // results then doing it on '-1' does (modInverse does $x[0]) - $this->value = $this->value === '-' ? '0' : (string)$this->value; - } - } - - /** - * Converts a BigInteger to a base-10 number. - * - * @return string - */ - public function toString() - { - if ($this->value === '0') { - return '0'; - } - - return ltrim($this->value, '0'); - } - - /** - * Converts a BigInteger to a byte string (eg. base-256). - * - * @param bool $twos_compliment - * @return string - */ - public function toBytes($twos_compliment = false) - { - if ($twos_compliment) { - return $this->toBytesHelper(); - } - - $value = ''; - $current = $this->value; - - if ($current[0] == '-') { - $current = substr($current, 1); - } - - while (bccomp($current, '0', 0) > 0) { - $temp = bcmod($current, '16777216'); - $value = chr($temp >> 16) . chr($temp >> 8) . chr($temp) . $value; - $current = bcdiv($current, '16777216', 0); - } - - return $this->precision > 0 ? - substr(str_pad($value, $this->precision >> 3, chr(0), STR_PAD_LEFT), -($this->precision >> 3)) : - ltrim($value, chr(0)); - } - - /** - * Adds two BigIntegers. - * - * @param BCMath $y - * @return BCMath - */ - public function add(BCMath $y) - { - $temp = new self(); - $temp->value = bcadd($this->value, $y->value); - - return $this->normalize($temp); - } - - /** - * Subtracts two BigIntegers. - * - * @param BCMath $y - * @return BCMath - */ - public function subtract(BCMath $y) - { - $temp = new self(); - $temp->value = bcsub($this->value, $y->value); - - return $this->normalize($temp); - } - - /** - * Multiplies two BigIntegers. - * - * @param BCMath $x - * @return BCMath - */ - public function multiply(BCMath $x) - { - $temp = new self(); - $temp->value = bcmul($this->value, $x->value); - - return $this->normalize($temp); - } - - /** - * Divides two BigIntegers. - * - * Returns an array whose first element contains the quotient and whose second element contains the - * "common residue". If the remainder would be positive, the "common residue" and the remainder are the - * same. If the remainder would be negative, the "common residue" is equal to the sum of the remainder - * and the divisor (basically, the "common residue" is the first positive modulo). - * - * @param BCMath $y - * @return array{static, static} - */ - public function divide(BCMath $y) - { - $quotient = new self(); - $remainder = new self(); - - $quotient->value = bcdiv($this->value, $y->value, 0); - $remainder->value = bcmod($this->value, $y->value); - - if ($remainder->value[0] == '-') { - $remainder->value = bcadd($remainder->value, $y->value[0] == '-' ? substr($y->value, 1) : $y->value, 0); - } - - return [$this->normalize($quotient), $this->normalize($remainder)]; - } - - /** - * Calculates modular inverses. - * - * Say you have (30 mod 17 * x mod 17) mod 17 == 1. x can be found using modular inverses. - * - * @param BCMath $n - * @return false|BCMath - */ - public function modInverse(BCMath $n) - { - return $this->modInverseHelper($n); - } - - /** - * Calculates the greatest common divisor and Bezout's identity. - * - * Say you have 693 and 609. The GCD is 21. Bezout's identity states that there exist integers x and y such that - * 693*x + 609*y == 21. In point of fact, there are actually an infinite number of x and y combinations and which - * combination is returned is dependent upon which mode is in use. See - * {@link http://en.wikipedia.org/wiki/B%C3%A9zout%27s_identity Bezout's identity - Wikipedia} for more information. - * - * @param BCMath $n - * @return array{gcd: static, x: static, y: static} - */ - public function extendedGCD(BCMath $n) - { - // it might be faster to use the binary xGCD algorithim here, as well, but (1) that algorithim works - // best when the base is a power of 2 and (2) i don't think it'd make much difference, anyway. as is, - // the basic extended euclidean algorithim is what we're using. - - $u = $this->value; - $v = $n->value; - - $a = '1'; - $b = '0'; - $c = '0'; - $d = '1'; - - while (bccomp($v, '0', 0) != 0) { - $q = bcdiv($u, $v, 0); - - $temp = $u; - $u = $v; - $v = bcsub($temp, bcmul($v, $q, 0), 0); - - $temp = $a; - $a = $c; - $c = bcsub($temp, bcmul($a, $q, 0), 0); - - $temp = $b; - $b = $d; - $d = bcsub($temp, bcmul($b, $q, 0), 0); - } - - return [ - 'gcd' => $this->normalize(new static($u)), - 'x' => $this->normalize(new static($a)), - 'y' => $this->normalize(new static($b)) - ]; - } - - /** - * Calculates the greatest common divisor - * - * Say you have 693 and 609. The GCD is 21. - * - * @param BCMath $n - * @return BCMath - */ - public function gcd(BCMath $n) - { - extract($this->extendedGCD($n)); - /** @var BCMath $gcd */ - return $gcd; - } - - /** - * Absolute value. - * - * @return BCMath - */ - public function abs() - { - $temp = new static(); - $temp->value = strlen($this->value) && $this->value[0] == '-' ? - substr($this->value, 1) : - $this->value; - - return $temp; - } - - /** - * Logical And - * - * @param BCMath $x - * @return BCMath - */ - public function bitwise_and(BCMath $x) - { - return $this->bitwiseAndHelper($x); - } - - /** - * Logical Or - * - * @param BCMath $x - * @return BCMath - */ - public function bitwise_or(BCMath $x) - { - return $this->bitwiseXorHelper($x); - } - - /** - * Logical Exclusive Or - * - * @param BCMath $x - * @return BCMath - */ - public function bitwise_xor(BCMath $x) - { - return $this->bitwiseXorHelper($x); - } - - /** - * Logical Right Shift - * - * Shifts BigInteger's by $shift bits, effectively dividing by 2**$shift. - * - * @param int $shift - * @return BCMath - */ - public function bitwise_rightShift($shift) - { - $temp = new static(); - $temp->value = bcdiv($this->value, bcpow('2', $shift, 0), 0); - - return $this->normalize($temp); - } - - /** - * Logical Left Shift - * - * Shifts BigInteger's by $shift bits, effectively multiplying by 2**$shift. - * - * @param int $shift - * @return BCMath - */ - public function bitwise_leftShift($shift) - { - $temp = new static(); - $temp->value = bcmul($this->value, bcpow('2', $shift, 0), 0); - - return $this->normalize($temp); - } - - /** - * Compares two numbers. - * - * Although one might think !$x->compare($y) means $x != $y, it, in fact, means the opposite. The reason for this - * is demonstrated thusly: - * - * $x > $y: $x->compare($y) > 0 - * $x < $y: $x->compare($y) < 0 - * $x == $y: $x->compare($y) == 0 - * - * Note how the same comparison operator is used. If you want to test for equality, use $x->equals($y). - * - * {@internal Could return $this->subtract($x), but that's not as fast as what we do do.} - * - * @param BCMath $y - * @return int in case < 0 if $this is less than $y; > 0 if $this is greater than $y, and 0 if they are equal. - * @see self::equals() - */ - public function compare(BCMath $y) - { - return bccomp($this->value, $y->value, 0); - } - - /** - * Tests the equality of two numbers. - * - * If you need to see if one number is greater than or less than another number, use BigInteger::compare() - * - * @param BCMath $x - * @return bool - */ - public function equals(BCMath $x) - { - return $this->value == $x->value; - } - - /** - * Performs modular exponentiation. - * - * @param BCMath $e - * @param BCMath $n - * @return BCMath - */ - public function modPow(BCMath $e, BCMath $n) - { - return $this->powModOuter($e, $n); - } - - /** - * Performs modular exponentiation. - * - * Alias for modPow(). - * - * @param BCMath $e - * @param BCMath $n - * @return BCMath - */ - public function powMod(BCMath $e, BCMath $n) - { - return $this->powModOuter($e, $n); - } - - /** - * Performs modular exponentiation. - * - * @param BCMath $e - * @param BCMath $n - * @return BCMath - */ - protected function powModInner(BCMath $e, BCMath $n) - { - try { - $class = static::$modexpEngine[static::class]; - return $class::powModHelper($this, $e, $n, static::class); - } catch (\Exception $err) { - return BCMath\DefaultEngine::powModHelper($this, $e, $n, static::class); - } - } - - /** - * Normalize - * - * Removes leading zeros and truncates (if necessary) to maintain the appropriate precision - * - * @param BCMath $result - * @return BCMath - */ - protected function normalize(BCMath $result) - { - $result->precision = $this->precision; - $result->bitmask = $this->bitmask; - - if ($result->bitmask !== false) { - $result->value = bcmod($result->value, $result->bitmask->value); - } - - return $result; - } - - /** - * Generate a random prime number between a range - * - * If there's not a prime within the given range, false will be returned. - * - * @param BCMath $min - * @param BCMath $max - * @return false|BCMath - */ - public static function randomRangePrime(BCMath $min, BCMath $max) - { - return self::randomRangePrimeOuter($min, $max); - } - - /** - * Generate a random number between a range - * - * Returns a random number between $min and $max where $min and $max - * can be defined using one of the two methods: - * - * BigInteger::randomRange($min, $max) - * BigInteger::randomRange($max, $min) - * - * @param BCMath $min - * @param BCMath $max - * @return BCMath - */ - public static function randomRange(BCMath $min, BCMath $max) - { - return self::randomRangeHelper($min, $max); - } - - /** - * Make the current number odd - * - * If the current number is odd it'll be unchanged. If it's even, one will be added to it. - * - * @see self::randomPrime() - */ - protected function make_odd() - { - if (!$this->isOdd()) { - $this->value = bcadd($this->value, '1'); - } - } - - /** - * Test the number against small primes. - * - * @see self::isPrime() - */ - protected function testSmallPrimes() - { - if ($this->value === '1') { - return false; - } - if ($this->value === '2') { - return true; - } - if ($this->value[strlen($this->value) - 1] % 2 == 0) { - return false; - } - - $value = $this->value; - - foreach (self::PRIMES as $prime) { - $r = bcmod($this->value, $prime); - if ($r == '0') { - return $this->value == $prime; - } - } - - return true; - } - - /** - * Scan for 1 and right shift by that amount - * - * ie. $s = gmp_scan1($n, 0) and $r = gmp_div_q($n, gmp_pow(gmp_init('2'), $s)); - * - * @param BCMath $r - * @return int - * @see self::isPrime() - */ - public static function scan1divide(BCMath $r) - { - $r_value = &$r->value; - $s = 0; - // if $n was 1, $r would be 0 and this would be an infinite loop, hence our $this->equals(static::$one[static::class]) check earlier - while ($r_value[strlen($r_value) - 1] % 2 == 0) { - $r_value = bcdiv($r_value, '2', 0); - ++$s; - } - - return $s; - } - - /** - * Performs exponentiation. - * - * @param BCMath $n - * @return BCMath - */ - public function pow(BCMath $n) - { - $temp = new self(); - $temp->value = bcpow($this->value, $n->value); - - return $this->normalize($temp); - } - - /** - * Return the minimum BigInteger between an arbitrary number of BigIntegers. - * - * @param BCMath ...$nums - * @return BCMath - */ - public static function min(BCMath ...$nums) - { - return self::minHelper($nums); - } - - /** - * Return the maximum BigInteger between an arbitrary number of BigIntegers. - * - * @param BCMath ...$nums - * @return BCMath - */ - public static function max(BCMath ...$nums) - { - return self::maxHelper($nums); - } - - /** - * Tests BigInteger to see if it is between two integers, inclusive - * - * @param BCMath $min - * @param BCMath $max - * @return bool - */ - public function between(BCMath $min, BCMath $max) - { - return $this->compare($min) >= 0 && $this->compare($max) <= 0; - } - - /** - * Set Bitmask - * - * @param int $bits - * @return Engine - * @see self::setPrecision() - */ - protected static function setBitmask($bits) - { - $temp = parent::setBitmask($bits); - return $temp->add(static::$one[static::class]); - } - - /** - * Is Odd? - * - * @return bool - */ - public function isOdd() - { - return $this->value[strlen($this->value) - 1] % 2 == 1; - } - - /** - * Tests if a bit is set - * - * @return bool - */ - public function testBit($x) - { - return bccomp( - bcmod($this->value, bcpow('2', $x + 1, 0)), - bcpow('2', $x, 0), - 0 - ) >= 0; - } - - /** - * Is Negative? - * - * @return bool - */ - public function isNegative() - { - return strlen($this->value) && $this->value[0] == '-'; - } - - /** - * Negate - * - * Given $k, returns -$k - * - * @return BCMath - */ - public function negate() - { - $temp = clone $this; - - if (!strlen($temp->value)) { - return $temp; - } - - $temp->value = $temp->value[0] == '-' ? - substr($this->value, 1) : - '-' . $this->value; - - return $temp; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Base.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Base.php deleted file mode 100644 index fe21e04..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Base.php +++ /dev/null @@ -1,110 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Math\BigInteger\Engines\BCMath; - -use phpseclib3\Math\BigInteger\Engines\BCMath; - -/** - * Sliding Window Exponentiation Engine - * - * @author Jim Wigginton - */ -abstract class Base extends BCMath -{ - /** - * Cache constants - * - * $cache[self::VARIABLE] tells us whether or not the cached data is still valid. - * - */ - const VARIABLE = 0; - /** - * $cache[self::DATA] contains the cached data. - * - */ - const DATA = 1; - - /** - * Test for engine validity - * - * @return bool - */ - public static function isValidEngine() - { - return static::class != __CLASS__; - } - - /** - * Performs modular exponentiation. - * - * @param BCMath $x - * @param BCMath $e - * @param BCMath $n - * @param string $class - * @return BCMath - */ - protected static function powModHelper(BCMath $x, BCMath $e, BCMath $n, $class) - { - if (empty($e->value)) { - $temp = new $class(); - $temp->value = '1'; - return $x->normalize($temp); - } - - return $x->normalize(static::slidingWindow($x, $e, $n, $class)); - } - - /** - * Modular reduction preparation - * - * @param string $x - * @param string $n - * @param string $class - * @see self::slidingWindow() - * @return string - */ - protected static function prepareReduce($x, $n, $class) - { - return static::reduce($x, $n); - } - - /** - * Modular multiply - * - * @param string $x - * @param string $y - * @param string $n - * @param string $class - * @see self::slidingWindow() - * @return string - */ - protected static function multiplyReduce($x, $y, $n, $class) - { - return static::reduce(bcmul($x, $y), $n); - } - - /** - * Modular square - * - * @param string $x - * @param string $n - * @param string $class - * @see self::slidingWindow() - * @return string - */ - protected static function squareReduce($x, $n, $class) - { - return static::reduce(bcmul($x, $x), $n); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/BuiltIn.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/BuiltIn.php deleted file mode 100644 index b7ca8a2..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/BuiltIn.php +++ /dev/null @@ -1,40 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Math\BigInteger\Engines\BCMath; - -use phpseclib3\Math\BigInteger\Engines\BCMath; - -/** - * Built-In BCMath Modular Exponentiation Engine - * - * @author Jim Wigginton - */ -abstract class BuiltIn extends BCMath -{ - /** - * Performs modular exponentiation. - * - * @param BCMath $x - * @param BCMath $e - * @param BCMath $n - * @return BCMath - */ - protected static function powModHelper(BCMath $x, BCMath $e, BCMath $n) - { - $temp = new BCMath(); - $temp->value = bcpowmod($x->value, $e->value, $n->value); - - return $x->normalize($temp); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/DefaultEngine.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/DefaultEngine.php deleted file mode 100644 index b2d9fa9..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/DefaultEngine.php +++ /dev/null @@ -1,25 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Math\BigInteger\Engines\BCMath; - -use phpseclib3\Math\BigInteger\Engines\BCMath\Reductions\Barrett; - -/** - * PHP Default Modular Exponentiation Engine - * - * @author Jim Wigginton - */ -abstract class DefaultEngine extends Barrett -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/OpenSSL.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/OpenSSL.php deleted file mode 100644 index aed9494..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/OpenSSL.php +++ /dev/null @@ -1,25 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Math\BigInteger\Engines\BCMath; - -use phpseclib3\Math\BigInteger\Engines\OpenSSL as Progenitor; - -/** - * OpenSSL Modular Exponentiation Engine - * - * @author Jim Wigginton - */ -abstract class OpenSSL extends Progenitor -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/Barrett.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/Barrett.php deleted file mode 100644 index 0fb7eae..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/Barrett.php +++ /dev/null @@ -1,187 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Math\BigInteger\Engines\BCMath\Reductions; - -use phpseclib3\Math\BigInteger\Engines\BCMath\Base; - -/** - * PHP Barrett Modular Exponentiation Engine - * - * @author Jim Wigginton - */ -abstract class Barrett extends Base -{ - /** - * Cache constants - * - * $cache[self::VARIABLE] tells us whether or not the cached data is still valid. - * - */ - const VARIABLE = 0; - /** - * $cache[self::DATA] contains the cached data. - * - */ - const DATA = 1; - - /** - * Barrett Modular Reduction - * - * See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=14 HAC 14.3.3} / - * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=165 MPM 6.2.5} for more information. Modified slightly, - * so as not to require negative numbers (initially, this script didn't support negative numbers). - * - * Employs "folding", as described at - * {@link http://www.cosic.esat.kuleuven.be/publications/thesis-149.pdf#page=66 thesis-149.pdf#page=66}. To quote from - * it, "the idea [behind folding] is to find a value x' such that x (mod m) = x' (mod m), with x' being smaller than x." - * - * Unfortunately, the "Barrett Reduction with Folding" algorithm described in thesis-149.pdf is not, as written, all that - * usable on account of (1) its not using reasonable radix points as discussed in - * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=162 MPM 6.2.2} and (2) the fact that, even with reasonable - * radix points, it only works when there are an even number of digits in the denominator. The reason for (2) is that - * (x >> 1) + (x >> 1) != x / 2 + x / 2. If x is even, they're the same, but if x is odd, they're not. See the in-line - * comments for details. - * - * @param string $n - * @param string $m - * @return string - */ - protected static function reduce($n, $m) - { - static $cache = [ - self::VARIABLE => [], - self::DATA => [] - ]; - - $m_length = strlen($m); - - if (strlen($n) > 2 * $m_length) { - return bcmod($n, $m); - } - - // if (m.length >> 1) + 2 <= m.length then m is too small and n can't be reduced - if ($m_length < 5) { - return self::regularBarrett($n, $m); - } - // n = 2 * m.length - - if (($key = array_search($m, $cache[self::VARIABLE])) === false) { - $key = count($cache[self::VARIABLE]); - $cache[self::VARIABLE][] = $m; - - $lhs = '1' . str_repeat('0', $m_length + ($m_length >> 1)); - $u = bcdiv($lhs, $m, 0); - $m1 = bcsub($lhs, bcmul($u, $m)); - - $cache[self::DATA][] = [ - 'u' => $u, // m.length >> 1 (technically (m.length >> 1) + 1) - 'm1' => $m1 // m.length - ]; - } else { - extract($cache[self::DATA][$key]); - } - - $cutoff = $m_length + ($m_length >> 1); - - $lsd = substr($n, -$cutoff); - $msd = substr($n, 0, -$cutoff); - - $temp = bcmul($msd, $m1); // m.length + (m.length >> 1) - $n = bcadd($lsd, $temp); // m.length + (m.length >> 1) + 1 (so basically we're adding two same length numbers) - //if ($m_length & 1) { - // return self::regularBarrett($n, $m); - //} - - // (m.length + (m.length >> 1) + 1) - (m.length - 1) == (m.length >> 1) + 2 - $temp = substr($n, 0, -$m_length + 1); - // if even: ((m.length >> 1) + 2) + (m.length >> 1) == m.length + 2 - // if odd: ((m.length >> 1) + 2) + (m.length >> 1) == (m.length - 1) + 2 == m.length + 1 - $temp = bcmul($temp, $u); - // if even: (m.length + 2) - ((m.length >> 1) + 1) = m.length - (m.length >> 1) + 1 - // if odd: (m.length + 1) - ((m.length >> 1) + 1) = m.length - (m.length >> 1) - $temp = substr($temp, 0, -($m_length >> 1) - 1); - // if even: (m.length - (m.length >> 1) + 1) + m.length = 2 * m.length - (m.length >> 1) + 1 - // if odd: (m.length - (m.length >> 1)) + m.length = 2 * m.length - (m.length >> 1) - $temp = bcmul($temp, $m); - - // at this point, if m had an odd number of digits, we'd be subtracting a 2 * m.length - (m.length >> 1) digit - // number from a m.length + (m.length >> 1) + 1 digit number. ie. there'd be an extra digit and the while loop - // following this comment would loop a lot (hence our calling _regularBarrett() in that situation). - - $result = bcsub($n, $temp); - - //if (bccomp($result, '0') < 0) { - if ($result[0] == '-') { - $temp = '1' . str_repeat('0', $m_length + 1); - $result = bcadd($result, $temp); - } - - while (bccomp($result, $m) >= 0) { - $result = bcsub($result, $m); - } - - return $result; - } - - /** - * (Regular) Barrett Modular Reduction - * - * For numbers with more than four digits BigInteger::_barrett() is faster. The difference between that and this - * is that this function does not fold the denominator into a smaller form. - * - * @param string $x - * @param string $n - * @return string - */ - private static function regularBarrett($x, $n) - { - static $cache = [ - self::VARIABLE => [], - self::DATA => [] - ]; - - $n_length = strlen($n); - - if (strlen($x) > 2 * $n_length) { - return bcmod($x, $n); - } - - if (($key = array_search($n, $cache[self::VARIABLE])) === false) { - $key = count($cache[self::VARIABLE]); - $cache[self::VARIABLE][] = $n; - $lhs = '1' . str_repeat('0', 2 * $n_length); - $cache[self::DATA][] = bcdiv($lhs, $n, 0); - } - - $temp = substr($x, 0, -$n_length + 1); - $temp = bcmul($temp, $cache[self::DATA][$key]); - $temp = substr($temp, 0, -$n_length - 1); - - $r1 = substr($x, -$n_length - 1); - $r2 = substr(bcmul($temp, $n), -$n_length - 1); - $result = bcsub($r1, $r2); - - //if (bccomp($result, '0') < 0) { - if ($result[0] == '-') { - $q = '1' . str_repeat('0', $n_length + 1); - $result = bcadd($result, $q); - } - - while (bccomp($result, $n) >= 0) { - $result = bcsub($result, $n); - } - - return $result; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/EvalBarrett.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/EvalBarrett.php deleted file mode 100644 index e033ba5..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/EvalBarrett.php +++ /dev/null @@ -1,108 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Math\BigInteger\Engines\BCMath\Reductions; - -use phpseclib3\Math\BigInteger\Engines\BCMath; -use phpseclib3\Math\BigInteger\Engines\BCMath\Base; - -/** - * PHP Barrett Modular Exponentiation Engine - * - * @author Jim Wigginton - */ -abstract class EvalBarrett extends Base -{ - /** - * Custom Reduction Function - * - * @see self::generateCustomReduction - */ - private static $custom_reduction; - - /** - * Barrett Modular Reduction - * - * This calls a dynamically generated loop unrolled function that's specific to a given modulo. - * Array lookups are avoided as are if statements testing for how many bits the host OS supports, etc. - * - * @param string $n - * @param string $m - * @return string - */ - protected static function reduce($n, $m) - { - $inline = self::$custom_reduction; - return $inline($n); - } - - /** - * Generate Custom Reduction - * - * @param BCMath $m - * @param string $class - * @return callable|void - */ - protected static function generateCustomReduction(BCMath $m, $class) - { - $m_length = strlen($m); - - if ($m_length < 5) { - $code = 'return bcmod($x, $n);'; - eval('$func = function ($n) { ' . $code . '};'); - self::$custom_reduction = $func; - return; - } - - $lhs = '1' . str_repeat('0', $m_length + ($m_length >> 1)); - $u = bcdiv($lhs, $m, 0); - $m1 = bcsub($lhs, bcmul($u, $m)); - - $cutoff = $m_length + ($m_length >> 1); - - $m = "'$m'"; - $u = "'$u'"; - $m1 = "'$m1'"; - - $code = ' - $lsd = substr($n, -' . $cutoff . '); - $msd = substr($n, 0, -' . $cutoff . '); - - $temp = bcmul($msd, ' . $m1 . '); - $n = bcadd($lsd, $temp); - - $temp = substr($n, 0, ' . (-$m_length + 1) . '); - $temp = bcmul($temp, ' . $u . '); - $temp = substr($temp, 0, ' . (-($m_length >> 1) - 1) . '); - $temp = bcmul($temp, ' . $m . '); - - $result = bcsub($n, $temp); - - if ($result[0] == \'-\') { - $temp = \'1' . str_repeat('0', $m_length + 1) . '\'; - $result = bcadd($result, $temp); - } - - while (bccomp($result, ' . $m . ') >= 0) { - $result = bcsub($result, ' . $m . '); - } - - return $result;'; - - eval('$func = function ($n) { ' . $code . '};'); - - self::$custom_reduction = $func; - - return $func; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/Engine.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/Engine.php deleted file mode 100644 index abdf3b4..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/Engine.php +++ /dev/null @@ -1,1285 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Math\BigInteger\Engines; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\Random; -use phpseclib3\Exception\BadConfigurationException; -use phpseclib3\Math\BigInteger; - -/** - * Base Engine. - * - * @author Jim Wigginton - */ -abstract class Engine implements \JsonSerializable -{ - /* final protected */ const PRIMES = [ - 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, - 61, 67, 71, 73, 79, 83, 89, 97, 101, 103, 107, 109, 113, 127, 131, 137, - 139, 149, 151, 157, 163, 167, 173, 179, 181, 191, 193, 197, 199, 211, 223, 227, - 229, 233, 239, 241, 251, 257, 263, 269, 271, 277, 281, 283, 293, 307, 311, 313, - 317, 331, 337, 347, 349, 353, 359, 367, 373, 379, 383, 389, 397, 401, 409, 419, - 421, 431, 433, 439, 443, 449, 457, 461, 463, 467, 479, 487, 491, 499, 503, 509, - 521, 523, 541, 547, 557, 563, 569, 571, 577, 587, 593, 599, 601, 607, 613, 617, - 619, 631, 641, 643, 647, 653, 659, 661, 673, 677, 683, 691, 701, 709, 719, 727, - 733, 739, 743, 751, 757, 761, 769, 773, 787, 797, 809, 811, 821, 823, 827, 829, - 839, 853, 857, 859, 863, 877, 881, 883, 887, 907, 911, 919, 929, 937, 941, 947, - 953, 967, 971, 977, 983, 991, 997, - ]; - - /** - * BigInteger(0) - * - * @var array, static> - */ - protected static $zero = []; - - /** - * BigInteger(1) - * - * @var array, static> - */ - protected static $one = []; - - /** - * BigInteger(2) - * - * @var array, static> - */ - protected static $two = []; - - /** - * Modular Exponentiation Engine - * - * @var array, class-string> - */ - protected static $modexpEngine; - - /** - * Engine Validity Flag - * - * @var array, bool> - */ - protected static $isValidEngine; - - /** - * Holds the BigInteger's value - * - * @var \GMP|string|array|int - */ - protected $value; - - /** - * Holds the BigInteger's sign - * - * @var bool - */ - protected $is_negative; - - /** - * Precision - * - * @see static::setPrecision() - * @var int - */ - protected $precision = -1; - - /** - * Precision Bitmask - * - * @see static::setPrecision() - * @var static|false - */ - protected $bitmask = false; - - /** - * Recurring Modulo Function - * - * @var callable - */ - protected $reduce; - - /** - * Mode independent value used for serialization. - * - * @see self::__sleep() - * @see self::__wakeup() - * @var string - */ - protected $hex; - - /** - * Default constructor - * - * @param int|numeric-string $x integer Base-10 number or base-$base number if $base set. - * @param int $base - */ - public function __construct($x = 0, $base = 10) - { - if (!array_key_exists(static::class, static::$zero)) { - static::$zero[static::class] = null; // Placeholder to prevent infinite loop. - static::$zero[static::class] = new static(0); - static::$one[static::class] = new static(1); - static::$two[static::class] = new static(2); - } - - // '0' counts as empty() but when the base is 256 '0' is equal to ord('0') or 48 - // '0' is the only value like this per http://php.net/empty - if (empty($x) && (abs($base) != 256 || $x !== '0')) { - return; - } - - switch ($base) { - case -256: - case 256: - if ($base == -256 && (ord($x[0]) & 0x80)) { - $this->value = ~$x; - $this->is_negative = true; - } else { - $this->value = $x; - $this->is_negative = false; - } - - $this->initialize($base); - - if ($this->is_negative) { - $temp = $this->add(new static('-1')); - $this->value = $temp->value; - } - break; - case -16: - case 16: - if ($base > 0 && $x[0] == '-') { - $this->is_negative = true; - $x = substr($x, 1); - } - - $x = preg_replace('#^(?:0x)?([A-Fa-f0-9]*).*#s', '$1', $x); - - $is_negative = false; - if ($base < 0 && hexdec($x[0]) >= 8) { - $this->is_negative = $is_negative = true; - $x = Strings::bin2hex(~Strings::hex2bin($x)); - } - - $this->value = $x; - $this->initialize($base); - - if ($is_negative) { - $temp = $this->add(new static('-1')); - $this->value = $temp->value; - } - break; - case -10: - case 10: - // (?value = preg_replace('#(?value) || $this->value == '-') { - $this->value = '0'; - } - $this->initialize($base); - break; - case -2: - case 2: - if ($base > 0 && $x[0] == '-') { - $this->is_negative = true; - $x = substr($x, 1); - } - - $x = preg_replace('#^([01]*).*#s', '$1', $x); - - $temp = new static(Strings::bits2bin($x), 128 * $base); // ie. either -16 or +16 - $this->value = $temp->value; - if ($temp->is_negative) { - $this->is_negative = true; - } - - break; - default: - // base not supported, so we'll let $this == 0 - } - } - - /** - * Sets engine type. - * - * Throws an exception if the type is invalid - * - * @param class-string $engine - */ - public static function setModExpEngine($engine) - { - $fqengine = '\\phpseclib3\\Math\\BigInteger\\Engines\\' . static::ENGINE_DIR . '\\' . $engine; - if (!class_exists($fqengine) || !method_exists($fqengine, 'isValidEngine')) { - throw new \InvalidArgumentException("$engine is not a valid engine"); - } - if (!$fqengine::isValidEngine()) { - throw new BadConfigurationException("$engine is not setup correctly on this system"); - } - static::$modexpEngine[static::class] = $fqengine; - } - - /** - * Converts a BigInteger to a byte string (eg. base-256). - * - * Negative numbers are saved as positive numbers, unless $twos_compliment is set to true, at which point, they're - * saved as two's compliment. - * @return string - */ - protected function toBytesHelper() - { - $comparison = $this->compare(new static()); - if ($comparison == 0) { - return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : ''; - } - - $temp = $comparison < 0 ? $this->add(new static(1)) : $this; - $bytes = $temp->toBytes(); - - if (!strlen($bytes)) { // eg. if the number we're trying to convert is -1 - $bytes = chr(0); - } - - if (ord($bytes[0]) & 0x80) { - $bytes = chr(0) . $bytes; - } - - return $comparison < 0 ? ~$bytes : $bytes; - } - - /** - * Converts a BigInteger to a hex string (eg. base-16). - * - * @param bool $twos_compliment - * @return string - */ - public function toHex($twos_compliment = false) - { - return Strings::bin2hex($this->toBytes($twos_compliment)); - } - - /** - * Converts a BigInteger to a bit string (eg. base-2). - * - * Negative numbers are saved as positive numbers, unless $twos_compliment is set to true, at which point, they're - * saved as two's compliment. - * - * @param bool $twos_compliment - * @return string - */ - public function toBits($twos_compliment = false) - { - $hex = $this->toBytes($twos_compliment); - $bits = Strings::bin2bits($hex); - - $result = $this->precision > 0 ? substr($bits, -$this->precision) : ltrim($bits, '0'); - - if ($twos_compliment && $this->compare(new static()) > 0 && $this->precision <= 0) { - return '0' . $result; - } - - return $result; - } - - /** - * Calculates modular inverses. - * - * Say you have (30 mod 17 * x mod 17) mod 17 == 1. x can be found using modular inverses. - * - * {@internal See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=21 HAC 14.64} for more information.} - * - * @param Engine $n - * @return static|false - */ - protected function modInverseHelper(Engine $n) - { - // $x mod -$n == $x mod $n. - $n = $n->abs(); - - if ($this->compare(static::$zero[static::class]) < 0) { - $temp = $this->abs(); - $temp = $temp->modInverse($n); - return $this->normalize($n->subtract($temp)); - } - - extract($this->extendedGCD($n)); - /** - * @var Engine $gcd - * @var Engine $x - */ - - if (!$gcd->equals(static::$one[static::class])) { - return false; - } - - $x = $x->compare(static::$zero[static::class]) < 0 ? $x->add($n) : $x; - - return $this->compare(static::$zero[static::class]) < 0 ? $this->normalize($n->subtract($x)) : $this->normalize($x); - } - - /** - * Serialize - * - * Will be called, automatically, when serialize() is called on a BigInteger object. - * - * @return array - */ - public function __sleep() - { - $this->hex = $this->toHex(true); - $vars = ['hex']; - if ($this->precision > 0) { - $vars[] = 'precision'; - } - return $vars; - } - - /** - * Serialize - * - * Will be called, automatically, when unserialize() is called on a BigInteger object. - * - * @return void - */ - public function __wakeup() - { - $temp = new static($this->hex, -16); - $this->value = $temp->value; - $this->is_negative = $temp->is_negative; - if ($this->precision > 0) { - // recalculate $this->bitmask - $this->setPrecision($this->precision); - } - } - - /** - * JSON Serialize - * - * Will be called, automatically, when json_encode() is called on a BigInteger object. - * - * @return array{hex: string, precision?: int] - */ - #[\ReturnTypeWillChange] - public function jsonSerialize() - { - $result = ['hex' => $this->toHex(true)]; - if ($this->precision > 0) { - $result['precision'] = $this->precision; - } - return $result; - } - - /** - * Converts a BigInteger to a base-10 number. - * - * @return string - */ - public function __toString() - { - return $this->toString(); - } - - /** - * __debugInfo() magic method - * - * Will be called, automatically, when print_r() or var_dump() are called - * - * @return array - */ - public function __debugInfo() - { - $result = [ - 'value' => '0x' . $this->toHex(true), - 'engine' => basename(static::class) - ]; - return $this->precision > 0 ? $result + ['precision' => $this->precision] : $result; - } - - /** - * Set Precision - * - * Some bitwise operations give different results depending on the precision being used. Examples include left - * shift, not, and rotates. - * - * @param int $bits - */ - public function setPrecision($bits) - { - if ($bits < 1) { - $this->precision = -1; - $this->bitmask = false; - - return; - } - $this->precision = $bits; - $this->bitmask = static::setBitmask($bits); - - $temp = $this->normalize($this); - $this->value = $temp->value; - } - - /** - * Get Precision - * - * Returns the precision if it exists, -1 if it doesn't - * - * @return int - */ - public function getPrecision() - { - return $this->precision; - } - - /** - * Set Bitmask - * @return static - * @param int $bits - * @see self::setPrecision() - */ - protected static function setBitmask($bits) - { - return new static(chr((1 << ($bits & 0x7)) - 1) . str_repeat(chr(0xFF), $bits >> 3), 256); - } - - /** - * Logical Not - * - * @return Engine|string - */ - public function bitwise_not() - { - // calculuate "not" without regard to $this->precision - // (will always result in a smaller number. ie. ~1 isn't 1111 1110 - it's 0) - $temp = $this->toBytes(); - if ($temp == '') { - return $this->normalize(static::$zero[static::class]); - } - $pre_msb = decbin(ord($temp[0])); - $temp = ~$temp; - $msb = decbin(ord($temp[0])); - if (strlen($msb) == 8) { - $msb = substr($msb, strpos($msb, '0')); - } - $temp[0] = chr(bindec($msb)); - - // see if we need to add extra leading 1's - $current_bits = strlen($pre_msb) + 8 * strlen($temp) - 8; - $new_bits = $this->precision - $current_bits; - if ($new_bits <= 0) { - return $this->normalize(new static($temp, 256)); - } - - // generate as many leading 1's as we need to. - $leading_ones = chr((1 << ($new_bits & 0x7)) - 1) . str_repeat(chr(0xFF), $new_bits >> 3); - - self::base256_lshift($leading_ones, $current_bits); - - $temp = str_pad($temp, strlen($leading_ones), chr(0), STR_PAD_LEFT); - - return $this->normalize(new static($leading_ones | $temp, 256)); - } - - /** - * Logical Left Shift - * - * Shifts binary strings $shift bits, essentially multiplying by 2**$shift. - * - * @param string $x - * @param int $shift - * @return void - */ - protected static function base256_lshift(&$x, $shift) - { - if ($shift == 0) { - return; - } - - $num_bytes = $shift >> 3; // eg. floor($shift/8) - $shift &= 7; // eg. $shift % 8 - - $carry = 0; - for ($i = strlen($x) - 1; $i >= 0; --$i) { - $temp = ord($x[$i]) << $shift | $carry; - $x[$i] = chr($temp); - $carry = $temp >> 8; - } - $carry = ($carry != 0) ? chr($carry) : ''; - $x = $carry . $x . str_repeat(chr(0), $num_bytes); - } - - /** - * Logical Left Rotate - * - * Instead of the top x bits being dropped they're appended to the shifted bit string. - * - * @param int $shift - * @return Engine - */ - public function bitwise_leftRotate($shift) - { - $bits = $this->toBytes(); - - if ($this->precision > 0) { - $precision = $this->precision; - if (static::FAST_BITWISE) { - $mask = $this->bitmask->toBytes(); - } else { - $mask = $this->bitmask->subtract(new static(1)); - $mask = $mask->toBytes(); - } - } else { - $temp = ord($bits[0]); - for ($i = 0; $temp >> $i; ++$i) { - } - $precision = 8 * strlen($bits) - 8 + $i; - $mask = chr((1 << ($precision & 0x7)) - 1) . str_repeat(chr(0xFF), $precision >> 3); - } - - if ($shift < 0) { - $shift += $precision; - } - $shift %= $precision; - - if (!$shift) { - return clone $this; - } - - $left = $this->bitwise_leftShift($shift); - $left = $left->bitwise_and(new static($mask, 256)); - $right = $this->bitwise_rightShift($precision - $shift); - $result = static::FAST_BITWISE ? $left->bitwise_or($right) : $left->add($right); - return $this->normalize($result); - } - - /** - * Logical Right Rotate - * - * Instead of the bottom x bits being dropped they're prepended to the shifted bit string. - * - * @param int $shift - * @return Engine - */ - public function bitwise_rightRotate($shift) - { - return $this->bitwise_leftRotate(-$shift); - } - - /** - * Returns the smallest and largest n-bit number - * - * @param int $bits - * @return array{min: static, max: static} - */ - public static function minMaxBits($bits) - { - $bytes = $bits >> 3; - $min = str_repeat(chr(0), $bytes); - $max = str_repeat(chr(0xFF), $bytes); - $msb = $bits & 7; - if ($msb) { - $min = chr(1 << ($msb - 1)) . $min; - $max = chr((1 << $msb) - 1) . $max; - } else { - $min[0] = chr(0x80); - } - return [ - 'min' => new static($min, 256), - 'max' => new static($max, 256) - ]; - } - - /** - * Return the size of a BigInteger in bits - * - * @return int - */ - public function getLength() - { - return strlen($this->toBits()); - } - - /** - * Return the size of a BigInteger in bytes - * - * @return int - */ - public function getLengthInBytes() - { - return strlen($this->toBytes()); - } - - /** - * Performs some pre-processing for powMod - * - * @param Engine $e - * @param Engine $n - * @return static|false - */ - protected function powModOuter(Engine $e, Engine $n) - { - $n = $this->bitmask !== false && $this->bitmask->compare($n) < 0 ? $this->bitmask : $n->abs(); - - if ($e->compare(new static()) < 0) { - $e = $e->abs(); - - $temp = $this->modInverse($n); - if ($temp === false) { - return false; - } - - return $this->normalize($temp->powModInner($e, $n)); - } - - if ($this->compare($n) > 0) { - list(, $temp) = $this->divide($n); - return $temp->powModInner($e, $n); - } - - return $this->powModInner($e, $n); - } - - /** - * Sliding Window k-ary Modular Exponentiation - * - * Based on {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=27 HAC 14.85} / - * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=210 MPM 7.7}. In a departure from those algorithims, - * however, this function performs a modular reduction after every multiplication and squaring operation. - * As such, this function has the same preconditions that the reductions being used do. - * - * @template T of Engine - * @param Engine $x - * @param Engine $e - * @param Engine $n - * @param class-string $class - * @return T - */ - protected static function slidingWindow(Engine $x, Engine $e, Engine $n, $class) - { - static $window_ranges = [7, 25, 81, 241, 673, 1793]; // from BigInteger.java's oddModPow function - //static $window_ranges = [0, 7, 36, 140, 450, 1303, 3529]; // from MPM 7.3.1 - - $e_bits = $e->toBits(); - $e_length = strlen($e_bits); - - // calculate the appropriate window size. - // $window_size == 3 if $window_ranges is between 25 and 81, for example. - for ($i = 0, $window_size = 1; $i < count($window_ranges) && $e_length > $window_ranges[$i]; ++$window_size, ++$i) { - } - - $n_value = $n->value; - - if (method_exists(static::class, 'generateCustomReduction')) { - static::generateCustomReduction($n, $class); - } - - // precompute $this^0 through $this^$window_size - $powers = []; - $powers[1] = static::prepareReduce($x->value, $n_value, $class); - $powers[2] = static::squareReduce($powers[1], $n_value, $class); - - // we do every other number since substr($e_bits, $i, $j+1) (see below) is supposed to end - // in a 1. ie. it's supposed to be odd. - $temp = 1 << ($window_size - 1); - for ($i = 1; $i < $temp; ++$i) { - $i2 = $i << 1; - $powers[$i2 + 1] = static::multiplyReduce($powers[$i2 - 1], $powers[2], $n_value, $class); - } - - $result = new $class(1); - $result = static::prepareReduce($result->value, $n_value, $class); - - for ($i = 0; $i < $e_length;) { - if (!$e_bits[$i]) { - $result = static::squareReduce($result, $n_value, $class); - ++$i; - } else { - for ($j = $window_size - 1; $j > 0; --$j) { - if (!empty($e_bits[$i + $j])) { - break; - } - } - - // eg. the length of substr($e_bits, $i, $j + 1) - for ($k = 0; $k <= $j; ++$k) { - $result = static::squareReduce($result, $n_value, $class); - } - - $result = static::multiplyReduce($result, $powers[bindec(substr($e_bits, $i, $j + 1))], $n_value, $class); - - $i += $j + 1; - } - } - - $temp = new $class(); - $temp->value = static::reduce($result, $n_value, $class); - - return $temp; - } - - /** - * Generates a random number of a certain size - * - * Bit length is equal to $size - * - * @param int $size - * @return Engine - */ - public static function random($size) - { - extract(static::minMaxBits($size)); - /** - * @var BigInteger $min - * @var BigInteger $max - */ - return static::randomRange($min, $max); - } - - /** - * Generates a random prime number of a certain size - * - * Bit length is equal to $size - * - * @param int $size - * @return Engine - */ - public static function randomPrime($size) - { - extract(static::minMaxBits($size)); - /** - * @var static $min - * @var static $max - */ - return static::randomRangePrime($min, $max); - } - - /** - * Performs some pre-processing for randomRangePrime - * - * @param Engine $min - * @param Engine $max - * @return static|false - */ - protected static function randomRangePrimeOuter(Engine $min, Engine $max) - { - $compare = $max->compare($min); - - if (!$compare) { - return $min->isPrime() ? $min : false; - } elseif ($compare < 0) { - // if $min is bigger then $max, swap $min and $max - $temp = $max; - $max = $min; - $min = $temp; - } - - $x = static::randomRange($min, $max); - - return static::randomRangePrimeInner($x, $min, $max); - } - - /** - * Generate a random number between a range - * - * Returns a random number between $min and $max where $min and $max - * can be defined using one of the two methods: - * - * BigInteger::randomRange($min, $max) - * BigInteger::randomRange($max, $min) - * - * @param Engine $min - * @param Engine $max - * @return Engine - */ - protected static function randomRangeHelper(Engine $min, Engine $max) - { - $compare = $max->compare($min); - - if (!$compare) { - return $min; - } elseif ($compare < 0) { - // if $min is bigger then $max, swap $min and $max - $temp = $max; - $max = $min; - $min = $temp; - } - - if (!isset(static::$one[static::class])) { - static::$one[static::class] = new static(1); - } - - $max = $max->subtract($min->subtract(static::$one[static::class])); - - $size = strlen(ltrim($max->toBytes(), chr(0))); - - /* - doing $random % $max doesn't work because some numbers will be more likely to occur than others. - eg. if $max is 140 and $random's max is 255 then that'd mean both $random = 5 and $random = 145 - would produce 5 whereas the only value of random that could produce 139 would be 139. ie. - not all numbers would be equally likely. some would be more likely than others. - - creating a whole new random number until you find one that is within the range doesn't work - because, for sufficiently small ranges, the likelihood that you'd get a number within that range - would be pretty small. eg. with $random's max being 255 and if your $max being 1 the probability - would be pretty high that $random would be greater than $max. - - phpseclib works around this using the technique described here: - - http://crypto.stackexchange.com/questions/5708/creating-a-small-number-from-a-cryptographically-secure-random-string - */ - $random_max = new static(chr(1) . str_repeat("\0", $size), 256); - $random = new static(Random::string($size), 256); - - list($max_multiple) = $random_max->divide($max); - $max_multiple = $max_multiple->multiply($max); - - while ($random->compare($max_multiple) >= 0) { - $random = $random->subtract($max_multiple); - $random_max = $random_max->subtract($max_multiple); - $random = $random->bitwise_leftShift(8); - $random = $random->add(new static(Random::string(1), 256)); - $random_max = $random_max->bitwise_leftShift(8); - list($max_multiple) = $random_max->divide($max); - $max_multiple = $max_multiple->multiply($max); - } - list(, $random) = $random->divide($max); - - return $random->add($min); - } - - /** - * Performs some post-processing for randomRangePrime - * - * @param Engine $x - * @param Engine $min - * @param Engine $max - * @return static|false - */ - protected static function randomRangePrimeInner(Engine $x, Engine $min, Engine $max) - { - if (!isset(static::$two[static::class])) { - static::$two[static::class] = new static('2'); - } - - $x->make_odd(); - if ($x->compare($max) > 0) { - // if $x > $max then $max is even and if $min == $max then no prime number exists between the specified range - if ($min->equals($max)) { - return false; - } - $x = clone $min; - $x->make_odd(); - } - - $initial_x = clone $x; - - while (true) { - if ($x->isPrime()) { - return $x; - } - - $x = $x->add(static::$two[static::class]); - - if ($x->compare($max) > 0) { - $x = clone $min; - if ($x->equals(static::$two[static::class])) { - return $x; - } - $x->make_odd(); - } - - if ($x->equals($initial_x)) { - return false; - } - } - } - - /** - * Sets the $t parameter for primality testing - * - * @return int - */ - protected function setupIsPrime() - { - $length = $this->getLengthInBytes(); - - // see HAC 4.49 "Note (controlling the error probability)" - // @codingStandardsIgnoreStart - if ($length >= 163) { $t = 2; } // floor(1300 / 8) - else if ($length >= 106) { $t = 3; } // floor( 850 / 8) - else if ($length >= 81 ) { $t = 4; } // floor( 650 / 8) - else if ($length >= 68 ) { $t = 5; } // floor( 550 / 8) - else if ($length >= 56 ) { $t = 6; } // floor( 450 / 8) - else if ($length >= 50 ) { $t = 7; } // floor( 400 / 8) - else if ($length >= 43 ) { $t = 8; } // floor( 350 / 8) - else if ($length >= 37 ) { $t = 9; } // floor( 300 / 8) - else if ($length >= 31 ) { $t = 12; } // floor( 250 / 8) - else if ($length >= 25 ) { $t = 15; } // floor( 200 / 8) - else if ($length >= 18 ) { $t = 18; } // floor( 150 / 8) - else { $t = 27; } - // @codingStandardsIgnoreEnd - - return $t; - } - - /** - * Tests Primality - * - * Uses the {@link http://en.wikipedia.org/wiki/Miller%E2%80%93Rabin_primality_test Miller-Rabin primality test}. - * See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap4.pdf#page=8 HAC 4.24} for more info. - * - * @param int $t - * @return bool - */ - protected function testPrimality($t) - { - if (!$this->testSmallPrimes()) { - return false; - } - - $n = clone $this; - $n_1 = $n->subtract(static::$one[static::class]); - $n_2 = $n->subtract(static::$two[static::class]); - - $r = clone $n_1; - $s = static::scan1divide($r); - - for ($i = 0; $i < $t; ++$i) { - $a = static::randomRange(static::$two[static::class], $n_2); - $y = $a->modPow($r, $n); - - if (!$y->equals(static::$one[static::class]) && !$y->equals($n_1)) { - for ($j = 1; $j < $s && !$y->equals($n_1); ++$j) { - $y = $y->modPow(static::$two[static::class], $n); - if ($y->equals(static::$one[static::class])) { - return false; - } - } - - if (!$y->equals($n_1)) { - return false; - } - } - } - - return true; - } - - /** - * Checks a numer to see if it's prime - * - * Assuming the $t parameter is not set, this function has an error rate of 2**-80. The main motivation for the - * $t parameter is distributability. BigInteger::randomPrime() can be distributed across multiple pageloads - * on a website instead of just one. - * - * @param int|bool $t - * @return bool - */ - public function isPrime($t = false) - { - if (!$t) { - $t = $this->setupIsPrime(); - } - return $this->testPrimality($t); - } - - /** - * Performs a few preliminary checks on root - * - * @param int $n - * @return Engine - */ - protected function rootHelper($n) - { - if ($n < 1) { - return clone static::$zero[static::class]; - } // we want positive exponents - if ($this->compare(static::$one[static::class]) < 0) { - return clone static::$zero[static::class]; - } // we want positive numbers - if ($this->compare(static::$two[static::class]) < 0) { - return clone static::$one[static::class]; - } // n-th root of 1 or 2 is 1 - - return $this->rootInner($n); - } - - /** - * Calculates the nth root of a biginteger. - * - * Returns the nth root of a positive biginteger, where n defaults to 2 - * - * {@internal This function is based off of {@link http://mathforum.org/library/drmath/view/52605.html this page} and {@link http://stackoverflow.com/questions/11242920/calculating-nth-root-with-bcmath-in-php this stackoverflow question}.} - * - * @param int $n - * @return Engine - */ - protected function rootInner($n) - { - $n = new static($n); - - // g is our guess number - $g = static::$two[static::class]; - // while (g^n < num) g=g*2 - while ($g->pow($n)->compare($this) < 0) { - $g = $g->multiply(static::$two[static::class]); - } - // if (g^n==num) num is a power of 2, we're lucky, end of job - // == 0 bccomp(bcpow($g, $n), $n->value)==0 - if ($g->pow($n)->equals($this) > 0) { - $root = $g; - return $this->normalize($root); - } - - // if we're here num wasn't a power of 2 :( - $og = $g; // og means original guess and here is our upper bound - $g = $g->divide(static::$two[static::class])[0]; // g is set to be our lower bound - $step = $og->subtract($g)->divide(static::$two[static::class])[0]; // step is the half of upper bound - lower bound - $g = $g->add($step); // we start at lower bound + step , basically in the middle of our interval - - // while step>1 - - while ($step->compare(static::$one[static::class]) == 1) { - $guess = $g->pow($n); - $step = $step->divide(static::$two[static::class])[0]; - $comp = $guess->compare($this); // compare our guess with real number - switch ($comp) { - case -1: // if guess is lower we add the new step - $g = $g->add($step); - break; - case 1: // if guess is higher we sub the new step - $g = $g->subtract($step); - break; - case 0: // if guess is exactly the num we're done, we return the value - $root = $g; - break 2; - } - } - - if ($comp == 1) { - $g = $g->subtract($step); - } - - // whatever happened, g is the closest guess we can make so return it - $root = $g; - - return $this->normalize($root); - } - - /** - * Calculates the nth root of a biginteger. - * - * @param int $n - * @return Engine - */ - public function root($n = 2) - { - return $this->rootHelper($n); - } - - /** - * Return the minimum BigInteger between an arbitrary number of BigIntegers. - * - * @param array $nums - * @return Engine - */ - protected static function minHelper(array $nums) - { - if (count($nums) == 1) { - return $nums[0]; - } - $min = $nums[0]; - for ($i = 1; $i < count($nums); $i++) { - $min = $min->compare($nums[$i]) > 0 ? $nums[$i] : $min; - } - return $min; - } - - /** - * Return the minimum BigInteger between an arbitrary number of BigIntegers. - * - * @param array $nums - * @return Engine - */ - protected static function maxHelper(array $nums) - { - if (count($nums) == 1) { - return $nums[0]; - } - $max = $nums[0]; - for ($i = 1; $i < count($nums); $i++) { - $max = $max->compare($nums[$i]) < 0 ? $nums[$i] : $max; - } - return $max; - } - - /** - * Create Recurring Modulo Function - * - * Sometimes it may be desirable to do repeated modulos with the same number outside of - * modular exponentiation - * - * @return callable - */ - public function createRecurringModuloFunction() - { - $class = static::class; - - $fqengine = !method_exists(static::$modexpEngine[static::class], 'reduce') ? - '\\phpseclib3\\Math\\BigInteger\\Engines\\' . static::ENGINE_DIR . '\\DefaultEngine' : - static::$modexpEngine[static::class]; - if (method_exists($fqengine, 'generateCustomReduction')) { - $func = $fqengine::generateCustomReduction($this, static::class); - return eval('return function(' . static::class . ' $x) use ($func, $class) { - $r = new $class(); - $r->value = $func($x->value); - return $r; - };'); - } - $n = $this->value; - return eval('return function(' . static::class . ' $x) use ($n, $fqengine, $class) { - $r = new $class(); - $r->value = $fqengine::reduce($x->value, $n, $class); - return $r; - };'); - } - - /** - * Calculates the greatest common divisor and Bezout's identity. - * - * @param Engine $n - * @return array{gcd: Engine, x: Engine, y: Engine} - */ - protected function extendedGCDHelper(Engine $n) - { - $u = clone $this; - $v = clone $n; - - $one = new static(1); - $zero = new static(); - - $a = clone $one; - $b = clone $zero; - $c = clone $zero; - $d = clone $one; - - while (!$v->equals($zero)) { - list($q) = $u->divide($v); - - $temp = $u; - $u = $v; - $v = $temp->subtract($v->multiply($q)); - - $temp = $a; - $a = $c; - $c = $temp->subtract($a->multiply($q)); - - $temp = $b; - $b = $d; - $d = $temp->subtract($b->multiply($q)); - } - - return [ - 'gcd' => $u, - 'x' => $a, - 'y' => $b - ]; - } - - /** - * Bitwise Split - * - * Splits BigInteger's into chunks of $split bits - * - * @param int $split - * @return Engine[] - */ - public function bitwise_split($split) - { - if ($split < 1) { - throw new \RuntimeException('Offset must be greater than 1'); - } - - $mask = static::$one[static::class]->bitwise_leftShift($split)->subtract(static::$one[static::class]); - - $num = clone $this; - - $vals = []; - while (!$num->equals(static::$zero[static::class])) { - $vals[] = $num->bitwise_and($mask); - $num = $num->bitwise_rightShift($split); - } - - return array_reverse($vals); - } - - /** - * Logical And - * - * @param Engine $x - * @return Engine - */ - protected function bitwiseAndHelper(Engine $x) - { - $left = $this->toBytes(true); - $right = $x->toBytes(true); - - $length = max(strlen($left), strlen($right)); - - $left = str_pad($left, $length, chr(0), STR_PAD_LEFT); - $right = str_pad($right, $length, chr(0), STR_PAD_LEFT); - - return $this->normalize(new static($left & $right, -256)); - } - - /** - * Logical Or - * - * @param Engine $x - * @return Engine - */ - protected function bitwiseOrHelper(Engine $x) - { - $left = $this->toBytes(true); - $right = $x->toBytes(true); - - $length = max(strlen($left), strlen($right)); - - $left = str_pad($left, $length, chr(0), STR_PAD_LEFT); - $right = str_pad($right, $length, chr(0), STR_PAD_LEFT); - - return $this->normalize(new static($left | $right, -256)); - } - - /** - * Logical Exclusive Or - * - * @param Engine $x - * @return Engine - */ - protected function bitwiseXorHelper(Engine $x) - { - $left = $this->toBytes(true); - $right = $x->toBytes(true); - - $length = max(strlen($left), strlen($right)); - - - $left = str_pad($left, $length, chr(0), STR_PAD_LEFT); - $right = str_pad($right, $length, chr(0), STR_PAD_LEFT); - return $this->normalize(new static($left ^ $right, -256)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/GMP.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/GMP.php deleted file mode 100644 index f616362..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/GMP.php +++ /dev/null @@ -1,694 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Math\BigInteger\Engines; - -use phpseclib3\Exception\BadConfigurationException; - -/** - * GMP Engine. - * - * @author Jim Wigginton - */ -class GMP extends Engine -{ - /** - * Can Bitwise operations be done fast? - * - * @see parent::bitwise_leftRotate() - * @see parent::bitwise_rightRotate() - */ - const FAST_BITWISE = true; - - /** - * Engine Directory - * - * @see parent::setModExpEngine - */ - const ENGINE_DIR = 'GMP'; - - /** - * Test for engine validity - * - * @return bool - * @see parent::__construct() - */ - public static function isValidEngine() - { - return extension_loaded('gmp'); - } - - /** - * Default constructor - * - * @param mixed $x integer Base-10 number or base-$base number if $base set. - * @param int $base - * @see parent::__construct() - */ - public function __construct($x = 0, $base = 10) - { - if (!isset(static::$isValidEngine[static::class])) { - static::$isValidEngine[static::class] = self::isValidEngine(); - } - if (!static::$isValidEngine[static::class]) { - throw new BadConfigurationException('GMP is not setup correctly on this system'); - } - - if ($x instanceof \GMP) { - $this->value = $x; - return; - } - - $this->value = gmp_init(0); - - parent::__construct($x, $base); - } - - /** - * Initialize a GMP BigInteger Engine instance - * - * @param int $base - * @see parent::__construct() - */ - protected function initialize($base) - { - switch (abs($base)) { - case 256: - $this->value = gmp_import($this->value); - if ($this->is_negative) { - $this->value = -$this->value; - } - break; - case 16: - $temp = $this->is_negative ? '-0x' . $this->value : '0x' . $this->value; - $this->value = gmp_init($temp); - break; - case 10: - $this->value = gmp_init(isset($this->value) ? $this->value : '0'); - } - } - - /** - * Converts a BigInteger to a base-10 number. - * - * @return string - */ - public function toString() - { - return (string)$this->value; - } - - /** - * Converts a BigInteger to a bit string (eg. base-2). - * - * Negative numbers are saved as positive numbers, unless $twos_compliment is set to true, at which point, they're - * saved as two's compliment. - * - * @param bool $twos_compliment - * @return string - */ - public function toBits($twos_compliment = false) - { - $hex = $this->toHex($twos_compliment); - - $bits = gmp_strval(gmp_init($hex, 16), 2); - - if ($this->precision > 0) { - $bits = substr($bits, -$this->precision); - } - - if ($twos_compliment && $this->compare(new static()) > 0 && $this->precision <= 0) { - return '0' . $bits; - } - - return $bits; - } - - /** - * Converts a BigInteger to a byte string (eg. base-256). - * - * @param bool $twos_compliment - * @return string - */ - public function toBytes($twos_compliment = false) - { - if ($twos_compliment) { - return $this->toBytesHelper(); - } - - if (gmp_cmp($this->value, gmp_init(0)) == 0) { - return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : ''; - } - - $temp = gmp_export($this->value); - - return $this->precision > 0 ? - substr(str_pad($temp, $this->precision >> 3, chr(0), STR_PAD_LEFT), -($this->precision >> 3)) : - ltrim($temp, chr(0)); - } - - /** - * Adds two BigIntegers. - * - * @param GMP $y - * @return GMP - */ - public function add(GMP $y) - { - $temp = new self(); - $temp->value = $this->value + $y->value; - - return $this->normalize($temp); - } - - /** - * Subtracts two BigIntegers. - * - * @param GMP $y - * @return GMP - */ - public function subtract(GMP $y) - { - $temp = new self(); - $temp->value = $this->value - $y->value; - - return $this->normalize($temp); - } - - /** - * Multiplies two BigIntegers. - * - * @param GMP $x - * @return GMP - */ - public function multiply(GMP $x) - { - $temp = new self(); - $temp->value = $this->value * $x->value; - - return $this->normalize($temp); - } - - /** - * Divides two BigIntegers. - * - * Returns an array whose first element contains the quotient and whose second element contains the - * "common residue". If the remainder would be positive, the "common residue" and the remainder are the - * same. If the remainder would be negative, the "common residue" is equal to the sum of the remainder - * and the divisor (basically, the "common residue" is the first positive modulo). - * - * @param GMP $y - * @return array{GMP, GMP} - */ - public function divide(GMP $y) - { - $quotient = new self(); - $remainder = new self(); - - list($quotient->value, $remainder->value) = gmp_div_qr($this->value, $y->value); - - if (gmp_sign($remainder->value) < 0) { - $remainder->value = $remainder->value + gmp_abs($y->value); - } - - return [$this->normalize($quotient), $this->normalize($remainder)]; - } - - /** - * Compares two numbers. - * - * Although one might think !$x->compare($y) means $x != $y, it, in fact, means the opposite. The reason for this - * is demonstrated thusly: - * - * $x > $y: $x->compare($y) > 0 - * $x < $y: $x->compare($y) < 0 - * $x == $y: $x->compare($y) == 0 - * - * Note how the same comparison operator is used. If you want to test for equality, use $x->equals($y). - * - * {@internal Could return $this->subtract($x), but that's not as fast as what we do do.} - * - * @param GMP $y - * @return int in case < 0 if $this is less than $y; > 0 if $this is greater than $y, and 0 if they are equal. - * @see self::equals() - */ - public function compare(GMP $y) - { - $r = gmp_cmp($this->value, $y->value); - if ($r < -1) { - $r = -1; - } - if ($r > 1) { - $r = 1; - } - return $r; - } - - /** - * Tests the equality of two numbers. - * - * If you need to see if one number is greater than or less than another number, use BigInteger::compare() - * - * @param GMP $x - * @return bool - */ - public function equals(GMP $x) - { - return $this->value == $x->value; - } - - /** - * Calculates modular inverses. - * - * Say you have (30 mod 17 * x mod 17) mod 17 == 1. x can be found using modular inverses. - * - * @param GMP $n - * @return false|GMP - */ - public function modInverse(GMP $n) - { - $temp = new self(); - $temp->value = gmp_invert($this->value, $n->value); - - return $temp->value === false ? false : $this->normalize($temp); - } - - /** - * Calculates the greatest common divisor and Bezout's identity. - * - * Say you have 693 and 609. The GCD is 21. Bezout's identity states that there exist integers x and y such that - * 693*x + 609*y == 21. In point of fact, there are actually an infinite number of x and y combinations and which - * combination is returned is dependent upon which mode is in use. See - * {@link http://en.wikipedia.org/wiki/B%C3%A9zout%27s_identity Bezout's identity - Wikipedia} for more information. - * - * @param GMP $n - * @return GMP[] - */ - public function extendedGCD(GMP $n) - { - extract(gmp_gcdext($this->value, $n->value)); - - return [ - 'gcd' => $this->normalize(new self($g)), - 'x' => $this->normalize(new self($s)), - 'y' => $this->normalize(new self($t)) - ]; - } - - /** - * Calculates the greatest common divisor - * - * Say you have 693 and 609. The GCD is 21. - * - * @param GMP $n - * @return GMP - */ - public function gcd(GMP $n) - { - $r = gmp_gcd($this->value, $n->value); - return $this->normalize(new self($r)); - } - - /** - * Absolute value. - * - * @return GMP - */ - public function abs() - { - $temp = new self(); - $temp->value = gmp_abs($this->value); - - return $temp; - } - - /** - * Logical And - * - * @param GMP $x - * @return GMP - */ - public function bitwise_and(GMP $x) - { - $temp = new self(); - $temp->value = $this->value & $x->value; - - return $this->normalize($temp); - } - - /** - * Logical Or - * - * @param GMP $x - * @return GMP - */ - public function bitwise_or(GMP $x) - { - $temp = new self(); - $temp->value = $this->value | $x->value; - - return $this->normalize($temp); - } - - /** - * Logical Exclusive Or - * - * @param GMP $x - * @return GMP - */ - public function bitwise_xor(GMP $x) - { - $temp = new self(); - $temp->value = $this->value ^ $x->value; - - return $this->normalize($temp); - } - - /** - * Logical Right Shift - * - * Shifts BigInteger's by $shift bits, effectively dividing by 2**$shift. - * - * @param int $shift - * @return GMP - */ - public function bitwise_rightShift($shift) - { - // 0xFFFFFFFF >> 2 == -1 (on 32-bit systems) - // gmp_init('0xFFFFFFFF') >> 2 == gmp_init('0x3FFFFFFF') - - $temp = new self(); - $temp->value = $this->value >> $shift; - - return $this->normalize($temp); - } - - /** - * Logical Left Shift - * - * Shifts BigInteger's by $shift bits, effectively multiplying by 2**$shift. - * - * @param int $shift - * @return GMP - */ - public function bitwise_leftShift($shift) - { - $temp = new self(); - $temp->value = $this->value << $shift; - - return $this->normalize($temp); - } - - /** - * Performs modular exponentiation. - * - * @param GMP $e - * @param GMP $n - * @return GMP - */ - public function modPow(GMP $e, GMP $n) - { - return $this->powModOuter($e, $n); - } - - /** - * Performs modular exponentiation. - * - * Alias for modPow(). - * - * @param GMP $e - * @param GMP $n - * @return GMP - */ - public function powMod(GMP $e, GMP $n) - { - return $this->powModOuter($e, $n); - } - - /** - * Performs modular exponentiation. - * - * @param GMP $e - * @param GMP $n - * @return GMP - */ - protected function powModInner(GMP $e, GMP $n) - { - $class = static::$modexpEngine[static::class]; - return $class::powModHelper($this, $e, $n); - } - - /** - * Normalize - * - * Removes leading zeros and truncates (if necessary) to maintain the appropriate precision - * - * @param GMP $result - * @return GMP - */ - protected function normalize(GMP $result) - { - $result->precision = $this->precision; - $result->bitmask = $this->bitmask; - - if ($result->bitmask !== false) { - $flip = $result->value < 0; - if ($flip) { - $result->value = -$result->value; - } - $result->value = $result->value & $result->bitmask->value; - if ($flip) { - $result->value = -$result->value; - } - } - - return $result; - } - - /** - * Performs some post-processing for randomRangePrime - * - * @param Engine $x - * @param Engine $min - * @param Engine $max - * @return GMP - */ - protected static function randomRangePrimeInner(Engine $x, Engine $min, Engine $max) - { - $p = gmp_nextprime($x->value); - - if ($p <= $max->value) { - return new self($p); - } - - if ($min->value != $x->value) { - $x = new self($x->value - 1); - } - - return self::randomRangePrime($min, $x); - } - - /** - * Generate a random prime number between a range - * - * If there's not a prime within the given range, false will be returned. - * - * @param GMP $min - * @param GMP $max - * @return false|GMP - */ - public static function randomRangePrime(GMP $min, GMP $max) - { - return self::randomRangePrimeOuter($min, $max); - } - - /** - * Generate a random number between a range - * - * Returns a random number between $min and $max where $min and $max - * can be defined using one of the two methods: - * - * BigInteger::randomRange($min, $max) - * BigInteger::randomRange($max, $min) - * - * @param GMP $min - * @param GMP $max - * @return GMP - */ - public static function randomRange(GMP $min, GMP $max) - { - return self::randomRangeHelper($min, $max); - } - - /** - * Make the current number odd - * - * If the current number is odd it'll be unchanged. If it's even, one will be added to it. - * - * @see self::randomPrime() - */ - protected function make_odd() - { - gmp_setbit($this->value, 0); - } - - /** - * Tests Primality - * - * @param int $t - * @return bool - */ - protected function testPrimality($t) - { - return gmp_prob_prime($this->value, $t) != 0; - } - - /** - * Calculates the nth root of a biginteger. - * - * Returns the nth root of a positive biginteger, where n defaults to 2 - * - * @param int $n - * @return GMP - */ - protected function rootInner($n) - { - $root = new self(); - $root->value = gmp_root($this->value, $n); - return $this->normalize($root); - } - - /** - * Performs exponentiation. - * - * @param GMP $n - * @return GMP - */ - public function pow(GMP $n) - { - $temp = new self(); - $temp->value = $this->value ** $n->value; - - return $this->normalize($temp); - } - - /** - * Return the minimum BigInteger between an arbitrary number of BigIntegers. - * - * @param GMP ...$nums - * @return GMP - */ - public static function min(GMP ...$nums) - { - return self::minHelper($nums); - } - - /** - * Return the maximum BigInteger between an arbitrary number of BigIntegers. - * - * @param GMP ...$nums - * @return GMP - */ - public static function max(GMP ...$nums) - { - return self::maxHelper($nums); - } - - /** - * Tests BigInteger to see if it is between two integers, inclusive - * - * @param GMP $min - * @param GMP $max - * @return bool - */ - public function between(GMP $min, GMP $max) - { - return $this->compare($min) >= 0 && $this->compare($max) <= 0; - } - - /** - * Create Recurring Modulo Function - * - * Sometimes it may be desirable to do repeated modulos with the same number outside of - * modular exponentiation - * - * @return callable - */ - public function createRecurringModuloFunction() - { - $temp = $this->value; - return function (GMP $x) use ($temp) { - return new GMP($x->value % $temp); - }; - } - - /** - * Scan for 1 and right shift by that amount - * - * ie. $s = gmp_scan1($n, 0) and $r = gmp_div_q($n, gmp_pow(gmp_init('2'), $s)); - * - * @param GMP $r - * @return int - */ - public static function scan1divide(GMP $r) - { - $s = gmp_scan1($r->value, 0); - $r->value >>= $s; - return $s; - } - - /** - * Is Odd? - * - * @return bool - */ - public function isOdd() - { - return gmp_testbit($this->value, 0); - } - - /** - * Tests if a bit is set - * - * @return bool - */ - public function testBit($x) - { - return gmp_testbit($this->value, $x); - } - - /** - * Is Negative? - * - * @return bool - */ - public function isNegative() - { - return gmp_sign($this->value) == -1; - } - - /** - * Negate - * - * Given $k, returns -$k - * - * @return GMP - */ - public function negate() - { - $temp = clone $this; - $temp->value = -$this->value; - - return $temp; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/GMP/DefaultEngine.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/GMP/DefaultEngine.php deleted file mode 100644 index bc219fb..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/GMP/DefaultEngine.php +++ /dev/null @@ -1,40 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Math\BigInteger\Engines\GMP; - -use phpseclib3\Math\BigInteger\Engines\GMP; - -/** - * GMP Modular Exponentiation Engine - * - * @author Jim Wigginton - */ -abstract class DefaultEngine extends GMP -{ - /** - * Performs modular exponentiation. - * - * @param GMP $x - * @param GMP $e - * @param GMP $n - * @return GMP - */ - protected static function powModHelper(GMP $x, GMP $e, GMP $n) - { - $temp = new GMP(); - $temp->value = gmp_powm($x->value, $e->value, $n->value); - - return $x->normalize($temp); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/OpenSSL.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/OpenSSL.php deleted file mode 100644 index e33a9f1..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/OpenSSL.php +++ /dev/null @@ -1,68 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Math\BigInteger\Engines; - -use phpseclib3\Crypt\RSA\Formats\Keys\PKCS8; -use phpseclib3\Math\BigInteger; - -/** - * OpenSSL Modular Exponentiation Engine - * - * @author Jim Wigginton - */ -abstract class OpenSSL -{ - /** - * Test for engine validity - * - * @return bool - */ - public static function isValidEngine() - { - return extension_loaded('openssl') && static::class != __CLASS__; - } - - /** - * Performs modular exponentiation. - * - * @param Engine $x - * @param Engine $e - * @param Engine $n - * @return Engine - */ - public static function powModHelper(Engine $x, Engine $e, Engine $n) - { - if ($n->getLengthInBytes() < 31 || $n->getLengthInBytes() > 16384) { - throw new \OutOfRangeException('Only modulo between 31 and 16384 bits are accepted'); - } - - $key = PKCS8::savePublicKey( - new BigInteger($n), - new BigInteger($e) - ); - - $plaintext = str_pad($x->toBytes(), $n->getLengthInBytes(), "\0", STR_PAD_LEFT); - - // this is easily prone to failure. if the modulo is a multiple of 2 or 3 or whatever it - // won't work and you'll get a "failure: error:0906D06C:PEM routines:PEM_read_bio:no start line" - // error. i suppose, for even numbers, we could do what PHP\Montgomery.php does, but then what - // about odd numbers divisible by 3, by 5, etc? - if (!openssl_public_encrypt($plaintext, $result, $key, OPENSSL_NO_PADDING)) { - throw new \UnexpectedValueException(openssl_error_string()); - } - - $class = get_class($x); - return new $class($result, 256); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP.php deleted file mode 100644 index 7e85783..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP.php +++ /dev/null @@ -1,1344 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Math\BigInteger\Engines; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Exception\BadConfigurationException; - -/** - * Pure-PHP Engine. - * - * @author Jim Wigginton - */ -abstract class PHP extends Engine -{ - /**#@+ - * Array constants - * - * Rather than create a thousands and thousands of new BigInteger objects in repeated function calls to add() and - * multiply() or whatever, we'll just work directly on arrays, taking them in as parameters and returning them. - * - */ - /** - * $result[self::VALUE] contains the value. - */ - const VALUE = 0; - /** - * $result[self::SIGN] contains the sign. - */ - const SIGN = 1; - /**#@-*/ - - /** - * Karatsuba Cutoff - * - * At what point do we switch between Karatsuba multiplication and schoolbook long multiplication? - * - */ - const KARATSUBA_CUTOFF = 25; - - /** - * Can Bitwise operations be done fast? - * - * @see parent::bitwise_leftRotate() - * @see parent::bitwise_rightRotate() - */ - const FAST_BITWISE = true; - - /** - * Engine Directory - * - * @see parent::setModExpEngine - */ - const ENGINE_DIR = 'PHP'; - - /** - * Default constructor - * - * @param mixed $x integer Base-10 number or base-$base number if $base set. - * @param int $base - * @return PHP - * @see parent::__construct() - */ - public function __construct($x = 0, $base = 10) - { - if (!isset(static::$isValidEngine[static::class])) { - static::$isValidEngine[static::class] = static::isValidEngine(); - } - if (!static::$isValidEngine[static::class]) { - throw new BadConfigurationException(static::class . ' is not setup correctly on this system'); - } - - $this->value = []; - parent::__construct($x, $base); - } - - /** - * Initialize a PHP BigInteger Engine instance - * - * @param int $base - * @see parent::__construct() - */ - protected function initialize($base) - { - switch (abs($base)) { - case 16: - $x = (strlen($this->value) & 1) ? '0' . $this->value : $this->value; - $temp = new static(Strings::hex2bin($x), 256); - $this->value = $temp->value; - break; - case 10: - $temp = new static(); - - $multiplier = new static(); - $multiplier->value = [static::MAX10]; - - $x = $this->value; - - if ($x[0] == '-') { - $this->is_negative = true; - $x = substr($x, 1); - } - - $x = str_pad( - $x, - strlen($x) + ((static::MAX10LEN - 1) * strlen($x)) % static::MAX10LEN, - 0, - STR_PAD_LEFT - ); - while (strlen($x)) { - $temp = $temp->multiply($multiplier); - $temp = $temp->add(new static($this->int2bytes(substr($x, 0, static::MAX10LEN)), 256)); - $x = substr($x, static::MAX10LEN); - } - - $this->value = $temp->value; - } - } - - /** - * Pads strings so that unpack may be used on them - * - * @param string $str - * @return string - */ - protected function pad($str) - { - $length = strlen($str); - - $pad = 4 - (strlen($str) % 4); - - return str_pad($str, $length + $pad, "\0", STR_PAD_LEFT); - } - - /** - * Converts a BigInteger to a base-10 number. - * - * @return string - */ - public function toString() - { - if (!count($this->value)) { - return '0'; - } - - $temp = clone $this; - $temp->bitmask = false; - $temp->is_negative = false; - - $divisor = new static(); - $divisor->value = [static::MAX10]; - $result = ''; - while (count($temp->value)) { - list($temp, $mod) = $temp->divide($divisor); - $result = str_pad( - isset($mod->value[0]) ? $mod->value[0] : '', - static::MAX10LEN, - '0', - STR_PAD_LEFT - ) . $result; - } - $result = ltrim($result, '0'); - if (empty($result)) { - $result = '0'; - } - - if ($this->is_negative) { - $result = '-' . $result; - } - - return $result; - } - - /** - * Converts a BigInteger to a byte string (eg. base-256). - * - * @param bool $twos_compliment - * @return string - */ - public function toBytes($twos_compliment = false) - { - if ($twos_compliment) { - return $this->toBytesHelper(); - } - - if (!count($this->value)) { - return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : ''; - } - - $result = $this->bitwise_small_split(8); - $result = implode('', array_map('chr', $result)); - - return $this->precision > 0 ? - str_pad( - substr($result, -(($this->precision + 7) >> 3)), - ($this->precision + 7) >> 3, - chr(0), - STR_PAD_LEFT - ) : - $result; - } - - /** - * Performs addition. - * - * @param array $x_value - * @param bool $x_negative - * @param array $y_value - * @param bool $y_negative - * @return array - */ - protected static function addHelper(array $x_value, $x_negative, array $y_value, $y_negative) - { - $x_size = count($x_value); - $y_size = count($y_value); - - if ($x_size == 0) { - return [ - self::VALUE => $y_value, - self::SIGN => $y_negative - ]; - } elseif ($y_size == 0) { - return [ - self::VALUE => $x_value, - self::SIGN => $x_negative - ]; - } - - // subtract, if appropriate - if ($x_negative != $y_negative) { - if ($x_value == $y_value) { - return [ - self::VALUE => [], - self::SIGN => false - ]; - } - - $temp = self::subtractHelper($x_value, false, $y_value, false); - $temp[self::SIGN] = self::compareHelper($x_value, false, $y_value, false) > 0 ? - $x_negative : $y_negative; - - return $temp; - } - - if ($x_size < $y_size) { - $size = $x_size; - $value = $y_value; - } else { - $size = $y_size; - $value = $x_value; - } - - $value[count($value)] = 0; // just in case the carry adds an extra digit - - $carry = 0; - for ($i = 0, $j = 1; $j < $size; $i += 2, $j += 2) { - //$sum = $x_value[$j] * static::BASE_FULL + $x_value[$i] + $y_value[$j] * static::BASE_FULL + $y_value[$i] + $carry; - $sum = ($x_value[$j] + $y_value[$j]) * static::BASE_FULL + $x_value[$i] + $y_value[$i] + $carry; - $carry = $sum >= static::MAX_DIGIT2; // eg. floor($sum / 2**52); only possible values (in any base) are 0 and 1 - $sum = $carry ? $sum - static::MAX_DIGIT2 : $sum; - - $temp = static::BASE === 26 ? intval($sum / 0x4000000) : ($sum >> 31); - - $value[$i] = (int)($sum - static::BASE_FULL * $temp); // eg. a faster alternative to fmod($sum, 0x4000000) - $value[$j] = $temp; - } - - if ($j == $size) { // ie. if $y_size is odd - $sum = $x_value[$i] + $y_value[$i] + $carry; - $carry = $sum >= static::BASE_FULL; - $value[$i] = $carry ? $sum - static::BASE_FULL : $sum; - ++$i; // ie. let $i = $j since we've just done $value[$i] - } - - if ($carry) { - for (; $value[$i] == static::MAX_DIGIT; ++$i) { - $value[$i] = 0; - } - ++$value[$i]; - } - - return [ - self::VALUE => self::trim($value), - self::SIGN => $x_negative - ]; - } - - /** - * Performs subtraction. - * - * @param array $x_value - * @param bool $x_negative - * @param array $y_value - * @param bool $y_negative - * @return array - */ - public static function subtractHelper(array $x_value, $x_negative, array $y_value, $y_negative) - { - $x_size = count($x_value); - $y_size = count($y_value); - - if ($x_size == 0) { - return [ - self::VALUE => $y_value, - self::SIGN => !$y_negative - ]; - } elseif ($y_size == 0) { - return [ - self::VALUE => $x_value, - self::SIGN => $x_negative - ]; - } - - // add, if appropriate (ie. -$x - +$y or +$x - -$y) - if ($x_negative != $y_negative) { - $temp = self::addHelper($x_value, false, $y_value, false); - $temp[self::SIGN] = $x_negative; - - return $temp; - } - - $diff = self::compareHelper($x_value, $x_negative, $y_value, $y_negative); - - if (!$diff) { - return [ - self::VALUE => [], - self::SIGN => false - ]; - } - - // switch $x and $y around, if appropriate. - if ((!$x_negative && $diff < 0) || ($x_negative && $diff > 0)) { - $temp = $x_value; - $x_value = $y_value; - $y_value = $temp; - - $x_negative = !$x_negative; - - $x_size = count($x_value); - $y_size = count($y_value); - } - - // at this point, $x_value should be at least as big as - if not bigger than - $y_value - - $carry = 0; - for ($i = 0, $j = 1; $j < $y_size; $i += 2, $j += 2) { - $sum = ($x_value[$j] - $y_value[$j]) * static::BASE_FULL + $x_value[$i] - $y_value[$i] - $carry; - - $carry = $sum < 0; // eg. floor($sum / 2**52); only possible values (in any base) are 0 and 1 - $sum = $carry ? $sum + static::MAX_DIGIT2 : $sum; - - $temp = static::BASE === 26 ? intval($sum / 0x4000000) : ($sum >> 31); - - $x_value[$i] = (int)($sum - static::BASE_FULL * $temp); - $x_value[$j] = $temp; - } - - if ($j == $y_size) { // ie. if $y_size is odd - $sum = $x_value[$i] - $y_value[$i] - $carry; - $carry = $sum < 0; - $x_value[$i] = $carry ? $sum + static::BASE_FULL : $sum; - ++$i; - } - - if ($carry) { - for (; !$x_value[$i]; ++$i) { - $x_value[$i] = static::MAX_DIGIT; - } - --$x_value[$i]; - } - - return [ - self::VALUE => self::trim($x_value), - self::SIGN => $x_negative - ]; - } - - /** - * Performs multiplication. - * - * @param array $x_value - * @param bool $x_negative - * @param array $y_value - * @param bool $y_negative - * @return array - */ - protected static function multiplyHelper(array $x_value, $x_negative, array $y_value, $y_negative) - { - //if ( $x_value == $y_value ) { - // return [ - // self::VALUE => self::square($x_value), - // self::SIGN => $x_sign != $y_value - // ]; - //} - - $x_length = count($x_value); - $y_length = count($y_value); - - if (!$x_length || !$y_length) { // a 0 is being multiplied - return [ - self::VALUE => [], - self::SIGN => false - ]; - } - - return [ - self::VALUE => min($x_length, $y_length) < 2 * self::KARATSUBA_CUTOFF ? - self::trim(self::regularMultiply($x_value, $y_value)) : - self::trim(self::karatsuba($x_value, $y_value)), - self::SIGN => $x_negative != $y_negative - ]; - } - - /** - * Performs Karatsuba multiplication on two BigIntegers - * - * See {@link http://en.wikipedia.org/wiki/Karatsuba_algorithm Karatsuba algorithm} and - * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=120 MPM 5.2.3}. - * - * @param array $x_value - * @param array $y_value - * @return array - */ - private static function karatsuba(array $x_value, array $y_value) - { - $m = min(count($x_value) >> 1, count($y_value) >> 1); - - if ($m < self::KARATSUBA_CUTOFF) { - return self::regularMultiply($x_value, $y_value); - } - - $x1 = array_slice($x_value, $m); - $x0 = array_slice($x_value, 0, $m); - $y1 = array_slice($y_value, $m); - $y0 = array_slice($y_value, 0, $m); - - $z2 = self::karatsuba($x1, $y1); - $z0 = self::karatsuba($x0, $y0); - - $z1 = self::addHelper($x1, false, $x0, false); - $temp = self::addHelper($y1, false, $y0, false); - $z1 = self::karatsuba($z1[self::VALUE], $temp[self::VALUE]); - $temp = self::addHelper($z2, false, $z0, false); - $z1 = self::subtractHelper($z1, false, $temp[self::VALUE], false); - - $z2 = array_merge(array_fill(0, 2 * $m, 0), $z2); - $z1[self::VALUE] = array_merge(array_fill(0, $m, 0), $z1[self::VALUE]); - - $xy = self::addHelper($z2, false, $z1[self::VALUE], $z1[self::SIGN]); - $xy = self::addHelper($xy[self::VALUE], $xy[self::SIGN], $z0, false); - - return $xy[self::VALUE]; - } - - /** - * Performs long multiplication on two BigIntegers - * - * Modeled after 'multiply' in MutableBigInteger.java. - * - * @param array $x_value - * @param array $y_value - * @return array - */ - protected static function regularMultiply(array $x_value, array $y_value) - { - $x_length = count($x_value); - $y_length = count($y_value); - - if (!$x_length || !$y_length) { // a 0 is being multiplied - return []; - } - - $product_value = self::array_repeat(0, $x_length + $y_length); - - // the following for loop could be removed if the for loop following it - // (the one with nested for loops) initially set $i to 0, but - // doing so would also make the result in one set of unnecessary adds, - // since on the outermost loops first pass, $product->value[$k] is going - // to always be 0 - - $carry = 0; - for ($j = 0; $j < $x_length; ++$j) { // ie. $i = 0 - $temp = $x_value[$j] * $y_value[0] + $carry; // $product_value[$k] == 0 - $carry = static::BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31); - $product_value[$j] = (int)($temp - static::BASE_FULL * $carry); - } - - $product_value[$j] = $carry; - - // the above for loop is what the previous comment was talking about. the - // following for loop is the "one with nested for loops" - for ($i = 1; $i < $y_length; ++$i) { - $carry = 0; - - for ($j = 0, $k = $i; $j < $x_length; ++$j, ++$k) { - $temp = $product_value[$k] + $x_value[$j] * $y_value[$i] + $carry; - $carry = static::BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31); - $product_value[$k] = (int)($temp - static::BASE_FULL * $carry); - } - - $product_value[$k] = $carry; - } - - return $product_value; - } - - /** - * Divides two BigIntegers. - * - * Returns an array whose first element contains the quotient and whose second element contains the - * "common residue". If the remainder would be positive, the "common residue" and the remainder are the - * same. If the remainder would be negative, the "common residue" is equal to the sum of the remainder - * and the divisor (basically, the "common residue" is the first positive modulo). - * - * @return array{static, static} - * @internal This function is based off of - * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=9 HAC 14.20}. - */ - protected function divideHelper(PHP $y) - { - if (count($y->value) == 1) { - list($q, $r) = $this->divide_digit($this->value, $y->value[0]); - $quotient = new static(); - $remainder = new static(); - $quotient->value = $q; - $remainder->value = [$r]; - $quotient->is_negative = $this->is_negative != $y->is_negative; - return [$this->normalize($quotient), $this->normalize($remainder)]; - } - - $x = clone $this; - $y = clone $y; - - $x_sign = $x->is_negative; - $y_sign = $y->is_negative; - - $x->is_negative = $y->is_negative = false; - - $diff = $x->compare($y); - - if (!$diff) { - $temp = new static(); - $temp->value = [1]; - $temp->is_negative = $x_sign != $y_sign; - return [$this->normalize($temp), $this->normalize(static::$zero[static::class])]; - } - - if ($diff < 0) { - // if $x is negative, "add" $y. - if ($x_sign) { - $x = $y->subtract($x); - } - return [$this->normalize(static::$zero[static::class]), $this->normalize($x)]; - } - - // normalize $x and $y as described in HAC 14.23 / 14.24 - $msb = $y->value[count($y->value) - 1]; - for ($shift = 0; !($msb & static::MSB); ++$shift) { - $msb <<= 1; - } - $x->lshift($shift); - $y->lshift($shift); - $y_value = &$y->value; - - $x_max = count($x->value) - 1; - $y_max = count($y->value) - 1; - - $quotient = new static(); - $quotient_value = &$quotient->value; - $quotient_value = self::array_repeat(0, $x_max - $y_max + 1); - - static $temp, $lhs, $rhs; - if (!isset($temp)) { - $temp = new static(); - $lhs = new static(); - $rhs = new static(); - } - if (static::class != get_class($temp)) { - $temp = new static(); - $lhs = new static(); - $rhs = new static(); - } - $temp_value = &$temp->value; - $rhs_value = &$rhs->value; - - // $temp = $y << ($x_max - $y_max-1) in base 2**26 - $temp_value = array_merge(self::array_repeat(0, $x_max - $y_max), $y_value); - - while ($x->compare($temp) >= 0) { - // calculate the "common residue" - ++$quotient_value[$x_max - $y_max]; - $x = $x->subtract($temp); - $x_max = count($x->value) - 1; - } - - for ($i = $x_max; $i >= $y_max + 1; --$i) { - $x_value = &$x->value; - $x_window = [ - isset($x_value[$i]) ? $x_value[$i] : 0, - isset($x_value[$i - 1]) ? $x_value[$i - 1] : 0, - isset($x_value[$i - 2]) ? $x_value[$i - 2] : 0 - ]; - $y_window = [ - $y_value[$y_max], - ($y_max > 0) ? $y_value[$y_max - 1] : 0 - ]; - - $q_index = $i - $y_max - 1; - if ($x_window[0] == $y_window[0]) { - $quotient_value[$q_index] = static::MAX_DIGIT; - } else { - $quotient_value[$q_index] = self::safe_divide( - $x_window[0] * static::BASE_FULL + $x_window[1], - $y_window[0] - ); - } - - $temp_value = [$y_window[1], $y_window[0]]; - - $lhs->value = [$quotient_value[$q_index]]; - $lhs = $lhs->multiply($temp); - - $rhs_value = [$x_window[2], $x_window[1], $x_window[0]]; - - while ($lhs->compare($rhs) > 0) { - --$quotient_value[$q_index]; - - $lhs->value = [$quotient_value[$q_index]]; - $lhs = $lhs->multiply($temp); - } - - $adjust = self::array_repeat(0, $q_index); - $temp_value = [$quotient_value[$q_index]]; - $temp = $temp->multiply($y); - $temp_value = &$temp->value; - if (count($temp_value)) { - $temp_value = array_merge($adjust, $temp_value); - } - - $x = $x->subtract($temp); - - if ($x->compare(static::$zero[static::class]) < 0) { - $temp_value = array_merge($adjust, $y_value); - $x = $x->add($temp); - - --$quotient_value[$q_index]; - } - - $x_max = count($x_value) - 1; - } - - // unnormalize the remainder - $x->rshift($shift); - - $quotient->is_negative = $x_sign != $y_sign; - - // calculate the "common residue", if appropriate - if ($x_sign) { - $y->rshift($shift); - $x = $y->subtract($x); - } - - return [$this->normalize($quotient), $this->normalize($x)]; - } - - /** - * Divides a BigInteger by a regular integer - * - * abc / x = a00 / x + b0 / x + c / x - * - * @param array $dividend - * @param int $divisor - * @return array - */ - private static function divide_digit(array $dividend, $divisor) - { - $carry = 0; - $result = []; - - for ($i = count($dividend) - 1; $i >= 0; --$i) { - $temp = static::BASE_FULL * $carry + $dividend[$i]; - $result[$i] = self::safe_divide($temp, $divisor); - $carry = (int)($temp - $divisor * $result[$i]); - } - - return [$result, $carry]; - } - - /** - * Single digit division - * - * Even if int64 is being used the division operator will return a float64 value - * if the dividend is not evenly divisible by the divisor. Since a float64 doesn't - * have the precision of int64 this is a problem so, when int64 is being used, - * we'll guarantee that the dividend is divisible by first subtracting the remainder. - * - * @param int $x - * @param int $y - * @return int - */ - private static function safe_divide($x, $y) - { - if (static::BASE === 26) { - return (int)($x / $y); - } - - // static::BASE === 31 - /** @var int */ - return ($x - ($x % $y)) / $y; - } - - /** - * Convert an array / boolean to a PHP BigInteger object - * - * @param array $arr - * @return static - */ - protected function convertToObj(array $arr) - { - $result = new static(); - $result->value = $arr[self::VALUE]; - $result->is_negative = $arr[self::SIGN]; - - return $this->normalize($result); - } - - /** - * Normalize - * - * Removes leading zeros and truncates (if necessary) to maintain the appropriate precision - * - * @param PHP $result - * @return static - */ - protected function normalize(PHP $result) - { - $result->precision = $this->precision; - $result->bitmask = $this->bitmask; - - $value = &$result->value; - - if (!count($value)) { - $result->is_negative = false; - return $result; - } - - $value = static::trim($value); - - if (!empty($result->bitmask->value)) { - $length = min(count($value), count($result->bitmask->value)); - $value = array_slice($value, 0, $length); - - for ($i = 0; $i < $length; ++$i) { - $value[$i] = $value[$i] & $result->bitmask->value[$i]; - } - - $value = static::trim($value); - } - - return $result; - } - - /** - * Compares two numbers. - * - * @param array $x_value - * @param bool $x_negative - * @param array $y_value - * @param bool $y_negative - * @return int - * @see static::compare() - */ - protected static function compareHelper(array $x_value, $x_negative, array $y_value, $y_negative) - { - if ($x_negative != $y_negative) { - return (!$x_negative && $y_negative) ? 1 : -1; - } - - $result = $x_negative ? -1 : 1; - - if (count($x_value) != count($y_value)) { - return (count($x_value) > count($y_value)) ? $result : -$result; - } - $size = max(count($x_value), count($y_value)); - - $x_value = array_pad($x_value, $size, 0); - $y_value = array_pad($y_value, $size, 0); - - for ($i = count($x_value) - 1; $i >= 0; --$i) { - if ($x_value[$i] != $y_value[$i]) { - return ($x_value[$i] > $y_value[$i]) ? $result : -$result; - } - } - - return 0; - } - - /** - * Absolute value. - * - * @return PHP - */ - public function abs() - { - $temp = new static(); - $temp->value = $this->value; - - return $temp; - } - - /** - * Trim - * - * Removes leading zeros - * - * @param list $value - * @return list - */ - protected static function trim(array $value) - { - for ($i = count($value) - 1; $i >= 0; --$i) { - if ($value[$i]) { - break; - } - unset($value[$i]); - } - - return $value; - } - - /** - * Logical Right Shift - * - * Shifts BigInteger's by $shift bits, effectively dividing by 2**$shift. - * - * @param int $shift - * @return PHP - */ - public function bitwise_rightShift($shift) - { - $temp = new static(); - - // could just replace lshift with this, but then all lshift() calls would need to be rewritten - // and I don't want to do that... - $temp->value = $this->value; - $temp->rshift($shift); - - return $this->normalize($temp); - } - - /** - * Logical Left Shift - * - * Shifts BigInteger's by $shift bits, effectively multiplying by 2**$shift. - * - * @param int $shift - * @return PHP - */ - public function bitwise_leftShift($shift) - { - $temp = new static(); - // could just replace _rshift with this, but then all _lshift() calls would need to be rewritten - // and I don't want to do that... - $temp->value = $this->value; - $temp->lshift($shift); - - return $this->normalize($temp); - } - - /** - * Converts 32-bit integers to bytes. - * - * @param int $x - * @return string - */ - private static function int2bytes($x) - { - return ltrim(pack('N', $x), chr(0)); - } - - /** - * Array Repeat - * - * @param int $input - * @param int $multiplier - * @return array - */ - protected static function array_repeat($input, $multiplier) - { - return $multiplier ? array_fill(0, $multiplier, $input) : []; - } - - /** - * Logical Left Shift - * - * Shifts BigInteger's by $shift bits. - * - * @param int $shift - */ - protected function lshift($shift) - { - if ($shift == 0) { - return; - } - - $num_digits = (int)($shift / static::BASE); - $shift %= static::BASE; - $shift = 1 << $shift; - - $carry = 0; - - for ($i = 0; $i < count($this->value); ++$i) { - $temp = $this->value[$i] * $shift + $carry; - $carry = static::BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31); - $this->value[$i] = (int)($temp - $carry * static::BASE_FULL); - } - - if ($carry) { - $this->value[count($this->value)] = $carry; - } - - while ($num_digits--) { - array_unshift($this->value, 0); - } - } - - /** - * Logical Right Shift - * - * Shifts BigInteger's by $shift bits. - * - * @param int $shift - */ - protected function rshift($shift) - { - if ($shift == 0) { - return; - } - - $num_digits = (int)($shift / static::BASE); - $shift %= static::BASE; - $carry_shift = static::BASE - $shift; - $carry_mask = (1 << $shift) - 1; - - if ($num_digits) { - $this->value = array_slice($this->value, $num_digits); - } - - $carry = 0; - - for ($i = count($this->value) - 1; $i >= 0; --$i) { - $temp = $this->value[$i] >> $shift | $carry; - $carry = ($this->value[$i] & $carry_mask) << $carry_shift; - $this->value[$i] = $temp; - } - - $this->value = static::trim($this->value); - } - - /** - * Performs modular exponentiation. - * - * @param PHP $e - * @param PHP $n - * @return PHP - */ - protected function powModInner(PHP $e, PHP $n) - { - try { - $class = static::$modexpEngine[static::class]; - return $class::powModHelper($this, $e, $n, static::class); - } catch (\Exception $err) { - return PHP\DefaultEngine::powModHelper($this, $e, $n, static::class); - } - } - - /** - * Performs squaring - * - * @param list $x - * @return list - */ - protected static function square(array $x) - { - return count($x) < 2 * self::KARATSUBA_CUTOFF ? - self::trim(self::baseSquare($x)) : - self::trim(self::karatsubaSquare($x)); - } - - /** - * Performs traditional squaring on two BigIntegers - * - * Squaring can be done faster than multiplying a number by itself can be. See - * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=7 HAC 14.2.4} / - * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=141 MPM 5.3} for more information. - * - * @param array $value - * @return array - */ - protected static function baseSquare(array $value) - { - if (empty($value)) { - return []; - } - $square_value = self::array_repeat(0, 2 * count($value)); - - for ($i = 0, $max_index = count($value) - 1; $i <= $max_index; ++$i) { - $i2 = $i << 1; - - $temp = $square_value[$i2] + $value[$i] * $value[$i]; - $carry = static::BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31); - $square_value[$i2] = (int)($temp - static::BASE_FULL * $carry); - - // note how we start from $i+1 instead of 0 as we do in multiplication. - for ($j = $i + 1, $k = $i2 + 1; $j <= $max_index; ++$j, ++$k) { - $temp = $square_value[$k] + 2 * $value[$j] * $value[$i] + $carry; - $carry = static::BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31); - $square_value[$k] = (int)($temp - static::BASE_FULL * $carry); - } - - // the following line can yield values larger 2**15. at this point, PHP should switch - // over to floats. - $square_value[$i + $max_index + 1] = $carry; - } - - return $square_value; - } - - /** - * Performs Karatsuba "squaring" on two BigIntegers - * - * See {@link http://en.wikipedia.org/wiki/Karatsuba_algorithm Karatsuba algorithm} and - * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=151 MPM 5.3.4}. - * - * @param array $value - * @return array - */ - protected static function karatsubaSquare(array $value) - { - $m = count($value) >> 1; - - if ($m < self::KARATSUBA_CUTOFF) { - return self::baseSquare($value); - } - - $x1 = array_slice($value, $m); - $x0 = array_slice($value, 0, $m); - - $z2 = self::karatsubaSquare($x1); - $z0 = self::karatsubaSquare($x0); - - $z1 = self::addHelper($x1, false, $x0, false); - $z1 = self::karatsubaSquare($z1[self::VALUE]); - $temp = self::addHelper($z2, false, $z0, false); - $z1 = self::subtractHelper($z1, false, $temp[self::VALUE], false); - - $z2 = array_merge(array_fill(0, 2 * $m, 0), $z2); - $z1[self::VALUE] = array_merge(array_fill(0, $m, 0), $z1[self::VALUE]); - - $xx = self::addHelper($z2, false, $z1[self::VALUE], $z1[self::SIGN]); - $xx = self::addHelper($xx[self::VALUE], $xx[self::SIGN], $z0, false); - - return $xx[self::VALUE]; - } - - /** - * Make the current number odd - * - * If the current number is odd it'll be unchanged. If it's even, one will be added to it. - * - * @see self::randomPrime() - */ - protected function make_odd() - { - $this->value[0] |= 1; - } - - /** - * Test the number against small primes. - * - * @see self::isPrime() - */ - protected function testSmallPrimes() - { - if ($this->value == [1]) { - return false; - } - if ($this->value == [2]) { - return true; - } - if (~$this->value[0] & 1) { - return false; - } - - $value = $this->value; - foreach (static::PRIMES as $prime) { - list(, $r) = self::divide_digit($value, $prime); - if (!$r) { - return count($value) == 1 && $value[0] == $prime; - } - } - - return true; - } - - /** - * Scan for 1 and right shift by that amount - * - * ie. $s = gmp_scan1($n, 0) and $r = gmp_div_q($n, gmp_pow(gmp_init('2'), $s)); - * - * @param PHP $r - * @return int - * @see self::isPrime() - */ - public static function scan1divide(PHP $r) - { - $r_value = &$r->value; - for ($i = 0, $r_length = count($r_value); $i < $r_length; ++$i) { - $temp = ~$r_value[$i] & static::MAX_DIGIT; - for ($j = 1; ($temp >> $j) & 1; ++$j) { - } - if ($j <= static::BASE) { - break; - } - } - $s = static::BASE * $i + $j; - $r->rshift($s); - return $s; - } - - /** - * Performs exponentiation. - * - * @param PHP $n - * @return PHP - */ - protected function powHelper(PHP $n) - { - if ($n->compare(static::$zero[static::class]) == 0) { - return new static(1); - } // n^0 = 1 - - $temp = clone $this; - while (!$n->equals(static::$one[static::class])) { - $temp = $temp->multiply($this); - $n = $n->subtract(static::$one[static::class]); - } - - return $temp; - } - - /** - * Is Odd? - * - * @return bool - */ - public function isOdd() - { - return (bool)($this->value[0] & 1); - } - - /** - * Tests if a bit is set - * - * @return bool - */ - public function testBit($x) - { - $digit = (int) floor($x / static::BASE); - $bit = $x % static::BASE; - - if (!isset($this->value[$digit])) { - return false; - } - - return (bool)($this->value[$digit] & (1 << $bit)); - } - - /** - * Is Negative? - * - * @return bool - */ - public function isNegative() - { - return $this->is_negative; - } - - /** - * Negate - * - * Given $k, returns -$k - * - * @return static - */ - public function negate() - { - $temp = clone $this; - $temp->is_negative = !$temp->is_negative; - - return $temp; - } - - /** - * Bitwise Split - * - * Splits BigInteger's into chunks of $split bits - * - * @param int $split - * @return list - */ - public function bitwise_split($split) - { - if ($split < 1) { - throw new \RuntimeException('Offset must be greater than 1'); - } - - $width = (int)($split / static::BASE); - if (!$width) { - $arr = $this->bitwise_small_split($split); - return array_map(function ($digit) { - $temp = new static(); - $temp->value = $digit != 0 ? [$digit] : []; - return $temp; - }, $arr); - } - - $vals = []; - $val = $this->value; - - $i = $overflow = 0; - $len = count($val); - while ($i < $len) { - $digit = []; - if (!$overflow) { - $digit = array_slice($val, $i, $width); - $i += $width; - $overflow = $split % static::BASE; - if ($overflow) { - $mask = (1 << $overflow) - 1; - $temp = isset($val[$i]) ? $val[$i] : 0; - $digit[] = $temp & $mask; - } - } else { - $remaining = static::BASE - $overflow; - $tempsplit = $split - $remaining; - $tempwidth = (int)($tempsplit / static::BASE + 1); - $digit = array_slice($val, $i, $tempwidth); - $i += $tempwidth; - $tempoverflow = $tempsplit % static::BASE; - if ($tempoverflow) { - $tempmask = (1 << $tempoverflow) - 1; - $temp = isset($val[$i]) ? $val[$i] : 0; - $digit[] = $temp & $tempmask; - } - $newbits = 0; - for ($j = count($digit) - 1; $j >= 0; $j--) { - $temp = $digit[$j] & $mask; - $digit[$j] = ($digit[$j] >> $overflow) | ($newbits << $remaining); - $newbits = $temp; - } - $overflow = $tempoverflow; - $mask = $tempmask; - } - $temp = new static(); - $temp->value = static::trim($digit); - $vals[] = $temp; - } - - return array_reverse($vals); - } - - /** - * Bitwise Split where $split < static::BASE - * - * @param int $split - * @return list - */ - private function bitwise_small_split($split) - { - $vals = []; - $val = $this->value; - - $mask = (1 << $split) - 1; - - $i = $overflow = 0; - $len = count($val); - $val[] = 0; - $remaining = static::BASE; - while ($i != $len) { - $digit = $val[$i] & $mask; - $val[$i] >>= $split; - if (!$overflow) { - $remaining -= $split; - $overflow = $split <= $remaining ? 0 : $split - $remaining; - - if (!$remaining) { - $i++; - $remaining = static::BASE; - $overflow = 0; - } - } elseif (++$i != $len) { - $tempmask = (1 << $overflow) - 1; - $digit |= ($val[$i] & $tempmask) << $remaining; - $val[$i] >>= $overflow; - $remaining = static::BASE - $overflow; - $overflow = $split <= $remaining ? 0 : $split - $remaining; - } - - $vals[] = $digit; - } - - while ($vals[count($vals) - 1] == 0) { - unset($vals[count($vals) - 1]); - } - - return array_reverse($vals); - } - - /** - * @return bool - */ - protected static function testJITOnWindows() - { - // see https://github.com/php/php-src/issues/11917 - if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN' && function_exists('opcache_get_status') && PHP_VERSION_ID < 80213 && !defined('PHPSECLIB_ALLOW_JIT')) { - $status = opcache_get_status(); - if ($status && isset($status['jit']) && $status['jit']['enabled'] && $status['jit']['on']) { - return true; - } - } - return false; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Base.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Base.php deleted file mode 100644 index 40f64bd..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Base.php +++ /dev/null @@ -1,143 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Math\BigInteger\Engines\PHP; - -use phpseclib3\Math\BigInteger\Engines\PHP; - -/** - * PHP Modular Exponentiation Engine - * - * @author Jim Wigginton - */ -abstract class Base extends PHP -{ - /** - * Cache constants - * - * $cache[self::VARIABLE] tells us whether or not the cached data is still valid. - * - */ - const VARIABLE = 0; - /** - * $cache[self::DATA] contains the cached data. - * - */ - const DATA = 1; - - /** - * Test for engine validity - * - * @return bool - */ - public static function isValidEngine() - { - return static::class != __CLASS__; - } - - /** - * Performs modular exponentiation. - * - * The most naive approach to modular exponentiation has very unreasonable requirements, and - * and although the approach involving repeated squaring does vastly better, it, too, is impractical - * for our purposes. The reason being that division - by far the most complicated and time-consuming - * of the basic operations (eg. +,-,*,/) - occurs multiple times within it. - * - * Modular reductions resolve this issue. Although an individual modular reduction takes more time - * then an individual division, when performed in succession (with the same modulo), they're a lot faster. - * - * The two most commonly used modular reductions are Barrett and Montgomery reduction. Montgomery reduction, - * although faster, only works when the gcd of the modulo and of the base being used is 1. In RSA, when the - * base is a power of two, the modulo - a product of two primes - is always going to have a gcd of 1 (because - * the product of two odd numbers is odd), but what about when RSA isn't used? - * - * In contrast, Barrett reduction has no such constraint. As such, some bigint implementations perform a - * Barrett reduction after every operation in the modpow function. Others perform Barrett reductions when the - * modulo is even and Montgomery reductions when the modulo is odd. BigInteger.java's modPow method, however, - * uses a trick involving the Chinese Remainder Theorem to factor the even modulo into two numbers - one odd and - * the other, a power of two - and recombine them, later. This is the method that this modPow function uses. - * {@link http://islab.oregonstate.edu/papers/j34monex.pdf Montgomery Reduction with Even Modulus} elaborates. - * - * @param PHP $x - * @param PHP $e - * @param PHP $n - * @param string $class - * @return PHP - */ - protected static function powModHelper(PHP $x, PHP $e, PHP $n, $class) - { - if (empty($e->value)) { - $temp = new $class(); - $temp->value = [1]; - return $x->normalize($temp); - } - - if ($e->value == [1]) { - list(, $temp) = $x->divide($n); - return $x->normalize($temp); - } - - if ($e->value == [2]) { - $temp = new $class(); - $temp->value = $class::square($x->value); - list(, $temp) = $temp->divide($n); - return $x->normalize($temp); - } - - return $x->normalize(static::slidingWindow($x, $e, $n, $class)); - } - - /** - * Modular reduction preparation - * - * @param array $x - * @param array $n - * @param string $class - * @see self::slidingWindow() - * @return array - */ - protected static function prepareReduce(array $x, array $n, $class) - { - return static::reduce($x, $n, $class); - } - - /** - * Modular multiply - * - * @param array $x - * @param array $y - * @param array $n - * @param string $class - * @see self::slidingWindow() - * @return array - */ - protected static function multiplyReduce(array $x, array $y, array $n, $class) - { - $temp = $class::multiplyHelper($x, false, $y, false); - return static::reduce($temp[self::VALUE], $n, $class); - } - - /** - * Modular square - * - * @param array $x - * @param array $n - * @param string $class - * @see self::slidingWindow() - * @return array - */ - protected static function squareReduce(array $x, array $n, $class) - { - return static::reduce($class::square($x), $n, $class); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/DefaultEngine.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/DefaultEngine.php deleted file mode 100644 index 6d33532..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/DefaultEngine.php +++ /dev/null @@ -1,25 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Math\BigInteger\Engines\PHP; - -use phpseclib3\Math\BigInteger\Engines\PHP\Reductions\EvalBarrett; - -/** - * PHP Default Modular Exponentiation Engine - * - * @author Jim Wigginton - */ -abstract class DefaultEngine extends EvalBarrett -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Montgomery.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Montgomery.php deleted file mode 100644 index 09f825f..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Montgomery.php +++ /dev/null @@ -1,89 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Math\BigInteger\Engines\PHP; - -use phpseclib3\Math\BigInteger\Engines\Engine; -use phpseclib3\Math\BigInteger\Engines\PHP; -use phpseclib3\Math\BigInteger\Engines\PHP\Reductions\PowerOfTwo; - -/** - * PHP Montgomery Modular Exponentiation Engine - * - * @author Jim Wigginton - */ -abstract class Montgomery extends Base -{ - /** - * Test for engine validity - * - * @return bool - */ - public static function isValidEngine() - { - return static::class != __CLASS__; - } - - /** - * Performs modular exponentiation. - * - * @template T of Engine - * @param Engine $x - * @param Engine $e - * @param Engine $n - * @param class-string $class - * @return T - */ - protected static function slidingWindow(Engine $x, Engine $e, Engine $n, $class) - { - // is the modulo odd? - if ($n->value[0] & 1) { - return parent::slidingWindow($x, $e, $n, $class); - } - // if it's not, it's even - - // find the lowest set bit (eg. the max pow of 2 that divides $n) - for ($i = 0; $i < count($n->value); ++$i) { - if ($n->value[$i]) { - $temp = decbin($n->value[$i]); - $j = strlen($temp) - strrpos($temp, '1') - 1; - $j += $class::BASE * $i; - break; - } - } - // at this point, 2^$j * $n/(2^$j) == $n - - $mod1 = clone $n; - $mod1->rshift($j); - $mod2 = new $class(); - $mod2->value = [1]; - $mod2->lshift($j); - - $part1 = $mod1->value != [1] ? parent::slidingWindow($x, $e, $mod1, $class) : new $class(); - $part2 = PowerOfTwo::slidingWindow($x, $e, $mod2, $class); - - $y1 = $mod2->modInverse($mod1); - $y2 = $mod1->modInverse($mod2); - - $result = $part1->multiply($mod2); - $result = $result->multiply($y1); - - $temp = $part2->multiply($mod1); - $temp = $temp->multiply($y2); - - $result = $result->add($temp); - list(, $result) = $result->divide($n); - - return $result; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/OpenSSL.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/OpenSSL.php deleted file mode 100644 index eddd25e..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/OpenSSL.php +++ /dev/null @@ -1,25 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Math\BigInteger\Engines\PHP; - -use phpseclib3\Math\BigInteger\Engines\OpenSSL as Progenitor; - -/** - * OpenSSL Modular Exponentiation Engine - * - * @author Jim Wigginton - */ -abstract class OpenSSL extends Progenitor -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Barrett.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Barrett.php deleted file mode 100644 index 3518d76..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Barrett.php +++ /dev/null @@ -1,281 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Math\BigInteger\Engines\PHP\Reductions; - -use phpseclib3\Math\BigInteger\Engines\PHP; -use phpseclib3\Math\BigInteger\Engines\PHP\Base; - -/** - * PHP Barrett Modular Exponentiation Engine - * - * @author Jim Wigginton - */ -abstract class Barrett extends Base -{ - /** - * Barrett Modular Reduction - * - * See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=14 HAC 14.3.3} / - * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=165 MPM 6.2.5} for more information. Modified slightly, - * so as not to require negative numbers (initially, this script didn't support negative numbers). - * - * Employs "folding", as described at - * {@link http://www.cosic.esat.kuleuven.be/publications/thesis-149.pdf#page=66 thesis-149.pdf#page=66}. To quote from - * it, "the idea [behind folding] is to find a value x' such that x (mod m) = x' (mod m), with x' being smaller than x." - * - * Unfortunately, the "Barrett Reduction with Folding" algorithm described in thesis-149.pdf is not, as written, all that - * usable on account of (1) its not using reasonable radix points as discussed in - * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=162 MPM 6.2.2} and (2) the fact that, even with reasonable - * radix points, it only works when there are an even number of digits in the denominator. The reason for (2) is that - * (x >> 1) + (x >> 1) != x / 2 + x / 2. If x is even, they're the same, but if x is odd, they're not. See the in-line - * comments for details. - * - * @param array $n - * @param array $m - * @param class-string $class - * @return array - */ - protected static function reduce(array $n, array $m, $class) - { - static $cache = [ - self::VARIABLE => [], - self::DATA => [] - ]; - - $m_length = count($m); - - // if (self::compareHelper($n, $static::square($m)) >= 0) { - if (count($n) > 2 * $m_length) { - $lhs = new $class(); - $rhs = new $class(); - $lhs->value = $n; - $rhs->value = $m; - list(, $temp) = $lhs->divide($rhs); - return $temp->value; - } - - // if (m.length >> 1) + 2 <= m.length then m is too small and n can't be reduced - if ($m_length < 5) { - return self::regularBarrett($n, $m, $class); - } - // n = 2 * m.length - - if (($key = array_search($m, $cache[self::VARIABLE])) === false) { - $key = count($cache[self::VARIABLE]); - $cache[self::VARIABLE][] = $m; - - $lhs = new $class(); - $lhs_value = &$lhs->value; - $lhs_value = self::array_repeat(0, $m_length + ($m_length >> 1)); - $lhs_value[] = 1; - $rhs = new $class(); - $rhs->value = $m; - - list($u, $m1) = $lhs->divide($rhs); - $u = $u->value; - $m1 = $m1->value; - - $cache[self::DATA][] = [ - 'u' => $u, // m.length >> 1 (technically (m.length >> 1) + 1) - 'm1' => $m1 // m.length - ]; - } else { - extract($cache[self::DATA][$key]); - } - - $cutoff = $m_length + ($m_length >> 1); - $lsd = array_slice($n, 0, $cutoff); // m.length + (m.length >> 1) - $msd = array_slice($n, $cutoff); // m.length >> 1 - - $lsd = self::trim($lsd); - $temp = $class::multiplyHelper($msd, false, $m1, false); // m.length + (m.length >> 1) - $n = $class::addHelper($lsd, false, $temp[self::VALUE], false); // m.length + (m.length >> 1) + 1 (so basically we're adding two same length numbers) - //if ($m_length & 1) { - // return self::regularBarrett($n[self::VALUE], $m, $class); - //} - - // (m.length + (m.length >> 1) + 1) - (m.length - 1) == (m.length >> 1) + 2 - $temp = array_slice($n[self::VALUE], $m_length - 1); - // if even: ((m.length >> 1) + 2) + (m.length >> 1) == m.length + 2 - // if odd: ((m.length >> 1) + 2) + (m.length >> 1) == (m.length - 1) + 2 == m.length + 1 - $temp = $class::multiplyHelper($temp, false, $u, false); - // if even: (m.length + 2) - ((m.length >> 1) + 1) = m.length - (m.length >> 1) + 1 - // if odd: (m.length + 1) - ((m.length >> 1) + 1) = m.length - (m.length >> 1) - $temp = array_slice($temp[self::VALUE], ($m_length >> 1) + 1); - // if even: (m.length - (m.length >> 1) + 1) + m.length = 2 * m.length - (m.length >> 1) + 1 - // if odd: (m.length - (m.length >> 1)) + m.length = 2 * m.length - (m.length >> 1) - $temp = $class::multiplyHelper($temp, false, $m, false); - - // at this point, if m had an odd number of digits, we'd be subtracting a 2 * m.length - (m.length >> 1) digit - // number from a m.length + (m.length >> 1) + 1 digit number. ie. there'd be an extra digit and the while loop - // following this comment would loop a lot (hence our calling _regularBarrett() in that situation). - - $result = $class::subtractHelper($n[self::VALUE], false, $temp[self::VALUE], false); - - while (self::compareHelper($result[self::VALUE], $result[self::SIGN], $m, false) >= 0) { - $result = $class::subtractHelper($result[self::VALUE], $result[self::SIGN], $m, false); - } - - return $result[self::VALUE]; - } - - /** - * (Regular) Barrett Modular Reduction - * - * For numbers with more than four digits BigInteger::_barrett() is faster. The difference between that and this - * is that this function does not fold the denominator into a smaller form. - * - * @param array $x - * @param array $n - * @param string $class - * @return array - */ - private static function regularBarrett(array $x, array $n, $class) - { - static $cache = [ - self::VARIABLE => [], - self::DATA => [] - ]; - - $n_length = count($n); - - if (count($x) > 2 * $n_length) { - $lhs = new $class(); - $rhs = new $class(); - $lhs->value = $x; - $rhs->value = $n; - list(, $temp) = $lhs->divide($rhs); - return $temp->value; - } - - if (($key = array_search($n, $cache[self::VARIABLE])) === false) { - $key = count($cache[self::VARIABLE]); - $cache[self::VARIABLE][] = $n; - $lhs = new $class(); - $lhs_value = &$lhs->value; - $lhs_value = self::array_repeat(0, 2 * $n_length); - $lhs_value[] = 1; - $rhs = new $class(); - $rhs->value = $n; - list($temp, ) = $lhs->divide($rhs); // m.length - $cache[self::DATA][] = $temp->value; - } - - // 2 * m.length - (m.length - 1) = m.length + 1 - $temp = array_slice($x, $n_length - 1); - // (m.length + 1) + m.length = 2 * m.length + 1 - $temp = $class::multiplyHelper($temp, false, $cache[self::DATA][$key], false); - // (2 * m.length + 1) - (m.length - 1) = m.length + 2 - $temp = array_slice($temp[self::VALUE], $n_length + 1); - - // m.length + 1 - $result = array_slice($x, 0, $n_length + 1); - // m.length + 1 - $temp = self::multiplyLower($temp, false, $n, false, $n_length + 1, $class); - // $temp == array_slice($class::regularMultiply($temp, false, $n, false)->value, 0, $n_length + 1) - - if (self::compareHelper($result, false, $temp[self::VALUE], $temp[self::SIGN]) < 0) { - $corrector_value = self::array_repeat(0, $n_length + 1); - $corrector_value[count($corrector_value)] = 1; - $result = $class::addHelper($result, false, $corrector_value, false); - $result = $result[self::VALUE]; - } - - // at this point, we're subtracting a number with m.length + 1 digits from another number with m.length + 1 digits - $result = $class::subtractHelper($result, false, $temp[self::VALUE], $temp[self::SIGN]); - while (self::compareHelper($result[self::VALUE], $result[self::SIGN], $n, false) > 0) { - $result = $class::subtractHelper($result[self::VALUE], $result[self::SIGN], $n, false); - } - - return $result[self::VALUE]; - } - - /** - * Performs long multiplication up to $stop digits - * - * If you're going to be doing array_slice($product->value, 0, $stop), some cycles can be saved. - * - * @see self::regularBarrett() - * @param array $x_value - * @param bool $x_negative - * @param array $y_value - * @param bool $y_negative - * @param int $stop - * @param string $class - * @return array - */ - private static function multiplyLower(array $x_value, $x_negative, array $y_value, $y_negative, $stop, $class) - { - $x_length = count($x_value); - $y_length = count($y_value); - - if (!$x_length || !$y_length) { // a 0 is being multiplied - return [ - self::VALUE => [], - self::SIGN => false - ]; - } - - if ($x_length < $y_length) { - $temp = $x_value; - $x_value = $y_value; - $y_value = $temp; - - $x_length = count($x_value); - $y_length = count($y_value); - } - - $product_value = self::array_repeat(0, $x_length + $y_length); - - // the following for loop could be removed if the for loop following it - // (the one with nested for loops) initially set $i to 0, but - // doing so would also make the result in one set of unnecessary adds, - // since on the outermost loops first pass, $product->value[$k] is going - // to always be 0 - - $carry = 0; - - for ($j = 0; $j < $x_length; ++$j) { // ie. $i = 0, $k = $i - $temp = $x_value[$j] * $y_value[0] + $carry; // $product_value[$k] == 0 - $carry = $class::BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31); - $product_value[$j] = (int) ($temp - $class::BASE_FULL * $carry); - } - - if ($j < $stop) { - $product_value[$j] = $carry; - } - - // the above for loop is what the previous comment was talking about. the - // following for loop is the "one with nested for loops" - - for ($i = 1; $i < $y_length; ++$i) { - $carry = 0; - - for ($j = 0, $k = $i; $j < $x_length && $k < $stop; ++$j, ++$k) { - $temp = $product_value[$k] + $x_value[$j] * $y_value[$i] + $carry; - $carry = $class::BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31); - $product_value[$k] = (int) ($temp - $class::BASE_FULL * $carry); - } - - if ($k < $stop) { - $product_value[$k] = $carry; - } - } - - return [ - self::VALUE => self::trim($product_value), - self::SIGN => $x_negative != $y_negative - ]; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Classic.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Classic.php deleted file mode 100644 index 54f3b86..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Classic.php +++ /dev/null @@ -1,42 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Math\BigInteger\Engines\PHP\Reductions; - -use phpseclib3\Math\BigInteger\Engines\PHP\Base; - -/** - * PHP Classic Modular Exponentiation Engine - * - * @author Jim Wigginton - */ -abstract class Classic extends Base -{ - /** - * Regular Division - * - * @param array $x - * @param array $n - * @param string $class - * @return array - */ - protected static function reduce(array $x, array $n, $class) - { - $lhs = new $class(); - $lhs->value = $x; - $rhs = new $class(); - $rhs->value = $n; - list(, $temp) = $lhs->divide($rhs); - return $temp->value; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/EvalBarrett.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/EvalBarrett.php deleted file mode 100644 index 2f94331..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/EvalBarrett.php +++ /dev/null @@ -1,484 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Math\BigInteger\Engines\PHP\Reductions; - -use phpseclib3\Math\BigInteger\Engines\PHP; -use phpseclib3\Math\BigInteger\Engines\PHP\Base; - -/** - * PHP Dynamic Barrett Modular Exponentiation Engine - * - * @author Jim Wigginton - */ -abstract class EvalBarrett extends Base -{ - /** - * Custom Reduction Function - * - * @see self::generateCustomReduction - */ - private static $custom_reduction; - - /** - * Barrett Modular Reduction - * - * This calls a dynamically generated loop unrolled function that's specific to a given modulo. - * Array lookups are avoided as are if statements testing for how many bits the host OS supports, etc. - * - * @param array $n - * @param array $m - * @param string $class - * @return array - */ - protected static function reduce(array $n, array $m, $class) - { - $inline = self::$custom_reduction; - return $inline($n); - } - - /** - * Generate Custom Reduction - * - * @param PHP $m - * @param string $class - * @return callable - */ - protected static function generateCustomReduction(PHP $m, $class) - { - $m_length = count($m->value); - - if ($m_length < 5) { - $code = ' - $lhs = new ' . $class . '(); - $lhs->value = $x; - $rhs = new ' . $class . '(); - $rhs->value = [' . - implode(',', array_map(self::class . '::float2string', $m->value)) . ']; - list(, $temp) = $lhs->divide($rhs); - return $temp->value; - '; - eval('$func = function ($x) { ' . $code . '};'); - self::$custom_reduction = $func; - //self::$custom_reduction = \Closure::bind($func, $m, $class); - return $func; - } - - $lhs = new $class(); - $lhs_value = &$lhs->value; - - $lhs_value = self::array_repeat(0, $m_length + ($m_length >> 1)); - $lhs_value[] = 1; - $rhs = new $class(); - - list($u, $m1) = $lhs->divide($m); - - if ($class::BASE != 26) { - $u = $u->value; - } else { - $lhs_value = self::array_repeat(0, 2 * $m_length); - $lhs_value[] = 1; - $rhs = new $class(); - - list($u) = $lhs->divide($m); - $u = $u->value; - } - - $m = $m->value; - $m1 = $m1->value; - - $cutoff = count($m) + (count($m) >> 1); - - $code = ' - if (count($n) > ' . (2 * count($m)) . ') { - $lhs = new ' . $class . '(); - $rhs = new ' . $class . '(); - $lhs->value = $n; - $rhs->value = [' . - implode(',', array_map(self::class . '::float2string', $m)) . ']; - list(, $temp) = $lhs->divide($rhs); - return $temp->value; - } - - $lsd = array_slice($n, 0, ' . $cutoff . '); - $msd = array_slice($n, ' . $cutoff . ');'; - - $code .= self::generateInlineTrim('msd'); - $code .= self::generateInlineMultiply('msd', $m1, 'temp', $class); - $code .= self::generateInlineAdd('lsd', 'temp', 'n', $class); - - $code .= '$temp = array_slice($n, ' . (count($m) - 1) . ');'; - $code .= self::generateInlineMultiply('temp', $u, 'temp2', $class); - $code .= self::generateInlineTrim('temp2'); - - $code .= $class::BASE == 26 ? - '$temp = array_slice($temp2, ' . (count($m) + 1) . ');' : - '$temp = array_slice($temp2, ' . ((count($m) >> 1) + 1) . ');'; - $code .= self::generateInlineMultiply('temp', $m, 'temp2', $class); - $code .= self::generateInlineTrim('temp2'); - - /* - if ($class::BASE == 26) { - $code.= '$n = array_slice($n, 0, ' . (count($m) + 1) . '); - $temp2 = array_slice($temp2, 0, ' . (count($m) + 1) . ');'; - } - */ - - $code .= self::generateInlineSubtract2('n', 'temp2', 'temp', $class); - - $subcode = self::generateInlineSubtract1('temp', $m, 'temp2', $class); - $subcode .= '$temp = $temp2;'; - - $code .= self::generateInlineCompare($m, 'temp', $subcode); - - $code .= 'return $temp;'; - - eval('$func = function ($n) { ' . $code . '};'); - - self::$custom_reduction = $func; - - return $func; - - //self::$custom_reduction = \Closure::bind($func, $m, $class); - } - - /** - * Inline Trim - * - * Removes leading zeros - * - * @param string $name - * @return string - */ - private static function generateInlineTrim($name) - { - return ' - for ($i = count($' . $name . ') - 1; $i >= 0; --$i) { - if ($' . $name . '[$i]) { - break; - } - unset($' . $name . '[$i]); - }'; - } - - /** - * Inline Multiply (unknown, known) - * - * @param string $input - * @param array $arr - * @param string $output - * @param string $class - * @return string - */ - private static function generateInlineMultiply($input, array $arr, $output, $class) - { - if (!count($arr)) { - return 'return [];'; - } - - $regular = ' - $length = count($' . $input . '); - if (!$length) { - $' . $output . ' = []; - }else{ - $' . $output . ' = array_fill(0, $length + ' . count($arr) . ', 0); - $carry = 0;'; - - for ($i = 0; $i < count($arr); $i++) { - $regular .= ' - $subtemp = $' . $input . '[0] * ' . $arr[$i]; - $regular .= $i ? ' + $carry;' : ';'; - - $regular .= '$carry = '; - $regular .= $class::BASE === 26 ? - 'intval($subtemp / 0x4000000);' : - '$subtemp >> 31;'; - $regular .= - '$' . $output . '[' . $i . '] = '; - if ($class::BASE === 26) { - $regular .= '(int) ('; - } - $regular .= '$subtemp - ' . $class::BASE_FULL . ' * $carry'; - $regular .= $class::BASE === 26 ? ');' : ';'; - } - - $regular .= '$' . $output . '[' . count($arr) . '] = $carry;'; - - $regular .= ' - for ($i = 1; $i < $length; ++$i) {'; - - for ($j = 0; $j < count($arr); $j++) { - $regular .= $j ? '$k++;' : '$k = $i;'; - $regular .= ' - $subtemp = $' . $output . '[$k] + $' . $input . '[$i] * ' . $arr[$j]; - $regular .= $j ? ' + $carry;' : ';'; - - $regular .= '$carry = '; - $regular .= $class::BASE === 26 ? - 'intval($subtemp / 0x4000000);' : - '$subtemp >> 31;'; - $regular .= - '$' . $output . '[$k] = '; - if ($class::BASE === 26) { - $regular .= '(int) ('; - } - $regular .= '$subtemp - ' . $class::BASE_FULL . ' * $carry'; - $regular .= $class::BASE === 26 ? ');' : ';'; - } - - $regular .= '$' . $output . '[++$k] = $carry; $carry = 0;'; - - $regular .= '}}'; - - //if (count($arr) < 2 * self::KARATSUBA_CUTOFF) { - //} - - return $regular; - } - - /** - * Inline Addition - * - * @param string $x - * @param string $y - * @param string $result - * @param string $class - * @return string - */ - private static function generateInlineAdd($x, $y, $result, $class) - { - $code = ' - $length = max(count($' . $x . '), count($' . $y . ')); - $' . $result . ' = array_pad($' . $x . ', $length + 1, 0); - $_' . $y . ' = array_pad($' . $y . ', $length, 0); - $carry = 0; - for ($i = 0, $j = 1; $j < $length; $i+=2, $j+=2) { - $sum = ($' . $result . '[$j] + $_' . $y . '[$j]) * ' . $class::BASE_FULL . ' - + $' . $result . '[$i] + $_' . $y . '[$i] + - $carry; - $carry = $sum >= ' . self::float2string($class::MAX_DIGIT2) . '; - $sum = $carry ? $sum - ' . self::float2string($class::MAX_DIGIT2) . ' : $sum;'; - - $code .= $class::BASE === 26 ? - '$upper = intval($sum / 0x4000000); $' . $result . '[$i] = (int) ($sum - ' . $class::BASE_FULL . ' * $upper);' : - '$upper = $sum >> 31; $' . $result . '[$i] = $sum - ' . $class::BASE_FULL . ' * $upper;'; - $code .= ' - $' . $result . '[$j] = $upper; - } - if ($j == $length) { - $sum = $' . $result . '[$i] + $_' . $y . '[$i] + $carry; - $carry = $sum >= ' . self::float2string($class::BASE_FULL) . '; - $' . $result . '[$i] = $carry ? $sum - ' . self::float2string($class::BASE_FULL) . ' : $sum; - ++$i; - } - if ($carry) { - for (; $' . $result . '[$i] == ' . $class::MAX_DIGIT . '; ++$i) { - $' . $result . '[$i] = 0; - } - ++$' . $result . '[$i]; - }'; - $code .= self::generateInlineTrim($result); - - return $code; - } - - /** - * Inline Subtraction 2 - * - * For when $known is more digits than $unknown. This is the harder use case to optimize for. - * - * @param string $known - * @param string $unknown - * @param string $result - * @param string $class - * @return string - */ - private static function generateInlineSubtract2($known, $unknown, $result, $class) - { - $code = ' - $' . $result . ' = $' . $known . '; - $carry = 0; - $size = count($' . $unknown . '); - for ($i = 0, $j = 1; $j < $size; $i+= 2, $j+= 2) { - $sum = ($' . $known . '[$j] - $' . $unknown . '[$j]) * ' . $class::BASE_FULL . ' + $' . $known . '[$i] - - $' . $unknown . '[$i] - - $carry; - $carry = $sum < 0; - if ($carry) { - $sum+= ' . self::float2string($class::MAX_DIGIT2) . '; - } - $subtemp = '; - $code .= $class::BASE === 26 ? - 'intval($sum / 0x4000000);' : - '$sum >> 31;'; - $code .= '$' . $result . '[$i] = '; - if ($class::BASE === 26) { - $code .= '(int) ('; - } - $code .= '$sum - ' . $class::BASE_FULL . ' * $subtemp'; - if ($class::BASE === 26) { - $code .= ')'; - } - $code .= '; - $' . $result . '[$j] = $subtemp; - } - if ($j == $size) { - $sum = $' . $known . '[$i] - $' . $unknown . '[$i] - $carry; - $carry = $sum < 0; - $' . $result . '[$i] = $carry ? $sum + ' . $class::BASE_FULL . ' : $sum; - ++$i; - } - - if ($carry) { - for (; !$' . $result . '[$i]; ++$i) { - $' . $result . '[$i] = ' . $class::MAX_DIGIT . '; - } - --$' . $result . '[$i]; - }'; - - $code .= self::generateInlineTrim($result); - - return $code; - } - - /** - * Inline Subtraction 1 - * - * For when $unknown is more digits than $known. This is the easier use case to optimize for. - * - * @param string $unknown - * @param array $known - * @param string $result - * @param string $class - * @return string - */ - private static function generateInlineSubtract1($unknown, array $known, $result, $class) - { - $code = '$' . $result . ' = $' . $unknown . ';'; - for ($i = 0, $j = 1; $j < count($known); $i += 2, $j += 2) { - $code .= '$sum = $' . $unknown . '[' . $j . '] * ' . $class::BASE_FULL . ' + $' . $unknown . '[' . $i . '] - '; - $code .= self::float2string($known[$j] * $class::BASE_FULL + $known[$i]); - if ($i != 0) { - $code .= ' - $carry'; - } - - $code .= '; - if ($carry = $sum < 0) { - $sum+= ' . self::float2string($class::MAX_DIGIT2) . '; - } - $subtemp = '; - $code .= $class::BASE === 26 ? - 'intval($sum / 0x4000000);' : - '$sum >> 31;'; - $code .= ' - $' . $result . '[' . $i . '] = '; - if ($class::BASE === 26) { - $code .= ' (int) ('; - } - $code .= '$sum - ' . $class::BASE_FULL . ' * $subtemp'; - if ($class::BASE === 26) { - $code .= ')'; - } - $code .= '; - $' . $result . '[' . $j . '] = $subtemp;'; - } - - $code .= '$i = ' . $i . ';'; - - if ($j == count($known)) { - $code .= ' - $sum = $' . $unknown . '[' . $i . '] - ' . $known[$i] . ' - $carry; - $carry = $sum < 0; - $' . $result . '[' . $i . '] = $carry ? $sum + ' . $class::BASE_FULL . ' : $sum; - ++$i;'; - } - - $code .= ' - if ($carry) { - for (; !$' . $result . '[$i]; ++$i) { - $' . $result . '[$i] = ' . $class::MAX_DIGIT . '; - } - --$' . $result . '[$i]; - }'; - $code .= self::generateInlineTrim($result); - - return $code; - } - - /** - * Inline Comparison - * - * If $unknown >= $known then loop - * - * @param array $known - * @param string $unknown - * @param string $subcode - * @return string - */ - private static function generateInlineCompare(array $known, $unknown, $subcode) - { - $uniqid = uniqid(); - $code = 'loop_' . $uniqid . ': - $clength = count($' . $unknown . '); - switch (true) { - case $clength < ' . count($known) . ': - goto end_' . $uniqid . '; - case $clength > ' . count($known) . ':'; - for ($i = count($known) - 1; $i >= 0; $i--) { - $code .= ' - case $' . $unknown . '[' . $i . '] > ' . $known[$i] . ': - goto subcode_' . $uniqid . '; - case $' . $unknown . '[' . $i . '] < ' . $known[$i] . ': - goto end_' . $uniqid . ';'; - } - $code .= ' - default: - // do subcode - } - - subcode_' . $uniqid . ':' . $subcode . ' - goto loop_' . $uniqid . '; - - end_' . $uniqid . ':'; - - return $code; - } - - /** - * Convert a float to a string - * - * If you do echo floatval(pow(2, 52)) you'll get 4.6116860184274E+18. It /can/ be displayed without a loss of - * precision but displayed in this way there will be precision loss, hence the need for this method. - * - * @param int|float $num - * @return string - */ - private static function float2string($num) - { - if (!is_float($num)) { - return (string) $num; - } - - if ($num < 0) { - return '-' . self::float2string(abs($num)); - } - - $temp = ''; - while ($num) { - $temp = fmod($num, 10) . $temp; - $num = floor($num / 10); - } - - return $temp; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Montgomery.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Montgomery.php deleted file mode 100644 index a34035e..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Montgomery.php +++ /dev/null @@ -1,126 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Math\BigInteger\Engines\PHP\Reductions; - -use phpseclib3\Math\BigInteger\Engines\PHP\Montgomery as Progenitor; - -/** - * PHP Montgomery Modular Exponentiation Engine - * - * @author Jim Wigginton - */ -abstract class Montgomery extends Progenitor -{ - /** - * Prepare a number for use in Montgomery Modular Reductions - * - * @param array $x - * @param array $n - * @param string $class - * @return array - */ - protected static function prepareReduce(array $x, array $n, $class) - { - $lhs = new $class(); - $lhs->value = array_merge(self::array_repeat(0, count($n)), $x); - $rhs = new $class(); - $rhs->value = $n; - - list(, $temp) = $lhs->divide($rhs); - return $temp->value; - } - - /** - * Montgomery Multiply - * - * Interleaves the montgomery reduction and long multiplication algorithms together as described in - * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=13 HAC 14.36} - * - * @param array $x - * @param array $n - * @param string $class - * @return array - */ - protected static function reduce(array $x, array $n, $class) - { - static $cache = [ - self::VARIABLE => [], - self::DATA => [] - ]; - - if (($key = array_search($n, $cache[self::VARIABLE])) === false) { - $key = count($cache[self::VARIABLE]); - $cache[self::VARIABLE][] = $x; - $cache[self::DATA][] = self::modInverse67108864($n, $class); - } - - $k = count($n); - - $result = [self::VALUE => $x]; - - for ($i = 0; $i < $k; ++$i) { - $temp = $result[self::VALUE][$i] * $cache[self::DATA][$key]; - $temp = $temp - $class::BASE_FULL * ($class::BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31)); - $temp = $class::regularMultiply([$temp], $n); - $temp = array_merge(self::array_repeat(0, $i), $temp); - $result = $class::addHelper($result[self::VALUE], false, $temp, false); - } - - $result[self::VALUE] = array_slice($result[self::VALUE], $k); - - if (self::compareHelper($result, false, $n, false) >= 0) { - $result = $class::subtractHelper($result[self::VALUE], false, $n, false); - } - - return $result[self::VALUE]; - } - - /** - * Modular Inverse of a number mod 2**26 (eg. 67108864) - * - * Based off of the bnpInvDigit function implemented and justified in the following URL: - * - * {@link http://www-cs-students.stanford.edu/~tjw/jsbn/jsbn.js} - * - * The following URL provides more info: - * - * {@link http://groups.google.com/group/sci.crypt/msg/7a137205c1be7d85} - * - * As for why we do all the bitmasking... strange things can happen when converting from floats to ints. For - * instance, on some computers, var_dump((int) -4294967297) yields int(-1) and on others, it yields - * int(-2147483648). To avoid problems stemming from this, we use bitmasks to guarantee that ints aren't - * auto-converted to floats. The outermost bitmask is present because without it, there's no guarantee that - * the "residue" returned would be the so-called "common residue". We use fmod, in the last step, because the - * maximum possible $x is 26 bits and the maximum $result is 16 bits. Thus, we have to be able to handle up to - * 40 bits, which only 64-bit floating points will support. - * - * Thanks to Pedro Gimeno Fortea for input! - * - * @param array $x - * @param string $class - * @return int - */ - protected static function modInverse67108864(array $x, $class) // 2**26 == 67,108,864 - { - $x = -$x[0]; - $result = $x & 0x3; // x**-1 mod 2**2 - $result = ($result * (2 - $x * $result)) & 0xF; // x**-1 mod 2**4 - $result = ($result * (2 - ($x & 0xFF) * $result)) & 0xFF; // x**-1 mod 2**8 - $result = ($result * ((2 - ($x & 0xFFFF) * $result) & 0xFFFF)) & 0xFFFF; // x**-1 mod 2**16 - $result = $class::BASE == 26 ? - fmod($result * (2 - fmod($x * $result, $class::BASE_FULL)), $class::BASE_FULL) : // x**-1 mod 2**26 - ($result * (2 - ($x * $result) % $class::BASE_FULL)) % $class::BASE_FULL; - return $result & $class::MAX_DIGIT; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/MontgomeryMult.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/MontgomeryMult.php deleted file mode 100644 index 4fed3c3..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/MontgomeryMult.php +++ /dev/null @@ -1,76 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Math\BigInteger\Engines\PHP\Reductions; - -use phpseclib3\Math\BigInteger\Engines\PHP; - -/** - * PHP Montgomery Modular Exponentiation Engine with interleaved multiplication - * - * @author Jim Wigginton - */ -abstract class MontgomeryMult extends Montgomery -{ - /** - * Montgomery Multiply - * - * Interleaves the montgomery reduction and long multiplication algorithms together as described in - * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=13 HAC 14.36} - * - * @see self::_prepMontgomery() - * @see self::_montgomery() - * @param array $x - * @param array $y - * @param array $m - * @param class-string $class - * @return array - */ - public static function multiplyReduce(array $x, array $y, array $m, $class) - { - // the following code, although not callable, can be run independently of the above code - // although the above code performed better in my benchmarks the following could might - // perform better under different circumstances. in lieu of deleting it it's just been - // made uncallable - - static $cache = [ - self::VARIABLE => [], - self::DATA => [] - ]; - - if (($key = array_search($m, $cache[self::VARIABLE])) === false) { - $key = count($cache[self::VARIABLE]); - $cache[self::VARIABLE][] = $m; - $cache[self::DATA][] = self::modInverse67108864($m, $class); - } - - $n = max(count($x), count($y), count($m)); - $x = array_pad($x, $n, 0); - $y = array_pad($y, $n, 0); - $m = array_pad($m, $n, 0); - $a = [self::VALUE => self::array_repeat(0, $n + 1)]; - for ($i = 0; $i < $n; ++$i) { - $temp = $a[self::VALUE][0] + $x[$i] * $y[0]; - $temp = $temp - $class::BASE_FULL * ($class::BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31)); - $temp = $temp * $cache[self::DATA][$key]; - $temp = $temp - $class::BASE_FULL * ($class::BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31)); - $temp = $class::addHelper($class::regularMultiply([$x[$i]], $y), false, $class::regularMultiply([$temp], $m), false); - $a = $class::addHelper($a[self::VALUE], false, $temp[self::VALUE], false); - $a[self::VALUE] = array_slice($a[self::VALUE], 1); - } - if (self::compareHelper($a[self::VALUE], false, $m, false) >= 0) { - $a = $class::subtractHelper($a[self::VALUE], false, $m, false); - } - return $a[self::VALUE]; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/PowerOfTwo.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/PowerOfTwo.php deleted file mode 100644 index 9da133a..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/PowerOfTwo.php +++ /dev/null @@ -1,59 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Math\BigInteger\Engines\PHP\Reductions; - -use phpseclib3\Math\BigInteger\Engines\PHP\Base; - -/** - * PHP Power Of Two Modular Exponentiation Engine - * - * @author Jim Wigginton - */ -abstract class PowerOfTwo extends Base -{ - /** - * Prepare a number for use in Montgomery Modular Reductions - * - * @param array $x - * @param array $n - * @param string $class - * @return array - */ - protected static function prepareReduce(array $x, array $n, $class) - { - return self::reduce($x, $n, $class); - } - - /** - * Power Of Two Reduction - * - * @param array $x - * @param array $n - * @param string $class - * @return array - */ - protected static function reduce(array $x, array $n, $class) - { - $lhs = new $class(); - $lhs->value = $x; - $rhs = new $class(); - $rhs->value = $n; - - $temp = new $class(); - $temp->value = [1]; - - $result = $lhs->bitwise_and($rhs->subtract($temp)); - return $result->value; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP32.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP32.php deleted file mode 100644 index 3a775e7..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP32.php +++ /dev/null @@ -1,371 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Math\BigInteger\Engines; - -/** - * Pure-PHP 32-bit Engine. - * - * Uses 64-bit floats if int size is 4 bits - * - * @author Jim Wigginton - */ -class PHP32 extends PHP -{ - // Constants used by PHP.php - const BASE = 26; - const BASE_FULL = 0x4000000; - const MAX_DIGIT = 0x3FFFFFF; - const MSB = 0x2000000; - - /** - * MAX10 in greatest MAX10LEN satisfying - * MAX10 = 10**MAX10LEN <= 2**BASE. - */ - const MAX10 = 10000000; - - /** - * MAX10LEN in greatest MAX10LEN satisfying - * MAX10 = 10**MAX10LEN <= 2**BASE. - */ - const MAX10LEN = 7; - const MAX_DIGIT2 = 4503599627370496; - - /** - * Initialize a PHP32 BigInteger Engine instance - * - * @param int $base - * @see parent::initialize() - */ - protected function initialize($base) - { - if ($base != 256 && $base != -256) { - return parent::initialize($base); - } - - $val = $this->value; - $this->value = []; - $vals = &$this->value; - $i = strlen($val); - if (!$i) { - return; - } - - while (true) { - $i -= 4; - if ($i < 0) { - if ($i == -4) { - break; - } - $val = substr($val, 0, 4 + $i); - $val = str_pad($val, 4, "\0", STR_PAD_LEFT); - if ($val == "\0\0\0\0") { - break; - } - $i = 0; - } - list(, $digit) = unpack('N', substr($val, $i, 4)); - if ($digit < 0) { - $digit += 0xFFFFFFFF + 1; - } - $step = count($vals) & 3; - if ($step) { - $digit = (int) floor($digit / pow(2, 2 * $step)); - } - if ($step != 3) { - $digit = (int) fmod($digit, static::BASE_FULL); - $i++; - } - $vals[] = $digit; - } - while (end($vals) === 0) { - array_pop($vals); - } - reset($vals); - } - - /** - * Test for engine validity - * - * @see parent::__construct() - * @return bool - */ - public static function isValidEngine() - { - return PHP_INT_SIZE >= 4 && !self::testJITOnWindows(); - } - - /** - * Adds two BigIntegers. - * - * @param PHP32 $y - * @return PHP32 - */ - public function add(PHP32 $y) - { - $temp = self::addHelper($this->value, $this->is_negative, $y->value, $y->is_negative); - - return $this->convertToObj($temp); - } - - /** - * Subtracts two BigIntegers. - * - * @param PHP32 $y - * @return PHP32 - */ - public function subtract(PHP32 $y) - { - $temp = self::subtractHelper($this->value, $this->is_negative, $y->value, $y->is_negative); - - return $this->convertToObj($temp); - } - - /** - * Multiplies two BigIntegers. - * - * @param PHP32 $y - * @return PHP32 - */ - public function multiply(PHP32 $y) - { - $temp = self::multiplyHelper($this->value, $this->is_negative, $y->value, $y->is_negative); - - return $this->convertToObj($temp); - } - - /** - * Divides two BigIntegers. - * - * Returns an array whose first element contains the quotient and whose second element contains the - * "common residue". If the remainder would be positive, the "common residue" and the remainder are the - * same. If the remainder would be negative, the "common residue" is equal to the sum of the remainder - * and the divisor (basically, the "common residue" is the first positive modulo). - * - * @param PHP32 $y - * @return array{PHP32, PHP32} - */ - public function divide(PHP32 $y) - { - return $this->divideHelper($y); - } - - /** - * Calculates modular inverses. - * - * Say you have (30 mod 17 * x mod 17) mod 17 == 1. x can be found using modular inverses. - * @param PHP32 $n - * @return false|PHP32 - */ - public function modInverse(PHP32 $n) - { - return $this->modInverseHelper($n); - } - - /** - * Calculates modular inverses. - * - * Say you have (30 mod 17 * x mod 17) mod 17 == 1. x can be found using modular inverses. - * @param PHP32 $n - * @return PHP32[] - */ - public function extendedGCD(PHP32 $n) - { - return $this->extendedGCDHelper($n); - } - - /** - * Calculates the greatest common divisor - * - * Say you have 693 and 609. The GCD is 21. - * - * @param PHP32 $n - * @return PHP32 - */ - public function gcd(PHP32 $n) - { - return $this->extendedGCD($n)['gcd']; - } - - /** - * Logical And - * - * @param PHP32 $x - * @return PHP32 - */ - public function bitwise_and(PHP32 $x) - { - return $this->bitwiseAndHelper($x); - } - - /** - * Logical Or - * - * @param PHP32 $x - * @return PHP32 - */ - public function bitwise_or(PHP32 $x) - { - return $this->bitwiseOrHelper($x); - } - - /** - * Logical Exclusive Or - * - * @param PHP32 $x - * @return PHP32 - */ - public function bitwise_xor(PHP32 $x) - { - return $this->bitwiseXorHelper($x); - } - - /** - * Compares two numbers. - * - * Although one might think !$x->compare($y) means $x != $y, it, in fact, means the opposite. The reason for this is - * demonstrated thusly: - * - * $x > $y: $x->compare($y) > 0 - * $x < $y: $x->compare($y) < 0 - * $x == $y: $x->compare($y) == 0 - * - * Note how the same comparison operator is used. If you want to test for equality, use $x->equals($y). - * - * {@internal Could return $this->subtract($x), but that's not as fast as what we do do.} - * - * @param PHP32 $y - * @return int in case < 0 if $this is less than $y; > 0 if $this is greater than $y, and 0 if they are equal. - * @see self::equals() - */ - public function compare(PHP32 $y) - { - return $this->compareHelper($this->value, $this->is_negative, $y->value, $y->is_negative); - } - - /** - * Tests the equality of two numbers. - * - * If you need to see if one number is greater than or less than another number, use BigInteger::compare() - * - * @param PHP32 $x - * @return bool - */ - public function equals(PHP32 $x) - { - return $this->value === $x->value && $this->is_negative == $x->is_negative; - } - - /** - * Performs modular exponentiation. - * - * @param PHP32 $e - * @param PHP32 $n - * @return PHP32 - */ - public function modPow(PHP32 $e, PHP32 $n) - { - return $this->powModOuter($e, $n); - } - - /** - * Performs modular exponentiation. - * - * Alias for modPow(). - * - * @param PHP32 $e - * @param PHP32 $n - * @return PHP32 - */ - public function powMod(PHP32 $e, PHP32 $n) - { - return $this->powModOuter($e, $n); - } - - /** - * Generate a random prime number between a range - * - * If there's not a prime within the given range, false will be returned. - * - * @param PHP32 $min - * @param PHP32 $max - * @return false|PHP32 - */ - public static function randomRangePrime(PHP32 $min, PHP32 $max) - { - return self::randomRangePrimeOuter($min, $max); - } - - /** - * Generate a random number between a range - * - * Returns a random number between $min and $max where $min and $max - * can be defined using one of the two methods: - * - * BigInteger::randomRange($min, $max) - * BigInteger::randomRange($max, $min) - * - * @param PHP32 $min - * @param PHP32 $max - * @return PHP32 - */ - public static function randomRange(PHP32 $min, PHP32 $max) - { - return self::randomRangeHelper($min, $max); - } - - /** - * Performs exponentiation. - * - * @param PHP32 $n - * @return PHP32 - */ - public function pow(PHP32 $n) - { - return $this->powHelper($n); - } - - /** - * Return the minimum BigInteger between an arbitrary number of BigIntegers. - * - * @param PHP32 ...$nums - * @return PHP32 - */ - public static function min(PHP32 ...$nums) - { - return self::minHelper($nums); - } - - /** - * Return the maximum BigInteger between an arbitrary number of BigIntegers. - * - * @param PHP32 ...$nums - * @return PHP32 - */ - public static function max(PHP32 ...$nums) - { - return self::maxHelper($nums); - } - - /** - * Tests BigInteger to see if it is between two integers, inclusive - * - * @param PHP32 $min - * @param PHP32 $max - * @return bool - */ - public function between(PHP32 $min, PHP32 $max) - { - return $this->compare($min) >= 0 && $this->compare($max) <= 0; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP64.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP64.php deleted file mode 100644 index 70a2e17..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP64.php +++ /dev/null @@ -1,372 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Math\BigInteger\Engines; - -/** - * Pure-PHP 64-bit Engine. - * - * Uses 64-bit integers if int size is 8 bits - * - * @author Jim Wigginton - */ -class PHP64 extends PHP -{ - // Constants used by PHP.php - const BASE = 31; - const BASE_FULL = 0x80000000; - const MAX_DIGIT = 0x7FFFFFFF; - const MSB = 0x40000000; - - /** - * MAX10 in greatest MAX10LEN satisfying - * MAX10 = 10**MAX10LEN <= 2**BASE. - */ - const MAX10 = 1000000000; - - /** - * MAX10LEN in greatest MAX10LEN satisfying - * MAX10 = 10**MAX10LEN <= 2**BASE. - */ - const MAX10LEN = 9; - const MAX_DIGIT2 = 4611686018427387904; - - /** - * Initialize a PHP64 BigInteger Engine instance - * - * @param int $base - * @see parent::initialize() - */ - protected function initialize($base) - { - if ($base != 256 && $base != -256) { - return parent::initialize($base); - } - - $val = $this->value; - $this->value = []; - $vals = &$this->value; - $i = strlen($val); - if (!$i) { - return; - } - - while (true) { - $i -= 4; - if ($i < 0) { - if ($i == -4) { - break; - } - $val = substr($val, 0, 4 + $i); - $val = str_pad($val, 4, "\0", STR_PAD_LEFT); - if ($val == "\0\0\0\0") { - break; - } - $i = 0; - } - list(, $digit) = unpack('N', substr($val, $i, 4)); - $step = count($vals) & 7; - if (!$step) { - $digit &= static::MAX_DIGIT; - $i++; - } else { - $shift = 8 - $step; - $digit >>= $shift; - $shift = 32 - $shift; - $digit &= (1 << $shift) - 1; - $temp = $i > 0 ? ord($val[$i - 1]) : 0; - $digit |= ($temp << $shift) & 0x7F000000; - } - $vals[] = $digit; - } - while (end($vals) === 0) { - array_pop($vals); - } - reset($vals); - } - - /** - * Test for engine validity - * - * @see parent::__construct() - * @return bool - */ - public static function isValidEngine() - { - return PHP_INT_SIZE >= 8 && !self::testJITOnWindows(); - } - - /** - * Adds two BigIntegers. - * - * @param PHP64 $y - * @return PHP64 - */ - public function add(PHP64 $y) - { - $temp = self::addHelper($this->value, $this->is_negative, $y->value, $y->is_negative); - - return $this->convertToObj($temp); - } - - /** - * Subtracts two BigIntegers. - * - * @param PHP64 $y - * @return PHP64 - */ - public function subtract(PHP64 $y) - { - $temp = self::subtractHelper($this->value, $this->is_negative, $y->value, $y->is_negative); - - return $this->convertToObj($temp); - } - - /** - * Multiplies two BigIntegers. - * - * @param PHP64 $y - * @return PHP64 - */ - public function multiply(PHP64 $y) - { - $temp = self::multiplyHelper($this->value, $this->is_negative, $y->value, $y->is_negative); - - return $this->convertToObj($temp); - } - - /** - * Divides two BigIntegers. - * - * Returns an array whose first element contains the quotient and whose second element contains the - * "common residue". If the remainder would be positive, the "common residue" and the remainder are the - * same. If the remainder would be negative, the "common residue" is equal to the sum of the remainder - * and the divisor (basically, the "common residue" is the first positive modulo). - * - * @param PHP64 $y - * @return array{PHP64, PHP64} - */ - public function divide(PHP64 $y) - { - return $this->divideHelper($y); - } - - /** - * Calculates modular inverses. - * - * Say you have (30 mod 17 * x mod 17) mod 17 == 1. x can be found using modular inverses. - * @param PHP64 $n - * @return false|PHP64 - */ - public function modInverse(PHP64 $n) - { - return $this->modInverseHelper($n); - } - - /** - * Calculates modular inverses. - * - * Say you have (30 mod 17 * x mod 17) mod 17 == 1. x can be found using modular inverses. - * @param PHP64 $n - * @return PHP64[] - */ - public function extendedGCD(PHP64 $n) - { - return $this->extendedGCDHelper($n); - } - - /** - * Calculates the greatest common divisor - * - * Say you have 693 and 609. The GCD is 21. - * - * @param PHP64 $n - * @return PHP64 - */ - public function gcd(PHP64 $n) - { - return $this->extendedGCD($n)['gcd']; - } - - /** - * Logical And - * - * @param PHP64 $x - * @return PHP64 - */ - public function bitwise_and(PHP64 $x) - { - return $this->bitwiseAndHelper($x); - } - - /** - * Logical Or - * - * @param PHP64 $x - * @return PHP64 - */ - public function bitwise_or(PHP64 $x) - { - return $this->bitwiseOrHelper($x); - } - - /** - * Logical Exclusive Or - * - * @param PHP64 $x - * @return PHP64 - */ - public function bitwise_xor(PHP64 $x) - { - return $this->bitwiseXorHelper($x); - } - - /** - * Compares two numbers. - * - * Although one might think !$x->compare($y) means $x != $y, it, in fact, means the opposite. The reason for this is - * demonstrated thusly: - * - * $x > $y: $x->compare($y) > 0 - * $x < $y: $x->compare($y) < 0 - * $x == $y: $x->compare($y) == 0 - * - * Note how the same comparison operator is used. If you want to test for equality, use $x->equals($y). - * - * {@internal Could return $this->subtract($x), but that's not as fast as what we do do.} - * - * @param PHP64 $y - * @return int in case < 0 if $this is less than $y; > 0 if $this is greater than $y, and 0 if they are equal. - * @see self::equals() - */ - public function compare(PHP64 $y) - { - return parent::compareHelper($this->value, $this->is_negative, $y->value, $y->is_negative); - } - - /** - * Tests the equality of two numbers. - * - * If you need to see if one number is greater than or less than another number, use BigInteger::compare() - * - * @param PHP64 $x - * @return bool - */ - public function equals(PHP64 $x) - { - return $this->value === $x->value && $this->is_negative == $x->is_negative; - } - - /** - * Performs modular exponentiation. - * - * @param PHP64 $e - * @param PHP64 $n - * @return PHP64 - */ - public function modPow(PHP64 $e, PHP64 $n) - { - return $this->powModOuter($e, $n); - } - - /** - * Performs modular exponentiation. - * - * Alias for modPow(). - * - * @param PHP64 $e - * @param PHP64 $n - * @return PHP64|false - */ - public function powMod(PHP64 $e, PHP64 $n) - { - return $this->powModOuter($e, $n); - } - - /** - * Generate a random prime number between a range - * - * If there's not a prime within the given range, false will be returned. - * - * @param PHP64 $min - * @param PHP64 $max - * @return false|PHP64 - */ - public static function randomRangePrime(PHP64 $min, PHP64 $max) - { - return self::randomRangePrimeOuter($min, $max); - } - - /** - * Generate a random number between a range - * - * Returns a random number between $min and $max where $min and $max - * can be defined using one of the two methods: - * - * BigInteger::randomRange($min, $max) - * BigInteger::randomRange($max, $min) - * - * @param PHP64 $min - * @param PHP64 $max - * @return PHP64 - */ - public static function randomRange(PHP64 $min, PHP64 $max) - { - return self::randomRangeHelper($min, $max); - } - - /** - * Performs exponentiation. - * - * @param PHP64 $n - * @return PHP64 - */ - public function pow(PHP64 $n) - { - return $this->powHelper($n); - } - - /** - * Return the minimum BigInteger between an arbitrary number of BigIntegers. - * - * @param PHP64 ...$nums - * @return PHP64 - */ - public static function min(PHP64 ...$nums) - { - return self::minHelper($nums); - } - - /** - * Return the maximum BigInteger between an arbitrary number of BigIntegers. - * - * @param PHP64 ...$nums - * @return PHP64 - */ - public static function max(PHP64 ...$nums) - { - return self::maxHelper($nums); - } - - /** - * Tests BigInteger to see if it is between two integers, inclusive - * - * @param PHP64 $min - * @param PHP64 $max - * @return bool - */ - public function between(PHP64 $min, PHP64 $max) - { - return $this->compare($min) >= 0 && $this->compare($max) <= 0; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BinaryField.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BinaryField.php deleted file mode 100644 index 5da8c93..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BinaryField.php +++ /dev/null @@ -1,203 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - */ - -namespace phpseclib3\Math; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Math\BinaryField\Integer; -use phpseclib3\Math\Common\FiniteField; - -/** - * Binary Finite Fields - * - * @author Jim Wigginton - */ -class BinaryField extends FiniteField -{ - /** - * Instance Counter - * - * @var int - */ - private static $instanceCounter = 0; - - /** - * Keeps track of current instance - * - * @var int - */ - protected $instanceID; - - /** @var BigInteger */ - private $randomMax; - - /** - * Default constructor - */ - public function __construct(...$indices) - { - $m = array_shift($indices); - if ($m > 571) { - /* sect571r1 and sect571k1 are the largest binary curves that https://www.secg.org/sec2-v2.pdf defines - altho theoretically there may be legit reasons to use binary finite fields with larger degrees - imposing a limit on the maximum size is both reasonable and precedented. in particular, - http://tools.ietf.org/html/rfc4253#section-6.1 (The Secure Shell (SSH) Transport Layer Protocol) says - "implementations SHOULD check that the packet length is reasonable in order for the implementation to - avoid denial of service and/or buffer overflow attacks" */ - throw new \OutOfBoundsException('Degrees larger than 571 are not supported'); - } - $val = str_repeat('0', $m) . '1'; - foreach ($indices as $index) { - $val[$index] = '1'; - } - $modulo = static::base2ToBase256(strrev($val)); - - $mStart = 2 * $m - 2; - $t = ceil($m / 8); - $finalMask = chr((1 << ($m % 8)) - 1); - if ($finalMask == "\0") { - $finalMask = "\xFF"; - } - $bitLen = $mStart + 1; - $pad = ceil($bitLen / 8); - $h = $bitLen & 7; - $h = $h ? 8 - $h : 0; - - $r = rtrim(substr($val, 0, -1), '0'); - $u = [static::base2ToBase256(strrev($r))]; - for ($i = 1; $i < 8; $i++) { - $u[] = static::base2ToBase256(strrev(str_repeat('0', $i) . $r)); - } - - // implements algorithm 2.40 (in section 2.3.5) in "Guide to Elliptic Curve Cryptography" - // with W = 8 - $reduce = function ($c) use ($u, $mStart, $m, $t, $finalMask, $pad, $h) { - $c = str_pad($c, $pad, "\0", STR_PAD_LEFT); - for ($i = $mStart; $i >= $m;) { - $g = $h >> 3; - $mask = $h & 7; - $mask = $mask ? 1 << (7 - $mask) : 0x80; - for (; $mask > 0; $mask >>= 1, $i--, $h++) { - if (ord($c[$g]) & $mask) { - $temp = $i - $m; - $j = $temp >> 3; - $k = $temp & 7; - $t1 = $j ? substr($c, 0, -$j) : $c; - $length = strlen($t1); - if ($length) { - $t2 = str_pad($u[$k], $length, "\0", STR_PAD_LEFT); - $temp = $t1 ^ $t2; - $c = $j ? substr_replace($c, $temp, 0, $length) : $temp; - } - } - } - } - $c = substr($c, -$t); - if (strlen($c) == $t) { - $c[0] = $c[0] & $finalMask; - } - return ltrim($c, "\0"); - }; - - $this->instanceID = self::$instanceCounter++; - Integer::setModulo($this->instanceID, $modulo); - Integer::setRecurringModuloFunction($this->instanceID, $reduce); - - $this->randomMax = new BigInteger($modulo, 2); - } - - /** - * Returns an instance of a dynamically generated PrimeFieldInteger class - * - * @param string $num - * @return Integer - */ - public function newInteger($num) - { - return new Integer($this->instanceID, $num instanceof BigInteger ? $num->toBytes() : $num); - } - - /** - * Returns an integer on the finite field between one and the prime modulo - * - * @return Integer - */ - public function randomInteger() - { - static $one; - if (!isset($one)) { - $one = new BigInteger(1); - } - - return new Integer($this->instanceID, BigInteger::randomRange($one, $this->randomMax)->toBytes()); - } - - /** - * Returns the length of the modulo in bytes - * - * @return int - */ - public function getLengthInBytes() - { - return strlen(Integer::getModulo($this->instanceID)); - } - - /** - * Returns the length of the modulo in bits - * - * @return int - */ - public function getLength() - { - return strlen(Integer::getModulo($this->instanceID)) << 3; - } - - /** - * Converts a base-2 string to a base-256 string - * - * @param string $x - * @param int|null $size - * @return string - */ - public static function base2ToBase256($x, $size = null) - { - $str = Strings::bits2bin($x); - - $pad = strlen($x) >> 3; - if (strlen($x) & 3) { - $pad++; - } - $str = str_pad($str, $pad, "\0", STR_PAD_LEFT); - if (isset($size)) { - $str = str_pad($str, $size, "\0", STR_PAD_LEFT); - } - - return $str; - } - - /** - * Converts a base-256 string to a base-2 string - * - * @param string $x - * @return string - */ - public static function base256ToBase2($x) - { - if (function_exists('gmp_import')) { - return gmp_strval(gmp_import($x), 2); - } - - return Strings::bin2bits($x); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BinaryField/Integer.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BinaryField/Integer.php deleted file mode 100644 index 8e88058..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/BinaryField/Integer.php +++ /dev/null @@ -1,516 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - */ - -namespace phpseclib3\Math\BinaryField; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Math\BigInteger; -use phpseclib3\Math\BinaryField; -use phpseclib3\Math\Common\FiniteField\Integer as Base; - -/** - * Binary Finite Fields - * - * @author Jim Wigginton - */ -class Integer extends Base -{ - /** - * Holds the BinaryField's value - * - * @var string - */ - protected $value; - - /** - * Keeps track of current instance - * - * @var int - */ - protected $instanceID; - - /** - * Holds the PrimeField's modulo - * - * @var array - */ - protected static $modulo; - - /** - * Holds a pre-generated function to perform modulo reductions - * - * @var callable[] - */ - protected static $reduce; - - /** - * Default constructor - */ - public function __construct($instanceID, $num = '') - { - $this->instanceID = $instanceID; - if (!strlen($num)) { - $this->value = ''; - } else { - $reduce = static::$reduce[$instanceID]; - $this->value = $reduce($num); - } - } - - /** - * Set the modulo for a given instance - * @param int $instanceID - * @param string $modulo - */ - public static function setModulo($instanceID, $modulo) - { - static::$modulo[$instanceID] = $modulo; - } - - /** - * Set the modulo for a given instance - */ - public static function setRecurringModuloFunction($instanceID, callable $function) - { - static::$reduce[$instanceID] = $function; - } - - /** - * Tests a parameter to see if it's of the right instance - * - * Throws an exception if the incorrect class is being utilized - */ - private static function checkInstance(self $x, self $y) - { - if ($x->instanceID != $y->instanceID) { - throw new \UnexpectedValueException('The instances of the two BinaryField\Integer objects do not match'); - } - } - - /** - * Tests the equality of two numbers. - * - * @return bool - */ - public function equals(self $x) - { - static::checkInstance($this, $x); - - return $this->value == $x->value; - } - - /** - * Compares two numbers. - * - * @return int - */ - public function compare(self $x) - { - static::checkInstance($this, $x); - - $a = $this->value; - $b = $x->value; - - $length = max(strlen($a), strlen($b)); - - $a = str_pad($a, $length, "\0", STR_PAD_LEFT); - $b = str_pad($b, $length, "\0", STR_PAD_LEFT); - - return strcmp($a, $b); - } - - /** - * Returns the degree of the polynomial - * - * @param string $x - * @return int - */ - private static function deg($x) - { - $x = ltrim($x, "\0"); - $xbit = decbin(ord($x[0])); - $xlen = $xbit == '0' ? 0 : strlen($xbit); - $len = strlen($x); - if (!$len) { - return -1; - } - return 8 * strlen($x) - 9 + $xlen; - } - - /** - * Perform polynomial division - * - * @return string[] - * @link https://en.wikipedia.org/wiki/Polynomial_greatest_common_divisor#Euclidean_division - */ - private static function polynomialDivide($x, $y) - { - // in wikipedia's description of the algorithm, lc() is the leading coefficient. over a binary field that's - // always going to be 1. - - $q = chr(0); - $d = static::deg($y); - $r = $x; - while (($degr = static::deg($r)) >= $d) { - $s = '1' . str_repeat('0', $degr - $d); - $s = BinaryField::base2ToBase256($s); - $length = max(strlen($s), strlen($q)); - $q = !isset($q) ? $s : - str_pad($q, $length, "\0", STR_PAD_LEFT) ^ - str_pad($s, $length, "\0", STR_PAD_LEFT); - $s = static::polynomialMultiply($s, $y); - $length = max(strlen($r), strlen($s)); - $r = str_pad($r, $length, "\0", STR_PAD_LEFT) ^ - str_pad($s, $length, "\0", STR_PAD_LEFT); - } - - return [ltrim($q, "\0"), ltrim($r, "\0")]; - } - - /** - * Perform polynomial multiplation in the traditional way - * - * @return string - * @link https://en.wikipedia.org/wiki/Finite_field_arithmetic#Multiplication - */ - private static function regularPolynomialMultiply($x, $y) - { - $precomputed = [ltrim($x, "\0")]; - $x = strrev(BinaryField::base256ToBase2($x)); - $y = strrev(BinaryField::base256ToBase2($y)); - if (strlen($x) == strlen($y)) { - $length = strlen($x); - } else { - $length = max(strlen($x), strlen($y)); - $x = str_pad($x, $length, '0'); - $y = str_pad($y, $length, '0'); - } - $result = str_repeat('0', 2 * $length - 1); - $result = BinaryField::base2ToBase256($result); - $size = strlen($result); - $x = strrev($x); - - // precompute left shift 1 through 7 - for ($i = 1; $i < 8; $i++) { - $precomputed[$i] = BinaryField::base2ToBase256($x . str_repeat('0', $i)); - } - for ($i = 0; $i < strlen($y); $i++) { - if ($y[$i] == '1') { - $temp = $precomputed[$i & 7] . str_repeat("\0", $i >> 3); - $result ^= str_pad($temp, $size, "\0", STR_PAD_LEFT); - } - } - - return $result; - } - - /** - * Perform polynomial multiplation - * - * Uses karatsuba multiplication to reduce x-bit multiplications to a series of 32-bit multiplications - * - * @return string - * @link https://en.wikipedia.org/wiki/Karatsuba_algorithm - */ - private static function polynomialMultiply($x, $y) - { - if (strlen($x) == strlen($y)) { - $length = strlen($x); - } else { - $length = max(strlen($x), strlen($y)); - $x = str_pad($x, $length, "\0", STR_PAD_LEFT); - $y = str_pad($y, $length, "\0", STR_PAD_LEFT); - } - - switch (true) { - case PHP_INT_SIZE == 8 && $length <= 4: - return $length != 4 ? - self::subMultiply(str_pad($x, 4, "\0", STR_PAD_LEFT), str_pad($y, 4, "\0", STR_PAD_LEFT)) : - self::subMultiply($x, $y); - case PHP_INT_SIZE == 4 || $length > 32: - return self::regularPolynomialMultiply($x, $y); - } - - $m = $length >> 1; - - $x1 = substr($x, 0, -$m); - $x0 = substr($x, -$m); - $y1 = substr($y, 0, -$m); - $y0 = substr($y, -$m); - - $z2 = self::polynomialMultiply($x1, $y1); - $z0 = self::polynomialMultiply($x0, $y0); - $z1 = self::polynomialMultiply( - self::subAdd2($x1, $x0), - self::subAdd2($y1, $y0) - ); - - $z1 = self::subAdd3($z1, $z2, $z0); - - $xy = self::subAdd3( - $z2 . str_repeat("\0", 2 * $m), - $z1 . str_repeat("\0", $m), - $z0 - ); - - return ltrim($xy, "\0"); - } - - /** - * Perform polynomial multiplication on 2x 32-bit numbers, returning - * a 64-bit number - * - * @param string $x - * @param string $y - * @return string - * @link https://www.bearssl.org/constanttime.html#ghash-for-gcm - */ - private static function subMultiply($x, $y) - { - $x = unpack('N', $x)[1]; - $y = unpack('N', $y)[1]; - - $x0 = $x & 0x11111111; - $x1 = $x & 0x22222222; - $x2 = $x & 0x44444444; - $x3 = $x & 0x88888888; - - $y0 = $y & 0x11111111; - $y1 = $y & 0x22222222; - $y2 = $y & 0x44444444; - $y3 = $y & 0x88888888; - - $z0 = ($x0 * $y0) ^ ($x1 * $y3) ^ ($x2 * $y2) ^ ($x3 * $y1); - $z1 = ($x0 * $y1) ^ ($x1 * $y0) ^ ($x2 * $y3) ^ ($x3 * $y2); - $z2 = ($x0 * $y2) ^ ($x1 * $y1) ^ ($x2 * $y0) ^ ($x3 * $y3); - $z3 = ($x0 * $y3) ^ ($x1 * $y2) ^ ($x2 * $y1) ^ ($x3 * $y0); - - $z0 &= 0x1111111111111111; - $z1 &= 0x2222222222222222; - $z2 &= 0x4444444444444444; - $z3 &= -8608480567731124088; // 0x8888888888888888 gets interpreted as a float - - $z = $z0 | $z1 | $z2 | $z3; - - return pack('J', $z); - } - - /** - * Adds two numbers - * - * @param string $x - * @param string $y - * @return string - */ - private static function subAdd2($x, $y) - { - $length = max(strlen($x), strlen($y)); - $x = str_pad($x, $length, "\0", STR_PAD_LEFT); - $y = str_pad($y, $length, "\0", STR_PAD_LEFT); - return $x ^ $y; - } - - /** - * Adds three numbers - * - * @param string $x - * @param string $y - * @return string - */ - private static function subAdd3($x, $y, $z) - { - $length = max(strlen($x), strlen($y), strlen($z)); - $x = str_pad($x, $length, "\0", STR_PAD_LEFT); - $y = str_pad($y, $length, "\0", STR_PAD_LEFT); - $z = str_pad($z, $length, "\0", STR_PAD_LEFT); - return $x ^ $y ^ $z; - } - - /** - * Adds two BinaryFieldIntegers. - * - * @return static - */ - public function add(self $y) - { - static::checkInstance($this, $y); - - $length = strlen(static::$modulo[$this->instanceID]); - - $x = str_pad($this->value, $length, "\0", STR_PAD_LEFT); - $y = str_pad($y->value, $length, "\0", STR_PAD_LEFT); - - return new static($this->instanceID, $x ^ $y); - } - - /** - * Subtracts two BinaryFieldIntegers. - * - * @return static - */ - public function subtract(self $x) - { - return $this->add($x); - } - - /** - * Multiplies two BinaryFieldIntegers. - * - * @return static - */ - public function multiply(self $y) - { - static::checkInstance($this, $y); - - return new static($this->instanceID, static::polynomialMultiply($this->value, $y->value)); - } - - /** - * Returns the modular inverse of a BinaryFieldInteger - * - * @return static - */ - public function modInverse() - { - $remainder0 = static::$modulo[$this->instanceID]; - $remainder1 = $this->value; - - if ($remainder1 == '') { - return new static($this->instanceID); - } - - $aux0 = "\0"; - $aux1 = "\1"; - while ($remainder1 != "\1") { - list($q, $r) = static::polynomialDivide($remainder0, $remainder1); - $remainder0 = $remainder1; - $remainder1 = $r; - // the auxiliary in row n is given by the sum of the auxiliary in - // row n-2 and the product of the quotient and the auxiliary in row - // n-1 - $temp = static::polynomialMultiply($aux1, $q); - $aux = str_pad($aux0, strlen($temp), "\0", STR_PAD_LEFT) ^ - str_pad($temp, strlen($aux0), "\0", STR_PAD_LEFT); - $aux0 = $aux1; - $aux1 = $aux; - } - - $temp = new static($this->instanceID); - $temp->value = ltrim($aux1, "\0"); - return $temp; - } - - /** - * Divides two PrimeFieldIntegers. - * - * @return static - */ - public function divide(self $x) - { - static::checkInstance($this, $x); - - $x = $x->modInverse(); - return $this->multiply($x); - } - - /** - * Negate - * - * A negative number can be written as 0-12. With modulos, 0 is the same thing as the modulo - * so 0-12 is the same thing as modulo-12 - * - * @return object - */ - public function negate() - { - $x = str_pad($this->value, strlen(static::$modulo[$this->instanceID]), "\0", STR_PAD_LEFT); - - return new static($this->instanceID, $x ^ static::$modulo[$this->instanceID]); - } - - /** - * Returns the modulo - * - * @return string - */ - public static function getModulo($instanceID) - { - return static::$modulo[$instanceID]; - } - - /** - * Converts an Integer to a byte string (eg. base-256). - * - * @return string - */ - public function toBytes() - { - return str_pad($this->value, strlen(static::$modulo[$this->instanceID]), "\0", STR_PAD_LEFT); - } - - /** - * Converts an Integer to a hex string (eg. base-16). - * - * @return string - */ - public function toHex() - { - return Strings::bin2hex($this->toBytes()); - } - - /** - * Converts an Integer to a bit string (eg. base-2). - * - * @return string - */ - public function toBits() - { - //return str_pad(BinaryField::base256ToBase2($this->value), strlen(static::$modulo[$this->instanceID]), '0', STR_PAD_LEFT); - return BinaryField::base256ToBase2($this->value); - } - - /** - * Converts an Integer to a BigInteger - * - * @return string - */ - public function toBigInteger() - { - return new BigInteger($this->value, 256); - } - - /** - * __toString() magic method - * - */ - public function __toString() - { - return (string) $this->toBigInteger(); - } - - /** - * __debugInfo() magic method - * - */ - public function __debugInfo() - { - return ['value' => $this->toHex()]; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/Common/FiniteField.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/Common/FiniteField.php deleted file mode 100644 index 2ea5f48..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/Common/FiniteField.php +++ /dev/null @@ -1,22 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - */ - -namespace phpseclib3\Math\Common; - -/** - * Finite Fields - * - * @author Jim Wigginton - */ -abstract class FiniteField -{ -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/Common/FiniteField/Integer.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/Common/FiniteField/Integer.php deleted file mode 100644 index 3c959e9..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/Common/FiniteField/Integer.php +++ /dev/null @@ -1,44 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - */ - -namespace phpseclib3\Math\Common\FiniteField; - -/** - * Finite Field Integer - * - * @author Jim Wigginton - */ -abstract class Integer implements \JsonSerializable -{ - /** - * JSON Serialize - * - * Will be called, automatically, when json_encode() is called on a BigInteger object. - * - * PHP Serialize isn't supported because unserializing would require the factory be - * serialized as well and that just sounds like too much - * - * @return array{hex: string} - */ - #[\ReturnTypeWillChange] - public function jsonSerialize() - { - return ['hex' => $this->toHex(true)]; - } - - /** - * Converts an Integer to a hex string (eg. base-16). - * - * @return string - */ - abstract public function toHex(); -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/PrimeField.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/PrimeField.php deleted file mode 100644 index 1a0667f..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/PrimeField.php +++ /dev/null @@ -1,118 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger - */ - -namespace phpseclib3\Math; - -use phpseclib3\Math\Common\FiniteField; -use phpseclib3\Math\PrimeField\Integer; - -/** - * Prime Finite Fields - * - * @author Jim Wigginton - */ -class PrimeField extends FiniteField -{ - /** - * Instance Counter - * - * @var int - */ - private static $instanceCounter = 0; - - /** - * Keeps track of current instance - * - * @var int - */ - protected $instanceID; - - /** - * Default constructor - */ - public function __construct(BigInteger $modulo) - { - if (!$modulo->isPrime()) { - throw new \UnexpectedValueException('PrimeField requires a prime number be passed to the constructor'); - } - - $this->instanceID = self::$instanceCounter++; - Integer::setModulo($this->instanceID, $modulo); - Integer::setRecurringModuloFunction($this->instanceID, $modulo->createRecurringModuloFunction()); - } - - /** - * Use a custom defined modular reduction function - * - * @return void - */ - public function setReduction(\Closure $func) - { - $this->reduce = $func->bindTo($this, $this); - } - - /** - * Returns an instance of a dynamically generated PrimeFieldInteger class - * - * @return Integer - */ - public function newInteger(BigInteger $num) - { - return new Integer($this->instanceID, $num); - } - - /** - * Returns an integer on the finite field between one and the prime modulo - * - * @return Integer - */ - public function randomInteger() - { - static $one; - if (!isset($one)) { - $one = new BigInteger(1); - } - - return new Integer($this->instanceID, BigInteger::randomRange($one, Integer::getModulo($this->instanceID))); - } - - /** - * Returns the length of the modulo in bytes - * - * @return int - */ - public function getLengthInBytes() - { - return Integer::getModulo($this->instanceID)->getLengthInBytes(); - } - - /** - * Returns the length of the modulo in bits - * - * @return int - */ - public function getLength() - { - return Integer::getModulo($this->instanceID)->getLength(); - } - - /** - * Destructor - */ - public function __destruct() - { - Integer::cleanupCache($this->instanceID); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/PrimeField/Integer.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/PrimeField/Integer.php deleted file mode 100644 index 1bd7aaf..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Math/PrimeField/Integer.php +++ /dev/null @@ -1,419 +0,0 @@ - - * @copyright 2017 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - */ - -namespace phpseclib3\Math\PrimeField; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Math\BigInteger; -use phpseclib3\Math\Common\FiniteField\Integer as Base; - -/** - * Prime Finite Fields - * - * @author Jim Wigginton - */ -class Integer extends Base -{ - /** - * Holds the PrimeField's value - * - * @var BigInteger - */ - protected $value; - - /** - * Keeps track of current instance - * - * @var int - */ - protected $instanceID; - - /** - * Holds the PrimeField's modulo - * - * @var array - */ - protected static $modulo; - - /** - * Holds a pre-generated function to perform modulo reductions - * - * @var array - */ - protected static $reduce; - - /** - * Zero - * - * @var BigInteger - */ - protected static $zero; - - /** - * Default constructor - * - * @param int $instanceID - */ - public function __construct($instanceID, BigInteger $num = null) - { - $this->instanceID = $instanceID; - if (!isset($num)) { - $this->value = clone static::$zero[static::class]; - } else { - $reduce = static::$reduce[$instanceID]; - $this->value = $reduce($num); - } - } - - /** - * Set the modulo for a given instance - * - * @param int $instanceID - * @return void - */ - public static function setModulo($instanceID, BigInteger $modulo) - { - static::$modulo[$instanceID] = $modulo; - } - - /** - * Set the modulo for a given instance - * - * @param int $instanceID - * @return void - */ - public static function setRecurringModuloFunction($instanceID, callable $function) - { - static::$reduce[$instanceID] = $function; - if (!isset(static::$zero[static::class])) { - static::$zero[static::class] = new BigInteger(); - } - } - - /** - * Delete the modulo for a given instance - */ - public static function cleanupCache($instanceID) - { - unset(static::$modulo[$instanceID]); - unset(static::$reduce[$instanceID]); - } - - /** - * Returns the modulo - * - * @param int $instanceID - * @return BigInteger - */ - public static function getModulo($instanceID) - { - return static::$modulo[$instanceID]; - } - - /** - * Tests a parameter to see if it's of the right instance - * - * Throws an exception if the incorrect class is being utilized - * - * @return void - */ - public static function checkInstance(self $x, self $y) - { - if ($x->instanceID != $y->instanceID) { - throw new \UnexpectedValueException('The instances of the two PrimeField\Integer objects do not match'); - } - } - - /** - * Tests the equality of two numbers. - * - * @return bool - */ - public function equals(self $x) - { - static::checkInstance($this, $x); - - return $this->value->equals($x->value); - } - - /** - * Compares two numbers. - * - * @return int - */ - public function compare(self $x) - { - static::checkInstance($this, $x); - - return $this->value->compare($x->value); - } - - /** - * Adds two PrimeFieldIntegers. - * - * @return static - */ - public function add(self $x) - { - static::checkInstance($this, $x); - - $temp = new static($this->instanceID); - $temp->value = $this->value->add($x->value); - if ($temp->value->compare(static::$modulo[$this->instanceID]) >= 0) { - $temp->value = $temp->value->subtract(static::$modulo[$this->instanceID]); - } - - return $temp; - } - - /** - * Subtracts two PrimeFieldIntegers. - * - * @return static - */ - public function subtract(self $x) - { - static::checkInstance($this, $x); - - $temp = new static($this->instanceID); - $temp->value = $this->value->subtract($x->value); - if ($temp->value->isNegative()) { - $temp->value = $temp->value->add(static::$modulo[$this->instanceID]); - } - - return $temp; - } - - /** - * Multiplies two PrimeFieldIntegers. - * - * @return static - */ - public function multiply(self $x) - { - static::checkInstance($this, $x); - - return new static($this->instanceID, $this->value->multiply($x->value)); - } - - /** - * Divides two PrimeFieldIntegers. - * - * @return static - */ - public function divide(self $x) - { - static::checkInstance($this, $x); - - $denominator = $x->value->modInverse(static::$modulo[$this->instanceID]); - return new static($this->instanceID, $this->value->multiply($denominator)); - } - - /** - * Performs power operation on a PrimeFieldInteger. - * - * @return static - */ - public function pow(BigInteger $x) - { - $temp = new static($this->instanceID); - $temp->value = $this->value->powMod($x, static::$modulo[$this->instanceID]); - - return $temp; - } - - /** - * Calculates the square root - * - * @link https://en.wikipedia.org/wiki/Tonelli%E2%80%93Shanks_algorithm - * @return static|false - */ - public function squareRoot() - { - static $one, $two; - if (!isset($one)) { - $one = new BigInteger(1); - $two = new BigInteger(2); - } - $reduce = static::$reduce[$this->instanceID]; - $p_1 = static::$modulo[$this->instanceID]->subtract($one); - $q = clone $p_1; - $s = BigInteger::scan1divide($q); - list($pow) = $p_1->divide($two); - for ($z = $one; !$z->equals(static::$modulo[$this->instanceID]); $z = $z->add($one)) { - $temp = $z->powMod($pow, static::$modulo[$this->instanceID]); - if ($temp->equals($p_1)) { - break; - } - } - - $m = new BigInteger($s); - $c = $z->powMod($q, static::$modulo[$this->instanceID]); - $t = $this->value->powMod($q, static::$modulo[$this->instanceID]); - list($temp) = $q->add($one)->divide($two); - $r = $this->value->powMod($temp, static::$modulo[$this->instanceID]); - - while (!$t->equals($one)) { - for ($i = clone $one; $i->compare($m) < 0; $i = $i->add($one)) { - if ($t->powMod($two->pow($i), static::$modulo[$this->instanceID])->equals($one)) { - break; - } - } - - if ($i->compare($m) == 0) { - return false; - } - $b = $c->powMod($two->pow($m->subtract($i)->subtract($one)), static::$modulo[$this->instanceID]); - $m = $i; - $c = $reduce($b->multiply($b)); - $t = $reduce($t->multiply($c)); - $r = $reduce($r->multiply($b)); - } - - return new static($this->instanceID, $r); - } - - /** - * Is Odd? - * - * @return bool - */ - public function isOdd() - { - return $this->value->isOdd(); - } - - /** - * Negate - * - * A negative number can be written as 0-12. With modulos, 0 is the same thing as the modulo - * so 0-12 is the same thing as modulo-12 - * - * @return static - */ - public function negate() - { - return new static($this->instanceID, static::$modulo[$this->instanceID]->subtract($this->value)); - } - - /** - * Converts an Integer to a byte string (eg. base-256). - * - * @return string - */ - public function toBytes() - { - if (isset(static::$modulo[$this->instanceID])) { - $length = static::$modulo[$this->instanceID]->getLengthInBytes(); - return str_pad($this->value->toBytes(), $length, "\0", STR_PAD_LEFT); - } - return $this->value->toBytes(); - } - - /** - * Converts an Integer to a hex string (eg. base-16). - * - * @return string - */ - public function toHex() - { - return Strings::bin2hex($this->toBytes()); - } - - /** - * Converts an Integer to a bit string (eg. base-2). - * - * @return string - */ - public function toBits() - { - // return $this->value->toBits(); - static $length; - if (!isset($length)) { - $length = static::$modulo[$this->instanceID]->getLength(); - } - - return str_pad($this->value->toBits(), $length, '0', STR_PAD_LEFT); - } - - /** - * Returns the w-ary non-adjacent form (wNAF) - * - * @param int $w optional - * @return array - */ - public function getNAF($w = 1) - { - $w++; - - $mask = new BigInteger((1 << $w) - 1); - $sub = new BigInteger(1 << $w); - //$sub = new BigInteger(1 << ($w - 1)); - $d = $this->toBigInteger(); - $d_i = []; - - $i = 0; - while ($d->compare(static::$zero[static::class]) > 0) { - if ($d->isOdd()) { - // start mods - - $bigInteger = $d->testBit($w - 1) ? - $d->bitwise_and($mask)->subtract($sub) : - //$sub->subtract($d->bitwise_and($mask)) : - $d->bitwise_and($mask); - // end mods - $d = $d->subtract($bigInteger); - $d_i[$i] = (int) $bigInteger->toString(); - } else { - $d_i[$i] = 0; - } - $shift = !$d->equals(static::$zero[static::class]) && $d->bitwise_and($mask)->equals(static::$zero[static::class]) ? $w : 1; // $w or $w + 1? - $d = $d->bitwise_rightShift($shift); - while (--$shift > 0) { - $d_i[++$i] = 0; - } - $i++; - } - - return $d_i; - } - - /** - * Converts an Integer to a BigInteger - * - * @return BigInteger - */ - public function toBigInteger() - { - return clone $this->value; - } - - /** - * __toString() magic method - * - * @return string - */ - public function __toString() - { - return (string) $this->value; - } - - /** - * __debugInfo() magic method - * - * @return array - */ - public function __debugInfo() - { - return ['value' => $this->toHex()]; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Net/SFTP.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Net/SFTP.php deleted file mode 100644 index 45f748d..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Net/SFTP.php +++ /dev/null @@ -1,3547 +0,0 @@ - - * login('username', 'password')) { - * exit('Login Failed'); - * } - * - * echo $sftp->pwd() . "\r\n"; - * $sftp->put('filename.ext', 'hello, world!'); - * print_r($sftp->nlist()); - * ?> - * - * - * @author Jim Wigginton - * @copyright 2009 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Net; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Exception\FileNotFoundException; - -/** - * Pure-PHP implementations of SFTP. - * - * @author Jim Wigginton - */ -class SFTP extends SSH2 -{ - /** - * SFTP channel constant - * - * \phpseclib3\Net\SSH2::exec() uses 0 and \phpseclib3\Net\SSH2::read() / \phpseclib3\Net\SSH2::write() use 1. - * - * @see \phpseclib3\Net\SSH2::send_channel_packet() - * @see \phpseclib3\Net\SSH2::get_channel_packet() - */ - const CHANNEL = 0x100; - - /** - * Reads data from a local file. - * - * @see \phpseclib3\Net\SFTP::put() - */ - const SOURCE_LOCAL_FILE = 1; - /** - * Reads data from a string. - * - * @see \phpseclib3\Net\SFTP::put() - */ - // this value isn't really used anymore but i'm keeping it reserved for historical reasons - const SOURCE_STRING = 2; - /** - * Reads data from callback: - * function callback($length) returns string to proceed, null for EOF - * - * @see \phpseclib3\Net\SFTP::put() - */ - const SOURCE_CALLBACK = 16; - /** - * Resumes an upload - * - * @see \phpseclib3\Net\SFTP::put() - */ - const RESUME = 4; - /** - * Append a local file to an already existing remote file - * - * @see \phpseclib3\Net\SFTP::put() - */ - const RESUME_START = 8; - - /** - * Packet Types - * - * @see self::__construct() - * @var array - * @access private - */ - private static $packet_types = []; - - /** - * Status Codes - * - * @see self::__construct() - * @var array - * @access private - */ - private static $status_codes = []; - - /** @var array */ - private static $attributes; - - /** @var array */ - private static $open_flags; - - /** @var array */ - private static $open_flags5; - - /** @var array */ - private static $file_types; - - /** - * The Request ID - * - * The request ID exists in the off chance that a packet is sent out-of-order. Of course, this library doesn't support - * concurrent actions, so it's somewhat academic, here. - * - * @var boolean - * @see self::_send_sftp_packet() - */ - private $use_request_id = false; - - /** - * The Packet Type - * - * The request ID exists in the off chance that a packet is sent out-of-order. Of course, this library doesn't support - * concurrent actions, so it's somewhat academic, here. - * - * @var int - * @see self::_get_sftp_packet() - */ - private $packet_type = -1; - - /** - * Packet Buffer - * - * @var string - * @see self::_get_sftp_packet() - */ - private $packet_buffer = ''; - - /** - * Extensions supported by the server - * - * @var array - * @see self::_initChannel() - */ - private $extensions = []; - - /** - * Server SFTP version - * - * @var int - * @see self::_initChannel() - */ - private $version; - - /** - * Default Server SFTP version - * - * @var int - * @see self::_initChannel() - */ - private $defaultVersion; - - /** - * Preferred SFTP version - * - * @var int - * @see self::_initChannel() - */ - private $preferredVersion = 3; - - /** - * Current working directory - * - * @var string|bool - * @see self::realpath() - * @see self::chdir() - */ - private $pwd = false; - - /** - * Packet Type Log - * - * @see self::getLog() - * @var array - */ - private $packet_type_log = []; - - /** - * Packet Log - * - * @see self::getLog() - * @var array - */ - private $packet_log = []; - - /** - * Real-time log file pointer - * - * @see self::_append_log() - * @var resource|closed-resource - */ - private $realtime_log_file; - - /** - * Real-time log file size - * - * @see self::_append_log() - * @var int - */ - private $realtime_log_size; - - /** - * Real-time log file wrap boolean - * - * @see self::_append_log() - * @var bool - */ - private $realtime_log_wrap; - - /** - * Current log size - * - * Should never exceed self::LOG_MAX_SIZE - * - * @var int - */ - private $log_size; - - /** - * Error information - * - * @see self::getSFTPErrors() - * @see self::getLastSFTPError() - * @var array - */ - private $sftp_errors = []; - - /** - * Stat Cache - * - * Rather than always having to open a directory and close it immediately there after to see if a file is a directory - * we'll cache the results. - * - * @see self::_update_stat_cache() - * @see self::_remove_from_stat_cache() - * @see self::_query_stat_cache() - * @var array - */ - private $stat_cache = []; - - /** - * Max SFTP Packet Size - * - * @see self::__construct() - * @see self::get() - * @var int - */ - private $max_sftp_packet; - - /** - * Stat Cache Flag - * - * @see self::disableStatCache() - * @see self::enableStatCache() - * @var bool - */ - private $use_stat_cache = true; - - /** - * Sort Options - * - * @see self::_comparator() - * @see self::setListOrder() - * @var array - */ - protected $sortOptions = []; - - /** - * Canonicalization Flag - * - * Determines whether or not paths should be canonicalized before being - * passed on to the remote server. - * - * @see self::enablePathCanonicalization() - * @see self::disablePathCanonicalization() - * @see self::realpath() - * @var bool - */ - private $canonicalize_paths = true; - - /** - * Request Buffers - * - * @see self::_get_sftp_packet() - * @var array - */ - private $requestBuffer = []; - - /** - * Preserve timestamps on file downloads / uploads - * - * @see self::get() - * @see self::put() - * @var bool - */ - private $preserveTime = false; - - /** - * Arbitrary Length Packets Flag - * - * Determines whether or not packets of any length should be allowed, - * in cases where the server chooses the packet length (such as - * directory listings). By default, packets are only allowed to be - * 256 * 1024 bytes (SFTP_MAX_MSG_LENGTH from OpenSSH's sftp-common.h) - * - * @see self::enableArbitraryLengthPackets() - * @see self::_get_sftp_packet() - * @var bool - */ - private $allow_arbitrary_length_packets = false; - - /** - * Was the last packet due to the channels being closed or not? - * - * @see self::get() - * @see self::get_sftp_packet() - * @var bool - */ - private $channel_close = false; - - /** - * Has the SFTP channel been partially negotiated? - * - * @var bool - */ - private $partial_init = false; - - /** - * Default Constructor. - * - * Connects to an SFTP server - * - * $host can either be a string, representing the host, or a stream resource. - * - * @param mixed $host - * @param int $port - * @param int $timeout - */ - public function __construct($host, $port = 22, $timeout = 10) - { - parent::__construct($host, $port, $timeout); - - $this->max_sftp_packet = 1 << 15; - - if (empty(self::$packet_types)) { - self::$packet_types = [ - 1 => 'NET_SFTP_INIT', - 2 => 'NET_SFTP_VERSION', - 3 => 'NET_SFTP_OPEN', - 4 => 'NET_SFTP_CLOSE', - 5 => 'NET_SFTP_READ', - 6 => 'NET_SFTP_WRITE', - 7 => 'NET_SFTP_LSTAT', - 9 => 'NET_SFTP_SETSTAT', - 10 => 'NET_SFTP_FSETSTAT', - 11 => 'NET_SFTP_OPENDIR', - 12 => 'NET_SFTP_READDIR', - 13 => 'NET_SFTP_REMOVE', - 14 => 'NET_SFTP_MKDIR', - 15 => 'NET_SFTP_RMDIR', - 16 => 'NET_SFTP_REALPATH', - 17 => 'NET_SFTP_STAT', - 18 => 'NET_SFTP_RENAME', - 19 => 'NET_SFTP_READLINK', - 20 => 'NET_SFTP_SYMLINK', - 21 => 'NET_SFTP_LINK', - - 101 => 'NET_SFTP_STATUS', - 102 => 'NET_SFTP_HANDLE', - 103 => 'NET_SFTP_DATA', - 104 => 'NET_SFTP_NAME', - 105 => 'NET_SFTP_ATTRS', - - 200 => 'NET_SFTP_EXTENDED' - ]; - self::$status_codes = [ - 0 => 'NET_SFTP_STATUS_OK', - 1 => 'NET_SFTP_STATUS_EOF', - 2 => 'NET_SFTP_STATUS_NO_SUCH_FILE', - 3 => 'NET_SFTP_STATUS_PERMISSION_DENIED', - 4 => 'NET_SFTP_STATUS_FAILURE', - 5 => 'NET_SFTP_STATUS_BAD_MESSAGE', - 6 => 'NET_SFTP_STATUS_NO_CONNECTION', - 7 => 'NET_SFTP_STATUS_CONNECTION_LOST', - 8 => 'NET_SFTP_STATUS_OP_UNSUPPORTED', - 9 => 'NET_SFTP_STATUS_INVALID_HANDLE', - 10 => 'NET_SFTP_STATUS_NO_SUCH_PATH', - 11 => 'NET_SFTP_STATUS_FILE_ALREADY_EXISTS', - 12 => 'NET_SFTP_STATUS_WRITE_PROTECT', - 13 => 'NET_SFTP_STATUS_NO_MEDIA', - 14 => 'NET_SFTP_STATUS_NO_SPACE_ON_FILESYSTEM', - 15 => 'NET_SFTP_STATUS_QUOTA_EXCEEDED', - 16 => 'NET_SFTP_STATUS_UNKNOWN_PRINCIPAL', - 17 => 'NET_SFTP_STATUS_LOCK_CONFLICT', - 18 => 'NET_SFTP_STATUS_DIR_NOT_EMPTY', - 19 => 'NET_SFTP_STATUS_NOT_A_DIRECTORY', - 20 => 'NET_SFTP_STATUS_INVALID_FILENAME', - 21 => 'NET_SFTP_STATUS_LINK_LOOP', - 22 => 'NET_SFTP_STATUS_CANNOT_DELETE', - 23 => 'NET_SFTP_STATUS_INVALID_PARAMETER', - 24 => 'NET_SFTP_STATUS_FILE_IS_A_DIRECTORY', - 25 => 'NET_SFTP_STATUS_BYTE_RANGE_LOCK_CONFLICT', - 26 => 'NET_SFTP_STATUS_BYTE_RANGE_LOCK_REFUSED', - 27 => 'NET_SFTP_STATUS_DELETE_PENDING', - 28 => 'NET_SFTP_STATUS_FILE_CORRUPT', - 29 => 'NET_SFTP_STATUS_OWNER_INVALID', - 30 => 'NET_SFTP_STATUS_GROUP_INVALID', - 31 => 'NET_SFTP_STATUS_NO_MATCHING_BYTE_RANGE_LOCK' - ]; - // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-7.1 - // the order, in this case, matters quite a lot - see \phpseclib3\Net\SFTP::_parseAttributes() to understand why - self::$attributes = [ - 0x00000001 => 'NET_SFTP_ATTR_SIZE', - 0x00000002 => 'NET_SFTP_ATTR_UIDGID', // defined in SFTPv3, removed in SFTPv4+ - 0x00000080 => 'NET_SFTP_ATTR_OWNERGROUP', // defined in SFTPv4+ - 0x00000004 => 'NET_SFTP_ATTR_PERMISSIONS', - 0x00000008 => 'NET_SFTP_ATTR_ACCESSTIME', - 0x00000010 => 'NET_SFTP_ATTR_CREATETIME', // SFTPv4+ - 0x00000020 => 'NET_SFTP_ATTR_MODIFYTIME', - 0x00000040 => 'NET_SFTP_ATTR_ACL', - 0x00000100 => 'NET_SFTP_ATTR_SUBSECOND_TIMES', - 0x00000200 => 'NET_SFTP_ATTR_BITS', // SFTPv5+ - 0x00000400 => 'NET_SFTP_ATTR_ALLOCATION_SIZE', // SFTPv6+ - 0x00000800 => 'NET_SFTP_ATTR_TEXT_HINT', - 0x00001000 => 'NET_SFTP_ATTR_MIME_TYPE', - 0x00002000 => 'NET_SFTP_ATTR_LINK_COUNT', - 0x00004000 => 'NET_SFTP_ATTR_UNTRANSLATED_NAME', - 0x00008000 => 'NET_SFTP_ATTR_CTIME', - // 0x80000000 will yield a floating point on 32-bit systems and converting floating points to integers - // yields inconsistent behavior depending on how php is compiled. so we left shift -1 (which, in - // two's compliment, consists of all 1 bits) by 31. on 64-bit systems this'll yield 0xFFFFFFFF80000000. - // that's not a problem, however, and 'anded' and a 32-bit number, as all the leading 1 bits are ignored. - (PHP_INT_SIZE == 4 ? (-1 << 31) : 0x80000000) => 'NET_SFTP_ATTR_EXTENDED' - ]; - // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-6.3 - // the flag definitions change somewhat in SFTPv5+. if SFTPv5+ support is added to this library, maybe name - // the array for that $this->open5_flags and similarly alter the constant names. - self::$open_flags = [ - 0x00000001 => 'NET_SFTP_OPEN_READ', - 0x00000002 => 'NET_SFTP_OPEN_WRITE', - 0x00000004 => 'NET_SFTP_OPEN_APPEND', - 0x00000008 => 'NET_SFTP_OPEN_CREATE', - 0x00000010 => 'NET_SFTP_OPEN_TRUNCATE', - 0x00000020 => 'NET_SFTP_OPEN_EXCL', - 0x00000040 => 'NET_SFTP_OPEN_TEXT' // defined in SFTPv4 - ]; - // SFTPv5+ changed the flags up: - // https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-13#section-8.1.1.3 - self::$open_flags5 = [ - // when SSH_FXF_ACCESS_DISPOSITION is a 3 bit field that controls how the file is opened - 0x00000000 => 'NET_SFTP_OPEN_CREATE_NEW', - 0x00000001 => 'NET_SFTP_OPEN_CREATE_TRUNCATE', - 0x00000002 => 'NET_SFTP_OPEN_OPEN_EXISTING', - 0x00000003 => 'NET_SFTP_OPEN_OPEN_OR_CREATE', - 0x00000004 => 'NET_SFTP_OPEN_TRUNCATE_EXISTING', - // the rest of the flags are not supported - 0x00000008 => 'NET_SFTP_OPEN_APPEND_DATA', // "the offset field of SS_FXP_WRITE requests is ignored" - 0x00000010 => 'NET_SFTP_OPEN_APPEND_DATA_ATOMIC', - 0x00000020 => 'NET_SFTP_OPEN_TEXT_MODE', - 0x00000040 => 'NET_SFTP_OPEN_BLOCK_READ', - 0x00000080 => 'NET_SFTP_OPEN_BLOCK_WRITE', - 0x00000100 => 'NET_SFTP_OPEN_BLOCK_DELETE', - 0x00000200 => 'NET_SFTP_OPEN_BLOCK_ADVISORY', - 0x00000400 => 'NET_SFTP_OPEN_NOFOLLOW', - 0x00000800 => 'NET_SFTP_OPEN_DELETE_ON_CLOSE', - 0x00001000 => 'NET_SFTP_OPEN_ACCESS_AUDIT_ALARM_INFO', - 0x00002000 => 'NET_SFTP_OPEN_ACCESS_BACKUP', - 0x00004000 => 'NET_SFTP_OPEN_BACKUP_STREAM', - 0x00008000 => 'NET_SFTP_OPEN_OVERRIDE_OWNER', - ]; - // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-5.2 - // see \phpseclib3\Net\SFTP::_parseLongname() for an explanation - self::$file_types = [ - 1 => 'NET_SFTP_TYPE_REGULAR', - 2 => 'NET_SFTP_TYPE_DIRECTORY', - 3 => 'NET_SFTP_TYPE_SYMLINK', - 4 => 'NET_SFTP_TYPE_SPECIAL', - 5 => 'NET_SFTP_TYPE_UNKNOWN', - // the following types were first defined for use in SFTPv5+ - // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-05#section-5.2 - 6 => 'NET_SFTP_TYPE_SOCKET', - 7 => 'NET_SFTP_TYPE_CHAR_DEVICE', - 8 => 'NET_SFTP_TYPE_BLOCK_DEVICE', - 9 => 'NET_SFTP_TYPE_FIFO' - ]; - self::define_array( - self::$packet_types, - self::$status_codes, - self::$attributes, - self::$open_flags, - self::$open_flags5, - self::$file_types - ); - } - - if (!defined('NET_SFTP_QUEUE_SIZE')) { - define('NET_SFTP_QUEUE_SIZE', 32); - } - if (!defined('NET_SFTP_UPLOAD_QUEUE_SIZE')) { - define('NET_SFTP_UPLOAD_QUEUE_SIZE', 1024); - } - } - - /** - * Check a few things before SFTP functions are called - * - * @return bool - */ - private function precheck() - { - if (!($this->bitmap & SSH2::MASK_LOGIN)) { - return false; - } - - if ($this->pwd === false) { - return $this->init_sftp_connection(); - } - - return true; - } - - /** - * Partially initialize an SFTP connection - * - * @throws \UnexpectedValueException on receipt of unexpected packets - * @return bool - */ - private function partial_init_sftp_connection() - { - $response = $this->openChannel(self::CHANNEL, true); - if ($response === true && $this->isTimeout()) { - return false; - } - - $packet = Strings::packSSH2( - 'CNsbs', - NET_SSH2_MSG_CHANNEL_REQUEST, - $this->server_channels[self::CHANNEL], - 'subsystem', - true, - 'sftp' - ); - $this->send_binary_packet($packet); - - $this->channel_status[self::CHANNEL] = NET_SSH2_MSG_CHANNEL_REQUEST; - - $response = $this->get_channel_packet(self::CHANNEL, true); - if ($response === false) { - // from PuTTY's psftp.exe - $command = "test -x /usr/lib/sftp-server && exec /usr/lib/sftp-server\n" . - "test -x /usr/local/lib/sftp-server && exec /usr/local/lib/sftp-server\n" . - "exec sftp-server"; - // we don't do $this->exec($command, false) because exec() operates on a different channel and plus the SSH_MSG_CHANNEL_OPEN that exec() does - // is redundant - $packet = Strings::packSSH2( - 'CNsCs', - NET_SSH2_MSG_CHANNEL_REQUEST, - $this->server_channels[self::CHANNEL], - 'exec', - 1, - $command - ); - $this->send_binary_packet($packet); - - $this->channel_status[self::CHANNEL] = NET_SSH2_MSG_CHANNEL_REQUEST; - - $response = $this->get_channel_packet(self::CHANNEL, true); - if ($response === false) { - return false; - } - } elseif ($response === true && $this->isTimeout()) { - return false; - } - - $this->channel_status[self::CHANNEL] = NET_SSH2_MSG_CHANNEL_DATA; - $this->send_sftp_packet(NET_SFTP_INIT, "\0\0\0\3"); - - $response = $this->get_sftp_packet(); - if ($this->packet_type != NET_SFTP_VERSION) { - throw new \UnexpectedValueException('Expected NET_SFTP_VERSION. ' - . 'Got packet type: ' . $this->packet_type); - } - - $this->use_request_id = true; - - list($this->defaultVersion) = Strings::unpackSSH2('N', $response); - while (!empty($response)) { - list($key, $value) = Strings::unpackSSH2('ss', $response); - $this->extensions[$key] = $value; - } - - $this->partial_init = true; - - return true; - } - - /** - * (Re)initializes the SFTP channel - * - * @return bool - */ - private function init_sftp_connection() - { - if (!$this->partial_init && !$this->partial_init_sftp_connection()) { - return false; - } - - /* - A Note on SFTPv4/5/6 support: - states the following: - - "If the client wishes to interoperate with servers that support noncontiguous version - numbers it SHOULD send '3'" - - Given that the server only sends its version number after the client has already done so, the above - seems to be suggesting that v3 should be the default version. This makes sense given that v3 is the - most popular. - - states the following; - - "If the server did not send the "versions" extension, or the version-from-list was not included, the - server MAY send a status response describing the failure, but MUST then close the channel without - processing any further requests." - - So what do you do if you have a client whose initial SSH_FXP_INIT packet says it implements v3 and - a server whose initial SSH_FXP_VERSION reply says it implements v4 and only v4? If it only implements - v4, the "versions" extension is likely not going to have been sent so version re-negotiation as discussed - in draft-ietf-secsh-filexfer-13 would be quite impossible. As such, what \phpseclib3\Net\SFTP would do is close the - channel and reopen it with a new and updated SSH_FXP_INIT packet. - */ - $this->version = $this->defaultVersion; - if (isset($this->extensions['versions']) && (!$this->preferredVersion || $this->preferredVersion != $this->version)) { - $versions = explode(',', $this->extensions['versions']); - $supported = [6, 5, 4]; - if ($this->preferredVersion) { - $supported = array_diff($supported, [$this->preferredVersion]); - array_unshift($supported, $this->preferredVersion); - } - foreach ($supported as $ver) { - if (in_array($ver, $versions)) { - if ($ver === $this->version) { - break; - } - $this->version = (int) $ver; - $packet = Strings::packSSH2('ss', 'version-select', "$ver"); - $this->send_sftp_packet(NET_SFTP_EXTENDED, $packet); - $response = $this->get_sftp_packet(); - if ($this->packet_type != NET_SFTP_STATUS) { - throw new \UnexpectedValueException('Expected NET_SFTP_STATUS. ' - . 'Got packet type: ' . $this->packet_type); - } - list($status) = Strings::unpackSSH2('N', $response); - if ($status != NET_SFTP_STATUS_OK) { - $this->logError($response, $status); - throw new \UnexpectedValueException('Expected NET_SFTP_STATUS_OK. ' - . ' Got ' . $status); - } - break; - } - } - } - - /* - SFTPv4+ defines a 'newline' extension. SFTPv3 seems to have unofficial support for it via 'newline@vandyke.com', - however, I'm not sure what 'newline@vandyke.com' is supposed to do (the fact that it's unofficial means that it's - not in the official SFTPv3 specs) and 'newline@vandyke.com' / 'newline' are likely not drop-in substitutes for - one another due to the fact that 'newline' comes with a SSH_FXF_TEXT bitmask whereas it seems unlikely that - 'newline@vandyke.com' would. - */ - /* - if (isset($this->extensions['newline@vandyke.com'])) { - $this->extensions['newline'] = $this->extensions['newline@vandyke.com']; - unset($this->extensions['newline@vandyke.com']); - } - */ - if ($this->version < 2 || $this->version > 6) { - return false; - } - - $this->pwd = true; - try { - $this->pwd = $this->realpath('.'); - } catch (\UnexpectedValueException $e) { - if (!$this->canonicalize_paths) { - throw $e; - } - $this->canonicalize_paths = false; - $this->reset_connection(NET_SSH2_DISCONNECT_CONNECTION_LOST); - } - - $this->update_stat_cache($this->pwd, []); - - return true; - } - - /** - * Disable the stat cache - * - */ - public function disableStatCache() - { - $this->use_stat_cache = false; - } - - /** - * Enable the stat cache - * - */ - public function enableStatCache() - { - $this->use_stat_cache = true; - } - - /** - * Clear the stat cache - * - */ - public function clearStatCache() - { - $this->stat_cache = []; - } - - /** - * Enable path canonicalization - * - */ - public function enablePathCanonicalization() - { - $this->canonicalize_paths = true; - } - - /** - * Disable path canonicalization - * - * If this is enabled then $sftp->pwd() will not return the canonicalized absolute path - * - */ - public function disablePathCanonicalization() - { - $this->canonicalize_paths = false; - } - - /** - * Enable arbitrary length packets - * - */ - public function enableArbitraryLengthPackets() - { - $this->allow_arbitrary_length_packets = true; - } - - /** - * Disable arbitrary length packets - * - */ - public function disableArbitraryLengthPackets() - { - $this->allow_arbitrary_length_packets = false; - } - - /** - * Returns the current directory name - * - * @return string|bool - */ - public function pwd() - { - if (!$this->precheck()) { - return false; - } - - return $this->pwd; - } - - /** - * Logs errors - * - * @param string $response - * @param int $status - */ - private function logError($response, $status = -1) - { - if ($status == -1) { - list($status) = Strings::unpackSSH2('N', $response); - } - - $error = self::$status_codes[$status]; - - if ($this->version > 2) { - list($message) = Strings::unpackSSH2('s', $response); - $this->sftp_errors[] = "$error: $message"; - } else { - $this->sftp_errors[] = $error; - } - } - - /** - * Canonicalize the Server-Side Path Name - * - * SFTP doesn't provide a mechanism by which the current working directory can be changed, so we'll emulate it. Returns - * the absolute (canonicalized) path. - * - * If canonicalize_paths has been disabled using disablePathCanonicalization(), $path is returned as-is. - * - * @see self::chdir() - * @see self::disablePathCanonicalization() - * @param string $path - * @throws \UnexpectedValueException on receipt of unexpected packets - * @return mixed - */ - public function realpath($path) - { - if ($this->precheck() === false) { - return false; - } - - if (!$this->canonicalize_paths) { - if ($this->pwd === true) { - return '.'; - } - if (!strlen($path) || $path[0] != '/') { - $path = $this->pwd . '/' . $path; - } - $parts = explode('/', $path); - $afterPWD = $beforePWD = []; - foreach ($parts as $part) { - switch ($part) { - //case '': // some SFTP servers /require/ double /'s. see https://github.com/phpseclib/phpseclib/pull/1137 - case '.': - break; - case '..': - if (!empty($afterPWD)) { - array_pop($afterPWD); - } else { - $beforePWD[] = '..'; - } - break; - default: - $afterPWD[] = $part; - } - } - $beforePWD = count($beforePWD) ? implode('/', $beforePWD) : '.'; - return $beforePWD . '/' . implode('/', $afterPWD); - } - - if ($this->pwd === true) { - // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.9 - $this->send_sftp_packet(NET_SFTP_REALPATH, Strings::packSSH2('s', $path)); - - $response = $this->get_sftp_packet(); - switch ($this->packet_type) { - case NET_SFTP_NAME: - // although SSH_FXP_NAME is implemented differently in SFTPv3 than it is in SFTPv4+, the following - // should work on all SFTP versions since the only part of the SSH_FXP_NAME packet the following looks - // at is the first part and that part is defined the same in SFTP versions 3 through 6. - list(, $filename) = Strings::unpackSSH2('Ns', $response); - return $filename; - case NET_SFTP_STATUS: - $this->logError($response); - return false; - default: - throw new \UnexpectedValueException('Expected NET_SFTP_NAME or NET_SFTP_STATUS. ' - . 'Got packet type: ' . $this->packet_type); - } - } - - if (!strlen($path) || $path[0] != '/') { - $path = $this->pwd . '/' . $path; - } - - $path = explode('/', $path); - $new = []; - foreach ($path as $dir) { - if (!strlen($dir)) { - continue; - } - switch ($dir) { - case '..': - array_pop($new); - // fall-through - case '.': - break; - default: - $new[] = $dir; - } - } - - return '/' . implode('/', $new); - } - - /** - * Changes the current directory - * - * @param string $dir - * @throws \UnexpectedValueException on receipt of unexpected packets - * @return bool - */ - public function chdir($dir) - { - if (!$this->precheck()) { - return false; - } - - // assume current dir if $dir is empty - if ($dir === '') { - $dir = './'; - // suffix a slash if needed - } elseif ($dir[strlen($dir) - 1] != '/') { - $dir .= '/'; - } - - $dir = $this->realpath($dir); - - // confirm that $dir is, in fact, a valid directory - if ($this->use_stat_cache && is_array($this->query_stat_cache($dir))) { - $this->pwd = $dir; - return true; - } - - // we could do a stat on the alleged $dir to see if it's a directory but that doesn't tell us - // the currently logged in user has the appropriate permissions or not. maybe you could see if - // the file's uid / gid match the currently logged in user's uid / gid but how there's no easy - // way to get those with SFTP - - $this->send_sftp_packet(NET_SFTP_OPENDIR, Strings::packSSH2('s', $dir)); - - // see \phpseclib3\Net\SFTP::nlist() for a more thorough explanation of the following - $response = $this->get_sftp_packet(); - switch ($this->packet_type) { - case NET_SFTP_HANDLE: - $handle = substr($response, 4); - break; - case NET_SFTP_STATUS: - $this->logError($response); - return false; - default: - throw new \UnexpectedValueException('Expected NET_SFTP_HANDLE or NET_SFTP_STATUS' . - 'Got packet type: ' . $this->packet_type); - } - - if (!$this->close_handle($handle)) { - return false; - } - - $this->update_stat_cache($dir, []); - - $this->pwd = $dir; - return true; - } - - /** - * Returns a list of files in the given directory - * - * @param string $dir - * @param bool $recursive - * @return array|false - */ - public function nlist($dir = '.', $recursive = false) - { - return $this->nlist_helper($dir, $recursive, ''); - } - - /** - * Helper method for nlist - * - * @param string $dir - * @param bool $recursive - * @param string $relativeDir - * @return array|false - */ - private function nlist_helper($dir, $recursive, $relativeDir) - { - $files = $this->readlist($dir, false); - - // If we get an int back, then that is an "unexpected" status. - // We do not have a file list, so return false. - if (is_int($files)) { - return false; - } - - if (!$recursive || $files === false) { - return $files; - } - - $result = []; - foreach ($files as $value) { - if ($value == '.' || $value == '..') { - $result[] = $relativeDir . $value; - continue; - } - if (is_array($this->query_stat_cache($this->realpath($dir . '/' . $value)))) { - $temp = $this->nlist_helper($dir . '/' . $value, true, $relativeDir . $value . '/'); - $temp = is_array($temp) ? $temp : []; - $result = array_merge($result, $temp); - } else { - $result[] = $relativeDir . $value; - } - } - - return $result; - } - - /** - * Returns a detailed list of files in the given directory - * - * @param string $dir - * @param bool $recursive - * @return array|false - */ - public function rawlist($dir = '.', $recursive = false) - { - $files = $this->readlist($dir, true); - - // If we get an int back, then that is an "unexpected" status. - // We do not have a file list, so return false. - if (is_int($files)) { - return false; - } - - if (!$recursive || $files === false) { - return $files; - } - - static $depth = 0; - - foreach ($files as $key => $value) { - if ($depth != 0 && $key == '..') { - unset($files[$key]); - continue; - } - $is_directory = false; - if ($key != '.' && $key != '..') { - if ($this->use_stat_cache) { - $is_directory = is_array($this->query_stat_cache($this->realpath($dir . '/' . $key))); - } else { - $stat = $this->lstat($dir . '/' . $key); - $is_directory = $stat && $stat['type'] === NET_SFTP_TYPE_DIRECTORY; - } - } - - if ($is_directory) { - $depth++; - $files[$key] = $this->rawlist($dir . '/' . $key, true); - $depth--; - } else { - $files[$key] = (object) $value; - } - } - - return $files; - } - - /** - * Reads a list, be it detailed or not, of files in the given directory - * - * @param string $dir - * @param bool $raw - * @return array|false - * @throws \UnexpectedValueException on receipt of unexpected packets - */ - private function readlist($dir, $raw = true) - { - if (!$this->precheck()) { - return false; - } - - $dir = $this->realpath($dir . '/'); - if ($dir === false) { - return false; - } - - // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.1.2 - $this->send_sftp_packet(NET_SFTP_OPENDIR, Strings::packSSH2('s', $dir)); - - $response = $this->get_sftp_packet(); - switch ($this->packet_type) { - case NET_SFTP_HANDLE: - // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-9.2 - // since 'handle' is the last field in the SSH_FXP_HANDLE packet, we'll just remove the first four bytes that - // represent the length of the string and leave it at that - $handle = substr($response, 4); - break; - case NET_SFTP_STATUS: - // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED - list($status) = Strings::unpackSSH2('N', $response); - $this->logError($response, $status); - return $status; - default: - throw new \UnexpectedValueException('Expected NET_SFTP_HANDLE or NET_SFTP_STATUS. ' - . 'Got packet type: ' . $this->packet_type); - } - - $this->update_stat_cache($dir, []); - - $contents = []; - while (true) { - // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.2.2 - // why multiple SSH_FXP_READDIR packets would be sent when the response to a single one can span arbitrarily many - // SSH_MSG_CHANNEL_DATA messages is not known to me. - $this->send_sftp_packet(NET_SFTP_READDIR, Strings::packSSH2('s', $handle)); - - $response = $this->get_sftp_packet(); - switch ($this->packet_type) { - case NET_SFTP_NAME: - list($count) = Strings::unpackSSH2('N', $response); - for ($i = 0; $i < $count; $i++) { - list($shortname) = Strings::unpackSSH2('s', $response); - // SFTPv4 "removed the long filename from the names structure-- it can now be - // built from information available in the attrs structure." - if ($this->version < 4) { - list($longname) = Strings::unpackSSH2('s', $response); - } - $attributes = $this->parseAttributes($response); - if (!isset($attributes['type']) && $this->version < 4) { - $fileType = $this->parseLongname($longname); - if ($fileType) { - $attributes['type'] = $fileType; - } - } - $contents[$shortname] = $attributes + ['filename' => $shortname]; - - if (isset($attributes['type']) && $attributes['type'] == NET_SFTP_TYPE_DIRECTORY && ($shortname != '.' && $shortname != '..')) { - $this->update_stat_cache($dir . '/' . $shortname, []); - } else { - if ($shortname == '..') { - $temp = $this->realpath($dir . '/..') . '/.'; - } else { - $temp = $dir . '/' . $shortname; - } - $this->update_stat_cache($temp, (object) ['lstat' => $attributes]); - } - // SFTPv6 has an optional boolean end-of-list field, but we'll ignore that, since the - // final SSH_FXP_STATUS packet should tell us that, already. - } - break; - case NET_SFTP_STATUS: - list($status) = Strings::unpackSSH2('N', $response); - if ($status != NET_SFTP_STATUS_EOF) { - $this->logError($response, $status); - return $status; - } - break 2; - default: - throw new \UnexpectedValueException('Expected NET_SFTP_NAME or NET_SFTP_STATUS. ' - . 'Got packet type: ' . $this->packet_type); - } - } - - if (!$this->close_handle($handle)) { - return false; - } - - if (count($this->sortOptions)) { - uasort($contents, [&$this, 'comparator']); - } - - return $raw ? $contents : array_map('strval', array_keys($contents)); - } - - /** - * Compares two rawlist entries using parameters set by setListOrder() - * - * Intended for use with uasort() - * - * @param array $a - * @param array $b - * @return int - */ - private function comparator(array $a, array $b) - { - switch (true) { - case $a['filename'] === '.' || $b['filename'] === '.': - if ($a['filename'] === $b['filename']) { - return 0; - } - return $a['filename'] === '.' ? -1 : 1; - case $a['filename'] === '..' || $b['filename'] === '..': - if ($a['filename'] === $b['filename']) { - return 0; - } - return $a['filename'] === '..' ? -1 : 1; - case isset($a['type']) && $a['type'] === NET_SFTP_TYPE_DIRECTORY: - if (!isset($b['type'])) { - return 1; - } - if ($b['type'] !== $a['type']) { - return -1; - } - break; - case isset($b['type']) && $b['type'] === NET_SFTP_TYPE_DIRECTORY: - return 1; - } - foreach ($this->sortOptions as $sort => $order) { - if (!isset($a[$sort]) || !isset($b[$sort])) { - if (isset($a[$sort])) { - return -1; - } - if (isset($b[$sort])) { - return 1; - } - return 0; - } - switch ($sort) { - case 'filename': - $result = strcasecmp($a['filename'], $b['filename']); - if ($result) { - return $order === SORT_DESC ? -$result : $result; - } - break; - case 'mode': - $a[$sort] &= 07777; - $b[$sort] &= 07777; - // fall-through - default: - if ($a[$sort] === $b[$sort]) { - break; - } - return $order === SORT_ASC ? $a[$sort] - $b[$sort] : $b[$sort] - $a[$sort]; - } - } - } - - /** - * Defines how nlist() and rawlist() will be sorted - if at all. - * - * If sorting is enabled directories and files will be sorted independently with - * directories appearing before files in the resultant array that is returned. - * - * Any parameter returned by stat is a valid sort parameter for this function. - * Filename comparisons are case insensitive. - * - * Examples: - * - * $sftp->setListOrder('filename', SORT_ASC); - * $sftp->setListOrder('size', SORT_DESC, 'filename', SORT_ASC); - * $sftp->setListOrder(true); - * Separates directories from files but doesn't do any sorting beyond that - * $sftp->setListOrder(); - * Don't do any sort of sorting - * - * @param string ...$args - */ - public function setListOrder(...$args) - { - $this->sortOptions = []; - if (empty($args)) { - return; - } - $len = count($args) & 0x7FFFFFFE; - for ($i = 0; $i < $len; $i += 2) { - $this->sortOptions[$args[$i]] = $args[$i + 1]; - } - if (!count($this->sortOptions)) { - $this->sortOptions = ['bogus' => true]; - } - } - - /** - * Save files / directories to cache - * - * @param string $path - * @param mixed $value - */ - private function update_stat_cache($path, $value) - { - if ($this->use_stat_cache === false) { - return; - } - - // preg_replace('#^/|/(?=/)|/$#', '', $dir) == str_replace('//', '/', trim($path, '/')) - $dirs = explode('/', preg_replace('#^/|/(?=/)|/$#', '', $path)); - - $temp = &$this->stat_cache; - $max = count($dirs) - 1; - foreach ($dirs as $i => $dir) { - // if $temp is an object that means one of two things. - // 1. a file was deleted and changed to a directory behind phpseclib's back - // 2. it's a symlink. when lstat is done it's unclear what it's a symlink to - if (is_object($temp)) { - $temp = []; - } - if (!isset($temp[$dir])) { - $temp[$dir] = []; - } - if ($i === $max) { - if (is_object($temp[$dir]) && is_object($value)) { - if (!isset($value->stat) && isset($temp[$dir]->stat)) { - $value->stat = $temp[$dir]->stat; - } - if (!isset($value->lstat) && isset($temp[$dir]->lstat)) { - $value->lstat = $temp[$dir]->lstat; - } - } - $temp[$dir] = $value; - break; - } - $temp = &$temp[$dir]; - } - } - - /** - * Remove files / directories from cache - * - * @param string $path - * @return bool - */ - private function remove_from_stat_cache($path) - { - $dirs = explode('/', preg_replace('#^/|/(?=/)|/$#', '', $path)); - - $temp = &$this->stat_cache; - $max = count($dirs) - 1; - foreach ($dirs as $i => $dir) { - if (!is_array($temp)) { - return false; - } - if ($i === $max) { - unset($temp[$dir]); - return true; - } - if (!isset($temp[$dir])) { - return false; - } - $temp = &$temp[$dir]; - } - } - - /** - * Checks cache for path - * - * Mainly used by file_exists - * - * @param string $path - * @return mixed - */ - private function query_stat_cache($path) - { - $dirs = explode('/', preg_replace('#^/|/(?=/)|/$#', '', $path)); - - $temp = &$this->stat_cache; - foreach ($dirs as $dir) { - if (!is_array($temp)) { - return null; - } - if (!isset($temp[$dir])) { - return null; - } - $temp = &$temp[$dir]; - } - return $temp; - } - - /** - * Returns general information about a file. - * - * Returns an array on success and false otherwise. - * - * @param string $filename - * @return array|false - */ - public function stat($filename) - { - if (!$this->precheck()) { - return false; - } - - $filename = $this->realpath($filename); - if ($filename === false) { - return false; - } - - if ($this->use_stat_cache) { - $result = $this->query_stat_cache($filename); - if (is_array($result) && isset($result['.']) && isset($result['.']->stat)) { - return $result['.']->stat; - } - if (is_object($result) && isset($result->stat)) { - return $result->stat; - } - } - - $stat = $this->stat_helper($filename, NET_SFTP_STAT); - if ($stat === false) { - $this->remove_from_stat_cache($filename); - return false; - } - if (isset($stat['type'])) { - if ($stat['type'] == NET_SFTP_TYPE_DIRECTORY) { - $filename .= '/.'; - } - $this->update_stat_cache($filename, (object) ['stat' => $stat]); - return $stat; - } - - $pwd = $this->pwd; - $stat['type'] = $this->chdir($filename) ? - NET_SFTP_TYPE_DIRECTORY : - NET_SFTP_TYPE_REGULAR; - $this->pwd = $pwd; - - if ($stat['type'] == NET_SFTP_TYPE_DIRECTORY) { - $filename .= '/.'; - } - $this->update_stat_cache($filename, (object) ['stat' => $stat]); - - return $stat; - } - - /** - * Returns general information about a file or symbolic link. - * - * Returns an array on success and false otherwise. - * - * @param string $filename - * @return array|false - */ - public function lstat($filename) - { - if (!$this->precheck()) { - return false; - } - - $filename = $this->realpath($filename); - if ($filename === false) { - return false; - } - - if ($this->use_stat_cache) { - $result = $this->query_stat_cache($filename); - if (is_array($result) && isset($result['.']) && isset($result['.']->lstat)) { - return $result['.']->lstat; - } - if (is_object($result) && isset($result->lstat)) { - return $result->lstat; - } - } - - $lstat = $this->stat_helper($filename, NET_SFTP_LSTAT); - if ($lstat === false) { - $this->remove_from_stat_cache($filename); - return false; - } - if (isset($lstat['type'])) { - if ($lstat['type'] == NET_SFTP_TYPE_DIRECTORY) { - $filename .= '/.'; - } - $this->update_stat_cache($filename, (object) ['lstat' => $lstat]); - return $lstat; - } - - $stat = $this->stat_helper($filename, NET_SFTP_STAT); - - if ($lstat != $stat) { - $lstat = array_merge($lstat, ['type' => NET_SFTP_TYPE_SYMLINK]); - $this->update_stat_cache($filename, (object) ['lstat' => $lstat]); - return $stat; - } - - $pwd = $this->pwd; - $lstat['type'] = $this->chdir($filename) ? - NET_SFTP_TYPE_DIRECTORY : - NET_SFTP_TYPE_REGULAR; - $this->pwd = $pwd; - - if ($lstat['type'] == NET_SFTP_TYPE_DIRECTORY) { - $filename .= '/.'; - } - $this->update_stat_cache($filename, (object) ['lstat' => $lstat]); - - return $lstat; - } - - /** - * Returns general information about a file or symbolic link - * - * Determines information without calling \phpseclib3\Net\SFTP::realpath(). - * The second parameter can be either NET_SFTP_STAT or NET_SFTP_LSTAT. - * - * @param string $filename - * @param int $type - * @throws \UnexpectedValueException on receipt of unexpected packets - * @return array|false - */ - private function stat_helper($filename, $type) - { - // SFTPv4+ adds an additional 32-bit integer field - flags - to the following: - $packet = Strings::packSSH2('s', $filename); - $this->send_sftp_packet($type, $packet); - - $response = $this->get_sftp_packet(); - switch ($this->packet_type) { - case NET_SFTP_ATTRS: - return $this->parseAttributes($response); - case NET_SFTP_STATUS: - $this->logError($response); - return false; - } - - throw new \UnexpectedValueException('Expected NET_SFTP_ATTRS or NET_SFTP_STATUS. ' - . 'Got packet type: ' . $this->packet_type); - } - - /** - * Truncates a file to a given length - * - * @param string $filename - * @param int $new_size - * @return bool - */ - public function truncate($filename, $new_size) - { - $attr = Strings::packSSH2('NQ', NET_SFTP_ATTR_SIZE, $new_size); - - return $this->setstat($filename, $attr, false); - } - - /** - * Sets access and modification time of file. - * - * If the file does not exist, it will be created. - * - * @param string $filename - * @param int $time - * @param int $atime - * @throws \UnexpectedValueException on receipt of unexpected packets - * @return bool - */ - public function touch($filename, $time = null, $atime = null) - { - if (!$this->precheck()) { - return false; - } - - $filename = $this->realpath($filename); - if ($filename === false) { - return false; - } - - if (!isset($time)) { - $time = time(); - } - if (!isset($atime)) { - $atime = $time; - } - - $attr = $this->version < 4 ? - pack('N3', NET_SFTP_ATTR_ACCESSTIME, $atime, $time) : - Strings::packSSH2('NQ2', NET_SFTP_ATTR_ACCESSTIME | NET_SFTP_ATTR_MODIFYTIME, $atime, $time); - - $packet = Strings::packSSH2('s', $filename); - $packet .= $this->version >= 5 ? - pack('N2', 0, NET_SFTP_OPEN_OPEN_EXISTING) : - pack('N', NET_SFTP_OPEN_WRITE | NET_SFTP_OPEN_CREATE | NET_SFTP_OPEN_EXCL); - $packet .= $attr; - - $this->send_sftp_packet(NET_SFTP_OPEN, $packet); - - $response = $this->get_sftp_packet(); - switch ($this->packet_type) { - case NET_SFTP_HANDLE: - return $this->close_handle(substr($response, 4)); - case NET_SFTP_STATUS: - $this->logError($response); - break; - default: - throw new \UnexpectedValueException('Expected NET_SFTP_HANDLE or NET_SFTP_STATUS. ' - . 'Got packet type: ' . $this->packet_type); - } - - return $this->setstat($filename, $attr, false); - } - - /** - * Changes file or directory owner - * - * $uid should be an int for SFTPv3 and a string for SFTPv4+. Ideally the string - * would be of the form "user@dns_domain" but it does not need to be. - * `$sftp->getSupportedVersions()['version']` will return the specific version - * that's being used. - * - * Returns true on success or false on error. - * - * @param string $filename - * @param int|string $uid - * @param bool $recursive - * @return bool - */ - public function chown($filename, $uid, $recursive = false) - { - /* - quoting , - - "To avoid a representation that is tied to a particular underlying - implementation at the client or server, the use of UTF-8 strings has - been chosen. The string should be of the form "user@dns_domain". - This will allow for a client and server that do not use the same - local representation the ability to translate to a common syntax that - can be interpreted by both. In the case where there is no - translation available to the client or server, the attribute value - must be constructed without the "@"." - - phpseclib _could_ auto append the dns_domain to $uid BUT what if it shouldn't - have one? phpseclib would have no way of knowing so rather than guess phpseclib - will just use whatever value the user provided - */ - - $attr = $this->version < 4 ? - // quoting , - // "if the owner or group is specified as -1, then that ID is not changed" - pack('N3', NET_SFTP_ATTR_UIDGID, $uid, -1) : - // quoting , - // "If either the owner or group field is zero length, the field should be - // considered absent, and no change should be made to that specific field - // during a modification operation" - Strings::packSSH2('Nss', NET_SFTP_ATTR_OWNERGROUP, $uid, ''); - - return $this->setstat($filename, $attr, $recursive); - } - - /** - * Changes file or directory group - * - * $gid should be an int for SFTPv3 and a string for SFTPv4+. Ideally the string - * would be of the form "user@dns_domain" but it does not need to be. - * `$sftp->getSupportedVersions()['version']` will return the specific version - * that's being used. - * - * Returns true on success or false on error. - * - * @param string $filename - * @param int|string $gid - * @param bool $recursive - * @return bool - */ - public function chgrp($filename, $gid, $recursive = false) - { - $attr = $this->version < 4 ? - pack('N3', NET_SFTP_ATTR_UIDGID, -1, $gid) : - Strings::packSSH2('Nss', NET_SFTP_ATTR_OWNERGROUP, '', $gid); - - return $this->setstat($filename, $attr, $recursive); - } - - /** - * Set permissions on a file. - * - * Returns the new file permissions on success or false on error. - * If $recursive is true than this just returns true or false. - * - * @param int $mode - * @param string $filename - * @param bool $recursive - * @throws \UnexpectedValueException on receipt of unexpected packets - * @return mixed - */ - public function chmod($mode, $filename, $recursive = false) - { - if (is_string($mode) && is_int($filename)) { - $temp = $mode; - $mode = $filename; - $filename = $temp; - } - - $attr = pack('N2', NET_SFTP_ATTR_PERMISSIONS, $mode & 07777); - if (!$this->setstat($filename, $attr, $recursive)) { - return false; - } - if ($recursive) { - return true; - } - - $filename = $this->realpath($filename); - // rather than return what the permissions *should* be, we'll return what they actually are. this will also - // tell us if the file actually exists. - // incidentally, SFTPv4+ adds an additional 32-bit integer field - flags - to the following: - $packet = pack('Na*', strlen($filename), $filename); - $this->send_sftp_packet(NET_SFTP_STAT, $packet); - - $response = $this->get_sftp_packet(); - switch ($this->packet_type) { - case NET_SFTP_ATTRS: - $attrs = $this->parseAttributes($response); - return $attrs['mode']; - case NET_SFTP_STATUS: - $this->logError($response); - return false; - } - - throw new \UnexpectedValueException('Expected NET_SFTP_ATTRS or NET_SFTP_STATUS. ' - . 'Got packet type: ' . $this->packet_type); - } - - /** - * Sets information about a file - * - * @param string $filename - * @param string $attr - * @param bool $recursive - * @throws \UnexpectedValueException on receipt of unexpected packets - * @return bool - */ - private function setstat($filename, $attr, $recursive) - { - if (!$this->precheck()) { - return false; - } - - $filename = $this->realpath($filename); - if ($filename === false) { - return false; - } - - $this->remove_from_stat_cache($filename); - - if ($recursive) { - $i = 0; - $result = $this->setstat_recursive($filename, $attr, $i); - $this->read_put_responses($i); - return $result; - } - - $packet = Strings::packSSH2('s', $filename); - $packet .= $this->version >= 4 ? - pack('a*Ca*', substr($attr, 0, 4), NET_SFTP_TYPE_UNKNOWN, substr($attr, 4)) : - $attr; - $this->send_sftp_packet(NET_SFTP_SETSTAT, $packet); - - /* - "Because some systems must use separate system calls to set various attributes, it is possible that a failure - response will be returned, but yet some of the attributes may be have been successfully modified. If possible, - servers SHOULD avoid this situation; however, clients MUST be aware that this is possible." - - -- http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.6 - */ - $response = $this->get_sftp_packet(); - if ($this->packet_type != NET_SFTP_STATUS) { - throw new \UnexpectedValueException('Expected NET_SFTP_STATUS. ' - . 'Got packet type: ' . $this->packet_type); - } - - list($status) = Strings::unpackSSH2('N', $response); - if ($status != NET_SFTP_STATUS_OK) { - $this->logError($response, $status); - return false; - } - - return true; - } - - /** - * Recursively sets information on directories on the SFTP server - * - * Minimizes directory lookups and SSH_FXP_STATUS requests for speed. - * - * @param string $path - * @param string $attr - * @param int $i - * @return bool - */ - private function setstat_recursive($path, $attr, &$i) - { - if (!$this->read_put_responses($i)) { - return false; - } - $i = 0; - $entries = $this->readlist($path, true); - - if ($entries === false || is_int($entries)) { - return $this->setstat($path, $attr, false); - } - - // normally $entries would have at least . and .. but it might not if the directories - // permissions didn't allow reading - if (empty($entries)) { - return false; - } - - unset($entries['.'], $entries['..']); - foreach ($entries as $filename => $props) { - if (!isset($props['type'])) { - return false; - } - - $temp = $path . '/' . $filename; - if ($props['type'] == NET_SFTP_TYPE_DIRECTORY) { - if (!$this->setstat_recursive($temp, $attr, $i)) { - return false; - } - } else { - $packet = Strings::packSSH2('s', $temp); - $packet .= $this->version >= 4 ? - pack('Ca*', NET_SFTP_TYPE_UNKNOWN, $attr) : - $attr; - $this->send_sftp_packet(NET_SFTP_SETSTAT, $packet); - - $i++; - - if ($i >= NET_SFTP_QUEUE_SIZE) { - if (!$this->read_put_responses($i)) { - return false; - } - $i = 0; - } - } - } - - $packet = Strings::packSSH2('s', $path); - $packet .= $this->version >= 4 ? - pack('Ca*', NET_SFTP_TYPE_UNKNOWN, $attr) : - $attr; - $this->send_sftp_packet(NET_SFTP_SETSTAT, $packet); - - $i++; - - if ($i >= NET_SFTP_QUEUE_SIZE) { - if (!$this->read_put_responses($i)) { - return false; - } - $i = 0; - } - - return true; - } - - /** - * Return the target of a symbolic link - * - * @param string $link - * @throws \UnexpectedValueException on receipt of unexpected packets - * @return mixed - */ - public function readlink($link) - { - if (!$this->precheck()) { - return false; - } - - $link = $this->realpath($link); - - $this->send_sftp_packet(NET_SFTP_READLINK, Strings::packSSH2('s', $link)); - - $response = $this->get_sftp_packet(); - switch ($this->packet_type) { - case NET_SFTP_NAME: - break; - case NET_SFTP_STATUS: - $this->logError($response); - return false; - default: - throw new \UnexpectedValueException('Expected NET_SFTP_NAME or NET_SFTP_STATUS. ' - . 'Got packet type: ' . $this->packet_type); - } - - list($count) = Strings::unpackSSH2('N', $response); - // the file isn't a symlink - if (!$count) { - return false; - } - - list($filename) = Strings::unpackSSH2('s', $response); - - return $filename; - } - - /** - * Create a symlink - * - * symlink() creates a symbolic link to the existing target with the specified name link. - * - * @param string $target - * @param string $link - * @throws \UnexpectedValueException on receipt of unexpected packets - * @return bool - */ - public function symlink($target, $link) - { - if (!$this->precheck()) { - return false; - } - - //$target = $this->realpath($target); - $link = $this->realpath($link); - - /* quoting https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-09#section-12.1 : - - Changed the SYMLINK packet to be LINK and give it the ability to - create hard links. Also change it's packet number because many - implementation implemented SYMLINK with the arguments reversed. - Hopefully the new argument names make it clear which way is which. - */ - if ($this->version == 6) { - $type = NET_SFTP_LINK; - $packet = Strings::packSSH2('ssC', $link, $target, 1); - } else { - $type = NET_SFTP_SYMLINK; - /* quoting http://bxr.su/OpenBSD/usr.bin/ssh/PROTOCOL#347 : - - 3.1. sftp: Reversal of arguments to SSH_FXP_SYMLINK - - When OpenSSH's sftp-server was implemented, the order of the arguments - to the SSH_FXP_SYMLINK method was inadvertently reversed. Unfortunately, - the reversal was not noticed until the server was widely deployed. Since - fixing this to follow the specification would cause incompatibility, the - current order was retained. For correct operation, clients should send - SSH_FXP_SYMLINK as follows: - - uint32 id - string targetpath - string linkpath */ - $packet = substr($this->server_identifier, 0, 15) == 'SSH-2.0-OpenSSH' ? - Strings::packSSH2('ss', $target, $link) : - Strings::packSSH2('ss', $link, $target); - } - $this->send_sftp_packet($type, $packet); - - $response = $this->get_sftp_packet(); - if ($this->packet_type != NET_SFTP_STATUS) { - throw new \UnexpectedValueException('Expected NET_SFTP_STATUS. ' - . 'Got packet type: ' . $this->packet_type); - } - - list($status) = Strings::unpackSSH2('N', $response); - if ($status != NET_SFTP_STATUS_OK) { - $this->logError($response, $status); - return false; - } - - return true; - } - - /** - * Creates a directory. - * - * @param string $dir - * @param int $mode - * @param bool $recursive - * @return bool - */ - public function mkdir($dir, $mode = -1, $recursive = false) - { - if (!$this->precheck()) { - return false; - } - - $dir = $this->realpath($dir); - - if ($recursive) { - $dirs = explode('/', preg_replace('#/(?=/)|/$#', '', $dir)); - if (empty($dirs[0])) { - array_shift($dirs); - $dirs[0] = '/' . $dirs[0]; - } - for ($i = 0; $i < count($dirs); $i++) { - $temp = array_slice($dirs, 0, $i + 1); - $temp = implode('/', $temp); - $result = $this->mkdir_helper($temp, $mode); - } - return $result; - } - - return $this->mkdir_helper($dir, $mode); - } - - /** - * Helper function for directory creation - * - * @param string $dir - * @param int $mode - * @return bool - */ - private function mkdir_helper($dir, $mode) - { - // send SSH_FXP_MKDIR without any attributes (that's what the \0\0\0\0 is doing) - $this->send_sftp_packet(NET_SFTP_MKDIR, Strings::packSSH2('s', $dir) . "\0\0\0\0"); - - $response = $this->get_sftp_packet(); - if ($this->packet_type != NET_SFTP_STATUS) { - throw new \UnexpectedValueException('Expected NET_SFTP_STATUS. ' - . 'Got packet type: ' . $this->packet_type); - } - - list($status) = Strings::unpackSSH2('N', $response); - if ($status != NET_SFTP_STATUS_OK) { - $this->logError($response, $status); - return false; - } - - if ($mode !== -1) { - $this->chmod($mode, $dir); - } - - return true; - } - - /** - * Removes a directory. - * - * @param string $dir - * @throws \UnexpectedValueException on receipt of unexpected packets - * @return bool - */ - public function rmdir($dir) - { - if (!$this->precheck()) { - return false; - } - - $dir = $this->realpath($dir); - if ($dir === false) { - return false; - } - - $this->send_sftp_packet(NET_SFTP_RMDIR, Strings::packSSH2('s', $dir)); - - $response = $this->get_sftp_packet(); - if ($this->packet_type != NET_SFTP_STATUS) { - throw new \UnexpectedValueException('Expected NET_SFTP_STATUS. ' - . 'Got packet type: ' . $this->packet_type); - } - - list($status) = Strings::unpackSSH2('N', $response); - if ($status != NET_SFTP_STATUS_OK) { - // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED? - $this->logError($response, $status); - return false; - } - - $this->remove_from_stat_cache($dir); - // the following will do a soft delete, which would be useful if you deleted a file - // and then tried to do a stat on the deleted file. the above, in contrast, does - // a hard delete - //$this->update_stat_cache($dir, false); - - return true; - } - - /** - * Uploads a file to the SFTP server. - * - * By default, \phpseclib3\Net\SFTP::put() does not read from the local filesystem. $data is dumped directly into $remote_file. - * So, for example, if you set $data to 'filename.ext' and then do \phpseclib3\Net\SFTP::get(), you will get a file, twelve bytes - * long, containing 'filename.ext' as its contents. - * - * Setting $mode to self::SOURCE_LOCAL_FILE will change the above behavior. With self::SOURCE_LOCAL_FILE, $remote_file will - * contain as many bytes as filename.ext does on your local filesystem. If your filename.ext is 1MB then that is how - * large $remote_file will be, as well. - * - * Setting $mode to self::SOURCE_CALLBACK will use $data as callback function, which gets only one parameter -- number - * of bytes to return, and returns a string if there is some data or null if there is no more data - * - * If $data is a resource then it'll be used as a resource instead. - * - * Currently, only binary mode is supported. As such, if the line endings need to be adjusted, you will need to take - * care of that, yourself. - * - * $mode can take an additional two parameters - self::RESUME and self::RESUME_START. These are bitwise AND'd with - * $mode. So if you want to resume upload of a 300mb file on the local file system you'd set $mode to the following: - * - * self::SOURCE_LOCAL_FILE | self::RESUME - * - * If you wanted to simply append the full contents of a local file to the full contents of a remote file you'd replace - * self::RESUME with self::RESUME_START. - * - * If $mode & (self::RESUME | self::RESUME_START) then self::RESUME_START will be assumed. - * - * $start and $local_start give you more fine grained control over this process and take precident over self::RESUME - * when they're non-negative. ie. $start could let you write at the end of a file (like self::RESUME) or in the middle - * of one. $local_start could let you start your reading from the end of a file (like self::RESUME_START) or in the - * middle of one. - * - * Setting $local_start to > 0 or $mode | self::RESUME_START doesn't do anything unless $mode | self::SOURCE_LOCAL_FILE. - * - * {@internal ASCII mode for SFTPv4/5/6 can be supported by adding a new function - \phpseclib3\Net\SFTP::setMode().} - * - * @param string $remote_file - * @param string|resource $data - * @param int $mode - * @param int $start - * @param int $local_start - * @param callable|null $progressCallback - * @throws \UnexpectedValueException on receipt of unexpected packets - * @throws \BadFunctionCallException if you're uploading via a callback and the callback function is invalid - * @throws \phpseclib3\Exception\FileNotFoundException if you're uploading via a file and the file doesn't exist - * @return bool - */ - public function put($remote_file, $data, $mode = self::SOURCE_STRING, $start = -1, $local_start = -1, $progressCallback = null) - { - if (!$this->precheck()) { - return false; - } - - $remote_file = $this->realpath($remote_file); - if ($remote_file === false) { - return false; - } - - $this->remove_from_stat_cache($remote_file); - - if ($this->version >= 5) { - $flags = NET_SFTP_OPEN_OPEN_OR_CREATE; - } else { - $flags = NET_SFTP_OPEN_WRITE | NET_SFTP_OPEN_CREATE; - // according to the SFTP specs, NET_SFTP_OPEN_APPEND should "force all writes to append data at the end of the file." - // in practice, it doesn't seem to do that. - //$flags|= ($mode & self::RESUME) ? NET_SFTP_OPEN_APPEND : NET_SFTP_OPEN_TRUNCATE; - } - - if ($start >= 0) { - $offset = $start; - } elseif ($mode & (self::RESUME | self::RESUME_START)) { - // if NET_SFTP_OPEN_APPEND worked as it should _size() wouldn't need to be called - $size = $this->stat($remote_file)['size']; - $offset = $size !== false ? $size : 0; - } else { - $offset = 0; - if ($this->version >= 5) { - $flags = NET_SFTP_OPEN_CREATE_TRUNCATE; - } else { - $flags |= NET_SFTP_OPEN_TRUNCATE; - } - } - - $this->remove_from_stat_cache($remote_file); - - $packet = Strings::packSSH2('s', $remote_file); - $packet .= $this->version >= 5 ? - pack('N3', 0, $flags, 0) : - pack('N2', $flags, 0); - $this->send_sftp_packet(NET_SFTP_OPEN, $packet); - - $response = $this->get_sftp_packet(); - switch ($this->packet_type) { - case NET_SFTP_HANDLE: - $handle = substr($response, 4); - break; - case NET_SFTP_STATUS: - $this->logError($response); - return false; - default: - throw new \UnexpectedValueException('Expected NET_SFTP_HANDLE or NET_SFTP_STATUS. ' - . 'Got packet type: ' . $this->packet_type); - } - - // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.2.3 - $dataCallback = false; - switch (true) { - case $mode & self::SOURCE_CALLBACK: - if (!is_callable($data)) { - throw new \BadFunctionCallException("\$data should be is_callable() if you specify SOURCE_CALLBACK flag"); - } - $dataCallback = $data; - // do nothing - break; - case is_resource($data): - $mode = $mode & ~self::SOURCE_LOCAL_FILE; - $info = stream_get_meta_data($data); - if (isset($info['wrapper_type']) && $info['wrapper_type'] == 'PHP' && $info['stream_type'] == 'Input') { - $fp = fopen('php://memory', 'w+'); - stream_copy_to_stream($data, $fp); - rewind($fp); - } else { - $fp = $data; - } - break; - case $mode & self::SOURCE_LOCAL_FILE: - if (!is_file($data)) { - throw new FileNotFoundException("$data is not a valid file"); - } - $fp = @fopen($data, 'rb'); - if (!$fp) { - return false; - } - } - - if (isset($fp)) { - $stat = fstat($fp); - $size = !empty($stat) ? $stat['size'] : 0; - - if ($local_start >= 0) { - fseek($fp, $local_start); - $size -= $local_start; - } elseif ($mode & self::RESUME) { - fseek($fp, $offset); - $size -= $offset; - } - } elseif ($dataCallback) { - $size = 0; - } else { - $size = strlen($data); - } - - $sent = 0; - $size = $size < 0 ? ($size & 0x7FFFFFFF) + 0x80000000 : $size; - - $sftp_packet_size = $this->max_sftp_packet; - // make the SFTP packet be exactly the SFTP packet size by including the bytes in the NET_SFTP_WRITE packets "header" - $sftp_packet_size -= strlen($handle) + 25; - $i = $j = 0; - while ($dataCallback || ($size === 0 || $sent < $size)) { - if ($dataCallback) { - $temp = $dataCallback($sftp_packet_size); - if (is_null($temp)) { - break; - } - } else { - $temp = isset($fp) ? fread($fp, $sftp_packet_size) : substr($data, $sent, $sftp_packet_size); - if ($temp === false || $temp === '') { - break; - } - } - - $subtemp = $offset + $sent; - $packet = pack('Na*N3a*', strlen($handle), $handle, $subtemp / 4294967296, $subtemp, strlen($temp), $temp); - try { - $this->send_sftp_packet(NET_SFTP_WRITE, $packet, $j); - } catch (\Exception $e) { - if ($mode & self::SOURCE_LOCAL_FILE) { - fclose($fp); - } - throw $e; - } - $sent += strlen($temp); - if (is_callable($progressCallback)) { - $progressCallback($sent); - } - - $i++; - $j++; - if ($i == NET_SFTP_UPLOAD_QUEUE_SIZE) { - if (!$this->read_put_responses($i)) { - $i = 0; - break; - } - $i = 0; - } - } - - $result = $this->close_handle($handle); - - if (!$this->read_put_responses($i)) { - if ($mode & self::SOURCE_LOCAL_FILE) { - fclose($fp); - } - $this->close_handle($handle); - return false; - } - - if ($mode & SFTP::SOURCE_LOCAL_FILE) { - if (isset($fp) && is_resource($fp)) { - fclose($fp); - } - - if ($this->preserveTime) { - $stat = stat($data); - $attr = $this->version < 4 ? - pack('N3', NET_SFTP_ATTR_ACCESSTIME, $stat['atime'], $stat['mtime']) : - Strings::packSSH2('NQ2', NET_SFTP_ATTR_ACCESSTIME | NET_SFTP_ATTR_MODIFYTIME, $stat['atime'], $stat['mtime']); - if (!$this->setstat($remote_file, $attr, false)) { - throw new \RuntimeException('Error setting file time'); - } - } - } - - return $result; - } - - /** - * Reads multiple successive SSH_FXP_WRITE responses - * - * Sending an SSH_FXP_WRITE packet and immediately reading its response isn't as efficient as blindly sending out $i - * SSH_FXP_WRITEs, in succession, and then reading $i responses. - * - * @param int $i - * @return bool - * @throws \UnexpectedValueException on receipt of unexpected packets - */ - private function read_put_responses($i) - { - while ($i--) { - $response = $this->get_sftp_packet(); - if ($this->packet_type != NET_SFTP_STATUS) { - throw new \UnexpectedValueException('Expected NET_SFTP_STATUS. ' - . 'Got packet type: ' . $this->packet_type); - } - - list($status) = Strings::unpackSSH2('N', $response); - if ($status != NET_SFTP_STATUS_OK) { - $this->logError($response, $status); - break; - } - } - - return $i < 0; - } - - /** - * Close handle - * - * @param string $handle - * @return bool - * @throws \UnexpectedValueException on receipt of unexpected packets - */ - private function close_handle($handle) - { - $this->send_sftp_packet(NET_SFTP_CLOSE, pack('Na*', strlen($handle), $handle)); - - // "The client MUST release all resources associated with the handle regardless of the status." - // -- http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.1.3 - $response = $this->get_sftp_packet(); - if ($this->packet_type != NET_SFTP_STATUS) { - throw new \UnexpectedValueException('Expected NET_SFTP_STATUS. ' - . 'Got packet type: ' . $this->packet_type); - } - - list($status) = Strings::unpackSSH2('N', $response); - if ($status != NET_SFTP_STATUS_OK) { - $this->logError($response, $status); - return false; - } - - return true; - } - - /** - * Downloads a file from the SFTP server. - * - * Returns a string containing the contents of $remote_file if $local_file is left undefined or a boolean false if - * the operation was unsuccessful. If $local_file is defined, returns true or false depending on the success of the - * operation. - * - * $offset and $length can be used to download files in chunks. - * - * @param string $remote_file - * @param string|bool|resource|callable $local_file - * @param int $offset - * @param int $length - * @param callable|null $progressCallback - * @throws \UnexpectedValueException on receipt of unexpected packets - * @return string|bool - */ - public function get($remote_file, $local_file = false, $offset = 0, $length = -1, $progressCallback = null) - { - if (!$this->precheck()) { - return false; - } - - $remote_file = $this->realpath($remote_file); - if ($remote_file === false) { - return false; - } - - $packet = Strings::packSSH2('s', $remote_file); - $packet .= $this->version >= 5 ? - pack('N3', 0, NET_SFTP_OPEN_OPEN_EXISTING, 0) : - pack('N2', NET_SFTP_OPEN_READ, 0); - $this->send_sftp_packet(NET_SFTP_OPEN, $packet); - - $response = $this->get_sftp_packet(); - switch ($this->packet_type) { - case NET_SFTP_HANDLE: - $handle = substr($response, 4); - break; - case NET_SFTP_STATUS: // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED - $this->logError($response); - return false; - default: - throw new \UnexpectedValueException('Expected NET_SFTP_HANDLE or NET_SFTP_STATUS. ' - . 'Got packet type: ' . $this->packet_type); - } - - if (is_resource($local_file)) { - $fp = $local_file; - $stat = fstat($fp); - $res_offset = $stat['size']; - } else { - $res_offset = 0; - if ($local_file !== false && !is_callable($local_file)) { - $fp = fopen($local_file, 'wb'); - if (!$fp) { - return false; - } - } else { - $content = ''; - } - } - - $fclose_check = $local_file !== false && !is_callable($local_file) && !is_resource($local_file); - - $start = $offset; - $read = 0; - while (true) { - $i = 0; - - while ($i < NET_SFTP_QUEUE_SIZE && ($length < 0 || $read < $length)) { - $tempoffset = $start + $read; - - $packet_size = $length > 0 ? min($this->max_sftp_packet, $length - $read) : $this->max_sftp_packet; - - $packet = Strings::packSSH2('sN3', $handle, $tempoffset / 4294967296, $tempoffset, $packet_size); - try { - $this->send_sftp_packet(NET_SFTP_READ, $packet, $i); - } catch (\Exception $e) { - if ($fclose_check) { - fclose($fp); - } - throw $e; - } - $packet = null; - $read += $packet_size; - $i++; - } - - if (!$i) { - break; - } - - $packets_sent = $i - 1; - - $clear_responses = false; - while ($i > 0) { - $i--; - - if ($clear_responses) { - $this->get_sftp_packet($packets_sent - $i); - continue; - } else { - $response = $this->get_sftp_packet($packets_sent - $i); - } - - switch ($this->packet_type) { - case NET_SFTP_DATA: - $temp = substr($response, 4); - $offset += strlen($temp); - if ($local_file === false) { - $content .= $temp; - } elseif (is_callable($local_file)) { - $local_file($temp); - } else { - fputs($fp, $temp); - } - if (is_callable($progressCallback)) { - call_user_func($progressCallback, $offset); - } - $temp = null; - break; - case NET_SFTP_STATUS: - // could, in theory, return false if !strlen($content) but we'll hold off for the time being - $this->logError($response); - $clear_responses = true; // don't break out of the loop yet, so we can read the remaining responses - break; - default: - if ($fclose_check) { - fclose($fp); - } - if ($this->channel_close) { - $this->partial_init = false; - $this->init_sftp_connection(); - return false; - } else { - throw new \UnexpectedValueException('Expected NET_SFTP_DATA or NET_SFTP_STATUS. ' - . 'Got packet type: ' . $this->packet_type); - } - } - $response = null; - } - - if ($clear_responses) { - break; - } - } - - if ($fclose_check) { - fclose($fp); - - if ($this->preserveTime) { - $stat = $this->stat($remote_file); - touch($local_file, $stat['mtime'], $stat['atime']); - } - } - - if (!$this->close_handle($handle)) { - return false; - } - - // if $content isn't set that means a file was written to - return isset($content) ? $content : true; - } - - /** - * Deletes a file on the SFTP server. - * - * @param string $path - * @param bool $recursive - * @return bool - * @throws \UnexpectedValueException on receipt of unexpected packets - */ - public function delete($path, $recursive = true) - { - if (!$this->precheck()) { - return false; - } - - if (is_object($path)) { - // It's an object. Cast it as string before we check anything else. - $path = (string) $path; - } - - if (!is_string($path) || $path == '') { - return false; - } - - $path = $this->realpath($path); - if ($path === false) { - return false; - } - - // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.3 - $this->send_sftp_packet(NET_SFTP_REMOVE, pack('Na*', strlen($path), $path)); - - $response = $this->get_sftp_packet(); - if ($this->packet_type != NET_SFTP_STATUS) { - throw new \UnexpectedValueException('Expected NET_SFTP_STATUS. ' - . 'Got packet type: ' . $this->packet_type); - } - - // if $status isn't SSH_FX_OK it's probably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED - list($status) = Strings::unpackSSH2('N', $response); - if ($status != NET_SFTP_STATUS_OK) { - $this->logError($response, $status); - if (!$recursive) { - return false; - } - - $i = 0; - $result = $this->delete_recursive($path, $i); - $this->read_put_responses($i); - return $result; - } - - $this->remove_from_stat_cache($path); - - return true; - } - - /** - * Recursively deletes directories on the SFTP server - * - * Minimizes directory lookups and SSH_FXP_STATUS requests for speed. - * - * @param string $path - * @param int $i - * @return bool - */ - private function delete_recursive($path, &$i) - { - if (!$this->read_put_responses($i)) { - return false; - } - $i = 0; - $entries = $this->readlist($path, true); - - // The folder does not exist at all, so we cannot delete it. - if ($entries === NET_SFTP_STATUS_NO_SUCH_FILE) { - return false; - } - - // Normally $entries would have at least . and .. but it might not if the directories - // permissions didn't allow reading. If this happens then default to an empty list of files. - if ($entries === false || is_int($entries)) { - $entries = []; - } - - unset($entries['.'], $entries['..']); - foreach ($entries as $filename => $props) { - if (!isset($props['type'])) { - return false; - } - - $temp = $path . '/' . $filename; - if ($props['type'] == NET_SFTP_TYPE_DIRECTORY) { - if (!$this->delete_recursive($temp, $i)) { - return false; - } - } else { - $this->send_sftp_packet(NET_SFTP_REMOVE, Strings::packSSH2('s', $temp)); - $this->remove_from_stat_cache($temp); - - $i++; - - if ($i >= NET_SFTP_QUEUE_SIZE) { - if (!$this->read_put_responses($i)) { - return false; - } - $i = 0; - } - } - } - - $this->send_sftp_packet(NET_SFTP_RMDIR, Strings::packSSH2('s', $path)); - $this->remove_from_stat_cache($path); - - $i++; - - if ($i >= NET_SFTP_QUEUE_SIZE) { - if (!$this->read_put_responses($i)) { - return false; - } - $i = 0; - } - - return true; - } - - /** - * Checks whether a file or directory exists - * - * @param string $path - * @return bool - */ - public function file_exists($path) - { - if ($this->use_stat_cache) { - if (!$this->precheck()) { - return false; - } - - $path = $this->realpath($path); - - $result = $this->query_stat_cache($path); - - if (isset($result)) { - // return true if $result is an array or if it's an stdClass object - return $result !== false; - } - } - - return $this->stat($path) !== false; - } - - /** - * Tells whether the filename is a directory - * - * @param string $path - * @return bool - */ - public function is_dir($path) - { - $result = $this->get_stat_cache_prop($path, 'type'); - if ($result === false) { - return false; - } - return $result === NET_SFTP_TYPE_DIRECTORY; - } - - /** - * Tells whether the filename is a regular file - * - * @param string $path - * @return bool - */ - public function is_file($path) - { - $result = $this->get_stat_cache_prop($path, 'type'); - if ($result === false) { - return false; - } - return $result === NET_SFTP_TYPE_REGULAR; - } - - /** - * Tells whether the filename is a symbolic link - * - * @param string $path - * @return bool - */ - public function is_link($path) - { - $result = $this->get_lstat_cache_prop($path, 'type'); - if ($result === false) { - return false; - } - return $result === NET_SFTP_TYPE_SYMLINK; - } - - /** - * Tells whether a file exists and is readable - * - * @param string $path - * @return bool - */ - public function is_readable($path) - { - if (!$this->precheck()) { - return false; - } - - $packet = Strings::packSSH2('sNN', $this->realpath($path), NET_SFTP_OPEN_READ, 0); - $this->send_sftp_packet(NET_SFTP_OPEN, $packet); - - $response = $this->get_sftp_packet(); - switch ($this->packet_type) { - case NET_SFTP_HANDLE: - return true; - case NET_SFTP_STATUS: // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED - return false; - default: - throw new \UnexpectedValueException('Expected NET_SFTP_HANDLE or NET_SFTP_STATUS. ' - . 'Got packet type: ' . $this->packet_type); - } - } - - /** - * Tells whether the filename is writable - * - * @param string $path - * @return bool - */ - public function is_writable($path) - { - if (!$this->precheck()) { - return false; - } - - $packet = Strings::packSSH2('sNN', $this->realpath($path), NET_SFTP_OPEN_WRITE, 0); - $this->send_sftp_packet(NET_SFTP_OPEN, $packet); - - $response = $this->get_sftp_packet(); - switch ($this->packet_type) { - case NET_SFTP_HANDLE: - return true; - case NET_SFTP_STATUS: // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED - return false; - default: - throw new \UnexpectedValueException('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS. ' - . 'Got packet type: ' . $this->packet_type); - } - } - - /** - * Tells whether the filename is writeable - * - * Alias of is_writable - * - * @param string $path - * @return bool - */ - public function is_writeable($path) - { - return $this->is_writable($path); - } - - /** - * Gets last access time of file - * - * @param string $path - * @return mixed - */ - public function fileatime($path) - { - return $this->get_stat_cache_prop($path, 'atime'); - } - - /** - * Gets file modification time - * - * @param string $path - * @return mixed - */ - public function filemtime($path) - { - return $this->get_stat_cache_prop($path, 'mtime'); - } - - /** - * Gets file permissions - * - * @param string $path - * @return mixed - */ - public function fileperms($path) - { - return $this->get_stat_cache_prop($path, 'mode'); - } - - /** - * Gets file owner - * - * @param string $path - * @return mixed - */ - public function fileowner($path) - { - return $this->get_stat_cache_prop($path, 'uid'); - } - - /** - * Gets file group - * - * @param string $path - * @return mixed - */ - public function filegroup($path) - { - return $this->get_stat_cache_prop($path, 'gid'); - } - - /** - * Recursively go through rawlist() output to get the total filesize - * - * @return int - */ - private static function recursiveFilesize(array $files) - { - $size = 0; - foreach ($files as $name => $file) { - if ($name == '.' || $name == '..') { - continue; - } - $size += is_array($file) ? - self::recursiveFilesize($file) : - $file->size; - } - return $size; - } - - /** - * Gets file size - * - * @param string $path - * @param bool $recursive - * @return mixed - */ - public function filesize($path, $recursive = false) - { - return !$recursive || $this->filetype($path) != 'dir' ? - $this->get_stat_cache_prop($path, 'size') : - self::recursiveFilesize($this->rawlist($path, true)); - } - - /** - * Gets file type - * - * @param string $path - * @return string|false - */ - public function filetype($path) - { - $type = $this->get_stat_cache_prop($path, 'type'); - if ($type === false) { - return false; - } - - switch ($type) { - case NET_SFTP_TYPE_BLOCK_DEVICE: - return 'block'; - case NET_SFTP_TYPE_CHAR_DEVICE: - return 'char'; - case NET_SFTP_TYPE_DIRECTORY: - return 'dir'; - case NET_SFTP_TYPE_FIFO: - return 'fifo'; - case NET_SFTP_TYPE_REGULAR: - return 'file'; - case NET_SFTP_TYPE_SYMLINK: - return 'link'; - default: - return false; - } - } - - /** - * Return a stat properity - * - * Uses cache if appropriate. - * - * @param string $path - * @param string $prop - * @return mixed - */ - private function get_stat_cache_prop($path, $prop) - { - return $this->get_xstat_cache_prop($path, $prop, 'stat'); - } - - /** - * Return an lstat properity - * - * Uses cache if appropriate. - * - * @param string $path - * @param string $prop - * @return mixed - */ - private function get_lstat_cache_prop($path, $prop) - { - return $this->get_xstat_cache_prop($path, $prop, 'lstat'); - } - - /** - * Return a stat or lstat properity - * - * Uses cache if appropriate. - * - * @param string $path - * @param string $prop - * @param string $type - * @return mixed - */ - private function get_xstat_cache_prop($path, $prop, $type) - { - if (!$this->precheck()) { - return false; - } - - if ($this->use_stat_cache) { - $path = $this->realpath($path); - - $result = $this->query_stat_cache($path); - - if (is_object($result) && isset($result->$type)) { - return $result->{$type}[$prop]; - } - } - - $result = $this->$type($path); - - if ($result === false || !isset($result[$prop])) { - return false; - } - - return $result[$prop]; - } - - /** - * Renames a file or a directory on the SFTP server. - * - * If the file already exists this will return false - * - * @param string $oldname - * @param string $newname - * @return bool - * @throws \UnexpectedValueException on receipt of unexpected packets - */ - public function rename($oldname, $newname) - { - if (!$this->precheck()) { - return false; - } - - $oldname = $this->realpath($oldname); - $newname = $this->realpath($newname); - if ($oldname === false || $newname === false) { - return false; - } - - // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.3 - $packet = Strings::packSSH2('ss', $oldname, $newname); - if ($this->version >= 5) { - /* quoting https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-05#section-6.5 , - - 'flags' is 0 or a combination of: - - SSH_FXP_RENAME_OVERWRITE 0x00000001 - SSH_FXP_RENAME_ATOMIC 0x00000002 - SSH_FXP_RENAME_NATIVE 0x00000004 - - (none of these are currently supported) */ - $packet .= "\0\0\0\0"; - } - $this->send_sftp_packet(NET_SFTP_RENAME, $packet); - - $response = $this->get_sftp_packet(); - if ($this->packet_type != NET_SFTP_STATUS) { - throw new \UnexpectedValueException('Expected NET_SFTP_STATUS. ' - . 'Got packet type: ' . $this->packet_type); - } - - // if $status isn't SSH_FX_OK it's probably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED - list($status) = Strings::unpackSSH2('N', $response); - if ($status != NET_SFTP_STATUS_OK) { - $this->logError($response, $status); - return false; - } - - // don't move the stat cache entry over since this operation could very well change the - // atime and mtime attributes - //$this->update_stat_cache($newname, $this->query_stat_cache($oldname)); - $this->remove_from_stat_cache($oldname); - $this->remove_from_stat_cache($newname); - - return true; - } - - /** - * Parse Time - * - * See '7.7. Times' of draft-ietf-secsh-filexfer-13 for more info. - * - * @param string $key - * @param int $flags - * @param string $response - * @return array - */ - private function parseTime($key, $flags, &$response) - { - $attr = []; - list($attr[$key]) = Strings::unpackSSH2('Q', $response); - if ($flags & NET_SFTP_ATTR_SUBSECOND_TIMES) { - list($attr[$key . '-nseconds']) = Strings::unpackSSH2('N', $response); - } - return $attr; - } - - /** - * Parse Attributes - * - * See '7. File Attributes' of draft-ietf-secsh-filexfer-13 for more info. - * - * @param string $response - * @return array - */ - protected function parseAttributes(&$response) - { - if ($this->version >= 4) { - list($flags, $attr['type']) = Strings::unpackSSH2('NC', $response); - } else { - list($flags) = Strings::unpackSSH2('N', $response); - } - - foreach (self::$attributes as $key => $value) { - switch ($flags & $key) { - case NET_SFTP_ATTR_UIDGID: - if ($this->version > 3) { - continue 2; - } - break; - case NET_SFTP_ATTR_CREATETIME: - case NET_SFTP_ATTR_MODIFYTIME: - case NET_SFTP_ATTR_ACL: - case NET_SFTP_ATTR_OWNERGROUP: - case NET_SFTP_ATTR_SUBSECOND_TIMES: - if ($this->version < 4) { - continue 2; - } - break; - case NET_SFTP_ATTR_BITS: - if ($this->version < 5) { - continue 2; - } - break; - case NET_SFTP_ATTR_ALLOCATION_SIZE: - case NET_SFTP_ATTR_TEXT_HINT: - case NET_SFTP_ATTR_MIME_TYPE: - case NET_SFTP_ATTR_LINK_COUNT: - case NET_SFTP_ATTR_UNTRANSLATED_NAME: - case NET_SFTP_ATTR_CTIME: - if ($this->version < 6) { - continue 2; - } - } - switch ($flags & $key) { - case NET_SFTP_ATTR_SIZE: // 0x00000001 - // The size attribute is defined as an unsigned 64-bit integer. - // The following will use floats on 32-bit platforms, if necessary. - // As can be seen in the BigInteger class, floats are generally - // IEEE 754 binary64 "double precision" on such platforms and - // as such can represent integers of at least 2^50 without loss - // of precision. Interpreted in filesize, 2^50 bytes = 1024 TiB. - list($attr['size']) = Strings::unpackSSH2('Q', $response); - break; - case NET_SFTP_ATTR_UIDGID: // 0x00000002 (SFTPv3 only) - list($attr['uid'], $attr['gid']) = Strings::unpackSSH2('NN', $response); - break; - case NET_SFTP_ATTR_PERMISSIONS: // 0x00000004 - list($attr['mode']) = Strings::unpackSSH2('N', $response); - $fileType = $this->parseMode($attr['mode']); - if ($this->version < 4 && $fileType !== false) { - $attr += ['type' => $fileType]; - } - break; - case NET_SFTP_ATTR_ACCESSTIME: // 0x00000008 - if ($this->version >= 4) { - $attr += $this->parseTime('atime', $flags, $response); - break; - } - list($attr['atime'], $attr['mtime']) = Strings::unpackSSH2('NN', $response); - break; - case NET_SFTP_ATTR_CREATETIME: // 0x00000010 (SFTPv4+) - $attr += $this->parseTime('createtime', $flags, $response); - break; - case NET_SFTP_ATTR_MODIFYTIME: // 0x00000020 - $attr += $this->parseTime('mtime', $flags, $response); - break; - case NET_SFTP_ATTR_ACL: // 0x00000040 - // access control list - // see https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-04#section-5.7 - // currently unsupported - list($count) = Strings::unpackSSH2('N', $response); - for ($i = 0; $i < $count; $i++) { - list($type, $flag, $mask, $who) = Strings::unpackSSH2('N3s', $result); - } - break; - case NET_SFTP_ATTR_OWNERGROUP: // 0x00000080 - list($attr['owner'], $attr['$group']) = Strings::unpackSSH2('ss', $response); - break; - case NET_SFTP_ATTR_SUBSECOND_TIMES: // 0x00000100 - break; - case NET_SFTP_ATTR_BITS: // 0x00000200 (SFTPv5+) - // see https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-05#section-5.8 - // currently unsupported - // tells if you file is: - // readonly, system, hidden, case inensitive, archive, encrypted, compressed, sparse - // append only, immutable, sync - list($attrib_bits, $attrib_bits_valid) = Strings::unpackSSH2('N2', $response); - // if we were actually gonna implement the above it ought to be - // $attr['attrib-bits'] and $attr['attrib-bits-valid'] - // eg. - instead of _ - break; - case NET_SFTP_ATTR_ALLOCATION_SIZE: // 0x00000400 (SFTPv6+) - // see https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-13#section-7.4 - // represents the number of bytes that the file consumes on the disk. will - // usually be larger than the 'size' field - list($attr['allocation-size']) = Strings::unpackSSH2('Q', $response); - break; - case NET_SFTP_ATTR_TEXT_HINT: // 0x00000800 - // https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-13#section-7.10 - // currently unsupported - // tells if file is "known text", "guessed text", "known binary", "guessed binary" - list($text_hint) = Strings::unpackSSH2('C', $response); - // the above should be $attr['text-hint'] - break; - case NET_SFTP_ATTR_MIME_TYPE: // 0x00001000 - // see https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-13#section-7.11 - list($attr['mime-type']) = Strings::unpackSSH2('s', $response); - break; - case NET_SFTP_ATTR_LINK_COUNT: // 0x00002000 - // see https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-13#section-7.12 - list($attr['link-count']) = Strings::unpackSSH2('N', $response); - break; - case NET_SFTP_ATTR_UNTRANSLATED_NAME:// 0x00004000 - // see https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-13#section-7.13 - list($attr['untranslated-name']) = Strings::unpackSSH2('s', $response); - break; - case NET_SFTP_ATTR_CTIME: // 0x00008000 - // 'ctime' contains the last time the file attributes were changed. The - // exact meaning of this field depends on the server. - $attr += $this->parseTime('ctime', $flags, $response); - break; - case NET_SFTP_ATTR_EXTENDED: // 0x80000000 - list($count) = Strings::unpackSSH2('N', $response); - for ($i = 0; $i < $count; $i++) { - list($key, $value) = Strings::unpackSSH2('ss', $response); - $attr[$key] = $value; - } - } - } - return $attr; - } - - /** - * Attempt to identify the file type - * - * Quoting the SFTP RFC, "Implementations MUST NOT send bits that are not defined" but they seem to anyway - * - * @param int $mode - * @return int - */ - private function parseMode($mode) - { - // values come from http://lxr.free-electrons.com/source/include/uapi/linux/stat.h#L12 - // see, also, http://linux.die.net/man/2/stat - switch ($mode & 0170000) {// ie. 1111 0000 0000 0000 - case 0000000: // no file type specified - figure out the file type using alternative means - return false; - case 0040000: - return NET_SFTP_TYPE_DIRECTORY; - case 0100000: - return NET_SFTP_TYPE_REGULAR; - case 0120000: - return NET_SFTP_TYPE_SYMLINK; - // new types introduced in SFTPv5+ - // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-05#section-5.2 - case 0010000: // named pipe (fifo) - return NET_SFTP_TYPE_FIFO; - case 0020000: // character special - return NET_SFTP_TYPE_CHAR_DEVICE; - case 0060000: // block special - return NET_SFTP_TYPE_BLOCK_DEVICE; - case 0140000: // socket - return NET_SFTP_TYPE_SOCKET; - case 0160000: // whiteout - // "SPECIAL should be used for files that are of - // a known type which cannot be expressed in the protocol" - return NET_SFTP_TYPE_SPECIAL; - default: - return NET_SFTP_TYPE_UNKNOWN; - } - } - - /** - * Parse Longname - * - * SFTPv3 doesn't provide any easy way of identifying a file type. You could try to open - * a file as a directory and see if an error is returned or you could try to parse the - * SFTPv3-specific longname field of the SSH_FXP_NAME packet. That's what this function does. - * The result is returned using the - * {@link http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-5.2 SFTPv4 type constants}. - * - * If the longname is in an unrecognized format bool(false) is returned. - * - * @param string $longname - * @return mixed - */ - private function parseLongname($longname) - { - // http://en.wikipedia.org/wiki/Unix_file_types - // http://en.wikipedia.org/wiki/Filesystem_permissions#Notation_of_traditional_Unix_permissions - if (preg_match('#^[^/]([r-][w-][xstST-]){3}#', $longname)) { - switch ($longname[0]) { - case '-': - return NET_SFTP_TYPE_REGULAR; - case 'd': - return NET_SFTP_TYPE_DIRECTORY; - case 'l': - return NET_SFTP_TYPE_SYMLINK; - default: - return NET_SFTP_TYPE_SPECIAL; - } - } - - return false; - } - - /** - * Sends SFTP Packets - * - * See '6. General Packet Format' of draft-ietf-secsh-filexfer-13 for more info. - * - * @param int $type - * @param string $data - * @param int $request_id - * @see self::_get_sftp_packet() - * @see self::send_channel_packet() - * @return void - */ - private function send_sftp_packet($type, $data, $request_id = 1) - { - // in SSH2.php the timeout is cumulative per function call. eg. exec() will - // timeout after 10s. but for SFTP.php it's cumulative per packet - $this->curTimeout = $this->timeout; - - $packet = $this->use_request_id ? - pack('NCNa*', strlen($data) + 5, $type, $request_id, $data) : - pack('NCa*', strlen($data) + 1, $type, $data); - - $start = microtime(true); - $this->send_channel_packet(self::CHANNEL, $packet); - $stop = microtime(true); - - if (defined('NET_SFTP_LOGGING')) { - $packet_type = '-> ' . self::$packet_types[$type] . - ' (' . round($stop - $start, 4) . 's)'; - $this->append_log($packet_type, $data); - } - } - - /** - * Resets a connection for re-use - * - * @param int $reason - */ - protected function reset_connection($reason) - { - parent::reset_connection($reason); - $this->use_request_id = false; - $this->pwd = false; - $this->requestBuffer = []; - $this->partial_init = false; - } - - /** - * Receives SFTP Packets - * - * See '6. General Packet Format' of draft-ietf-secsh-filexfer-13 for more info. - * - * Incidentally, the number of SSH_MSG_CHANNEL_DATA messages has no bearing on the number of SFTP packets present. - * There can be one SSH_MSG_CHANNEL_DATA messages containing two SFTP packets or there can be two SSH_MSG_CHANNEL_DATA - * messages containing one SFTP packet. - * - * @see self::_send_sftp_packet() - * @return string - */ - private function get_sftp_packet($request_id = null) - { - $this->channel_close = false; - - if (isset($request_id) && isset($this->requestBuffer[$request_id])) { - $this->packet_type = $this->requestBuffer[$request_id]['packet_type']; - $temp = $this->requestBuffer[$request_id]['packet']; - unset($this->requestBuffer[$request_id]); - return $temp; - } - - // in SSH2.php the timeout is cumulative per function call. eg. exec() will - // timeout after 10s. but for SFTP.php it's cumulative per packet - $this->curTimeout = $this->timeout; - - $start = microtime(true); - - // SFTP packet length - while (strlen($this->packet_buffer) < 4) { - $temp = $this->get_channel_packet(self::CHANNEL, true); - if ($temp === true) { - if ($this->channel_status[self::CHANNEL] === NET_SSH2_MSG_CHANNEL_CLOSE) { - $this->channel_close = true; - } - $this->packet_type = false; - $this->packet_buffer = ''; - return false; - } - $this->packet_buffer .= $temp; - } - if (strlen($this->packet_buffer) < 4) { - throw new \RuntimeException('Packet is too small'); - } - extract(unpack('Nlength', Strings::shift($this->packet_buffer, 4))); - /** @var integer $length */ - - $tempLength = $length; - $tempLength -= strlen($this->packet_buffer); - - // 256 * 1024 is what SFTP_MAX_MSG_LENGTH is set to in OpenSSH's sftp-common.h - if (!$this->allow_arbitrary_length_packets && !$this->use_request_id && $tempLength > 256 * 1024) { - throw new \RuntimeException('Invalid Size'); - } - - // SFTP packet type and data payload - while ($tempLength > 0) { - $temp = $this->get_channel_packet(self::CHANNEL, true); - if ($temp === true) { - if ($this->channel_status[self::CHANNEL] === NET_SSH2_MSG_CHANNEL_CLOSE) { - $this->channel_close = true; - } - $this->packet_type = false; - $this->packet_buffer = ''; - return false; - } - $this->packet_buffer .= $temp; - $tempLength -= strlen($temp); - } - - $stop = microtime(true); - - $this->packet_type = ord(Strings::shift($this->packet_buffer)); - - if ($this->use_request_id) { - extract(unpack('Npacket_id', Strings::shift($this->packet_buffer, 4))); // remove the request id - $length -= 5; // account for the request id and the packet type - } else { - $length -= 1; // account for the packet type - } - - $packet = Strings::shift($this->packet_buffer, $length); - - if (defined('NET_SFTP_LOGGING')) { - $packet_type = '<- ' . self::$packet_types[$this->packet_type] . - ' (' . round($stop - $start, 4) . 's)'; - $this->append_log($packet_type, $packet); - } - - if (isset($request_id) && $this->use_request_id && $packet_id != $request_id) { - $this->requestBuffer[$packet_id] = [ - 'packet_type' => $this->packet_type, - 'packet' => $packet - ]; - return $this->get_sftp_packet($request_id); - } - - return $packet; - } - - /** - * Logs data packets - * - * Makes sure that only the last 1MB worth of packets will be logged - * - * @param string $message_number - * @param string $message - */ - private function append_log($message_number, $message) - { - $this->append_log_helper( - NET_SFTP_LOGGING, - $message_number, - $message, - $this->packet_type_log, - $this->packet_log, - $this->log_size, - $this->realtime_log_file, - $this->realtime_log_wrap, - $this->realtime_log_size - ); - } - - /** - * Returns a log of the packets that have been sent and received. - * - * Returns a string if NET_SFTP_LOGGING == self::LOG_COMPLEX, an array if NET_SFTP_LOGGING == self::LOG_SIMPLE and false if !defined('NET_SFTP_LOGGING') - * - * @return array|string|false - */ - public function getSFTPLog() - { - if (!defined('NET_SFTP_LOGGING')) { - return false; - } - - switch (NET_SFTP_LOGGING) { - case self::LOG_COMPLEX: - return $this->format_log($this->packet_log, $this->packet_type_log); - break; - //case self::LOG_SIMPLE: - default: - return $this->packet_type_log; - } - } - - /** - * Returns all errors - * - * @return array - */ - public function getSFTPErrors() - { - return $this->sftp_errors; - } - - /** - * Returns the last error - * - * @return string - */ - public function getLastSFTPError() - { - return count($this->sftp_errors) ? $this->sftp_errors[count($this->sftp_errors) - 1] : ''; - } - - /** - * Get supported SFTP versions - * - * @return array - */ - public function getSupportedVersions() - { - if (!($this->bitmap & SSH2::MASK_LOGIN)) { - return false; - } - - if (!$this->partial_init) { - $this->partial_init_sftp_connection(); - } - - $temp = ['version' => $this->defaultVersion]; - if (isset($this->extensions['versions'])) { - $temp['extensions'] = $this->extensions['versions']; - } - return $temp; - } - - /** - * Get supported SFTP versions - * - * @return int|false - */ - public function getNegotiatedVersion() - { - if (!$this->precheck()) { - return false; - } - - return $this->version; - } - - /** - * Set preferred version - * - * If you're preferred version isn't supported then the highest supported - * version of SFTP will be utilized. Set to null or false or int(0) to - * unset the preferred version - * - * @param int $version - */ - public function setPreferredVersion($version) - { - $this->preferredVersion = $version; - } - - /** - * Disconnect - * - * @param int $reason - * @return false - */ - protected function disconnect_helper($reason) - { - $this->pwd = false; - return parent::disconnect_helper($reason); - } - - /** - * Enable Date Preservation - * - */ - public function enableDatePreservation() - { - $this->preserveTime = true; - } - - /** - * Disable Date Preservation - * - */ - public function disableDatePreservation() - { - $this->preserveTime = false; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Net/SFTP/Stream.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Net/SFTP/Stream.php deleted file mode 100644 index 24047b4..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Net/SFTP/Stream.php +++ /dev/null @@ -1,756 +0,0 @@ - - * @copyright 2013 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Net\SFTP; - -use phpseclib3\Crypt\Common\PrivateKey; -use phpseclib3\Net\SFTP; -use phpseclib3\Net\SSH2; - -/** - * SFTP Stream Wrapper - * - * @author Jim Wigginton - */ -class Stream -{ - /** - * SFTP instances - * - * Rather than re-create the connection we re-use instances if possible - * - * @var array - */ - public static $instances; - - /** - * SFTP instance - * - * @var object - */ - private $sftp; - - /** - * Path - * - * @var string - */ - private $path; - - /** - * Mode - * - * @var string - */ - private $mode; - - /** - * Position - * - * @var int - */ - private $pos; - - /** - * Size - * - * @var int - */ - private $size; - - /** - * Directory entries - * - * @var array - */ - private $entries; - - /** - * EOF flag - * - * @var bool - */ - private $eof; - - /** - * Context resource - * - * Technically this needs to be publicly accessible so PHP can set it directly - * - * @var resource - */ - public $context; - - /** - * Notification callback function - * - * @var callable - */ - private $notification; - - /** - * Registers this class as a URL wrapper. - * - * @param string $protocol The wrapper name to be registered. - * @return bool True on success, false otherwise. - */ - public static function register($protocol = 'sftp') - { - if (in_array($protocol, stream_get_wrappers(), true)) { - return false; - } - return stream_wrapper_register($protocol, get_called_class()); - } - - /** - * The Constructor - * - */ - public function __construct() - { - if (defined('NET_SFTP_STREAM_LOGGING')) { - echo "__construct()\r\n"; - } - } - - /** - * Path Parser - * - * Extract a path from a URI and actually connect to an SSH server if appropriate - * - * If "notification" is set as a context parameter the message code for successful login is - * NET_SSH2_MSG_USERAUTH_SUCCESS. For a failed login it's NET_SSH2_MSG_USERAUTH_FAILURE. - * - * @param string $path - * @return string - */ - protected function parse_path($path) - { - $orig = $path; - extract(parse_url($path) + ['port' => 22]); - if (isset($query)) { - $path .= '?' . $query; - } elseif (preg_match('/(\?|\?#)$/', $orig)) { - $path .= '?'; - } - if (isset($fragment)) { - $path .= '#' . $fragment; - } elseif ($orig[strlen($orig) - 1] == '#') { - $path .= '#'; - } - - if (!isset($host)) { - return false; - } - - if (isset($this->context)) { - $context = stream_context_get_params($this->context); - if (isset($context['notification'])) { - $this->notification = $context['notification']; - } - } - - if (preg_match('/^{[a-z0-9]+}$/i', $host)) { - $host = SSH2::getConnectionByResourceId($host); - if ($host === false) { - return false; - } - $this->sftp = $host; - } else { - if (isset($this->context)) { - $context = stream_context_get_options($this->context); - } - if (isset($context[$scheme]['session'])) { - $sftp = $context[$scheme]['session']; - } - if (isset($context[$scheme]['sftp'])) { - $sftp = $context[$scheme]['sftp']; - } - if (isset($sftp) && $sftp instanceof SFTP) { - $this->sftp = $sftp; - return $path; - } - if (isset($context[$scheme]['username'])) { - $user = $context[$scheme]['username']; - } - if (isset($context[$scheme]['password'])) { - $pass = $context[$scheme]['password']; - } - if (isset($context[$scheme]['privkey']) && $context[$scheme]['privkey'] instanceof PrivateKey) { - $pass = $context[$scheme]['privkey']; - } - - if (!isset($user) || !isset($pass)) { - return false; - } - - // casting $pass to a string is necessary in the event that it's a \phpseclib3\Crypt\RSA object - if (isset(self::$instances[$host][$port][$user][(string) $pass])) { - $this->sftp = self::$instances[$host][$port][$user][(string) $pass]; - } else { - $this->sftp = new SFTP($host, $port); - $this->sftp->disableStatCache(); - if (isset($this->notification) && is_callable($this->notification)) { - /* if !is_callable($this->notification) we could do this: - - user_error('fopen(): failed to call user notifier', E_USER_WARNING); - - the ftp wrapper gives errors like that when the notifier isn't callable. - i've opted not to do that, however, since the ftp wrapper gives the line - on which the fopen occurred as the line number - not the line that the - user_error is on. - */ - call_user_func($this->notification, STREAM_NOTIFY_CONNECT, STREAM_NOTIFY_SEVERITY_INFO, '', 0, 0, 0); - call_user_func($this->notification, STREAM_NOTIFY_AUTH_REQUIRED, STREAM_NOTIFY_SEVERITY_INFO, '', 0, 0, 0); - if (!$this->sftp->login($user, $pass)) { - call_user_func($this->notification, STREAM_NOTIFY_AUTH_RESULT, STREAM_NOTIFY_SEVERITY_ERR, 'Login Failure', NET_SSH2_MSG_USERAUTH_FAILURE, 0, 0); - return false; - } - call_user_func($this->notification, STREAM_NOTIFY_AUTH_RESULT, STREAM_NOTIFY_SEVERITY_INFO, 'Login Success', NET_SSH2_MSG_USERAUTH_SUCCESS, 0, 0); - } else { - if (!$this->sftp->login($user, $pass)) { - return false; - } - } - self::$instances[$host][$port][$user][(string) $pass] = $this->sftp; - } - } - - return $path; - } - - /** - * Opens file or URL - * - * @param string $path - * @param string $mode - * @param int $options - * @param string $opened_path - * @return bool - */ - private function _stream_open($path, $mode, $options, &$opened_path) - { - $path = $this->parse_path($path); - - if ($path === false) { - return false; - } - $this->path = $path; - - $this->size = $this->sftp->filesize($path); - $this->mode = preg_replace('#[bt]$#', '', $mode); - $this->eof = false; - - if ($this->size === false) { - if ($this->mode[0] == 'r') { - return false; - } else { - $this->sftp->touch($path); - $this->size = 0; - } - } else { - switch ($this->mode[0]) { - case 'x': - return false; - case 'w': - $this->sftp->truncate($path, 0); - $this->size = 0; - } - } - - $this->pos = $this->mode[0] != 'a' ? 0 : $this->size; - - return true; - } - - /** - * Read from stream - * - * @param int $count - * @return mixed - */ - private function _stream_read($count) - { - switch ($this->mode) { - case 'w': - case 'a': - case 'x': - case 'c': - return false; - } - - // commented out because some files - eg. /dev/urandom - will say their size is 0 when in fact it's kinda infinite - //if ($this->pos >= $this->size) { - // $this->eof = true; - // return false; - //} - - $result = $this->sftp->get($this->path, false, $this->pos, $count); - if (isset($this->notification) && is_callable($this->notification)) { - if ($result === false) { - call_user_func($this->notification, STREAM_NOTIFY_FAILURE, STREAM_NOTIFY_SEVERITY_ERR, $this->sftp->getLastSFTPError(), NET_SFTP_OPEN, 0, 0); - return 0; - } - // seems that PHP calls stream_read in 8k chunks - call_user_func($this->notification, STREAM_NOTIFY_PROGRESS, STREAM_NOTIFY_SEVERITY_INFO, '', 0, strlen($result), $this->size); - } - - if (empty($result)) { // ie. false or empty string - $this->eof = true; - return false; - } - $this->pos += strlen($result); - - return $result; - } - - /** - * Write to stream - * - * @param string $data - * @return int|false - */ - private function _stream_write($data) - { - switch ($this->mode) { - case 'r': - return false; - } - - $result = $this->sftp->put($this->path, $data, SFTP::SOURCE_STRING, $this->pos); - if (isset($this->notification) && is_callable($this->notification)) { - if (!$result) { - call_user_func($this->notification, STREAM_NOTIFY_FAILURE, STREAM_NOTIFY_SEVERITY_ERR, $this->sftp->getLastSFTPError(), NET_SFTP_OPEN, 0, 0); - return 0; - } - // seems that PHP splits up strings into 8k blocks before calling stream_write - call_user_func($this->notification, STREAM_NOTIFY_PROGRESS, STREAM_NOTIFY_SEVERITY_INFO, '', 0, strlen($data), strlen($data)); - } - - if ($result === false) { - return false; - } - $this->pos += strlen($data); - if ($this->pos > $this->size) { - $this->size = $this->pos; - } - $this->eof = false; - return strlen($data); - } - - /** - * Retrieve the current position of a stream - * - * @return int - */ - private function _stream_tell() - { - return $this->pos; - } - - /** - * Tests for end-of-file on a file pointer - * - * In my testing there are four classes functions that normally effect the pointer: - * fseek, fputs / fwrite, fgets / fread and ftruncate. - * - * Only fgets / fread, however, results in feof() returning true. do fputs($fp, 'aaa') on a blank file and feof() - * will return false. do fread($fp, 1) and feof() will then return true. do fseek($fp, 10) on ablank file and feof() - * will return false. do fread($fp, 1) and feof() will then return true. - * - * @return bool - */ - private function _stream_eof() - { - return $this->eof; - } - - /** - * Seeks to specific location in a stream - * - * @param int $offset - * @param int $whence - * @return bool - */ - private function _stream_seek($offset, $whence) - { - switch ($whence) { - case SEEK_SET: - if ($offset < 0) { - return false; - } - break; - case SEEK_CUR: - $offset += $this->pos; - break; - case SEEK_END: - $offset += $this->size; - } - - $this->pos = $offset; - $this->eof = false; - return true; - } - - /** - * Change stream options - * - * @param string $path - * @param int $option - * @param mixed $var - * @return bool - */ - private function _stream_metadata($path, $option, $var) - { - $path = $this->parse_path($path); - if ($path === false) { - return false; - } - - // stream_metadata was introduced in PHP 5.4.0 but as of 5.4.11 the constants haven't been defined - // see http://www.php.net/streamwrapper.stream-metadata and https://bugs.php.net/64246 - // and https://github.com/php/php-src/blob/master/main/php_streams.h#L592 - switch ($option) { - case 1: // PHP_STREAM_META_TOUCH - $time = isset($var[0]) ? $var[0] : null; - $atime = isset($var[1]) ? $var[1] : null; - return $this->sftp->touch($path, $time, $atime); - case 2: // PHP_STREAM_OWNER_NAME - case 3: // PHP_STREAM_GROUP_NAME - return false; - case 4: // PHP_STREAM_META_OWNER - return $this->sftp->chown($path, $var); - case 5: // PHP_STREAM_META_GROUP - return $this->sftp->chgrp($path, $var); - case 6: // PHP_STREAM_META_ACCESS - return $this->sftp->chmod($path, $var) !== false; - } - } - - /** - * Retrieve the underlaying resource - * - * @param int $cast_as - * @return resource - */ - private function _stream_cast($cast_as) - { - return $this->sftp->fsock; - } - - /** - * Advisory file locking - * - * @param int $operation - * @return bool - */ - private function _stream_lock($operation) - { - return false; - } - - /** - * Renames a file or directory - * - * Attempts to rename oldname to newname, moving it between directories if necessary. - * If newname exists, it will be overwritten. This is a departure from what \phpseclib3\Net\SFTP - * does. - * - * @param string $path_from - * @param string $path_to - * @return bool - */ - private function _rename($path_from, $path_to) - { - $path1 = parse_url($path_from); - $path2 = parse_url($path_to); - unset($path1['path'], $path2['path']); - if ($path1 != $path2) { - return false; - } - - $path_from = $this->parse_path($path_from); - $path_to = parse_url($path_to); - if ($path_from === false) { - return false; - } - - $path_to = $path_to['path']; // the $component part of parse_url() was added in PHP 5.1.2 - // "It is an error if there already exists a file with the name specified by newpath." - // -- http://tools.ietf.org/html/draft-ietf-secsh-filexfer-02#section-6.5 - if (!$this->sftp->rename($path_from, $path_to)) { - if ($this->sftp->stat($path_to)) { - return $this->sftp->delete($path_to, true) && $this->sftp->rename($path_from, $path_to); - } - return false; - } - - return true; - } - - /** - * Open directory handle - * - * The only $options is "whether or not to enforce safe_mode (0x04)". Since safe mode was deprecated in 5.3 and - * removed in 5.4 I'm just going to ignore it. - * - * Also, nlist() is the best that this function is realistically going to be able to do. When an SFTP client - * sends a SSH_FXP_READDIR packet you don't generally get info on just one file but on multiple files. Quoting - * the SFTP specs: - * - * The SSH_FXP_NAME response has the following format: - * - * uint32 id - * uint32 count - * repeats count times: - * string filename - * string longname - * ATTRS attrs - * - * @param string $path - * @param int $options - * @return bool - */ - private function _dir_opendir($path, $options) - { - $path = $this->parse_path($path); - if ($path === false) { - return false; - } - $this->pos = 0; - $this->entries = $this->sftp->nlist($path); - return $this->entries !== false; - } - - /** - * Read entry from directory handle - * - * @return mixed - */ - private function _dir_readdir() - { - if (isset($this->entries[$this->pos])) { - return $this->entries[$this->pos++]; - } - return false; - } - - /** - * Rewind directory handle - * - * @return bool - */ - private function _dir_rewinddir() - { - $this->pos = 0; - return true; - } - - /** - * Close directory handle - * - * @return bool - */ - private function _dir_closedir() - { - return true; - } - - /** - * Create a directory - * - * Only valid $options is STREAM_MKDIR_RECURSIVE - * - * @param string $path - * @param int $mode - * @param int $options - * @return bool - */ - private function _mkdir($path, $mode, $options) - { - $path = $this->parse_path($path); - if ($path === false) { - return false; - } - - return $this->sftp->mkdir($path, $mode, $options & STREAM_MKDIR_RECURSIVE); - } - - /** - * Removes a directory - * - * Only valid $options is STREAM_MKDIR_RECURSIVE per , however, - * does not have a $recursive parameter as mkdir() does so I don't know how - * STREAM_MKDIR_RECURSIVE is supposed to be set. Also, when I try it out with rmdir() I get 8 as - * $options. What does 8 correspond to? - * - * @param string $path - * @param int $options - * @return bool - */ - private function _rmdir($path, $options) - { - $path = $this->parse_path($path); - if ($path === false) { - return false; - } - - return $this->sftp->rmdir($path); - } - - /** - * Flushes the output - * - * See . Always returns true because \phpseclib3\Net\SFTP doesn't cache stuff before writing - * - * @return bool - */ - private function _stream_flush() - { - return true; - } - - /** - * Retrieve information about a file resource - * - * @return mixed - */ - private function _stream_stat() - { - $results = $this->sftp->stat($this->path); - if ($results === false) { - return false; - } - return $results; - } - - /** - * Delete a file - * - * @param string $path - * @return bool - */ - private function _unlink($path) - { - $path = $this->parse_path($path); - if ($path === false) { - return false; - } - - return $this->sftp->delete($path, false); - } - - /** - * Retrieve information about a file - * - * Ignores the STREAM_URL_STAT_QUIET flag because the entirety of \phpseclib3\Net\SFTP\Stream is quiet by default - * might be worthwhile to reconstruct bits 12-16 (ie. the file type) if mode doesn't have them but we'll - * cross that bridge when and if it's reached - * - * @param string $path - * @param int $flags - * @return mixed - */ - private function _url_stat($path, $flags) - { - $path = $this->parse_path($path); - if ($path === false) { - return false; - } - - $results = $flags & STREAM_URL_STAT_LINK ? $this->sftp->lstat($path) : $this->sftp->stat($path); - if ($results === false) { - return false; - } - - return $results; - } - - /** - * Truncate stream - * - * @param int $new_size - * @return bool - */ - private function _stream_truncate($new_size) - { - if (!$this->sftp->truncate($this->path, $new_size)) { - return false; - } - - $this->eof = false; - $this->size = $new_size; - - return true; - } - - /** - * Change stream options - * - * STREAM_OPTION_WRITE_BUFFER isn't supported for the same reason stream_flush isn't. - * The other two aren't supported because of limitations in \phpseclib3\Net\SFTP. - * - * @param int $option - * @param int $arg1 - * @param int $arg2 - * @return bool - */ - private function _stream_set_option($option, $arg1, $arg2) - { - return false; - } - - /** - * Close an resource - * - */ - private function _stream_close() - { - } - - /** - * __call Magic Method - * - * When you're utilizing an SFTP stream you're not calling the methods in this class directly - PHP is calling them for you. - * Which kinda begs the question... what methods is PHP calling and what parameters is it passing to them? This function - * lets you figure that out. - * - * If NET_SFTP_STREAM_LOGGING is defined all calls will be output on the screen and then (regardless of whether or not - * NET_SFTP_STREAM_LOGGING is enabled) the parameters will be passed through to the appropriate method. - * - * @param string $name - * @param array $arguments - * @return mixed - */ - public function __call($name, array $arguments) - { - if (defined('NET_SFTP_STREAM_LOGGING')) { - echo $name . '('; - $last = count($arguments) - 1; - foreach ($arguments as $i => $argument) { - var_export($argument); - if ($i != $last) { - echo ','; - } - } - echo ")\r\n"; - } - $name = '_' . $name; - if (!method_exists($this, $name)) { - return false; - } - return $this->$name(...$arguments); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Net/SSH2.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Net/SSH2.php deleted file mode 100644 index ac70af9..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/Net/SSH2.php +++ /dev/null @@ -1,5397 +0,0 @@ - - * login('username', 'password')) { - * exit('Login Failed'); - * } - * - * echo $ssh->exec('pwd'); - * echo $ssh->exec('ls -la'); - * ?> - * - * - * - * login('username', $key)) { - * exit('Login Failed'); - * } - * - * echo $ssh->read('username@username:~$'); - * $ssh->write("ls -la\n"); - * echo $ssh->read('username@username:~$'); - * ?> - * - * - * @author Jim Wigginton - * @copyright 2007 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\Net; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\Blowfish; -use phpseclib3\Crypt\ChaCha20; -use phpseclib3\Crypt\Common\AsymmetricKey; -use phpseclib3\Crypt\Common\PrivateKey; -use phpseclib3\Crypt\Common\PublicKey; -use phpseclib3\Crypt\Common\SymmetricKey; -use phpseclib3\Crypt\DH; -use phpseclib3\Crypt\DSA; -use phpseclib3\Crypt\EC; -use phpseclib3\Crypt\Hash; -use phpseclib3\Crypt\Random; -use phpseclib3\Crypt\RC4; -use phpseclib3\Crypt\Rijndael; -use phpseclib3\Crypt\RSA; -use phpseclib3\Crypt\TripleDES; // Used to do Diffie-Hellman key exchange and DSA/RSA signature verification. -use phpseclib3\Crypt\Twofish; -use phpseclib3\Exception\ConnectionClosedException; -use phpseclib3\Exception\InsufficientSetupException; -use phpseclib3\Exception\NoSupportedAlgorithmsException; -use phpseclib3\Exception\UnableToConnectException; -use phpseclib3\Exception\UnsupportedAlgorithmException; -use phpseclib3\Exception\UnsupportedCurveException; -use phpseclib3\Math\BigInteger; -use phpseclib3\System\SSH\Agent; - -/** - * Pure-PHP implementation of SSHv2. - * - * @author Jim Wigginton - */ -class SSH2 -{ - /**#@+ - * Compression Types - * - */ - /** - * No compression - */ - const NET_SSH2_COMPRESSION_NONE = 1; - /** - * zlib compression - */ - const NET_SSH2_COMPRESSION_ZLIB = 2; - /** - * zlib@openssh.com - */ - const NET_SSH2_COMPRESSION_ZLIB_AT_OPENSSH = 3; - /**#@-*/ - - // Execution Bitmap Masks - const MASK_CONSTRUCTOR = 0x00000001; - const MASK_CONNECTED = 0x00000002; - const MASK_LOGIN_REQ = 0x00000004; - const MASK_LOGIN = 0x00000008; - const MASK_SHELL = 0x00000010; - const MASK_WINDOW_ADJUST = 0x00000020; - - /* - * Channel constants - * - * RFC4254 refers not to client and server channels but rather to sender and recipient channels. we don't refer - * to them in that way because RFC4254 toggles the meaning. the client sends a SSH_MSG_CHANNEL_OPEN message with - * a sender channel and the server sends a SSH_MSG_CHANNEL_OPEN_CONFIRMATION in response, with a sender and a - * recipient channel. at first glance, you might conclude that SSH_MSG_CHANNEL_OPEN_CONFIRMATION's sender channel - * would be the same thing as SSH_MSG_CHANNEL_OPEN's sender channel, but it's not, per this snippet: - * The 'recipient channel' is the channel number given in the original - * open request, and 'sender channel' is the channel number allocated by - * the other side. - * - * @see \phpseclib3\Net\SSH2::send_channel_packet() - * @see \phpseclib3\Net\SSH2::get_channel_packet() - */ - const CHANNEL_EXEC = 1; // PuTTy uses 0x100 - const CHANNEL_SHELL = 2; - const CHANNEL_SUBSYSTEM = 3; - const CHANNEL_AGENT_FORWARD = 4; - const CHANNEL_KEEP_ALIVE = 5; - - /** - * Returns the message numbers - * - * @see \phpseclib3\Net\SSH2::getLog() - */ - const LOG_SIMPLE = 1; - /** - * Returns the message content - * - * @see \phpseclib3\Net\SSH2::getLog() - */ - const LOG_COMPLEX = 2; - /** - * Outputs the content real-time - */ - const LOG_REALTIME = 3; - /** - * Dumps the content real-time to a file - */ - const LOG_REALTIME_FILE = 4; - /** - * Outputs the message numbers real-time - */ - const LOG_SIMPLE_REALTIME = 5; - /** - * Make sure that the log never gets larger than this - * - * @see \phpseclib3\Net\SSH2::getLog() - */ - const LOG_MAX_SIZE = 1048576; // 1024 * 1024 - - /** - * Returns when a string matching $expect exactly is found - * - * @see \phpseclib3\Net\SSH2::read() - */ - const READ_SIMPLE = 1; - /** - * Returns when a string matching the regular expression $expect is found - * - * @see \phpseclib3\Net\SSH2::read() - */ - const READ_REGEX = 2; - /** - * Returns whenever a data packet is received. - * - * Some data packets may only contain a single character so it may be necessary - * to call read() multiple times when using this option - * - * @see \phpseclib3\Net\SSH2::read() - */ - const READ_NEXT = 3; - - /** - * The SSH identifier - * - * @var string - */ - private $identifier; - - /** - * The Socket Object - * - * @var resource|closed-resource|null - */ - public $fsock; - - /** - * Execution Bitmap - * - * The bits that are set represent functions that have been called already. This is used to determine - * if a requisite function has been successfully executed. If not, an error should be thrown. - * - * @var int - */ - protected $bitmap = 0; - - /** - * Error information - * - * @see self::getErrors() - * @see self::getLastError() - * @var array - */ - private $errors = []; - - /** - * Server Identifier - * - * @see self::getServerIdentification() - * @var string|false - */ - protected $server_identifier = false; - - /** - * Key Exchange Algorithms - * - * @see self::getKexAlgorithims() - * @var array|false - */ - private $kex_algorithms = false; - - /** - * Key Exchange Algorithm - * - * @see self::getMethodsNegotiated() - * @var string|false - */ - private $kex_algorithm = false; - - /** - * Minimum Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods - * - * @see self::_key_exchange() - * @var int - */ - private $kex_dh_group_size_min = 1536; - - /** - * Preferred Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods - * - * @see self::_key_exchange() - * @var int - */ - private $kex_dh_group_size_preferred = 2048; - - /** - * Maximum Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods - * - * @see self::_key_exchange() - * @var int - */ - private $kex_dh_group_size_max = 4096; - - /** - * Server Host Key Algorithms - * - * @see self::getServerHostKeyAlgorithms() - * @var array|false - */ - private $server_host_key_algorithms = false; - - /** - * Supported Private Key Algorithms - * - * In theory this should be the same as the Server Host Key Algorithms but, in practice, - * some servers (eg. Azure) will support rsa-sha2-512 as a server host key algorithm but - * not a private key algorithm - * - * @see self::privatekey_login() - * @var array|false - */ - private $supported_private_key_algorithms = false; - - /** - * Encryption Algorithms: Client to Server - * - * @see self::getEncryptionAlgorithmsClient2Server() - * @var array|false - */ - private $encryption_algorithms_client_to_server = false; - - /** - * Encryption Algorithms: Server to Client - * - * @see self::getEncryptionAlgorithmsServer2Client() - * @var array|false - */ - private $encryption_algorithms_server_to_client = false; - - /** - * MAC Algorithms: Client to Server - * - * @see self::getMACAlgorithmsClient2Server() - * @var array|false - */ - private $mac_algorithms_client_to_server = false; - - /** - * MAC Algorithms: Server to Client - * - * @see self::getMACAlgorithmsServer2Client() - * @var array|false - */ - private $mac_algorithms_server_to_client = false; - - /** - * Compression Algorithms: Client to Server - * - * @see self::getCompressionAlgorithmsClient2Server() - * @var array|false - */ - private $compression_algorithms_client_to_server = false; - - /** - * Compression Algorithms: Server to Client - * - * @see self::getCompressionAlgorithmsServer2Client() - * @var array|false - */ - private $compression_algorithms_server_to_client = false; - - /** - * Languages: Server to Client - * - * @see self::getLanguagesServer2Client() - * @var array|false - */ - private $languages_server_to_client = false; - - /** - * Languages: Client to Server - * - * @see self::getLanguagesClient2Server() - * @var array|false - */ - private $languages_client_to_server = false; - - /** - * Preferred Algorithms - * - * @see self::setPreferredAlgorithms() - * @var array - */ - private $preferred = []; - - /** - * Block Size for Server to Client Encryption - * - * "Note that the length of the concatenation of 'packet_length', - * 'padding_length', 'payload', and 'random padding' MUST be a multiple - * of the cipher block size or 8, whichever is larger. This constraint - * MUST be enforced, even when using stream ciphers." - * - * -- http://tools.ietf.org/html/rfc4253#section-6 - * - * @see self::__construct() - * @see self::_send_binary_packet() - * @var int - */ - private $encrypt_block_size = 8; - - /** - * Block Size for Client to Server Encryption - * - * @see self::__construct() - * @see self::_get_binary_packet() - * @var int - */ - private $decrypt_block_size = 8; - - /** - * Server to Client Encryption Object - * - * @see self::_get_binary_packet() - * @var SymmetricKey|false - */ - private $decrypt = false; - - /** - * Decryption Algorithm Name - * - * @var string|null - */ - private $decryptName; - - /** - * Decryption Invocation Counter - * - * Used by GCM - * - * @var string|null - */ - private $decryptInvocationCounter; - - /** - * Fixed Part of Nonce - * - * Used by GCM - * - * @var string|null - */ - private $decryptFixedPart; - - /** - * Server to Client Length Encryption Object - * - * @see self::_get_binary_packet() - * @var object - */ - private $lengthDecrypt = false; - - /** - * Client to Server Encryption Object - * - * @see self::_send_binary_packet() - * @var SymmetricKey|false - */ - private $encrypt = false; - - /** - * Encryption Algorithm Name - * - * @var string|null - */ - private $encryptName; - - /** - * Encryption Invocation Counter - * - * Used by GCM - * - * @var string|null - */ - private $encryptInvocationCounter; - - /** - * Fixed Part of Nonce - * - * Used by GCM - * - * @var string|null - */ - private $encryptFixedPart; - - /** - * Client to Server Length Encryption Object - * - * @see self::_send_binary_packet() - * @var object - */ - private $lengthEncrypt = false; - - /** - * Client to Server HMAC Object - * - * @see self::_send_binary_packet() - * @var object - */ - private $hmac_create = false; - - /** - * Client to Server HMAC Name - * - * @var string|false - */ - private $hmac_create_name; - - /** - * Client to Server ETM - * - * @var int|false - */ - private $hmac_create_etm; - - /** - * Server to Client HMAC Object - * - * @see self::_get_binary_packet() - * @var object - */ - private $hmac_check = false; - - /** - * Server to Client HMAC Name - * - * @var string|false - */ - private $hmac_check_name; - - /** - * Server to Client ETM - * - * @var int|false - */ - private $hmac_check_etm; - - /** - * Size of server to client HMAC - * - * We need to know how big the HMAC will be for the server to client direction so that we know how many bytes to read. - * For the client to server side, the HMAC object will make the HMAC as long as it needs to be. All we need to do is - * append it. - * - * @see self::_get_binary_packet() - * @var int - */ - private $hmac_size = false; - - /** - * Server Public Host Key - * - * @see self::getServerPublicHostKey() - * @var string - */ - private $server_public_host_key; - - /** - * Session identifier - * - * "The exchange hash H from the first key exchange is additionally - * used as the session identifier, which is a unique identifier for - * this connection." - * - * -- http://tools.ietf.org/html/rfc4253#section-7.2 - * - * @see self::_key_exchange() - * @var string - */ - private $session_id = false; - - /** - * Exchange hash - * - * The current exchange hash - * - * @see self::_key_exchange() - * @var string - */ - private $exchange_hash = false; - - /** - * Message Numbers - * - * @see self::__construct() - * @var array - * @access private - */ - private static $message_numbers = []; - - /** - * Disconnection Message 'reason codes' defined in RFC4253 - * - * @see self::__construct() - * @var array - * @access private - */ - private static $disconnect_reasons = []; - - /** - * SSH_MSG_CHANNEL_OPEN_FAILURE 'reason codes', defined in RFC4254 - * - * @see self::__construct() - * @var array - * @access private - */ - private static $channel_open_failure_reasons = []; - - /** - * Terminal Modes - * - * @link http://tools.ietf.org/html/rfc4254#section-8 - * @see self::__construct() - * @var array - * @access private - */ - private static $terminal_modes = []; - - /** - * SSH_MSG_CHANNEL_EXTENDED_DATA's data_type_codes - * - * @link http://tools.ietf.org/html/rfc4254#section-5.2 - * @see self::__construct() - * @var array - * @access private - */ - private static $channel_extended_data_type_codes = []; - - /** - * Send Sequence Number - * - * See 'Section 6.4. Data Integrity' of rfc4253 for more info. - * - * @see self::_send_binary_packet() - * @var int - */ - private $send_seq_no = 0; - - /** - * Get Sequence Number - * - * See 'Section 6.4. Data Integrity' of rfc4253 for more info. - * - * @see self::_get_binary_packet() - * @var int - */ - private $get_seq_no = 0; - - /** - * Server Channels - * - * Maps client channels to server channels - * - * @see self::get_channel_packet() - * @see self::exec() - * @var array - */ - protected $server_channels = []; - - /** - * Channel Buffers - * - * If a client requests a packet from one channel but receives two packets from another those packets should - * be placed in a buffer - * - * @see self::get_channel_packet() - * @see self::exec() - * @var array - */ - private $channel_buffers = []; - - /** - * Channel Status - * - * Contains the type of the last sent message - * - * @see self::get_channel_packet() - * @var array - */ - protected $channel_status = []; - - /** - * The identifier of the interactive channel which was opened most recently - * - * @see self::getInteractiveChannelId() - * @var int - */ - private $channel_id_last_interactive = 0; - - /** - * Packet Size - * - * Maximum packet size indexed by channel - * - * @see self::send_channel_packet() - * @var array - */ - private $packet_size_client_to_server = []; - - /** - * Message Number Log - * - * @see self::getLog() - * @var array - */ - private $message_number_log = []; - - /** - * Message Log - * - * @see self::getLog() - * @var array - */ - private $message_log = []; - - /** - * The Window Size - * - * Bytes the other party can send before it must wait for the window to be adjusted (0x7FFFFFFF = 2GB) - * - * @var int - * @see self::send_channel_packet() - * @see self::exec() - */ - protected $window_size = 0x7FFFFFFF; - - /** - * What we resize the window to - * - * When PuTTY resizes the window it doesn't add an additional 0x7FFFFFFF bytes - it adds 0x40000000 bytes. - * Some SFTP clients (GoAnywhere) don't support adding 0x7FFFFFFF to the window size after the fact so - * we'll just do what PuTTY does - * - * @var int - * @see self::_send_channel_packet() - * @see self::exec() - */ - private $window_resize = 0x40000000; - - /** - * Window size, server to client - * - * Window size indexed by channel - * - * @see self::send_channel_packet() - * @var array - */ - protected $window_size_server_to_client = []; - - /** - * Window size, client to server - * - * Window size indexed by channel - * - * @see self::get_channel_packet() - * @var array - */ - private $window_size_client_to_server = []; - - /** - * Server signature - * - * Verified against $this->session_id - * - * @see self::getServerPublicHostKey() - * @var string - */ - private $signature = ''; - - /** - * Server signature format - * - * ssh-rsa or ssh-dss. - * - * @see self::getServerPublicHostKey() - * @var string - */ - private $signature_format = ''; - - /** - * Interactive Buffer - * - * @see self::read() - * @var string - */ - private $interactiveBuffer = ''; - - /** - * Current log size - * - * Should never exceed self::LOG_MAX_SIZE - * - * @see self::_send_binary_packet() - * @see self::_get_binary_packet() - * @var int - */ - private $log_size; - - /** - * Timeout - * - * @see self::setTimeout() - */ - protected $timeout; - - /** - * Current Timeout - * - * @see self::get_channel_packet() - */ - protected $curTimeout; - - /** - * Keep Alive Interval - * - * @see self::setKeepAlive() - */ - private $keepAlive; - - /** - * Real-time log file pointer - * - * @see self::_append_log() - * @var resource|closed-resource - */ - private $realtime_log_file; - - /** - * Real-time log file size - * - * @see self::_append_log() - * @var int - */ - private $realtime_log_size; - - /** - * Has the signature been validated? - * - * @see self::getServerPublicHostKey() - * @var bool - */ - private $signature_validated = false; - - /** - * Real-time log file wrap boolean - * - * @see self::_append_log() - * @var bool - */ - private $realtime_log_wrap; - - /** - * Flag to suppress stderr from output - * - * @see self::enableQuietMode() - */ - private $quiet_mode = false; - - /** - * Time of first network activity - * - * @var float - */ - private $last_packet; - - /** - * Exit status returned from ssh if any - * - * @var int - */ - private $exit_status; - - /** - * Flag to request a PTY when using exec() - * - * @var bool - * @see self::enablePTY() - */ - private $request_pty = false; - - /** - * Contents of stdError - * - * @var string - */ - private $stdErrorLog; - - /** - * The Last Interactive Response - * - * @see self::_keyboard_interactive_process() - * @var string - */ - private $last_interactive_response = ''; - - /** - * Keyboard Interactive Request / Responses - * - * @see self::_keyboard_interactive_process() - * @var array - */ - private $keyboard_requests_responses = []; - - /** - * Banner Message - * - * Quoting from the RFC, "in some jurisdictions, sending a warning message before - * authentication may be relevant for getting legal protection." - * - * @see self::_filter() - * @see self::getBannerMessage() - * @var string - */ - private $banner_message = ''; - - /** - * Did read() timeout or return normally? - * - * @see self::isTimeout() - * @var bool - */ - private $is_timeout = false; - - /** - * Log Boundary - * - * @see self::_format_log() - * @var string - */ - private $log_boundary = ':'; - - /** - * Log Long Width - * - * @see self::_format_log() - * @var int - */ - private $log_long_width = 65; - - /** - * Log Short Width - * - * @see self::_format_log() - * @var int - */ - private $log_short_width = 16; - - /** - * Hostname - * - * @see self::__construct() - * @see self::_connect() - * @var string - */ - private $host; - - /** - * Port Number - * - * @see self::__construct() - * @see self::_connect() - * @var int - */ - private $port; - - /** - * Number of columns for terminal window size - * - * @see self::getWindowColumns() - * @see self::setWindowColumns() - * @see self::setWindowSize() - * @var int - */ - private $windowColumns = 80; - - /** - * Number of columns for terminal window size - * - * @see self::getWindowRows() - * @see self::setWindowRows() - * @see self::setWindowSize() - * @var int - */ - private $windowRows = 24; - - /** - * Crypto Engine - * - * @see self::setCryptoEngine() - * @see self::_key_exchange() - * @var int - */ - private static $crypto_engine = false; - - /** - * A System_SSH_Agent for use in the SSH2 Agent Forwarding scenario - * - * @var Agent - */ - private $agent; - - /** - * Connection storage to replicates ssh2 extension functionality: - * {@link http://php.net/manual/en/wrappers.ssh2.php#refsect1-wrappers.ssh2-examples} - * - * @var array> - */ - private static $connections; - - /** - * Send the identification string first? - * - * @var bool - */ - private $send_id_string_first = true; - - /** - * Send the key exchange initiation packet first? - * - * @var bool - */ - private $send_kex_first = true; - - /** - * Some versions of OpenSSH incorrectly calculate the key size - * - * @var bool - */ - private $bad_key_size_fix = false; - - /** - * Should we try to re-connect to re-establish keys? - * - * @var bool - */ - private $retry_connect = false; - - /** - * Binary Packet Buffer - * - * @var string|false - */ - private $binary_packet_buffer = false; - - /** - * Preferred Signature Format - * - * @var string|false - */ - protected $preferred_signature_format = false; - - /** - * Authentication Credentials - * - * @var array - */ - protected $auth = []; - - /** - * Terminal - * - * @var string - */ - private $term = 'vt100'; - - /** - * The authentication methods that may productively continue authentication. - * - * @see https://tools.ietf.org/html/rfc4252#section-5.1 - * @var array|null - */ - private $auth_methods_to_continue = null; - - /** - * Compression method - * - * @var int - */ - private $compress = self::NET_SSH2_COMPRESSION_NONE; - - /** - * Decompression method - * - * @var int - */ - private $decompress = self::NET_SSH2_COMPRESSION_NONE; - - /** - * Compression context - * - * @var resource|false|null - */ - private $compress_context; - - /** - * Decompression context - * - * @var resource|object - */ - private $decompress_context; - - /** - * Regenerate Compression Context - * - * @var bool - */ - private $regenerate_compression_context = false; - - /** - * Regenerate Decompression Context - * - * @var bool - */ - private $regenerate_decompression_context = false; - - /** - * Smart multi-factor authentication flag - * - * @var bool - */ - private $smartMFA = true; - - /** - * How many channels are currently opened - * - * @var int - */ - private $channelCount = 0; - - /** - * Does the server support multiple channels? If not then error out - * when multiple channels are attempted to be opened - * - * @var bool - */ - private $errorOnMultipleChannels; - - /** - * Terrapin Countermeasure - * - * "During initial KEX, terminate the connection if any unexpected or out-of-sequence packet is received" - * -- https://github.com/openssh/openssh-portable/commit/1edb00c58f8a6875fad6a497aa2bacf37f9e6cd5 - * - * @var int - */ - private $extra_packets; - - /** - * Default Constructor. - * - * $host can either be a string, representing the host, or a stream resource. - * - * @param mixed $host - * @param int $port - * @param int $timeout - * @see self::login() - */ - public function __construct($host, $port = 22, $timeout = 10) - { - if (empty(self::$message_numbers)) { - self::$message_numbers = [ - 1 => 'NET_SSH2_MSG_DISCONNECT', - 2 => 'NET_SSH2_MSG_IGNORE', - 3 => 'NET_SSH2_MSG_UNIMPLEMENTED', - 4 => 'NET_SSH2_MSG_DEBUG', - 5 => 'NET_SSH2_MSG_SERVICE_REQUEST', - 6 => 'NET_SSH2_MSG_SERVICE_ACCEPT', - 7 => 'NET_SSH2_MSG_EXT_INFO', // RFC 8308 - 20 => 'NET_SSH2_MSG_KEXINIT', - 21 => 'NET_SSH2_MSG_NEWKEYS', - 30 => 'NET_SSH2_MSG_KEXDH_INIT', - 31 => 'NET_SSH2_MSG_KEXDH_REPLY', - 50 => 'NET_SSH2_MSG_USERAUTH_REQUEST', - 51 => 'NET_SSH2_MSG_USERAUTH_FAILURE', - 52 => 'NET_SSH2_MSG_USERAUTH_SUCCESS', - 53 => 'NET_SSH2_MSG_USERAUTH_BANNER', - - 80 => 'NET_SSH2_MSG_GLOBAL_REQUEST', - 81 => 'NET_SSH2_MSG_REQUEST_SUCCESS', - 82 => 'NET_SSH2_MSG_REQUEST_FAILURE', - 90 => 'NET_SSH2_MSG_CHANNEL_OPEN', - 91 => 'NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION', - 92 => 'NET_SSH2_MSG_CHANNEL_OPEN_FAILURE', - 93 => 'NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST', - 94 => 'NET_SSH2_MSG_CHANNEL_DATA', - 95 => 'NET_SSH2_MSG_CHANNEL_EXTENDED_DATA', - 96 => 'NET_SSH2_MSG_CHANNEL_EOF', - 97 => 'NET_SSH2_MSG_CHANNEL_CLOSE', - 98 => 'NET_SSH2_MSG_CHANNEL_REQUEST', - 99 => 'NET_SSH2_MSG_CHANNEL_SUCCESS', - 100 => 'NET_SSH2_MSG_CHANNEL_FAILURE' - ]; - self::$disconnect_reasons = [ - 1 => 'NET_SSH2_DISCONNECT_HOST_NOT_ALLOWED_TO_CONNECT', - 2 => 'NET_SSH2_DISCONNECT_PROTOCOL_ERROR', - 3 => 'NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED', - 4 => 'NET_SSH2_DISCONNECT_RESERVED', - 5 => 'NET_SSH2_DISCONNECT_MAC_ERROR', - 6 => 'NET_SSH2_DISCONNECT_COMPRESSION_ERROR', - 7 => 'NET_SSH2_DISCONNECT_SERVICE_NOT_AVAILABLE', - 8 => 'NET_SSH2_DISCONNECT_PROTOCOL_VERSION_NOT_SUPPORTED', - 9 => 'NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE', - 10 => 'NET_SSH2_DISCONNECT_CONNECTION_LOST', - 11 => 'NET_SSH2_DISCONNECT_BY_APPLICATION', - 12 => 'NET_SSH2_DISCONNECT_TOO_MANY_CONNECTIONS', - 13 => 'NET_SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER', - 14 => 'NET_SSH2_DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLE', - 15 => 'NET_SSH2_DISCONNECT_ILLEGAL_USER_NAME' - ]; - self::$channel_open_failure_reasons = [ - 1 => 'NET_SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED' - ]; - self::$terminal_modes = [ - 0 => 'NET_SSH2_TTY_OP_END' - ]; - self::$channel_extended_data_type_codes = [ - 1 => 'NET_SSH2_EXTENDED_DATA_STDERR' - ]; - - self::define_array( - self::$message_numbers, - self::$disconnect_reasons, - self::$channel_open_failure_reasons, - self::$terminal_modes, - self::$channel_extended_data_type_codes, - [60 => 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ'], - [60 => 'NET_SSH2_MSG_USERAUTH_PK_OK'], - [60 => 'NET_SSH2_MSG_USERAUTH_INFO_REQUEST', - 61 => 'NET_SSH2_MSG_USERAUTH_INFO_RESPONSE'], - // RFC 4419 - diffie-hellman-group-exchange-sha{1,256} - [30 => 'NET_SSH2_MSG_KEXDH_GEX_REQUEST_OLD', - 31 => 'NET_SSH2_MSG_KEXDH_GEX_GROUP', - 32 => 'NET_SSH2_MSG_KEXDH_GEX_INIT', - 33 => 'NET_SSH2_MSG_KEXDH_GEX_REPLY', - 34 => 'NET_SSH2_MSG_KEXDH_GEX_REQUEST'], - // RFC 5656 - Elliptic Curves (for curve25519-sha256@libssh.org) - [30 => 'NET_SSH2_MSG_KEX_ECDH_INIT', - 31 => 'NET_SSH2_MSG_KEX_ECDH_REPLY'] - ); - } - - /** - * Typehint is required due to a bug in Psalm: https://github.com/vimeo/psalm/issues/7508 - * @var \WeakReference|SSH2 - */ - self::$connections[$this->getResourceId()] = class_exists('WeakReference') - ? \WeakReference::create($this) - : $this; - - if (is_resource($host)) { - $this->fsock = $host; - return; - } - - if (Strings::is_stringable($host)) { - $this->host = $host; - $this->port = $port; - $this->timeout = $timeout; - } - } - - /** - * Set Crypto Engine Mode - * - * Possible $engine values: - * OpenSSL, mcrypt, Eval, PHP - * - * @param int $engine - */ - public static function setCryptoEngine($engine) - { - self::$crypto_engine = $engine; - } - - /** - * Send Identification String First - * - * https://tools.ietf.org/html/rfc4253#section-4.2 says "when the connection has been established, - * both sides MUST send an identification string". It does not say which side sends it first. In - * theory it shouldn't matter but it is a fact of life that some SSH servers are simply buggy - * - */ - public function sendIdentificationStringFirst() - { - $this->send_id_string_first = true; - } - - /** - * Send Identification String Last - * - * https://tools.ietf.org/html/rfc4253#section-4.2 says "when the connection has been established, - * both sides MUST send an identification string". It does not say which side sends it first. In - * theory it shouldn't matter but it is a fact of life that some SSH servers are simply buggy - * - */ - public function sendIdentificationStringLast() - { - $this->send_id_string_first = false; - } - - /** - * Send SSH_MSG_KEXINIT First - * - * https://tools.ietf.org/html/rfc4253#section-7.1 says "key exchange begins by each sending - * sending the [SSH_MSG_KEXINIT] packet". It does not say which side sends it first. In theory - * it shouldn't matter but it is a fact of life that some SSH servers are simply buggy - * - */ - public function sendKEXINITFirst() - { - $this->send_kex_first = true; - } - - /** - * Send SSH_MSG_KEXINIT Last - * - * https://tools.ietf.org/html/rfc4253#section-7.1 says "key exchange begins by each sending - * sending the [SSH_MSG_KEXINIT] packet". It does not say which side sends it first. In theory - * it shouldn't matter but it is a fact of life that some SSH servers are simply buggy - * - */ - public function sendKEXINITLast() - { - $this->send_kex_first = false; - } - - /** - * stream_select wrapper - * - * Quoting https://stackoverflow.com/a/14262151/569976, - * "The general approach to `EINTR` is to simply handle the error and retry the operation again" - * - * This wrapper does that loop - */ - private static function stream_select(&$read, &$write, &$except, $seconds, $microseconds = null) - { - $remaining = $seconds + $microseconds / 1000000; - $start = microtime(true); - while (true) { - $result = @stream_select($read, $write, $except, $seconds, $microseconds); - if ($result !== false) { - return $result; - } - $elapsed = microtime(true) - $start; - $seconds = (int) ($remaining - floor($elapsed)); - $microseconds = (int) (1000000 * ($remaining - $seconds)); - if ($elapsed >= $remaining) { - return false; - } - } - } - - /** - * Connect to an SSHv2 server - * - * @throws \UnexpectedValueException on receipt of unexpected packets - * @throws \RuntimeException on other errors - */ - private function connect() - { - if ($this->bitmap & self::MASK_CONSTRUCTOR) { - return; - } - - $this->bitmap |= self::MASK_CONSTRUCTOR; - - $this->curTimeout = $this->timeout; - - $this->last_packet = microtime(true); - - if (!is_resource($this->fsock)) { - $start = microtime(true); - // with stream_select a timeout of 0 means that no timeout takes place; - // with fsockopen a timeout of 0 means that you instantly timeout - // to resolve this incompatibility a timeout of 100,000 will be used for fsockopen if timeout is 0 - $this->fsock = @fsockopen($this->host, $this->port, $errno, $errstr, $this->curTimeout == 0 ? 100000 : $this->curTimeout); - if (!$this->fsock) { - $host = $this->host . ':' . $this->port; - throw new UnableToConnectException(rtrim("Cannot connect to $host. Error $errno. $errstr")); - } - $elapsed = microtime(true) - $start; - - if ($this->curTimeout) { - $this->curTimeout -= $elapsed; - if ($this->curTimeout < 0) { - throw new \RuntimeException('Connection timed out whilst attempting to open socket connection'); - } - } - } - - $this->identifier = $this->generate_identifier(); - - if ($this->send_id_string_first) { - fputs($this->fsock, $this->identifier . "\r\n"); - } - - /* According to the SSH2 specs, - - "The server MAY send other lines of data before sending the version - string. Each line SHOULD be terminated by a Carriage Return and Line - Feed. Such lines MUST NOT begin with "SSH-", and SHOULD be encoded - in ISO-10646 UTF-8 [RFC3629] (language is not specified). Clients - MUST be able to process such lines." */ - $data = ''; - while (!feof($this->fsock) && !preg_match('#(.*)^(SSH-(\d\.\d+).*)#ms', $data, $matches)) { - $line = ''; - while (true) { - if ($this->curTimeout) { - if ($this->curTimeout < 0) { - throw new \RuntimeException('Connection timed out whilst receiving server identification string'); - } - $read = [$this->fsock]; - $write = $except = null; - $start = microtime(true); - $sec = (int) floor($this->curTimeout); - $usec = (int) (1000000 * ($this->curTimeout - $sec)); - if (static::stream_select($read, $write, $except, $sec, $usec) === false) { - throw new \RuntimeException('Connection timed out whilst receiving server identification string'); - } - $elapsed = microtime(true) - $start; - $this->curTimeout -= $elapsed; - } - - $temp = stream_get_line($this->fsock, 255, "\n"); - if ($temp === false) { - throw new \RuntimeException('Error reading from socket'); - } - if (strlen($temp) == 255) { - continue; - } - - $line .= "$temp\n"; - - // quoting RFC4253, "Implementers who wish to maintain - // compatibility with older, undocumented versions of this protocol may - // want to process the identification string without expecting the - // presence of the carriage return character for reasons described in - // Section 5 of this document." - - //if (substr($line, -2) == "\r\n") { - // break; - //} - - break; - } - - $data .= $line; - } - - if (feof($this->fsock)) { - $this->bitmap = 0; - throw new ConnectionClosedException('Connection closed by server'); - } - - $extra = $matches[1]; - - if (defined('NET_SSH2_LOGGING')) { - $this->append_log('<-', $matches[0]); - $this->append_log('->', $this->identifier . "\r\n"); - } - - $this->server_identifier = trim($temp, "\r\n"); - if (strlen($extra)) { - $this->errors[] = $data; - } - - if (version_compare($matches[3], '1.99', '<')) { - $this->bitmap = 0; - throw new UnableToConnectException("Cannot connect to SSH $matches[3] servers"); - } - - // Ubuntu's OpenSSH from 5.8 to 6.9 didn't work with multiple channels. see - // https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1334916 for more info. - // https://lists.ubuntu.com/archives/oneiric-changes/2011-July/005772.html discusses - // when consolekit was incorporated. - // https://marc.info/?l=openssh-unix-dev&m=163409903417589&w=2 discusses some of the - // issues with how Ubuntu incorporated consolekit - $pattern = '#^SSH-2\.0-OpenSSH_([\d.]+)[^ ]* Ubuntu-.*$#'; - $match = preg_match($pattern, $this->server_identifier, $matches); - $match = $match && version_compare('5.8', $matches[1], '<='); - $match = $match && version_compare('6.9', $matches[1], '>='); - $this->errorOnMultipleChannels = $match; - - if (!$this->send_id_string_first) { - fputs($this->fsock, $this->identifier . "\r\n"); - } - - if (!$this->send_kex_first) { - $response = $this->get_binary_packet(); - - if (is_bool($response) || !strlen($response) || ord($response[0]) != NET_SSH2_MSG_KEXINIT) { - $this->bitmap = 0; - throw new \UnexpectedValueException('Expected SSH_MSG_KEXINIT'); - } - - $this->key_exchange($response); - } - - if ($this->send_kex_first) { - $this->key_exchange(); - } - - $this->bitmap |= self::MASK_CONNECTED; - - return true; - } - - /** - * Generates the SSH identifier - * - * You should overwrite this method in your own class if you want to use another identifier - * - * @return string - */ - private function generate_identifier() - { - $identifier = 'SSH-2.0-phpseclib_3.0'; - - $ext = []; - if (extension_loaded('sodium')) { - $ext[] = 'libsodium'; - } - - if (extension_loaded('openssl')) { - $ext[] = 'openssl'; - } elseif (extension_loaded('mcrypt')) { - $ext[] = 'mcrypt'; - } - - if (extension_loaded('gmp')) { - $ext[] = 'gmp'; - } elseif (extension_loaded('bcmath')) { - $ext[] = 'bcmath'; - } - - if (!empty($ext)) { - $identifier .= ' (' . implode(', ', $ext) . ')'; - } - - return $identifier; - } - - /** - * Key Exchange - * - * @return bool - * @param string|bool $kexinit_payload_server optional - * @throws \UnexpectedValueException on receipt of unexpected packets - * @throws \RuntimeException on other errors - * @throws \phpseclib3\Exception\NoSupportedAlgorithmsException when none of the algorithms phpseclib has loaded are compatible - */ - private function key_exchange($kexinit_payload_server = false) - { - $preferred = $this->preferred; - $send_kex = true; - - $kex_algorithms = isset($preferred['kex']) ? - $preferred['kex'] : - SSH2::getSupportedKEXAlgorithms(); - $server_host_key_algorithms = isset($preferred['hostkey']) ? - $preferred['hostkey'] : - SSH2::getSupportedHostKeyAlgorithms(); - $s2c_encryption_algorithms = isset($preferred['server_to_client']['crypt']) ? - $preferred['server_to_client']['crypt'] : - SSH2::getSupportedEncryptionAlgorithms(); - $c2s_encryption_algorithms = isset($preferred['client_to_server']['crypt']) ? - $preferred['client_to_server']['crypt'] : - SSH2::getSupportedEncryptionAlgorithms(); - $s2c_mac_algorithms = isset($preferred['server_to_client']['mac']) ? - $preferred['server_to_client']['mac'] : - SSH2::getSupportedMACAlgorithms(); - $c2s_mac_algorithms = isset($preferred['client_to_server']['mac']) ? - $preferred['client_to_server']['mac'] : - SSH2::getSupportedMACAlgorithms(); - $s2c_compression_algorithms = isset($preferred['server_to_client']['comp']) ? - $preferred['server_to_client']['comp'] : - SSH2::getSupportedCompressionAlgorithms(); - $c2s_compression_algorithms = isset($preferred['client_to_server']['comp']) ? - $preferred['client_to_server']['comp'] : - SSH2::getSupportedCompressionAlgorithms(); - - $kex_algorithms = array_merge($kex_algorithms, ['ext-info-c', 'kex-strict-c-v00@openssh.com']); - - // some SSH servers have buggy implementations of some of the above algorithms - switch (true) { - case $this->server_identifier == 'SSH-2.0-SSHD': - case substr($this->server_identifier, 0, 13) == 'SSH-2.0-DLINK': - if (!isset($preferred['server_to_client']['mac'])) { - $s2c_mac_algorithms = array_values(array_diff( - $s2c_mac_algorithms, - ['hmac-sha1-96', 'hmac-md5-96'] - )); - } - if (!isset($preferred['client_to_server']['mac'])) { - $c2s_mac_algorithms = array_values(array_diff( - $c2s_mac_algorithms, - ['hmac-sha1-96', 'hmac-md5-96'] - )); - } - break; - case substr($this->server_identifier, 0, 24) == 'SSH-2.0-TurboFTP_SERVER_': - if (!isset($preferred['server_to_client']['crypt'])) { - $s2c_encryption_algorithms = array_values(array_diff( - $s2c_encryption_algorithms, - ['aes128-gcm@openssh.com', 'aes256-gcm@openssh.com'] - )); - } - if (!isset($preferred['client_to_server']['crypt'])) { - $c2s_encryption_algorithms = array_values(array_diff( - $c2s_encryption_algorithms, - ['aes128-gcm@openssh.com', 'aes256-gcm@openssh.com'] - )); - } - } - - $client_cookie = Random::string(16); - - $kexinit_payload_client = pack('Ca*', NET_SSH2_MSG_KEXINIT, $client_cookie); - $kexinit_payload_client .= Strings::packSSH2( - 'L10bN', - $kex_algorithms, - $server_host_key_algorithms, - $c2s_encryption_algorithms, - $s2c_encryption_algorithms, - $c2s_mac_algorithms, - $s2c_mac_algorithms, - $c2s_compression_algorithms, - $s2c_compression_algorithms, - [], // language, client to server - [], // language, server to client - false, // first_kex_packet_follows - 0 // reserved for future extension - ); - - if ($kexinit_payload_server === false) { - $this->send_binary_packet($kexinit_payload_client); - - $this->extra_packets = 0; - $kexinit_payload_server = $this->get_binary_packet(); - - if ( - is_bool($kexinit_payload_server) - || !strlen($kexinit_payload_server) - || ord($kexinit_payload_server[0]) != NET_SSH2_MSG_KEXINIT - ) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_PROTOCOL_ERROR); - throw new \UnexpectedValueException('Expected SSH_MSG_KEXINIT'); - } - - $send_kex = false; - } - - $response = $kexinit_payload_server; - Strings::shift($response, 1); // skip past the message number (it should be SSH_MSG_KEXINIT) - $server_cookie = Strings::shift($response, 16); - - list( - $this->kex_algorithms, - $this->server_host_key_algorithms, - $this->encryption_algorithms_client_to_server, - $this->encryption_algorithms_server_to_client, - $this->mac_algorithms_client_to_server, - $this->mac_algorithms_server_to_client, - $this->compression_algorithms_client_to_server, - $this->compression_algorithms_server_to_client, - $this->languages_client_to_server, - $this->languages_server_to_client, - $first_kex_packet_follows - ) = Strings::unpackSSH2('L10C', $response); - if (in_array('kex-strict-s-v00@openssh.com', $this->kex_algorithms)) { - if ($this->session_id === false && $this->extra_packets) { - throw new \UnexpectedValueException('Possible Terrapin Attack detected'); - } - } - - $this->supported_private_key_algorithms = $this->server_host_key_algorithms; - - if ($send_kex) { - $this->send_binary_packet($kexinit_payload_client); - } - - // we need to decide upon the symmetric encryption algorithms before we do the diffie-hellman key exchange - - // we don't initialize any crypto-objects, yet - we do that, later. for now, we need the lengths to make the - // diffie-hellman key exchange as fast as possible - $decrypt = self::array_intersect_first($s2c_encryption_algorithms, $this->encryption_algorithms_server_to_client); - $decryptKeyLength = $this->encryption_algorithm_to_key_size($decrypt); - if ($decryptKeyLength === null) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); - throw new NoSupportedAlgorithmsException('No compatible server to client encryption algorithms found'); - } - - $encrypt = self::array_intersect_first($c2s_encryption_algorithms, $this->encryption_algorithms_client_to_server); - $encryptKeyLength = $this->encryption_algorithm_to_key_size($encrypt); - if ($encryptKeyLength === null) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); - throw new NoSupportedAlgorithmsException('No compatible client to server encryption algorithms found'); - } - - // through diffie-hellman key exchange a symmetric key is obtained - $this->kex_algorithm = self::array_intersect_first($kex_algorithms, $this->kex_algorithms); - if ($this->kex_algorithm === false) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); - throw new NoSupportedAlgorithmsException('No compatible key exchange algorithms found'); - } - - $server_host_key_algorithm = self::array_intersect_first($server_host_key_algorithms, $this->server_host_key_algorithms); - if ($server_host_key_algorithm === false) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); - throw new NoSupportedAlgorithmsException('No compatible server host key algorithms found'); - } - - $mac_algorithm_out = self::array_intersect_first($c2s_mac_algorithms, $this->mac_algorithms_client_to_server); - if ($mac_algorithm_out === false) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); - throw new NoSupportedAlgorithmsException('No compatible client to server message authentication algorithms found'); - } - - $mac_algorithm_in = self::array_intersect_first($s2c_mac_algorithms, $this->mac_algorithms_server_to_client); - if ($mac_algorithm_in === false) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); - throw new NoSupportedAlgorithmsException('No compatible server to client message authentication algorithms found'); - } - - $compression_map = [ - 'none' => self::NET_SSH2_COMPRESSION_NONE, - 'zlib' => self::NET_SSH2_COMPRESSION_ZLIB, - 'zlib@openssh.com' => self::NET_SSH2_COMPRESSION_ZLIB_AT_OPENSSH - ]; - - $compression_algorithm_in = self::array_intersect_first($s2c_compression_algorithms, $this->compression_algorithms_server_to_client); - if ($compression_algorithm_in === false) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); - throw new NoSupportedAlgorithmsException('No compatible server to client compression algorithms found'); - } - $this->decompress = $compression_map[$compression_algorithm_in]; - - $compression_algorithm_out = self::array_intersect_first($c2s_compression_algorithms, $this->compression_algorithms_client_to_server); - if ($compression_algorithm_out === false) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); - throw new NoSupportedAlgorithmsException('No compatible client to server compression algorithms found'); - } - $this->compress = $compression_map[$compression_algorithm_out]; - - switch ($this->kex_algorithm) { - case 'diffie-hellman-group15-sha512': - case 'diffie-hellman-group16-sha512': - case 'diffie-hellman-group17-sha512': - case 'diffie-hellman-group18-sha512': - case 'ecdh-sha2-nistp521': - $kexHash = new Hash('sha512'); - break; - case 'ecdh-sha2-nistp384': - $kexHash = new Hash('sha384'); - break; - case 'diffie-hellman-group-exchange-sha256': - case 'diffie-hellman-group14-sha256': - case 'ecdh-sha2-nistp256': - case 'curve25519-sha256@libssh.org': - case 'curve25519-sha256': - $kexHash = new Hash('sha256'); - break; - default: - $kexHash = new Hash('sha1'); - } - - // Only relevant in diffie-hellman-group-exchange-sha{1,256}, otherwise empty. - - $exchange_hash_rfc4419 = ''; - - if (strpos($this->kex_algorithm, 'curve25519-sha256') === 0 || strpos($this->kex_algorithm, 'ecdh-sha2-nistp') === 0) { - $curve = strpos($this->kex_algorithm, 'curve25519-sha256') === 0 ? - 'Curve25519' : - substr($this->kex_algorithm, 10); - $ourPrivate = EC::createKey($curve); - $ourPublicBytes = $ourPrivate->getPublicKey()->getEncodedCoordinates(); - $clientKexInitMessage = 'NET_SSH2_MSG_KEX_ECDH_INIT'; - $serverKexReplyMessage = 'NET_SSH2_MSG_KEX_ECDH_REPLY'; - } else { - if (strpos($this->kex_algorithm, 'diffie-hellman-group-exchange') === 0) { - $dh_group_sizes_packed = pack( - 'NNN', - $this->kex_dh_group_size_min, - $this->kex_dh_group_size_preferred, - $this->kex_dh_group_size_max - ); - $packet = pack( - 'Ca*', - NET_SSH2_MSG_KEXDH_GEX_REQUEST, - $dh_group_sizes_packed - ); - $this->send_binary_packet($packet); - $this->updateLogHistory('UNKNOWN (34)', 'NET_SSH2_MSG_KEXDH_GEX_REQUEST'); - - $response = $this->get_binary_packet(); - - list($type, $primeBytes, $gBytes) = Strings::unpackSSH2('Css', $response); - if ($type != NET_SSH2_MSG_KEXDH_GEX_GROUP) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_PROTOCOL_ERROR); - throw new \UnexpectedValueException('Expected SSH_MSG_KEX_DH_GEX_GROUP'); - } - $this->updateLogHistory('NET_SSH2_MSG_KEXDH_REPLY', 'NET_SSH2_MSG_KEXDH_GEX_GROUP'); - $prime = new BigInteger($primeBytes, -256); - $g = new BigInteger($gBytes, -256); - - $exchange_hash_rfc4419 = $dh_group_sizes_packed . Strings::packSSH2( - 'ss', - $primeBytes, - $gBytes - ); - - $params = DH::createParameters($prime, $g); - $clientKexInitMessage = 'NET_SSH2_MSG_KEXDH_GEX_INIT'; - $serverKexReplyMessage = 'NET_SSH2_MSG_KEXDH_GEX_REPLY'; - } else { - $params = DH::createParameters($this->kex_algorithm); - $clientKexInitMessage = 'NET_SSH2_MSG_KEXDH_INIT'; - $serverKexReplyMessage = 'NET_SSH2_MSG_KEXDH_REPLY'; - } - - $keyLength = min($kexHash->getLengthInBytes(), max($encryptKeyLength, $decryptKeyLength)); - - $ourPrivate = DH::createKey($params, 16 * $keyLength); // 2 * 8 * $keyLength - $ourPublic = $ourPrivate->getPublicKey()->toBigInteger(); - $ourPublicBytes = $ourPublic->toBytes(true); - } - - $data = pack('CNa*', constant($clientKexInitMessage), strlen($ourPublicBytes), $ourPublicBytes); - - $this->send_binary_packet($data); - - switch ($clientKexInitMessage) { - case 'NET_SSH2_MSG_KEX_ECDH_INIT': - $this->updateLogHistory('NET_SSH2_MSG_KEXDH_INIT', 'NET_SSH2_MSG_KEX_ECDH_INIT'); - break; - case 'NET_SSH2_MSG_KEXDH_GEX_INIT': - $this->updateLogHistory('UNKNOWN (32)', 'NET_SSH2_MSG_KEXDH_GEX_INIT'); - } - - $response = $this->get_binary_packet(); - - list( - $type, - $server_public_host_key, - $theirPublicBytes, - $this->signature - ) = Strings::unpackSSH2('Csss', $response); - - if ($type != constant($serverKexReplyMessage)) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_PROTOCOL_ERROR); - throw new \UnexpectedValueException("Expected $serverKexReplyMessage"); - } - switch ($serverKexReplyMessage) { - case 'NET_SSH2_MSG_KEX_ECDH_REPLY': - $this->updateLogHistory('NET_SSH2_MSG_KEXDH_REPLY', 'NET_SSH2_MSG_KEX_ECDH_REPLY'); - break; - case 'NET_SSH2_MSG_KEXDH_GEX_REPLY': - $this->updateLogHistory('UNKNOWN (33)', 'NET_SSH2_MSG_KEXDH_GEX_REPLY'); - } - - $this->server_public_host_key = $server_public_host_key; - list($public_key_format) = Strings::unpackSSH2('s', $server_public_host_key); - if (strlen($this->signature) < 4) { - throw new \LengthException('The signature needs at least four bytes'); - } - $temp = unpack('Nlength', substr($this->signature, 0, 4)); - $this->signature_format = substr($this->signature, 4, $temp['length']); - - $keyBytes = DH::computeSecret($ourPrivate, $theirPublicBytes); - if (($keyBytes & "\xFF\x80") === "\x00\x00") { - $keyBytes = substr($keyBytes, 1); - } elseif (($keyBytes[0] & "\x80") === "\x80") { - $keyBytes = "\0$keyBytes"; - } - - $this->exchange_hash = Strings::packSSH2( - 's5', - $this->identifier, - $this->server_identifier, - $kexinit_payload_client, - $kexinit_payload_server, - $this->server_public_host_key - ); - $this->exchange_hash .= $exchange_hash_rfc4419; - $this->exchange_hash .= Strings::packSSH2( - 's3', - $ourPublicBytes, - $theirPublicBytes, - $keyBytes - ); - - $this->exchange_hash = $kexHash->hash($this->exchange_hash); - - if ($this->session_id === false) { - $this->session_id = $this->exchange_hash; - } - - switch ($server_host_key_algorithm) { - case 'rsa-sha2-256': - case 'rsa-sha2-512': - //case 'ssh-rsa': - $expected_key_format = 'ssh-rsa'; - break; - default: - $expected_key_format = $server_host_key_algorithm; - } - if ($public_key_format != $expected_key_format || $this->signature_format != $server_host_key_algorithm) { - switch (true) { - case $this->signature_format == $server_host_key_algorithm: - case $server_host_key_algorithm != 'rsa-sha2-256' && $server_host_key_algorithm != 'rsa-sha2-512': - case $this->signature_format != 'ssh-rsa': - $this->disconnect_helper(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE); - throw new \RuntimeException('Server Host Key Algorithm Mismatch (' . $this->signature_format . ' vs ' . $server_host_key_algorithm . ')'); - } - } - - $packet = pack('C', NET_SSH2_MSG_NEWKEYS); - $this->send_binary_packet($packet); - - $response = $this->get_binary_packet(); - - if ($response === false) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_CONNECTION_LOST); - throw new ConnectionClosedException('Connection closed by server'); - } - - list($type) = Strings::unpackSSH2('C', $response); - if ($type != NET_SSH2_MSG_NEWKEYS) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_PROTOCOL_ERROR); - throw new \UnexpectedValueException('Expected SSH_MSG_NEWKEYS'); - } - - if (in_array('kex-strict-s-v00@openssh.com', $this->kex_algorithms)) { - $this->get_seq_no = $this->send_seq_no = 0; - } - - $keyBytes = pack('Na*', strlen($keyBytes), $keyBytes); - - $this->encrypt = self::encryption_algorithm_to_crypt_instance($encrypt); - if ($this->encrypt) { - if (self::$crypto_engine) { - $this->encrypt->setPreferredEngine(self::$crypto_engine); - } - if ($this->encrypt->getBlockLengthInBytes()) { - $this->encrypt_block_size = $this->encrypt->getBlockLengthInBytes(); - } - $this->encrypt->disablePadding(); - - if ($this->encrypt->usesIV()) { - $iv = $kexHash->hash($keyBytes . $this->exchange_hash . 'A' . $this->session_id); - while ($this->encrypt_block_size > strlen($iv)) { - $iv .= $kexHash->hash($keyBytes . $this->exchange_hash . $iv); - } - $this->encrypt->setIV(substr($iv, 0, $this->encrypt_block_size)); - } - - switch ($encrypt) { - case 'aes128-gcm@openssh.com': - case 'aes256-gcm@openssh.com': - $nonce = $kexHash->hash($keyBytes . $this->exchange_hash . 'A' . $this->session_id); - $this->encryptFixedPart = substr($nonce, 0, 4); - $this->encryptInvocationCounter = substr($nonce, 4, 8); - // fall-through - case 'chacha20-poly1305@openssh.com': - break; - default: - $this->encrypt->enableContinuousBuffer(); - } - - $key = $kexHash->hash($keyBytes . $this->exchange_hash . 'C' . $this->session_id); - while ($encryptKeyLength > strlen($key)) { - $key .= $kexHash->hash($keyBytes . $this->exchange_hash . $key); - } - switch ($encrypt) { - case 'chacha20-poly1305@openssh.com': - $encryptKeyLength = 32; - $this->lengthEncrypt = self::encryption_algorithm_to_crypt_instance($encrypt); - $this->lengthEncrypt->setKey(substr($key, 32, 32)); - } - $this->encrypt->setKey(substr($key, 0, $encryptKeyLength)); - $this->encryptName = $encrypt; - } - - $this->decrypt = self::encryption_algorithm_to_crypt_instance($decrypt); - if ($this->decrypt) { - if (self::$crypto_engine) { - $this->decrypt->setPreferredEngine(self::$crypto_engine); - } - if ($this->decrypt->getBlockLengthInBytes()) { - $this->decrypt_block_size = $this->decrypt->getBlockLengthInBytes(); - } - $this->decrypt->disablePadding(); - - if ($this->decrypt->usesIV()) { - $iv = $kexHash->hash($keyBytes . $this->exchange_hash . 'B' . $this->session_id); - while ($this->decrypt_block_size > strlen($iv)) { - $iv .= $kexHash->hash($keyBytes . $this->exchange_hash . $iv); - } - $this->decrypt->setIV(substr($iv, 0, $this->decrypt_block_size)); - } - - switch ($decrypt) { - case 'aes128-gcm@openssh.com': - case 'aes256-gcm@openssh.com': - // see https://tools.ietf.org/html/rfc5647#section-7.1 - $nonce = $kexHash->hash($keyBytes . $this->exchange_hash . 'B' . $this->session_id); - $this->decryptFixedPart = substr($nonce, 0, 4); - $this->decryptInvocationCounter = substr($nonce, 4, 8); - // fall-through - case 'chacha20-poly1305@openssh.com': - break; - default: - $this->decrypt->enableContinuousBuffer(); - } - - $key = $kexHash->hash($keyBytes . $this->exchange_hash . 'D' . $this->session_id); - while ($decryptKeyLength > strlen($key)) { - $key .= $kexHash->hash($keyBytes . $this->exchange_hash . $key); - } - switch ($decrypt) { - case 'chacha20-poly1305@openssh.com': - $decryptKeyLength = 32; - $this->lengthDecrypt = self::encryption_algorithm_to_crypt_instance($decrypt); - $this->lengthDecrypt->setKey(substr($key, 32, 32)); - } - $this->decrypt->setKey(substr($key, 0, $decryptKeyLength)); - $this->decryptName = $decrypt; - } - - /* The "arcfour128" algorithm is the RC4 cipher, as described in - [SCHNEIER], using a 128-bit key. The first 1536 bytes of keystream - generated by the cipher MUST be discarded, and the first byte of the - first encrypted packet MUST be encrypted using the 1537th byte of - keystream. - - -- http://tools.ietf.org/html/rfc4345#section-4 */ - if ($encrypt == 'arcfour128' || $encrypt == 'arcfour256') { - $this->encrypt->encrypt(str_repeat("\0", 1536)); - } - if ($decrypt == 'arcfour128' || $decrypt == 'arcfour256') { - $this->decrypt->decrypt(str_repeat("\0", 1536)); - } - - if (!$this->encrypt->usesNonce()) { - list($this->hmac_create, $createKeyLength) = self::mac_algorithm_to_hash_instance($mac_algorithm_out); - } else { - $this->hmac_create = new \stdClass(); - $this->hmac_create_name = $mac_algorithm_out; - //$mac_algorithm_out = 'none'; - $createKeyLength = 0; - } - - if ($this->hmac_create instanceof Hash) { - $key = $kexHash->hash($keyBytes . $this->exchange_hash . 'E' . $this->session_id); - while ($createKeyLength > strlen($key)) { - $key .= $kexHash->hash($keyBytes . $this->exchange_hash . $key); - } - $this->hmac_create->setKey(substr($key, 0, $createKeyLength)); - $this->hmac_create_name = $mac_algorithm_out; - $this->hmac_create_etm = preg_match('#-etm@openssh\.com$#', $mac_algorithm_out); - } - - if (!$this->decrypt->usesNonce()) { - list($this->hmac_check, $checkKeyLength) = self::mac_algorithm_to_hash_instance($mac_algorithm_in); - $this->hmac_size = $this->hmac_check->getLengthInBytes(); - } else { - $this->hmac_check = new \stdClass(); - $this->hmac_check_name = $mac_algorithm_in; - //$mac_algorithm_in = 'none'; - $checkKeyLength = 0; - $this->hmac_size = 0; - } - - if ($this->hmac_check instanceof Hash) { - $key = $kexHash->hash($keyBytes . $this->exchange_hash . 'F' . $this->session_id); - while ($checkKeyLength > strlen($key)) { - $key .= $kexHash->hash($keyBytes . $this->exchange_hash . $key); - } - $this->hmac_check->setKey(substr($key, 0, $checkKeyLength)); - $this->hmac_check_name = $mac_algorithm_in; - $this->hmac_check_etm = preg_match('#-etm@openssh\.com$#', $mac_algorithm_in); - } - - $this->regenerate_compression_context = $this->regenerate_decompression_context = true; - - return true; - } - - /** - * Maps an encryption algorithm name to the number of key bytes. - * - * @param string $algorithm Name of the encryption algorithm - * @return int|null Number of bytes as an integer or null for unknown - */ - private function encryption_algorithm_to_key_size($algorithm) - { - if ($this->bad_key_size_fix && self::bad_algorithm_candidate($algorithm)) { - return 16; - } - - switch ($algorithm) { - case 'none': - return 0; - case 'aes128-gcm@openssh.com': - case 'aes128-cbc': - case 'aes128-ctr': - case 'arcfour': - case 'arcfour128': - case 'blowfish-cbc': - case 'blowfish-ctr': - case 'twofish128-cbc': - case 'twofish128-ctr': - return 16; - case '3des-cbc': - case '3des-ctr': - case 'aes192-cbc': - case 'aes192-ctr': - case 'twofish192-cbc': - case 'twofish192-ctr': - return 24; - case 'aes256-gcm@openssh.com': - case 'aes256-cbc': - case 'aes256-ctr': - case 'arcfour256': - case 'twofish-cbc': - case 'twofish256-cbc': - case 'twofish256-ctr': - return 32; - case 'chacha20-poly1305@openssh.com': - return 64; - } - return null; - } - - /** - * Maps an encryption algorithm name to an instance of a subclass of - * \phpseclib3\Crypt\Common\SymmetricKey. - * - * @param string $algorithm Name of the encryption algorithm - * @return SymmetricKey|null - */ - private static function encryption_algorithm_to_crypt_instance($algorithm) - { - switch ($algorithm) { - case '3des-cbc': - return new TripleDES('cbc'); - case '3des-ctr': - return new TripleDES('ctr'); - case 'aes256-cbc': - case 'aes192-cbc': - case 'aes128-cbc': - return new Rijndael('cbc'); - case 'aes256-ctr': - case 'aes192-ctr': - case 'aes128-ctr': - return new Rijndael('ctr'); - case 'blowfish-cbc': - return new Blowfish('cbc'); - case 'blowfish-ctr': - return new Blowfish('ctr'); - case 'twofish128-cbc': - case 'twofish192-cbc': - case 'twofish256-cbc': - case 'twofish-cbc': - return new Twofish('cbc'); - case 'twofish128-ctr': - case 'twofish192-ctr': - case 'twofish256-ctr': - return new Twofish('ctr'); - case 'arcfour': - case 'arcfour128': - case 'arcfour256': - return new RC4(); - case 'aes128-gcm@openssh.com': - case 'aes256-gcm@openssh.com': - return new Rijndael('gcm'); - case 'chacha20-poly1305@openssh.com': - return new ChaCha20(); - } - return null; - } - - /** - * Maps an encryption algorithm name to an instance of a subclass of - * \phpseclib3\Crypt\Hash. - * - * @param string $algorithm Name of the encryption algorithm - * @return array{Hash, int}|null - */ - private static function mac_algorithm_to_hash_instance($algorithm) - { - switch ($algorithm) { - case 'umac-64@openssh.com': - case 'umac-64-etm@openssh.com': - return [new Hash('umac-64'), 16]; - case 'umac-128@openssh.com': - case 'umac-128-etm@openssh.com': - return [new Hash('umac-128'), 16]; - case 'hmac-sha2-512': - case 'hmac-sha2-512-etm@openssh.com': - return [new Hash('sha512'), 64]; - case 'hmac-sha2-256': - case 'hmac-sha2-256-etm@openssh.com': - return [new Hash('sha256'), 32]; - case 'hmac-sha1': - case 'hmac-sha1-etm@openssh.com': - return [new Hash('sha1'), 20]; - case 'hmac-sha1-96': - return [new Hash('sha1-96'), 20]; - case 'hmac-md5': - return [new Hash('md5'), 16]; - case 'hmac-md5-96': - return [new Hash('md5-96'), 16]; - } - } - - /* - * Tests whether or not proposed algorithm has a potential for issues - * - * @link https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/ssh2-aesctr-openssh.html - * @link https://bugzilla.mindrot.org/show_bug.cgi?id=1291 - * @param string $algorithm Name of the encryption algorithm - * @return bool - */ - private static function bad_algorithm_candidate($algorithm) - { - switch ($algorithm) { - case 'arcfour256': - case 'aes192-ctr': - case 'aes256-ctr': - return true; - } - - return false; - } - - /** - * Login - * - * The $password parameter can be a plaintext password, a \phpseclib3\Crypt\RSA|EC|DSA object, a \phpseclib3\System\SSH\Agent object or an array - * - * @param string $username - * @param string|PrivateKey|array[]|Agent|null ...$args - * @return bool - * @see self::_login() - */ - public function login($username, ...$args) - { - if (!$this->retry_connect) { - $this->auth[] = func_get_args(); - } - - // try logging with 'none' as an authentication method first since that's what - // PuTTY does - if (substr($this->server_identifier, 0, 15) != 'SSH-2.0-CoreFTP' && $this->auth_methods_to_continue === null) { - if ($this->sublogin($username)) { - return true; - } - if (!count($args)) { - return false; - } - } - return $this->sublogin($username, ...$args); - } - - /** - * Login Helper - * - * @param string $username - * @param string|PrivateKey|array[]|Agent|null ...$args - * @return bool - * @see self::_login_helper() - */ - protected function sublogin($username, ...$args) - { - if (!($this->bitmap & self::MASK_CONSTRUCTOR)) { - $this->connect(); - } - - if (empty($args)) { - return $this->login_helper($username); - } - - foreach ($args as $arg) { - switch (true) { - case $arg instanceof PublicKey: - throw new \UnexpectedValueException('A PublicKey object was passed to the login method instead of a PrivateKey object'); - case $arg instanceof PrivateKey: - case $arg instanceof Agent: - case is_array($arg): - case Strings::is_stringable($arg): - break; - default: - throw new \UnexpectedValueException('$password needs to either be an instance of \phpseclib3\Crypt\Common\PrivateKey, \System\SSH\Agent, an array or a string'); - } - } - - while (count($args)) { - if (!$this->auth_methods_to_continue || !$this->smartMFA) { - $newargs = $args; - $args = []; - } else { - $newargs = []; - foreach ($this->auth_methods_to_continue as $method) { - switch ($method) { - case 'publickey': - foreach ($args as $key => $arg) { - if ($arg instanceof PrivateKey || $arg instanceof Agent) { - $newargs[] = $arg; - unset($args[$key]); - break; - } - } - break; - case 'keyboard-interactive': - $hasArray = $hasString = false; - foreach ($args as $arg) { - if ($hasArray || is_array($arg)) { - $hasArray = true; - break; - } - if ($hasString || Strings::is_stringable($arg)) { - $hasString = true; - break; - } - } - if ($hasArray && $hasString) { - foreach ($args as $key => $arg) { - if (is_array($arg)) { - $newargs[] = $arg; - break 2; - } - } - } - // fall-through - case 'password': - foreach ($args as $key => $arg) { - $newargs[] = $arg; - unset($args[$key]); - break; - } - } - } - } - - if (!count($newargs)) { - return false; - } - - foreach ($newargs as $arg) { - if ($this->login_helper($username, $arg)) { - return true; - } - } - } - return false; - } - - /** - * Login Helper - * - * {@internal It might be worthwhile, at some point, to protect against {@link http://tools.ietf.org/html/rfc4251#section-9.3.9 traffic analysis} - * by sending dummy SSH_MSG_IGNORE messages.} - * - * @param string $username - * @param string|AsymmetricKey|array[]|Agent|null ...$args - * @return bool - * @throws \UnexpectedValueException on receipt of unexpected packets - * @throws \RuntimeException on other errors - */ - private function login_helper($username, $password = null) - { - if (!($this->bitmap & self::MASK_CONNECTED)) { - return false; - } - - if (!($this->bitmap & self::MASK_LOGIN_REQ)) { - $packet = Strings::packSSH2('Cs', NET_SSH2_MSG_SERVICE_REQUEST, 'ssh-userauth'); - $this->send_binary_packet($packet); - - try { - $response = $this->get_binary_packet(); - } catch (\Exception $e) { - if ($this->retry_connect) { - $this->retry_connect = false; - $this->connect(); - return $this->login_helper($username, $password); - } - $this->disconnect_helper(NET_SSH2_DISCONNECT_CONNECTION_LOST); - throw $e; - } - - list($type) = Strings::unpackSSH2('C', $response); - - if ($type == NET_SSH2_MSG_EXT_INFO) { - list($nr_extensions) = Strings::unpackSSH2('N', $response); - for ($i = 0; $i < $nr_extensions; $i++) { - list($extension_name, $extension_value) = Strings::unpackSSH2('ss', $response); - if ($extension_name == 'server-sig-algs') { - $this->supported_private_key_algorithms = explode(',', $extension_value); - } - } - - $response = $this->get_binary_packet(); - list($type) = Strings::unpackSSH2('C', $response); - } - - list($service) = Strings::unpackSSH2('s', $response); - - if ($type != NET_SSH2_MSG_SERVICE_ACCEPT || $service != 'ssh-userauth') { - $this->disconnect_helper(NET_SSH2_DISCONNECT_PROTOCOL_ERROR); - throw new \UnexpectedValueException('Expected SSH_MSG_SERVICE_ACCEPT'); - } - $this->bitmap |= self::MASK_LOGIN_REQ; - } - - if (strlen($this->last_interactive_response)) { - return !Strings::is_stringable($password) && !is_array($password) ? false : $this->keyboard_interactive_process($password); - } - - if ($password instanceof PrivateKey) { - return $this->privatekey_login($username, $password); - } - - if ($password instanceof Agent) { - return $this->ssh_agent_login($username, $password); - } - - if (is_array($password)) { - if ($this->keyboard_interactive_login($username, $password)) { - $this->bitmap |= self::MASK_LOGIN; - return true; - } - return false; - } - - if (!isset($password)) { - $packet = Strings::packSSH2( - 'Cs3', - NET_SSH2_MSG_USERAUTH_REQUEST, - $username, - 'ssh-connection', - 'none' - ); - - $this->send_binary_packet($packet); - - $response = $this->get_binary_packet(); - - list($type) = Strings::unpackSSH2('C', $response); - switch ($type) { - case NET_SSH2_MSG_USERAUTH_SUCCESS: - $this->bitmap |= self::MASK_LOGIN; - return true; - case NET_SSH2_MSG_USERAUTH_FAILURE: - list($auth_methods) = Strings::unpackSSH2('L', $response); - $this->auth_methods_to_continue = $auth_methods; - // fall-through - default: - return false; - } - } - - $packet = Strings::packSSH2( - 'Cs3bs', - NET_SSH2_MSG_USERAUTH_REQUEST, - $username, - 'ssh-connection', - 'password', - false, - $password - ); - - // remove the username and password from the logged packet - if (!defined('NET_SSH2_LOGGING')) { - $logged = null; - } else { - $logged = Strings::packSSH2( - 'Cs3bs', - NET_SSH2_MSG_USERAUTH_REQUEST, - $username, - 'ssh-connection', - 'password', - false, - 'password' - ); - } - - $this->send_binary_packet($packet, $logged); - - $response = $this->get_binary_packet(); - if ($response === false) { - return false; - } - list($type) = Strings::unpackSSH2('C', $response); - switch ($type) { - case NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ: // in theory, the password can be changed - $this->updateLogHistory('UNKNOWN (60)', 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ'); - - list($message) = Strings::unpackSSH2('s', $response); - $this->errors[] = 'SSH_MSG_USERAUTH_PASSWD_CHANGEREQ: ' . $message; - - return $this->disconnect_helper(NET_SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER); - case NET_SSH2_MSG_USERAUTH_FAILURE: - // can we use keyboard-interactive authentication? if not then either the login is bad or the server employees - // multi-factor authentication - list($auth_methods, $partial_success) = Strings::unpackSSH2('Lb', $response); - $this->auth_methods_to_continue = $auth_methods; - if (!$partial_success && in_array('keyboard-interactive', $auth_methods)) { - if ($this->keyboard_interactive_login($username, $password)) { - $this->bitmap |= self::MASK_LOGIN; - return true; - } - return false; - } - return false; - case NET_SSH2_MSG_USERAUTH_SUCCESS: - $this->bitmap |= self::MASK_LOGIN; - return true; - } - - return false; - } - - /** - * Login via keyboard-interactive authentication - * - * See {@link http://tools.ietf.org/html/rfc4256 RFC4256} for details. This is not a full-featured keyboard-interactive authenticator. - * - * @param string $username - * @param string|array $password - * @return bool - */ - private function keyboard_interactive_login($username, $password) - { - $packet = Strings::packSSH2( - 'Cs5', - NET_SSH2_MSG_USERAUTH_REQUEST, - $username, - 'ssh-connection', - 'keyboard-interactive', - '', // language tag - '' // submethods - ); - $this->send_binary_packet($packet); - - return $this->keyboard_interactive_process($password); - } - - /** - * Handle the keyboard-interactive requests / responses. - * - * @param string|array ...$responses - * @return bool - * @throws \RuntimeException on connection error - */ - private function keyboard_interactive_process(...$responses) - { - if (strlen($this->last_interactive_response)) { - $response = $this->last_interactive_response; - } else { - $orig = $response = $this->get_binary_packet(); - } - - list($type) = Strings::unpackSSH2('C', $response); - switch ($type) { - case NET_SSH2_MSG_USERAUTH_INFO_REQUEST: - list( - , // name; may be empty - , // instruction; may be empty - , // language tag; may be empty - $num_prompts - ) = Strings::unpackSSH2('s3N', $response); - - for ($i = 0; $i < count($responses); $i++) { - if (is_array($responses[$i])) { - foreach ($responses[$i] as $key => $value) { - $this->keyboard_requests_responses[$key] = $value; - } - unset($responses[$i]); - } - } - $responses = array_values($responses); - - if (isset($this->keyboard_requests_responses)) { - for ($i = 0; $i < $num_prompts; $i++) { - list( - $prompt, // prompt - ie. "Password: "; must not be empty - // echo - ) = Strings::unpackSSH2('sC', $response); - foreach ($this->keyboard_requests_responses as $key => $value) { - if (substr($prompt, 0, strlen($key)) == $key) { - $responses[] = $value; - break; - } - } - } - } - - // see http://tools.ietf.org/html/rfc4256#section-3.2 - if (strlen($this->last_interactive_response)) { - $this->last_interactive_response = ''; - } else { - $this->updateLogHistory('UNKNOWN (60)', 'NET_SSH2_MSG_USERAUTH_INFO_REQUEST'); - } - - if (!count($responses) && $num_prompts) { - $this->last_interactive_response = $orig; - return false; - } - - /* - After obtaining the requested information from the user, the client - MUST respond with an SSH_MSG_USERAUTH_INFO_RESPONSE message. - */ - // see http://tools.ietf.org/html/rfc4256#section-3.4 - $packet = $logged = pack('CN', NET_SSH2_MSG_USERAUTH_INFO_RESPONSE, count($responses)); - for ($i = 0; $i < count($responses); $i++) { - $packet .= Strings::packSSH2('s', $responses[$i]); - $logged .= Strings::packSSH2('s', 'dummy-answer'); - } - - $this->send_binary_packet($packet, $logged); - - $this->updateLogHistory('UNKNOWN (61)', 'NET_SSH2_MSG_USERAUTH_INFO_RESPONSE'); - - /* - After receiving the response, the server MUST send either an - SSH_MSG_USERAUTH_SUCCESS, SSH_MSG_USERAUTH_FAILURE, or another - SSH_MSG_USERAUTH_INFO_REQUEST message. - */ - // maybe phpseclib should force close the connection after x request / responses? unless something like that is done - // there could be an infinite loop of request / responses. - return $this->keyboard_interactive_process(); - case NET_SSH2_MSG_USERAUTH_SUCCESS: - return true; - case NET_SSH2_MSG_USERAUTH_FAILURE: - list($auth_methods) = Strings::unpackSSH2('L', $response); - $this->auth_methods_to_continue = $auth_methods; - return false; - } - - return false; - } - - /** - * Login with an ssh-agent provided key - * - * @param string $username - * @param \phpseclib3\System\SSH\Agent $agent - * @return bool - */ - private function ssh_agent_login($username, Agent $agent) - { - $this->agent = $agent; - $keys = $agent->requestIdentities(); - foreach ($keys as $key) { - if ($this->privatekey_login($username, $key)) { - return true; - } - } - - return false; - } - - /** - * Login with an RSA private key - * - * {@internal It might be worthwhile, at some point, to protect against {@link http://tools.ietf.org/html/rfc4251#section-9.3.9 traffic analysis} - * by sending dummy SSH_MSG_IGNORE messages.} - * - * @param string $username - * @param \phpseclib3\Crypt\Common\PrivateKey $privatekey - * @return bool - * @throws \RuntimeException on connection error - */ - private function privatekey_login($username, PrivateKey $privatekey) - { - $publickey = $privatekey->getPublicKey(); - - if ($publickey instanceof RSA) { - $privatekey = $privatekey->withPadding(RSA::SIGNATURE_PKCS1); - $algos = ['rsa-sha2-256', 'rsa-sha2-512', 'ssh-rsa']; - if (isset($this->preferred['hostkey'])) { - $algos = array_intersect($algos, $this->preferred['hostkey']); - } - $algo = self::array_intersect_first($algos, $this->supported_private_key_algorithms); - switch ($algo) { - case 'rsa-sha2-512': - $hash = 'sha512'; - $signatureType = 'rsa-sha2-512'; - break; - case 'rsa-sha2-256': - $hash = 'sha256'; - $signatureType = 'rsa-sha2-256'; - break; - //case 'ssh-rsa': - default: - $hash = 'sha1'; - $signatureType = 'ssh-rsa'; - } - } elseif ($publickey instanceof EC) { - $privatekey = $privatekey->withSignatureFormat('SSH2'); - $curveName = $privatekey->getCurve(); - switch ($curveName) { - case 'Ed25519': - $hash = 'sha512'; - $signatureType = 'ssh-ed25519'; - break; - case 'secp256r1': // nistp256 - $hash = 'sha256'; - $signatureType = 'ecdsa-sha2-nistp256'; - break; - case 'secp384r1': // nistp384 - $hash = 'sha384'; - $signatureType = 'ecdsa-sha2-nistp384'; - break; - case 'secp521r1': // nistp521 - $hash = 'sha512'; - $signatureType = 'ecdsa-sha2-nistp521'; - break; - default: - if (is_array($curveName)) { - throw new UnsupportedCurveException('Specified Curves are not supported by SSH2'); - } - throw new UnsupportedCurveException('Named Curve of ' . $curveName . ' is not supported by phpseclib3\'s SSH2 implementation'); - } - } elseif ($publickey instanceof DSA) { - $privatekey = $privatekey->withSignatureFormat('SSH2'); - $hash = 'sha1'; - $signatureType = 'ssh-dss'; - } else { - throw new UnsupportedAlgorithmException('Please use either an RSA key, an EC one or a DSA key'); - } - - $publickeyStr = $publickey->toString('OpenSSH', ['binary' => true]); - - $part1 = Strings::packSSH2( - 'Csss', - NET_SSH2_MSG_USERAUTH_REQUEST, - $username, - 'ssh-connection', - 'publickey' - ); - $part2 = Strings::packSSH2('ss', $signatureType, $publickeyStr); - - $packet = $part1 . chr(0) . $part2; - $this->send_binary_packet($packet); - - $response = $this->get_binary_packet(); - - list($type) = Strings::unpackSSH2('C', $response); - switch ($type) { - case NET_SSH2_MSG_USERAUTH_FAILURE: - list($auth_methods) = Strings::unpackSSH2('L', $response); - if (in_array('publickey', $auth_methods) && substr($signatureType, 0, 9) == 'rsa-sha2-') { - $this->supported_private_key_algorithms = array_diff($this->supported_private_key_algorithms, ['rsa-sha2-256', 'rsa-sha2-512']); - return $this->privatekey_login($username, $privatekey); - } - $this->auth_methods_to_continue = $auth_methods; - $this->errors[] = 'SSH_MSG_USERAUTH_FAILURE'; - return false; - case NET_SSH2_MSG_USERAUTH_PK_OK: - // we'll just take it on faith that the public key blob and the public key algorithm name are as - // they should be - $this->updateLogHistory('UNKNOWN (60)', 'NET_SSH2_MSG_USERAUTH_PK_OK'); - break; - case NET_SSH2_MSG_USERAUTH_SUCCESS: - $this->bitmap |= self::MASK_LOGIN; - return true; - default: - $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); - throw new ConnectionClosedException('Unexpected response to publickey authentication pt 1'); - } - - $packet = $part1 . chr(1) . $part2; - $privatekey = $privatekey->withHash($hash); - $signature = $privatekey->sign(Strings::packSSH2('s', $this->session_id) . $packet); - if ($publickey instanceof RSA) { - $signature = Strings::packSSH2('ss', $signatureType, $signature); - } - $packet .= Strings::packSSH2('s', $signature); - - $this->send_binary_packet($packet); - - $response = $this->get_binary_packet(); - - list($type) = Strings::unpackSSH2('C', $response); - switch ($type) { - case NET_SSH2_MSG_USERAUTH_FAILURE: - // either the login is bad or the server employs multi-factor authentication - list($auth_methods) = Strings::unpackSSH2('L', $response); - $this->auth_methods_to_continue = $auth_methods; - return false; - case NET_SSH2_MSG_USERAUTH_SUCCESS: - $this->bitmap |= self::MASK_LOGIN; - return true; - } - - $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); - throw new ConnectionClosedException('Unexpected response to publickey authentication pt 2'); - } - - /** - * Return the currently configured timeout - * - * @return int - */ - public function getTimeout() - { - return $this->timeout; - } - - /** - * Set Timeout - * - * $ssh->exec('ping 127.0.0.1'); on a Linux host will never return and will run indefinitely. setTimeout() makes it so it'll timeout. - * Setting $timeout to false or 0 will mean there is no timeout. - * - * @param mixed $timeout - */ - public function setTimeout($timeout) - { - $this->timeout = $this->curTimeout = $timeout; - } - - /** - * Set Keep Alive - * - * Sends an SSH2_MSG_IGNORE message every x seconds, if x is a positive non-zero number. - * - * @param int $interval - */ - public function setKeepAlive($interval) - { - $this->keepAlive = $interval; - } - - /** - * Get the output from stdError - * - */ - public function getStdError() - { - return $this->stdErrorLog; - } - - /** - * Execute Command - * - * If $callback is set to false then \phpseclib3\Net\SSH2::get_channel_packet(self::CHANNEL_EXEC) will need to be called manually. - * In all likelihood, this is not a feature you want to be taking advantage of. - * - * @param string $command - * @return string|bool - * @psalm-return ($callback is callable ? bool : string|bool) - * @throws \RuntimeException on connection error - */ - public function exec($command, callable $callback = null) - { - $this->curTimeout = $this->timeout; - $this->is_timeout = false; - $this->stdErrorLog = ''; - - if (!$this->isAuthenticated()) { - return false; - } - - //if ($this->isPTYOpen()) { - // throw new \RuntimeException('If you want to run multiple exec()\'s you will need to disable (and re-enable if appropriate) a PTY for each one.'); - //} - - $this->openChannel(self::CHANNEL_EXEC); - - if ($this->request_pty === true) { - $terminal_modes = pack('C', NET_SSH2_TTY_OP_END); - $packet = Strings::packSSH2( - 'CNsCsN4s', - NET_SSH2_MSG_CHANNEL_REQUEST, - $this->server_channels[self::CHANNEL_EXEC], - 'pty-req', - 1, - $this->term, - $this->windowColumns, - $this->windowRows, - 0, - 0, - $terminal_modes - ); - - $this->send_binary_packet($packet); - - $this->channel_status[self::CHANNEL_EXEC] = NET_SSH2_MSG_CHANNEL_REQUEST; - if (!$this->get_channel_packet(self::CHANNEL_EXEC)) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); - throw new \RuntimeException('Unable to request pseudo-terminal'); - } - } - - // sending a pty-req SSH_MSG_CHANNEL_REQUEST message is unnecessary and, in fact, in most cases, slows things - // down. the one place where it might be desirable is if you're doing something like \phpseclib3\Net\SSH2::exec('ping localhost &'). - // with a pty-req SSH_MSG_CHANNEL_REQUEST, exec() will return immediately and the ping process will then - // then immediately terminate. without such a request exec() will loop indefinitely. the ping process won't end but - // neither will your script. - - // although, in theory, the size of SSH_MSG_CHANNEL_REQUEST could exceed the maximum packet size established by - // SSH_MSG_CHANNEL_OPEN_CONFIRMATION, RFC4254#section-5.1 states that the "maximum packet size" refers to the - // "maximum size of an individual data packet". ie. SSH_MSG_CHANNEL_DATA. RFC4254#section-5.2 corroborates. - $packet = Strings::packSSH2( - 'CNsCs', - NET_SSH2_MSG_CHANNEL_REQUEST, - $this->server_channels[self::CHANNEL_EXEC], - 'exec', - 1, - $command - ); - $this->send_binary_packet($packet); - - $this->channel_status[self::CHANNEL_EXEC] = NET_SSH2_MSG_CHANNEL_REQUEST; - - if (!$this->get_channel_packet(self::CHANNEL_EXEC)) { - return false; - } - - $this->channel_status[self::CHANNEL_EXEC] = NET_SSH2_MSG_CHANNEL_DATA; - - if ($this->request_pty === true) { - $this->channel_id_last_interactive = self::CHANNEL_EXEC; - return true; - } - - $output = ''; - while (true) { - $temp = $this->get_channel_packet(self::CHANNEL_EXEC); - switch (true) { - case $temp === true: - return is_callable($callback) ? true : $output; - case $temp === false: - return false; - default: - if (is_callable($callback)) { - if ($callback($temp) === true) { - $this->close_channel(self::CHANNEL_EXEC); - return true; - } - } else { - $output .= $temp; - } - } - } - } - - /** - * How many channels are currently open? - * - * @return int - */ - public function getOpenChannelCount() - { - return $this->channelCount; - } - - /** - * Opens a channel - * - * @param string $channel - * @param bool $skip_extended - * @return bool - */ - protected function openChannel($channel, $skip_extended = false) - { - if (isset($this->channel_status[$channel]) && $this->channel_status[$channel] != NET_SSH2_MSG_CHANNEL_CLOSE) { - throw new \RuntimeException('Please close the channel (' . $channel . ') before trying to open it again'); - } - - $this->channelCount++; - - if ($this->channelCount > 1 && $this->errorOnMultipleChannels) { - throw new \RuntimeException("Ubuntu's OpenSSH from 5.8 to 6.9 doesn't work with multiple channels"); - } - - // RFC4254 defines the (client) window size as "bytes the other party can send before it must wait for the window to - // be adjusted". 0x7FFFFFFF is, at 2GB, the max size. technically, it should probably be decremented, but, - // honestly, if you're transferring more than 2GB, you probably shouldn't be using phpseclib, anyway. - // see http://tools.ietf.org/html/rfc4254#section-5.2 for more info - $this->window_size_server_to_client[$channel] = $this->window_size; - // 0x8000 is the maximum max packet size, per http://tools.ietf.org/html/rfc4253#section-6.1, although since PuTTy - // uses 0x4000, that's what will be used here, as well. - $packet_size = 0x4000; - - $packet = Strings::packSSH2( - 'CsN3', - NET_SSH2_MSG_CHANNEL_OPEN, - 'session', - $channel, - $this->window_size_server_to_client[$channel], - $packet_size - ); - - $this->send_binary_packet($packet); - - $this->channel_status[$channel] = NET_SSH2_MSG_CHANNEL_OPEN; - - return $this->get_channel_packet($channel, $skip_extended); - } - - /** - * Creates an interactive shell - * - * Returns bool(true) if the shell was opened. - * Returns bool(false) if the shell was already open. - * - * @see self::isShellOpen() - * @see self::read() - * @see self::write() - * @return bool - * @throws InsufficientSetupException if not authenticated - * @throws \UnexpectedValueException on receipt of unexpected packets - * @throws \RuntimeException on other errors - */ - public function openShell() - { - if (!$this->isAuthenticated()) { - throw new InsufficientSetupException('Operation disallowed prior to login()'); - } - - $this->openChannel(self::CHANNEL_SHELL); - - $terminal_modes = pack('C', NET_SSH2_TTY_OP_END); - $packet = Strings::packSSH2( - 'CNsbsN4s', - NET_SSH2_MSG_CHANNEL_REQUEST, - $this->server_channels[self::CHANNEL_SHELL], - 'pty-req', - true, // want reply - $this->term, - $this->windowColumns, - $this->windowRows, - 0, - 0, - $terminal_modes - ); - - $this->send_binary_packet($packet); - - $this->channel_status[self::CHANNEL_SHELL] = NET_SSH2_MSG_CHANNEL_REQUEST; - - if (!$this->get_channel_packet(self::CHANNEL_SHELL)) { - throw new \RuntimeException('Unable to request pty'); - } - - $packet = Strings::packSSH2( - 'CNsb', - NET_SSH2_MSG_CHANNEL_REQUEST, - $this->server_channels[self::CHANNEL_SHELL], - 'shell', - true // want reply - ); - $this->send_binary_packet($packet); - - $response = $this->get_channel_packet(self::CHANNEL_SHELL); - if ($response === false) { - throw new \RuntimeException('Unable to request shell'); - } - - $this->channel_status[self::CHANNEL_SHELL] = NET_SSH2_MSG_CHANNEL_DATA; - - $this->channel_id_last_interactive = self::CHANNEL_SHELL; - - $this->bitmap |= self::MASK_SHELL; - - return true; - } - - /** - * Return the channel to be used with read(), write(), and reset(), if none were specified - * @deprecated for lack of transparency in intended channel target, to be potentially replaced - * with method which guarantees open-ness of all yielded channels and throws - * error for multiple open channels - * @see self::read() - * @see self::write() - * @return int - */ - private function get_interactive_channel() - { - switch (true) { - case $this->is_channel_status_data(self::CHANNEL_SUBSYSTEM): - return self::CHANNEL_SUBSYSTEM; - case $this->is_channel_status_data(self::CHANNEL_EXEC): - return self::CHANNEL_EXEC; - default: - return self::CHANNEL_SHELL; - } - } - - /** - * Indicates the DATA status on the given channel - * - * @param int $channel The channel number to evaluate - * @return bool - */ - private function is_channel_status_data($channel) - { - return isset($this->channel_status[$channel]) && $this->channel_status[$channel] == NET_SSH2_MSG_CHANNEL_DATA; - } - - /** - * Return an available open channel - * - * @return int - */ - private function get_open_channel() - { - $channel = self::CHANNEL_EXEC; - do { - if (isset($this->channel_status[$channel]) && $this->channel_status[$channel] == NET_SSH2_MSG_CHANNEL_OPEN) { - return $channel; - } - } while ($channel++ < self::CHANNEL_SUBSYSTEM); - - return false; - } - - /** - * Request agent forwarding of remote server - * - * @return bool - */ - public function requestAgentForwarding() - { - $request_channel = $this->get_open_channel(); - if ($request_channel === false) { - return false; - } - - $packet = Strings::packSSH2( - 'CNsC', - NET_SSH2_MSG_CHANNEL_REQUEST, - $this->server_channels[$request_channel], - 'auth-agent-req@openssh.com', - 1 - ); - - $this->channel_status[$request_channel] = NET_SSH2_MSG_CHANNEL_REQUEST; - - $this->send_binary_packet($packet); - - if (!$this->get_channel_packet($request_channel)) { - return false; - } - - $this->channel_status[$request_channel] = NET_SSH2_MSG_CHANNEL_OPEN; - - return true; - } - - /** - * Returns the output of an interactive shell - * - * Returns when there's a match for $expect, which can take the form of a string literal or, - * if $mode == self::READ_REGEX, a regular expression. - * - * If not specifying a channel, an open interactive channel will be selected, or, if there are - * no open channels, an interactive shell will be created. If there are multiple open - * interactive channels, a legacy behavior will apply in which channel selection prioritizes - * an active subsystem, the exec pty, and, lastly, the shell. If using multiple interactive - * channels, callers are discouraged from relying on this legacy behavior and should specify - * the intended channel. - * - * @see self::write() - * @param string $expect - * @param int $mode One of the self::READ_* constants - * @param int|null $channel Channel id returned by self::getInteractiveChannelId() - * @return string|bool|null - * @throws \RuntimeException on connection error - * @throws InsufficientSetupException on unexpected channel status, possibly due to closure - */ - public function read($expect = '', $mode = self::READ_SIMPLE, $channel = null) - { - if (!$this->isAuthenticated()) { - throw new InsufficientSetupException('Operation disallowed prior to login()'); - } - - $this->curTimeout = $this->timeout; - $this->is_timeout = false; - - if ($channel === null) { - $channel = $this->get_interactive_channel(); - } - - if (!$this->is_channel_status_data($channel) && empty($this->channel_buffers[$channel])) { - if ($channel != self::CHANNEL_SHELL) { - throw new InsufficientSetupException('Data is not available on channel'); - } elseif (!$this->openShell()) { - throw new \RuntimeException('Unable to initiate an interactive shell session'); - } - } - - if ($mode == self::READ_NEXT) { - return $this->get_channel_packet($channel); - } - - $match = $expect; - while (true) { - if ($mode == self::READ_REGEX) { - preg_match($expect, substr($this->interactiveBuffer, -1024), $matches); - $match = isset($matches[0]) ? $matches[0] : ''; - } - $pos = strlen($match) ? strpos($this->interactiveBuffer, $match) : false; - if ($pos !== false) { - return Strings::shift($this->interactiveBuffer, $pos + strlen($match)); - } - $response = $this->get_channel_packet($channel); - if ($response === true) { - return Strings::shift($this->interactiveBuffer, strlen($this->interactiveBuffer)); - } - - $this->interactiveBuffer .= $response; - } - } - - /** - * Inputs a command into an interactive shell. - * - * If not specifying a channel, an open interactive channel will be selected, or, if there are - * no open channels, an interactive shell will be created. If there are multiple open - * interactive channels, a legacy behavior will apply in which channel selection prioritizes - * an active subsystem, the exec pty, and, lastly, the shell. If using multiple interactive - * channels, callers are discouraged from relying on this legacy behavior and should specify - * the intended channel. - * - * @see SSH2::read() - * @param string $cmd - * @param int|null $channel Channel id returned by self::getInteractiveChannelId() - * @return void - * @throws \RuntimeException on connection error - * @throws InsufficientSetupException on unexpected channel status, possibly due to closure - */ - public function write($cmd, $channel = null) - { - if (!$this->isAuthenticated()) { - throw new InsufficientSetupException('Operation disallowed prior to login()'); - } - - if ($channel === null) { - $channel = $this->get_interactive_channel(); - } - - if (!$this->is_channel_status_data($channel)) { - if ($channel != self::CHANNEL_SHELL) { - throw new InsufficientSetupException('Data is not available on channel'); - } elseif (!$this->openShell()) { - throw new \RuntimeException('Unable to initiate an interactive shell session'); - } - } - - $this->send_channel_packet($channel, $cmd); - } - - /** - * Start a subsystem. - * - * Right now only one subsystem at a time is supported. To support multiple subsystem's stopSubsystem() could accept - * a string that contained the name of the subsystem, but at that point, only one subsystem of each type could be opened. - * To support multiple subsystem's of the same name maybe it'd be best if startSubsystem() generated a new channel id and - * returns that and then that that was passed into stopSubsystem() but that'll be saved for a future date and implemented - * if there's sufficient demand for such a feature. - * - * @see self::stopSubsystem() - * @param string $subsystem - * @return bool - */ - public function startSubsystem($subsystem) - { - $this->openChannel(self::CHANNEL_SUBSYSTEM); - - $packet = Strings::packSSH2( - 'CNsCs', - NET_SSH2_MSG_CHANNEL_REQUEST, - $this->server_channels[self::CHANNEL_SUBSYSTEM], - 'subsystem', - 1, - $subsystem - ); - $this->send_binary_packet($packet); - - $this->channel_status[self::CHANNEL_SUBSYSTEM] = NET_SSH2_MSG_CHANNEL_REQUEST; - - if (!$this->get_channel_packet(self::CHANNEL_SUBSYSTEM)) { - return false; - } - - $this->channel_status[self::CHANNEL_SUBSYSTEM] = NET_SSH2_MSG_CHANNEL_DATA; - - $this->channel_id_last_interactive = self::CHANNEL_SUBSYSTEM; - - return true; - } - - /** - * Stops a subsystem. - * - * @see self::startSubsystem() - * @return bool - */ - public function stopSubsystem() - { - if ($this->isInteractiveChannelOpen(self::CHANNEL_SUBSYSTEM)) { - $this->close_channel(self::CHANNEL_SUBSYSTEM); - } - return true; - } - - /** - * Closes a channel - * - * If read() timed out you might want to just close the channel and have it auto-restart on the next read() call - * - * If not specifying a channel, an open interactive channel will be selected. If there are - * multiple open interactive channels, a legacy behavior will apply in which channel selection - * prioritizes an active subsystem, the exec pty, and, lastly, the shell. If using multiple - * interactive channels, callers are discouraged from relying on this legacy behavior and - * should specify the intended channel. - * - * @param int|null $channel Channel id returned by self::getInteractiveChannelId() - * @return void - */ - public function reset($channel = null) - { - if ($channel === null) { - $channel = $this->get_interactive_channel(); - } - if ($this->isInteractiveChannelOpen($channel)) { - $this->close_channel($channel); - } - } - - /** - * Is timeout? - * - * Did exec() or read() return because they timed out or because they encountered the end? - * - */ - public function isTimeout() - { - return $this->is_timeout; - } - - /** - * Disconnect - * - */ - public function disconnect() - { - $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); - if (isset($this->realtime_log_file) && is_resource($this->realtime_log_file)) { - fclose($this->realtime_log_file); - } - unset(self::$connections[$this->getResourceId()]); - } - - /** - * Destructor. - * - * Will be called, automatically, if you're supporting just PHP5. If you're supporting PHP4, you'll need to call - * disconnect(). - * - */ - public function __destruct() - { - $this->disconnect(); - } - - /** - * Is the connection still active? - * - * @return bool - */ - public function isConnected() - { - return ($this->bitmap & self::MASK_CONNECTED) && is_resource($this->fsock) && !feof($this->fsock); - } - - /** - * Have you successfully been logged in? - * - * @return bool - */ - public function isAuthenticated() - { - return (bool) ($this->bitmap & self::MASK_LOGIN); - } - - /** - * Is the interactive shell active? - * - * @return bool - */ - public function isShellOpen() - { - return $this->isInteractiveChannelOpen(self::CHANNEL_SHELL); - } - - /** - * Is the exec pty active? - * - * @return bool - */ - public function isPTYOpen() - { - return $this->isInteractiveChannelOpen(self::CHANNEL_EXEC); - } - - /** - * Is the given interactive channel active? - * - * @param int $channel Channel id returned by self::getInteractiveChannelId() - * @return bool - */ - public function isInteractiveChannelOpen($channel) - { - return $this->isAuthenticated() && $this->is_channel_status_data($channel); - } - - /** - * Returns a channel identifier, presently of the last interactive channel opened, regardless of current status. - * Returns 0 if no interactive channel has been opened. - * - * @see self::isInteractiveChannelOpen() - * @return int - */ - public function getInteractiveChannelId() - { - return $this->channel_id_last_interactive; - } - - /** - * Pings a server connection, or tries to reconnect if the connection has gone down - * - * Inspired by http://php.net/manual/en/mysqli.ping.php - * - * @return bool - */ - public function ping() - { - if (!$this->isAuthenticated()) { - if (!empty($this->auth)) { - return $this->reconnect(); - } - return false; - } - - try { - $this->openChannel(self::CHANNEL_KEEP_ALIVE); - } catch (\RuntimeException $e) { - return $this->reconnect(); - } - - $this->close_channel(self::CHANNEL_KEEP_ALIVE); - return true; - } - - /** - * In situ reconnect method - * - * @return boolean - */ - private function reconnect() - { - $this->reset_connection(NET_SSH2_DISCONNECT_CONNECTION_LOST); - $this->retry_connect = true; - $this->connect(); - foreach ($this->auth as $auth) { - $result = $this->login(...$auth); - } - return $result; - } - - /** - * Resets a connection for re-use - * - * @param int $reason - */ - protected function reset_connection($reason) - { - $this->disconnect_helper($reason); - $this->decrypt = $this->encrypt = false; - $this->decrypt_block_size = $this->encrypt_block_size = 8; - $this->hmac_check = $this->hmac_create = false; - $this->hmac_size = false; - $this->session_id = false; - $this->retry_connect = true; - $this->get_seq_no = $this->send_seq_no = 0; - $this->channel_status = []; - $this->channel_id_last_interactive = 0; - } - - /** - * Gets Binary Packets - * - * See '6. Binary Packet Protocol' of rfc4253 for more info. - * - * @see self::_send_binary_packet() - * @param bool $skip_channel_filter - * @return bool|string - */ - private function get_binary_packet($skip_channel_filter = false) - { - if ($skip_channel_filter) { - if (!is_resource($this->fsock)) { - throw new \InvalidArgumentException('fsock is not a resource.'); - } - $read = [$this->fsock]; - $write = $except = null; - - if (!$this->curTimeout) { - if ($this->keepAlive <= 0) { - static::stream_select($read, $write, $except, null); - } else { - if (!static::stream_select($read, $write, $except, $this->keepAlive)) { - $this->send_binary_packet(pack('CN', NET_SSH2_MSG_IGNORE, 0)); - return $this->get_binary_packet(true); - } - } - } else { - if ($this->curTimeout < 0) { - $this->is_timeout = true; - return true; - } - - $start = microtime(true); - - if ($this->keepAlive > 0 && $this->keepAlive < $this->curTimeout) { - if (!static::stream_select($read, $write, $except, $this->keepAlive)) { - $this->send_binary_packet(pack('CN', NET_SSH2_MSG_IGNORE, 0)); - $elapsed = microtime(true) - $start; - $this->curTimeout -= $elapsed; - return $this->get_binary_packet(true); - } - $elapsed = microtime(true) - $start; - $this->curTimeout -= $elapsed; - } - - $sec = (int) floor($this->curTimeout); - $usec = (int) (1000000 * ($this->curTimeout - $sec)); - - // this can return a "stream_select(): unable to select [4]: Interrupted system call" error - if (!static::stream_select($read, $write, $except, $sec, $usec)) { - $this->is_timeout = true; - return true; - } - $elapsed = microtime(true) - $start; - $this->curTimeout -= $elapsed; - } - } - - if (!is_resource($this->fsock) || feof($this->fsock)) { - $this->bitmap = 0; - $str = 'Connection closed (by server) prematurely'; - if (isset($elapsed)) { - $str .= ' ' . $elapsed . 's'; - } - throw new ConnectionClosedException($str); - } - - $start = microtime(true); - $raw = stream_get_contents($this->fsock, $this->decrypt_block_size); - - if (!strlen($raw)) { - $this->bitmap = 0; - throw new ConnectionClosedException('No data received from server'); - } - - if ($this->decrypt) { - switch ($this->decryptName) { - case 'aes128-gcm@openssh.com': - case 'aes256-gcm@openssh.com': - $this->decrypt->setNonce( - $this->decryptFixedPart . - $this->decryptInvocationCounter - ); - Strings::increment_str($this->decryptInvocationCounter); - $this->decrypt->setAAD($temp = Strings::shift($raw, 4)); - extract(unpack('Npacket_length', $temp)); - /** - * @var integer $packet_length - */ - - $raw .= $this->read_remaining_bytes($packet_length - $this->decrypt_block_size + 4); - $stop = microtime(true); - $tag = stream_get_contents($this->fsock, $this->decrypt_block_size); - $this->decrypt->setTag($tag); - $raw = $this->decrypt->decrypt($raw); - $raw = $temp . $raw; - $remaining_length = 0; - break; - case 'chacha20-poly1305@openssh.com': - // This should be impossible, but we are checking anyway to narrow the type for Psalm. - if (!($this->decrypt instanceof ChaCha20)) { - throw new \LogicException('$this->decrypt is not a ' . ChaCha20::class); - } - - $nonce = pack('N2', 0, $this->get_seq_no); - - $this->lengthDecrypt->setNonce($nonce); - $temp = $this->lengthDecrypt->decrypt($aad = Strings::shift($raw, 4)); - extract(unpack('Npacket_length', $temp)); - /** - * @var integer $packet_length - */ - - $raw .= $this->read_remaining_bytes($packet_length - $this->decrypt_block_size + 4); - $stop = microtime(true); - $tag = stream_get_contents($this->fsock, 16); - - $this->decrypt->setNonce($nonce); - $this->decrypt->setCounter(0); - // this is the same approach that's implemented in Salsa20::createPoly1305Key() - // but we don't want to use the same AEAD construction that RFC8439 describes - // for ChaCha20-Poly1305 so we won't rely on it (see Salsa20::poly1305()) - $this->decrypt->setPoly1305Key( - $this->decrypt->encrypt(str_repeat("\0", 32)) - ); - $this->decrypt->setAAD($aad); - $this->decrypt->setCounter(1); - $this->decrypt->setTag($tag); - $raw = $this->decrypt->decrypt($raw); - $raw = $temp . $raw; - $remaining_length = 0; - break; - default: - if (!$this->hmac_check instanceof Hash || !$this->hmac_check_etm) { - $raw = $this->decrypt->decrypt($raw); - break; - } - extract(unpack('Npacket_length', $temp = Strings::shift($raw, 4))); - /** - * @var integer $packet_length - */ - $raw .= $this->read_remaining_bytes($packet_length - $this->decrypt_block_size + 4); - $stop = microtime(true); - $encrypted = $temp . $raw; - $raw = $temp . $this->decrypt->decrypt($raw); - $remaining_length = 0; - } - } - - if (strlen($raw) < 5) { - $this->bitmap = 0; - throw new \RuntimeException('Plaintext is too short'); - } - extract(unpack('Npacket_length/Cpadding_length', Strings::shift($raw, 5))); - /** - * @var integer $packet_length - * @var integer $padding_length - */ - - if (!isset($remaining_length)) { - $remaining_length = $packet_length + 4 - $this->decrypt_block_size; - } - - $buffer = $this->read_remaining_bytes($remaining_length); - - if (!isset($stop)) { - $stop = microtime(true); - } - if (strlen($buffer)) { - $raw .= $this->decrypt ? $this->decrypt->decrypt($buffer) : $buffer; - } - - $payload = Strings::shift($raw, $packet_length - $padding_length - 1); - $padding = Strings::shift($raw, $padding_length); // should leave $raw empty - - if ($this->hmac_check instanceof Hash) { - $hmac = stream_get_contents($this->fsock, $this->hmac_size); - if ($hmac === false || strlen($hmac) != $this->hmac_size) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_MAC_ERROR); - throw new \RuntimeException('Error reading socket'); - } - - $reconstructed = !$this->hmac_check_etm ? - pack('NCa*', $packet_length, $padding_length, $payload . $padding) : - $encrypted; - if (($this->hmac_check->getHash() & "\xFF\xFF\xFF\xFF") == 'umac') { - $this->hmac_check->setNonce("\0\0\0\0" . pack('N', $this->get_seq_no)); - if ($hmac != $this->hmac_check->hash($reconstructed)) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_MAC_ERROR); - throw new \RuntimeException('Invalid UMAC'); - } - } else { - if ($hmac != $this->hmac_check->hash(pack('Na*', $this->get_seq_no, $reconstructed))) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_MAC_ERROR); - throw new \RuntimeException('Invalid HMAC'); - } - } - } - - switch ($this->decompress) { - case self::NET_SSH2_COMPRESSION_ZLIB_AT_OPENSSH: - if (!$this->isAuthenticated()) { - break; - } - // fall-through - case self::NET_SSH2_COMPRESSION_ZLIB: - if ($this->regenerate_decompression_context) { - $this->regenerate_decompression_context = false; - - $cmf = ord($payload[0]); - $cm = $cmf & 0x0F; - if ($cm != 8) { // deflate - user_error("Only CM = 8 ('deflate') is supported ($cm)"); - } - $cinfo = ($cmf & 0xF0) >> 4; - if ($cinfo > 7) { - user_error("CINFO above 7 is not allowed ($cinfo)"); - } - $windowSize = 1 << ($cinfo + 8); - - $flg = ord($payload[1]); - //$fcheck = $flg && 0x0F; - if ((($cmf << 8) | $flg) % 31) { - user_error('fcheck failed'); - } - $fdict = boolval($flg & 0x20); - $flevel = ($flg & 0xC0) >> 6; - - $this->decompress_context = inflate_init(ZLIB_ENCODING_RAW, ['window' => $cinfo + 8]); - $payload = substr($payload, 2); - } - if ($this->decompress_context) { - $payload = inflate_add($this->decompress_context, $payload, ZLIB_PARTIAL_FLUSH); - } - } - - $this->get_seq_no++; - - if (defined('NET_SSH2_LOGGING')) { - $current = microtime(true); - $message_number = isset(self::$message_numbers[ord($payload[0])]) ? self::$message_numbers[ord($payload[0])] : 'UNKNOWN (' . ord($payload[0]) . ')'; - $message_number = '<- ' . $message_number . - ' (since last: ' . round($current - $this->last_packet, 4) . ', network: ' . round($stop - $start, 4) . 's)'; - $this->append_log($message_number, $payload); - $this->last_packet = $current; - } - - return $this->filter($payload, $skip_channel_filter); - } - - /** - * Read Remaining Bytes - * - * @see self::get_binary_packet() - * @param int $remaining_length - * @return string - */ - private function read_remaining_bytes($remaining_length) - { - if (!$remaining_length) { - return ''; - } - - $adjustLength = false; - if ($this->decrypt) { - switch (true) { - case $this->decryptName == 'aes128-gcm@openssh.com': - case $this->decryptName == 'aes256-gcm@openssh.com': - case $this->decryptName == 'chacha20-poly1305@openssh.com': - case $this->hmac_check instanceof Hash && $this->hmac_check_etm: - $remaining_length += $this->decrypt_block_size - 4; - $adjustLength = true; - } - } - - // quoting , - // "implementations SHOULD check that the packet length is reasonable" - // PuTTY uses 0x9000 as the actual max packet size and so to shall we - // don't do this when GCM mode is used since GCM mode doesn't encrypt the length - if ($remaining_length < -$this->decrypt_block_size || $remaining_length > 0x9000 || $remaining_length % $this->decrypt_block_size != 0) { - if (!$this->bad_key_size_fix && self::bad_algorithm_candidate($this->decrypt ? $this->decryptName : '') && !($this->bitmap & SSH2::MASK_LOGIN)) { - $this->bad_key_size_fix = true; - $this->reset_connection(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); - return false; - } - throw new \RuntimeException('Invalid size'); - } - - if ($adjustLength) { - $remaining_length -= $this->decrypt_block_size - 4; - } - - $buffer = ''; - while ($remaining_length > 0) { - $temp = stream_get_contents($this->fsock, $remaining_length); - if ($temp === false || feof($this->fsock)) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_CONNECTION_LOST); - throw new \RuntimeException('Error reading from socket'); - } - $buffer .= $temp; - $remaining_length -= strlen($temp); - } - - return $buffer; - } - - /** - * Filter Binary Packets - * - * Because some binary packets need to be ignored... - * - * @see self::_get_binary_packet() - * @param string $payload - * @param bool $skip_channel_filter - * @return string|bool - */ - private function filter($payload, $skip_channel_filter) - { - switch (ord($payload[0])) { - case NET_SSH2_MSG_DISCONNECT: - Strings::shift($payload, 1); - list($reason_code, $message) = Strings::unpackSSH2('Ns', $payload); - $this->errors[] = 'SSH_MSG_DISCONNECT: ' . self::$disconnect_reasons[$reason_code] . "\r\n$message"; - $this->bitmap = 0; - return false; - case NET_SSH2_MSG_IGNORE: - $this->extra_packets++; - $payload = $this->get_binary_packet($skip_channel_filter); - break; - case NET_SSH2_MSG_DEBUG: - $this->extra_packets++; - Strings::shift($payload, 2); // second byte is "always_display" - list($message) = Strings::unpackSSH2('s', $payload); - $this->errors[] = "SSH_MSG_DEBUG: $message"; - $payload = $this->get_binary_packet($skip_channel_filter); - break; - case NET_SSH2_MSG_UNIMPLEMENTED: - return false; - case NET_SSH2_MSG_KEXINIT: - // this is here for key re-exchanges after the initial key exchange - if ($this->session_id !== false) { - if (!$this->key_exchange($payload)) { - $this->bitmap = 0; - return false; - } - $payload = $this->get_binary_packet($skip_channel_filter); - } - } - - // see http://tools.ietf.org/html/rfc4252#section-5.4; only called when the encryption has been activated and when we haven't already logged in - if (($this->bitmap & self::MASK_CONNECTED) && !$this->isAuthenticated() && !is_bool($payload) && ord($payload[0]) == NET_SSH2_MSG_USERAUTH_BANNER) { - Strings::shift($payload, 1); - list($this->banner_message) = Strings::unpackSSH2('s', $payload); - $payload = $this->get_binary_packet(); - } - - // only called when we've already logged in - if (($this->bitmap & self::MASK_CONNECTED) && $this->isAuthenticated()) { - if (is_bool($payload)) { - return $payload; - } - - switch (ord($payload[0])) { - case NET_SSH2_MSG_CHANNEL_REQUEST: - if (strlen($payload) == 31) { - extract(unpack('cpacket_type/Nchannel/Nlength', $payload)); - if (substr($payload, 9, $length) == 'keepalive@openssh.com' && isset($this->server_channels[$channel])) { - if (ord(substr($payload, 9 + $length))) { // want reply - $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_SUCCESS, $this->server_channels[$channel])); - } - $payload = $this->get_binary_packet($skip_channel_filter); - } - } - break; - case NET_SSH2_MSG_CHANNEL_DATA: - case NET_SSH2_MSG_CHANNEL_EXTENDED_DATA: - case NET_SSH2_MSG_CHANNEL_CLOSE: - case NET_SSH2_MSG_CHANNEL_EOF: - if (!$skip_channel_filter && !empty($this->server_channels)) { - $this->binary_packet_buffer = $payload; - $this->get_channel_packet(true); - $payload = $this->get_binary_packet(); - } - break; - case NET_SSH2_MSG_GLOBAL_REQUEST: // see http://tools.ietf.org/html/rfc4254#section-4 - Strings::shift($payload, 1); - list($request_name) = Strings::unpackSSH2('s', $payload); - $this->errors[] = "SSH_MSG_GLOBAL_REQUEST: $request_name"; - - try { - $this->send_binary_packet(pack('C', NET_SSH2_MSG_REQUEST_FAILURE)); - } catch (\RuntimeException $e) { - return $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); - } - - $payload = $this->get_binary_packet($skip_channel_filter); - break; - case NET_SSH2_MSG_CHANNEL_OPEN: // see http://tools.ietf.org/html/rfc4254#section-5.1 - Strings::shift($payload, 1); - list($data, $server_channel) = Strings::unpackSSH2('sN', $payload); - switch ($data) { - case 'auth-agent': - case 'auth-agent@openssh.com': - if (isset($this->agent)) { - $new_channel = self::CHANNEL_AGENT_FORWARD; - - list( - $remote_window_size, - $remote_maximum_packet_size - ) = Strings::unpackSSH2('NN', $payload); - - $this->packet_size_client_to_server[$new_channel] = $remote_window_size; - $this->window_size_server_to_client[$new_channel] = $remote_maximum_packet_size; - $this->window_size_client_to_server[$new_channel] = $this->window_size; - - $packet_size = 0x4000; - - $packet = pack( - 'CN4', - NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION, - $server_channel, - $new_channel, - $packet_size, - $packet_size - ); - - $this->server_channels[$new_channel] = $server_channel; - $this->channel_status[$new_channel] = NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION; - $this->send_binary_packet($packet); - } - break; - default: - $packet = Strings::packSSH2( - 'CN2ss', - NET_SSH2_MSG_CHANNEL_OPEN_FAILURE, - $server_channel, - NET_SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED, - '', // description - '' // language tag - ); - - try { - $this->send_binary_packet($packet); - } catch (\RuntimeException $e) { - return $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); - } - } - - $payload = $this->get_binary_packet($skip_channel_filter); - break; - case NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST: - Strings::shift($payload, 1); - list($channel, $window_size) = Strings::unpackSSH2('NN', $payload); - - $this->window_size_client_to_server[$channel] += $window_size; - - $payload = ($this->bitmap & self::MASK_WINDOW_ADJUST) ? true : $this->get_binary_packet($skip_channel_filter); - } - } - - return $payload; - } - - /** - * Enable Quiet Mode - * - * Suppress stderr from output - * - */ - public function enableQuietMode() - { - $this->quiet_mode = true; - } - - /** - * Disable Quiet Mode - * - * Show stderr in output - * - */ - public function disableQuietMode() - { - $this->quiet_mode = false; - } - - /** - * Returns whether Quiet Mode is enabled or not - * - * @see self::enableQuietMode() - * @see self::disableQuietMode() - * @return bool - */ - public function isQuietModeEnabled() - { - return $this->quiet_mode; - } - - /** - * Enable request-pty when using exec() - * - */ - public function enablePTY() - { - $this->request_pty = true; - } - - /** - * Disable request-pty when using exec() - * - */ - public function disablePTY() - { - if ($this->isPTYOpen()) { - $this->close_channel(self::CHANNEL_EXEC); - } - $this->request_pty = false; - } - - /** - * Returns whether request-pty is enabled or not - * - * @see self::enablePTY() - * @see self::disablePTY() - * @return bool - */ - public function isPTYEnabled() - { - return $this->request_pty; - } - - /** - * Gets channel data - * - * Returns the data as a string. bool(true) is returned if: - * - * - the server closes the channel - * - if the connection times out - * - if the channel status is CHANNEL_OPEN and the response was CHANNEL_OPEN_CONFIRMATION - * - if the channel status is CHANNEL_REQUEST and the response was CHANNEL_SUCCESS - * - if the channel status is CHANNEL_CLOSE and the response was CHANNEL_CLOSE - * - * bool(false) is returned if: - * - * - if the channel status is CHANNEL_REQUEST and the response was CHANNEL_FAILURE - * - * @param int $client_channel - * @param bool $skip_extended - * @return mixed - * @throws \RuntimeException on connection error - */ - protected function get_channel_packet($client_channel, $skip_extended = false) - { - if (!empty($this->channel_buffers[$client_channel])) { - switch ($this->channel_status[$client_channel]) { - case NET_SSH2_MSG_CHANNEL_REQUEST: - foreach ($this->channel_buffers[$client_channel] as $i => $packet) { - switch (ord($packet[0])) { - case NET_SSH2_MSG_CHANNEL_SUCCESS: - case NET_SSH2_MSG_CHANNEL_FAILURE: - unset($this->channel_buffers[$client_channel][$i]); - return substr($packet, 1); - } - } - break; - default: - return substr(array_shift($this->channel_buffers[$client_channel]), 1); - } - } - - while (true) { - if ($this->binary_packet_buffer !== false) { - $response = $this->binary_packet_buffer; - $this->binary_packet_buffer = false; - } else { - $response = $this->get_binary_packet(true); - if ($response === true && $this->is_timeout) { - if ($client_channel == self::CHANNEL_EXEC && !$this->request_pty) { - $this->close_channel($client_channel); - } - return true; - } - if ($response === false) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_CONNECTION_LOST); - throw new ConnectionClosedException('Connection closed by server'); - } - } - - if ($client_channel == -1 && $response === true) { - return true; - } - list($type, $channel) = Strings::unpackSSH2('CN', $response); - - // will not be setup yet on incoming channel open request - if (isset($channel) && isset($this->channel_status[$channel]) && isset($this->window_size_server_to_client[$channel])) { - $this->window_size_server_to_client[$channel] -= strlen($response); - - // resize the window, if appropriate - if ($this->window_size_server_to_client[$channel] < 0) { - // PuTTY does something more analogous to the following: - //if ($this->window_size_server_to_client[$channel] < 0x3FFFFFFF) { - $packet = pack('CNN', NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST, $this->server_channels[$channel], $this->window_resize); - $this->send_binary_packet($packet); - $this->window_size_server_to_client[$channel] += $this->window_resize; - } - - switch ($type) { - case NET_SSH2_MSG_CHANNEL_EXTENDED_DATA: - /* - if ($client_channel == self::CHANNEL_EXEC) { - $this->send_channel_packet($client_channel, chr(0)); - } - */ - // currently, there's only one possible value for $data_type_code: NET_SSH2_EXTENDED_DATA_STDERR - list($data_type_code, $data) = Strings::unpackSSH2('Ns', $response); - $this->stdErrorLog .= $data; - if ($skip_extended || $this->quiet_mode) { - continue 2; - } - if ($client_channel == $channel && $this->channel_status[$channel] == NET_SSH2_MSG_CHANNEL_DATA) { - return $data; - } - $this->channel_buffers[$channel][] = chr($type) . $data; - - continue 2; - case NET_SSH2_MSG_CHANNEL_REQUEST: - if ($this->channel_status[$channel] == NET_SSH2_MSG_CHANNEL_CLOSE) { - continue 2; - } - list($value) = Strings::unpackSSH2('s', $response); - switch ($value) { - case 'exit-signal': - list( - , // FALSE - $signal_name, - , // core dumped - $error_message - ) = Strings::unpackSSH2('bsbs', $response); - - $this->errors[] = "SSH_MSG_CHANNEL_REQUEST (exit-signal): $signal_name"; - if (strlen($error_message)) { - $this->errors[count($this->errors) - 1] .= "\r\n$error_message"; - } - - $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_EOF, $this->server_channels[$client_channel])); - $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$channel])); - - $this->channel_status[$channel] = NET_SSH2_MSG_CHANNEL_EOF; - - continue 3; - case 'exit-status': - list(, $this->exit_status) = Strings::unpackSSH2('CN', $response); - - // "The client MAY ignore these messages." - // -- http://tools.ietf.org/html/rfc4254#section-6.10 - - continue 3; - default: - // "Some systems may not implement signals, in which case they SHOULD ignore this message." - // -- http://tools.ietf.org/html/rfc4254#section-6.9 - continue 3; - } - } - - switch ($this->channel_status[$channel]) { - case NET_SSH2_MSG_CHANNEL_OPEN: - switch ($type) { - case NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION: - list( - $this->server_channels[$channel], - $window_size, - $this->packet_size_client_to_server[$channel] - ) = Strings::unpackSSH2('NNN', $response); - - if ($window_size < 0) { - $window_size &= 0x7FFFFFFF; - $window_size += 0x80000000; - } - $this->window_size_client_to_server[$channel] = $window_size; - $result = $client_channel == $channel ? true : $this->get_channel_packet($client_channel, $skip_extended); - $this->on_channel_open(); - return $result; - case NET_SSH2_MSG_CHANNEL_OPEN_FAILURE: - $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); - throw new \RuntimeException('Unable to open channel'); - default: - if ($client_channel == $channel) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); - throw new \RuntimeException('Unexpected response to open request'); - } - return $this->get_channel_packet($client_channel, $skip_extended); - } - break; - case NET_SSH2_MSG_CHANNEL_REQUEST: - switch ($type) { - case NET_SSH2_MSG_CHANNEL_SUCCESS: - return true; - case NET_SSH2_MSG_CHANNEL_FAILURE: - return false; - case NET_SSH2_MSG_CHANNEL_DATA: - list($data) = Strings::unpackSSH2('s', $response); - $this->channel_buffers[$channel][] = chr($type) . $data; - return $this->get_channel_packet($client_channel, $skip_extended); - default: - $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); - throw new \RuntimeException('Unable to fulfill channel request'); - } - case NET_SSH2_MSG_CHANNEL_CLOSE: - if ($client_channel == $channel && $type == NET_SSH2_MSG_CHANNEL_CLOSE) { - return true; - } - return $this->get_channel_packet($client_channel, $skip_extended); - } - } - - // ie. $this->channel_status[$channel] == NET_SSH2_MSG_CHANNEL_DATA - - switch ($type) { - case NET_SSH2_MSG_CHANNEL_DATA: - /* - if ($channel == self::CHANNEL_EXEC) { - // SCP requires null packets, such as this, be sent. further, in the case of the ssh.com SSH server - // this actually seems to make things twice as fast. more to the point, the message right after - // SSH_MSG_CHANNEL_DATA (usually SSH_MSG_IGNORE) won't block for as long as it would have otherwise. - // in OpenSSH it slows things down but only by a couple thousandths of a second. - $this->send_channel_packet($channel, chr(0)); - } - */ - list($data) = Strings::unpackSSH2('s', $response); - - if ($channel == self::CHANNEL_AGENT_FORWARD) { - $agent_response = $this->agent->forwardData($data); - if (!is_bool($agent_response)) { - $this->send_channel_packet($channel, $agent_response); - } - break; - } - - if ($client_channel == $channel) { - return $data; - } - $this->channel_buffers[$channel][] = chr($type) . $data; - break; - case NET_SSH2_MSG_CHANNEL_CLOSE: - $this->curTimeout = 5; - - $this->close_channel_bitmap($channel); - - if ($this->channel_status[$channel] != NET_SSH2_MSG_CHANNEL_EOF) { - $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$channel])); - } - - $this->channel_status[$channel] = NET_SSH2_MSG_CHANNEL_CLOSE; - $this->channelCount--; - - if ($client_channel == $channel) { - return true; - } - // fall-through - case NET_SSH2_MSG_CHANNEL_EOF: - break; - default: - $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); - throw new \RuntimeException("Error reading channel data ($type)"); - } - } - } - - /** - * Sends Binary Packets - * - * See '6. Binary Packet Protocol' of rfc4253 for more info. - * - * @param string $data - * @param string $logged - * @see self::_get_binary_packet() - * @return void - */ - protected function send_binary_packet($data, $logged = null) - { - if (!is_resource($this->fsock) || feof($this->fsock)) { - $this->bitmap = 0; - throw new ConnectionClosedException('Connection closed prematurely'); - } - - if (!isset($logged)) { - $logged = $data; - } - - switch ($this->compress) { - case self::NET_SSH2_COMPRESSION_ZLIB_AT_OPENSSH: - if (!$this->isAuthenticated()) { - break; - } - // fall-through - case self::NET_SSH2_COMPRESSION_ZLIB: - if (!$this->regenerate_compression_context) { - $header = ''; - } else { - $this->regenerate_compression_context = false; - $this->compress_context = deflate_init(ZLIB_ENCODING_RAW, ['window' => 15]); - $header = "\x78\x9C"; - } - if ($this->compress_context) { - $data = $header . deflate_add($this->compress_context, $data, ZLIB_PARTIAL_FLUSH); - } - } - - // 4 (packet length) + 1 (padding length) + 4 (minimal padding amount) == 9 - $packet_length = strlen($data) + 9; - if ($this->encrypt && $this->encrypt->usesNonce()) { - $packet_length -= 4; - } - // round up to the nearest $this->encrypt_block_size - $packet_length += (($this->encrypt_block_size - 1) * $packet_length) % $this->encrypt_block_size; - // subtracting strlen($data) is obvious - subtracting 5 is necessary because of packet_length and padding_length - $padding_length = $packet_length - strlen($data) - 5; - switch (true) { - case $this->encrypt && $this->encrypt->usesNonce(): - case $this->hmac_create instanceof Hash && $this->hmac_create_etm: - $padding_length += 4; - $packet_length += 4; - } - - $padding = Random::string($padding_length); - - // we subtract 4 from packet_length because the packet_length field isn't supposed to include itself - $packet = pack('NCa*', $packet_length - 4, $padding_length, $data . $padding); - - $hmac = ''; - if ($this->hmac_create instanceof Hash && !$this->hmac_create_etm) { - if (($this->hmac_create->getHash() & "\xFF\xFF\xFF\xFF") == 'umac') { - $this->hmac_create->setNonce("\0\0\0\0" . pack('N', $this->send_seq_no)); - $hmac = $this->hmac_create->hash($packet); - } else { - $hmac = $this->hmac_create->hash(pack('Na*', $this->send_seq_no, $packet)); - } - } - - if ($this->encrypt) { - switch ($this->encryptName) { - case 'aes128-gcm@openssh.com': - case 'aes256-gcm@openssh.com': - $this->encrypt->setNonce( - $this->encryptFixedPart . - $this->encryptInvocationCounter - ); - Strings::increment_str($this->encryptInvocationCounter); - $this->encrypt->setAAD($temp = ($packet & "\xFF\xFF\xFF\xFF")); - $packet = $temp . $this->encrypt->encrypt(substr($packet, 4)); - break; - case 'chacha20-poly1305@openssh.com': - // This should be impossible, but we are checking anyway to narrow the type for Psalm. - if (!($this->encrypt instanceof ChaCha20)) { - throw new \LogicException('$this->encrypt is not a ' . ChaCha20::class); - } - - $nonce = pack('N2', 0, $this->send_seq_no); - - $this->encrypt->setNonce($nonce); - $this->lengthEncrypt->setNonce($nonce); - - $length = $this->lengthEncrypt->encrypt($packet & "\xFF\xFF\xFF\xFF"); - - $this->encrypt->setCounter(0); - // this is the same approach that's implemented in Salsa20::createPoly1305Key() - // but we don't want to use the same AEAD construction that RFC8439 describes - // for ChaCha20-Poly1305 so we won't rely on it (see Salsa20::poly1305()) - $this->encrypt->setPoly1305Key( - $this->encrypt->encrypt(str_repeat("\0", 32)) - ); - $this->encrypt->setAAD($length); - $this->encrypt->setCounter(1); - $packet = $length . $this->encrypt->encrypt(substr($packet, 4)); - break; - default: - $packet = $this->hmac_create instanceof Hash && $this->hmac_create_etm ? - ($packet & "\xFF\xFF\xFF\xFF") . $this->encrypt->encrypt(substr($packet, 4)) : - $this->encrypt->encrypt($packet); - } - } - - if ($this->hmac_create instanceof Hash && $this->hmac_create_etm) { - if (($this->hmac_create->getHash() & "\xFF\xFF\xFF\xFF") == 'umac') { - $this->hmac_create->setNonce("\0\0\0\0" . pack('N', $this->send_seq_no)); - $hmac = $this->hmac_create->hash($packet); - } else { - $hmac = $this->hmac_create->hash(pack('Na*', $this->send_seq_no, $packet)); - } - } - - $this->send_seq_no++; - - $packet .= $this->encrypt && $this->encrypt->usesNonce() ? $this->encrypt->getTag() : $hmac; - - $start = microtime(true); - $sent = @fputs($this->fsock, $packet); - $stop = microtime(true); - - if (defined('NET_SSH2_LOGGING')) { - $current = microtime(true); - $message_number = isset(self::$message_numbers[ord($logged[0])]) ? self::$message_numbers[ord($logged[0])] : 'UNKNOWN (' . ord($logged[0]) . ')'; - $message_number = '-> ' . $message_number . - ' (since last: ' . round($current - $this->last_packet, 4) . ', network: ' . round($stop - $start, 4) . 's)'; - $this->append_log($message_number, $logged); - $this->last_packet = $current; - } - - if (strlen($packet) != $sent) { - $this->bitmap = 0; - $message = $sent === false ? - 'Unable to write ' . strlen($packet) . ' bytes' : - "Only $sent of " . strlen($packet) . " bytes were sent"; - throw new \RuntimeException($message); - } - } - - /** - * Logs data packets - * - * Makes sure that only the last 1MB worth of packets will be logged - * - * @param string $message_number - * @param string $message - */ - private function append_log($message_number, $message) - { - $this->append_log_helper( - NET_SSH2_LOGGING, - $message_number, - $message, - $this->message_number_log, - $this->message_log, - $this->log_size, - $this->realtime_log_file, - $this->realtime_log_wrap, - $this->realtime_log_size - ); - } - - /** - * Logs data packet helper - * - * @param int $constant - * @param string $message_number - * @param string $message - * @param array &$message_number_log - * @param array &$message_log - * @param int &$log_size - * @param resource &$realtime_log_file - * @param bool &$realtime_log_wrap - * @param int &$realtime_log_size - */ - protected function append_log_helper($constant, $message_number, $message, array &$message_number_log, array &$message_log, &$log_size, &$realtime_log_file, &$realtime_log_wrap, &$realtime_log_size) - { - // remove the byte identifying the message type from all but the first two messages (ie. the identification strings) - if (strlen($message_number) > 2) { - Strings::shift($message); - } - - switch ($constant) { - // useful for benchmarks - case self::LOG_SIMPLE: - $message_number_log[] = $message_number; - break; - case self::LOG_SIMPLE_REALTIME: - echo $message_number; - echo PHP_SAPI == 'cli' ? "\r\n" : '
'; - @flush(); - @ob_flush(); - break; - // the most useful log for SSH2 - case self::LOG_COMPLEX: - $message_number_log[] = $message_number; - $log_size += strlen($message); - $message_log[] = $message; - while ($log_size > self::LOG_MAX_SIZE) { - $log_size -= strlen(array_shift($message_log)); - array_shift($message_number_log); - } - break; - // dump the output out realtime; packets may be interspersed with non packets, - // passwords won't be filtered out and select other packets may not be correctly - // identified - case self::LOG_REALTIME: - switch (PHP_SAPI) { - case 'cli': - $start = $stop = "\r\n"; - break; - default: - $start = '
';
-                        $stop = '
'; - } - echo $start . $this->format_log([$message], [$message_number]) . $stop; - @flush(); - @ob_flush(); - break; - // basically the same thing as self::LOG_REALTIME with the caveat that NET_SSH2_LOG_REALTIME_FILENAME - // needs to be defined and that the resultant log file will be capped out at self::LOG_MAX_SIZE. - // the earliest part of the log file is denoted by the first <<< START >>> and is not going to necessarily - // at the beginning of the file - case self::LOG_REALTIME_FILE: - if (!isset($realtime_log_file)) { - // PHP doesn't seem to like using constants in fopen() - $filename = NET_SSH2_LOG_REALTIME_FILENAME; - $fp = fopen($filename, 'w'); - $realtime_log_file = $fp; - } - if (!is_resource($realtime_log_file)) { - break; - } - $entry = $this->format_log([$message], [$message_number]); - if ($realtime_log_wrap) { - $temp = "<<< START >>>\r\n"; - $entry .= $temp; - fseek($realtime_log_file, ftell($realtime_log_file) - strlen($temp)); - } - $realtime_log_size += strlen($entry); - if ($realtime_log_size > self::LOG_MAX_SIZE) { - fseek($realtime_log_file, 0); - $realtime_log_size = strlen($entry); - $realtime_log_wrap = true; - } - fputs($realtime_log_file, $entry); - } - } - - /** - * Sends channel data - * - * Spans multiple SSH_MSG_CHANNEL_DATAs if appropriate - * - * @param int $client_channel - * @param string $data - * @return void - */ - protected function send_channel_packet($client_channel, $data) - { - while (strlen($data)) { - if (!$this->window_size_client_to_server[$client_channel]) { - $this->bitmap ^= self::MASK_WINDOW_ADJUST; - // using an invalid channel will let the buffers be built up for the valid channels - $this->get_channel_packet(-1); - $this->bitmap ^= self::MASK_WINDOW_ADJUST; - } - - /* The maximum amount of data allowed is determined by the maximum - packet size for the channel, and the current window size, whichever - is smaller. - -- http://tools.ietf.org/html/rfc4254#section-5.2 */ - $max_size = min( - $this->packet_size_client_to_server[$client_channel], - $this->window_size_client_to_server[$client_channel] - ); - - $temp = Strings::shift($data, $max_size); - $packet = Strings::packSSH2( - 'CNs', - NET_SSH2_MSG_CHANNEL_DATA, - $this->server_channels[$client_channel], - $temp - ); - $this->window_size_client_to_server[$client_channel] -= strlen($temp); - $this->send_binary_packet($packet); - } - } - - /** - * Closes and flushes a channel - * - * \phpseclib3\Net\SSH2 doesn't properly close most channels. For exec() channels are normally closed by the server - * and for SFTP channels are presumably closed when the client disconnects. This functions is intended - * for SCP more than anything. - * - * @param int $client_channel - * @param bool $want_reply - * @return void - */ - private function close_channel($client_channel, $want_reply = false) - { - // see http://tools.ietf.org/html/rfc4254#section-5.3 - - $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_EOF, $this->server_channels[$client_channel])); - - if (!$want_reply) { - $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$client_channel])); - } - - $this->channel_status[$client_channel] = NET_SSH2_MSG_CHANNEL_CLOSE; - $this->channelCount--; - - $this->curTimeout = 5; - - while (!is_bool($this->get_channel_packet($client_channel))) { - } - - if ($want_reply) { - $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$client_channel])); - } - - $this->close_channel_bitmap($client_channel); - } - - /** - * Maintains execution state bitmap in response to channel closure - * - * @param int $client_channel The channel number to maintain closure status of - * @return void - */ - private function close_channel_bitmap($client_channel) - { - switch ($client_channel) { - case self::CHANNEL_SHELL: - // Shell status has been maintained in the bitmap for backwards - // compatibility sake, but can be removed going forward - if ($this->bitmap & self::MASK_SHELL) { - $this->bitmap &= ~self::MASK_SHELL; - } - break; - } - } - - /** - * Disconnect - * - * @param int $reason - * @return false - */ - protected function disconnect_helper($reason) - { - if ($this->bitmap & self::MASK_CONNECTED) { - $data = Strings::packSSH2('CNss', NET_SSH2_MSG_DISCONNECT, $reason, '', ''); - try { - $this->send_binary_packet($data); - } catch (\Exception $e) { - } - } - - $this->bitmap = 0; - if (is_resource($this->fsock) && get_resource_type($this->fsock) === 'stream') { - fclose($this->fsock); - } - - return false; - } - - /** - * Define Array - * - * Takes any number of arrays whose indices are integers and whose values are strings and defines a bunch of - * named constants from it, using the value as the name of the constant and the index as the value of the constant. - * If any of the constants that would be defined already exists, none of the constants will be defined. - * - * @param mixed[] ...$args - * @access protected - */ - protected static function define_array(...$args) - { - foreach ($args as $arg) { - foreach ($arg as $key => $value) { - if (!defined($value)) { - define($value, $key); - } else { - break 2; - } - } - } - } - - /** - * Returns a log of the packets that have been sent and received. - * - * Returns a string if NET_SSH2_LOGGING == self::LOG_COMPLEX, an array if NET_SSH2_LOGGING == self::LOG_SIMPLE and false if !defined('NET_SSH2_LOGGING') - * - * @return array|false|string - */ - public function getLog() - { - if (!defined('NET_SSH2_LOGGING')) { - return false; - } - - switch (NET_SSH2_LOGGING) { - case self::LOG_SIMPLE: - return $this->message_number_log; - case self::LOG_COMPLEX: - $log = $this->format_log($this->message_log, $this->message_number_log); - return PHP_SAPI == 'cli' ? $log : '
' . $log . '
'; - default: - return false; - } - } - - /** - * Formats a log for printing - * - * @param array $message_log - * @param array $message_number_log - * @return string - */ - protected function format_log(array $message_log, array $message_number_log) - { - $output = ''; - for ($i = 0; $i < count($message_log); $i++) { - $output .= $message_number_log[$i] . "\r\n"; - $current_log = $message_log[$i]; - $j = 0; - do { - if (strlen($current_log)) { - $output .= str_pad(dechex($j), 7, '0', STR_PAD_LEFT) . '0 '; - } - $fragment = Strings::shift($current_log, $this->log_short_width); - $hex = substr(preg_replace_callback('#.#s', function ($matches) { - return $this->log_boundary . str_pad(dechex(ord($matches[0])), 2, '0', STR_PAD_LEFT); - }, $fragment), strlen($this->log_boundary)); - // replace non ASCII printable characters with dots - // http://en.wikipedia.org/wiki/ASCII#ASCII_printable_characters - // also replace < with a . since < messes up the output on web browsers - $raw = preg_replace('#[^\x20-\x7E]|<#', '.', $fragment); - $output .= str_pad($hex, $this->log_long_width - $this->log_short_width, ' ') . $raw . "\r\n"; - $j++; - } while (strlen($current_log)); - $output .= "\r\n"; - } - - return $output; - } - - /** - * Helper function for agent->on_channel_open() - * - * Used when channels are created to inform agent - * of said channel opening. Must be called after - * channel open confirmation received - * - */ - private function on_channel_open() - { - if (isset($this->agent)) { - $this->agent->registerChannelOpen($this); - } - } - - /** - * Returns the first value of the intersection of two arrays or false if - * the intersection is empty. The order is defined by the first parameter. - * - * @param array $array1 - * @param array $array2 - * @return mixed False if intersection is empty, else intersected value. - */ - private static function array_intersect_first(array $array1, array $array2) - { - foreach ($array1 as $value) { - if (in_array($value, $array2)) { - return $value; - } - } - return false; - } - - /** - * Returns all errors - * - * @return string[] - */ - public function getErrors() - { - return $this->errors; - } - - /** - * Returns the last error - * - * @return string - */ - public function getLastError() - { - $count = count($this->errors); - - if ($count > 0) { - return $this->errors[$count - 1]; - } - } - - /** - * Return the server identification. - * - * @return string|false - */ - public function getServerIdentification() - { - $this->connect(); - - return $this->server_identifier; - } - - /** - * Returns a list of algorithms the server supports - * - * @return array - */ - public function getServerAlgorithms() - { - $this->connect(); - - return [ - 'kex' => $this->kex_algorithms, - 'hostkey' => $this->server_host_key_algorithms, - 'client_to_server' => [ - 'crypt' => $this->encryption_algorithms_client_to_server, - 'mac' => $this->mac_algorithms_client_to_server, - 'comp' => $this->compression_algorithms_client_to_server, - 'lang' => $this->languages_client_to_server - ], - 'server_to_client' => [ - 'crypt' => $this->encryption_algorithms_server_to_client, - 'mac' => $this->mac_algorithms_server_to_client, - 'comp' => $this->compression_algorithms_server_to_client, - 'lang' => $this->languages_server_to_client - ] - ]; - } - - /** - * Returns a list of KEX algorithms that phpseclib supports - * - * @return array - */ - public static function getSupportedKEXAlgorithms() - { - $kex_algorithms = [ - // Elliptic Curve Diffie-Hellman Key Agreement (ECDH) using - // Curve25519. See doc/curve25519-sha256@libssh.org.txt in the - // libssh repository for more information. - 'curve25519-sha256', - 'curve25519-sha256@libssh.org', - - 'ecdh-sha2-nistp256', // RFC 5656 - 'ecdh-sha2-nistp384', // RFC 5656 - 'ecdh-sha2-nistp521', // RFC 5656 - - 'diffie-hellman-group-exchange-sha256',// RFC 4419 - 'diffie-hellman-group-exchange-sha1', // RFC 4419 - - // Diffie-Hellman Key Agreement (DH) using integer modulo prime - // groups. - 'diffie-hellman-group14-sha256', - 'diffie-hellman-group14-sha1', // REQUIRED - 'diffie-hellman-group15-sha512', - 'diffie-hellman-group16-sha512', - 'diffie-hellman-group17-sha512', - 'diffie-hellman-group18-sha512', - - 'diffie-hellman-group1-sha1', // REQUIRED - ]; - - return $kex_algorithms; - } - - /** - * Returns a list of host key algorithms that phpseclib supports - * - * @return array - */ - public static function getSupportedHostKeyAlgorithms() - { - return [ - 'ssh-ed25519', // https://tools.ietf.org/html/draft-ietf-curdle-ssh-ed25519-02 - 'ecdsa-sha2-nistp256', // RFC 5656 - 'ecdsa-sha2-nistp384', // RFC 5656 - 'ecdsa-sha2-nistp521', // RFC 5656 - 'rsa-sha2-256', // RFC 8332 - 'rsa-sha2-512', // RFC 8332 - 'ssh-rsa', // RECOMMENDED sign Raw RSA Key - 'ssh-dss' // REQUIRED sign Raw DSS Key - ]; - } - - /** - * Returns a list of symmetric key algorithms that phpseclib supports - * - * @return array - */ - public static function getSupportedEncryptionAlgorithms() - { - $algos = [ - // from : - 'aes128-gcm@openssh.com', - 'aes256-gcm@openssh.com', - - // from : - 'arcfour256', - 'arcfour128', - - //'arcfour', // OPTIONAL the ARCFOUR stream cipher with a 128-bit key - - // CTR modes from : - 'aes128-ctr', // RECOMMENDED AES (Rijndael) in SDCTR mode, with 128-bit key - 'aes192-ctr', // RECOMMENDED AES with 192-bit key - 'aes256-ctr', // RECOMMENDED AES with 256-bit key - - // from : - // one of the big benefits of chacha20-poly1305 is speed. the problem is... - // libsodium doesn't generate the poly1305 keys in the way ssh does and openssl's PHP bindings don't even - // seem to support poly1305 currently. so even if libsodium or openssl are being used for the chacha20 - // part, pure-PHP has to be used for the poly1305 part and that's gonna cause a big slow down. - // speed-wise it winds up being faster to use AES (when openssl or mcrypt are available) and some HMAC - // (which is always gonna be super fast to compute thanks to the hash extension, which - // "is bundled and compiled into PHP by default") - 'chacha20-poly1305@openssh.com', - - 'twofish128-ctr', // OPTIONAL Twofish in SDCTR mode, with 128-bit key - 'twofish192-ctr', // OPTIONAL Twofish with 192-bit key - 'twofish256-ctr', // OPTIONAL Twofish with 256-bit key - - 'aes128-cbc', // RECOMMENDED AES with a 128-bit key - 'aes192-cbc', // OPTIONAL AES with a 192-bit key - 'aes256-cbc', // OPTIONAL AES in CBC mode, with a 256-bit key - - 'twofish128-cbc', // OPTIONAL Twofish with a 128-bit key - 'twofish192-cbc', // OPTIONAL Twofish with a 192-bit key - 'twofish256-cbc', - 'twofish-cbc', // OPTIONAL alias for "twofish256-cbc" - // (this is being retained for historical reasons) - - 'blowfish-ctr', // OPTIONAL Blowfish in SDCTR mode - - 'blowfish-cbc', // OPTIONAL Blowfish in CBC mode - - '3des-ctr', // RECOMMENDED Three-key 3DES in SDCTR mode - - '3des-cbc', // REQUIRED three-key 3DES in CBC mode - - //'none' // OPTIONAL no encryption; NOT RECOMMENDED - ]; - - if (self::$crypto_engine) { - $engines = [self::$crypto_engine]; - } else { - $engines = [ - 'libsodium', - 'OpenSSL (GCM)', - 'OpenSSL', - 'mcrypt', - 'Eval', - 'PHP' - ]; - } - - $ciphers = []; - - foreach ($engines as $engine) { - foreach ($algos as $algo) { - $obj = self::encryption_algorithm_to_crypt_instance($algo); - if ($obj instanceof Rijndael) { - $obj->setKeyLength(preg_replace('#[^\d]#', '', $algo)); - } - switch ($algo) { - case 'chacha20-poly1305@openssh.com': - case 'arcfour128': - case 'arcfour256': - if ($engine != 'Eval') { - continue 2; - } - break; - case 'aes128-gcm@openssh.com': - case 'aes256-gcm@openssh.com': - if ($engine == 'OpenSSL') { - continue 2; - } - $obj->setNonce('dummydummydu'); - } - if ($obj->isValidEngine($engine)) { - $algos = array_diff($algos, [$algo]); - $ciphers[] = $algo; - } - } - } - - return $ciphers; - } - - /** - * Returns a list of MAC algorithms that phpseclib supports - * - * @return array - */ - public static function getSupportedMACAlgorithms() - { - return [ - 'hmac-sha2-256-etm@openssh.com', - 'hmac-sha2-512-etm@openssh.com', - 'umac-64-etm@openssh.com', - 'umac-128-etm@openssh.com', - 'hmac-sha1-etm@openssh.com', - - // from : - 'hmac-sha2-256',// RECOMMENDED HMAC-SHA256 (digest length = key length = 32) - 'hmac-sha2-512',// OPTIONAL HMAC-SHA512 (digest length = key length = 64) - - // from : - 'umac-64@openssh.com', - 'umac-128@openssh.com', - - 'hmac-sha1-96', // RECOMMENDED first 96 bits of HMAC-SHA1 (digest length = 12, key length = 20) - 'hmac-sha1', // REQUIRED HMAC-SHA1 (digest length = key length = 20) - 'hmac-md5-96', // OPTIONAL first 96 bits of HMAC-MD5 (digest length = 12, key length = 16) - 'hmac-md5', // OPTIONAL HMAC-MD5 (digest length = key length = 16) - //'none' // OPTIONAL no MAC; NOT RECOMMENDED - ]; - } - - /** - * Returns a list of compression algorithms that phpseclib supports - * - * @return array - */ - public static function getSupportedCompressionAlgorithms() - { - $algos = ['none']; // REQUIRED no compression - if (function_exists('deflate_init')) { - $algos[] = 'zlib@openssh.com'; // https://datatracker.ietf.org/doc/html/draft-miller-secsh-compression-delayed - $algos[] = 'zlib'; - } - return $algos; - } - - /** - * Return list of negotiated algorithms - * - * Uses the same format as https://www.php.net/ssh2-methods-negotiated - * - * @return array - */ - public function getAlgorithmsNegotiated() - { - $this->connect(); - - $compression_map = [ - self::NET_SSH2_COMPRESSION_NONE => 'none', - self::NET_SSH2_COMPRESSION_ZLIB => 'zlib', - self::NET_SSH2_COMPRESSION_ZLIB_AT_OPENSSH => 'zlib@openssh.com' - ]; - - return [ - 'kex' => $this->kex_algorithm, - 'hostkey' => $this->signature_format, - 'client_to_server' => [ - 'crypt' => $this->encryptName, - 'mac' => $this->hmac_create_name, - 'comp' => $compression_map[$this->compress], - ], - 'server_to_client' => [ - 'crypt' => $this->decryptName, - 'mac' => $this->hmac_check_name, - 'comp' => $compression_map[$this->decompress], - ] - ]; - } - - /** - * Force multiple channels (even if phpseclib has decided to disable them) - */ - public function forceMultipleChannels() - { - $this->errorOnMultipleChannels = false; - } - - /** - * Allows you to set the terminal - * - * @param string $term - */ - public function setTerminal($term) - { - $this->term = $term; - } - - /** - * Accepts an associative array with up to four parameters as described at - * - * - * @param array $methods - */ - public function setPreferredAlgorithms(array $methods) - { - $preferred = $methods; - - if (isset($preferred['kex'])) { - $preferred['kex'] = array_intersect( - $preferred['kex'], - static::getSupportedKEXAlgorithms() - ); - } - - if (isset($preferred['hostkey'])) { - $preferred['hostkey'] = array_intersect( - $preferred['hostkey'], - static::getSupportedHostKeyAlgorithms() - ); - } - - $keys = ['client_to_server', 'server_to_client']; - foreach ($keys as $key) { - if (isset($preferred[$key])) { - $a = &$preferred[$key]; - if (isset($a['crypt'])) { - $a['crypt'] = array_intersect( - $a['crypt'], - static::getSupportedEncryptionAlgorithms() - ); - } - if (isset($a['comp'])) { - $a['comp'] = array_intersect( - $a['comp'], - static::getSupportedCompressionAlgorithms() - ); - } - if (isset($a['mac'])) { - $a['mac'] = array_intersect( - $a['mac'], - static::getSupportedMACAlgorithms() - ); - } - } - } - - $keys = [ - 'kex', - 'hostkey', - 'client_to_server/crypt', - 'client_to_server/comp', - 'client_to_server/mac', - 'server_to_client/crypt', - 'server_to_client/comp', - 'server_to_client/mac', - ]; - foreach ($keys as $key) { - $p = $preferred; - $m = $methods; - - $subkeys = explode('/', $key); - foreach ($subkeys as $subkey) { - if (!isset($p[$subkey])) { - continue 2; - } - $p = $p[$subkey]; - $m = $m[$subkey]; - } - - if (count($p) != count($m)) { - $diff = array_diff($m, $p); - $msg = count($diff) == 1 ? - ' is not a supported algorithm' : - ' are not supported algorithms'; - throw new UnsupportedAlgorithmException(implode(', ', $diff) . $msg); - } - } - - $this->preferred = $preferred; - } - - /** - * Returns the banner message. - * - * Quoting from the RFC, "in some jurisdictions, sending a warning message before - * authentication may be relevant for getting legal protection." - * - * @return string - */ - public function getBannerMessage() - { - return $this->banner_message; - } - - /** - * Returns the server public host key. - * - * Caching this the first time you connect to a server and checking the result on subsequent connections - * is recommended. Returns false if the server signature is not signed correctly with the public host key. - * - * @return string|false - * @throws \RuntimeException on badly formatted keys - * @throws \phpseclib3\Exception\NoSupportedAlgorithmsException when the key isn't in a supported format - */ - public function getServerPublicHostKey() - { - if (!($this->bitmap & self::MASK_CONSTRUCTOR)) { - $this->connect(); - } - - $signature = $this->signature; - $server_public_host_key = base64_encode($this->server_public_host_key); - - if ($this->signature_validated) { - return $this->bitmap ? - $this->signature_format . ' ' . $server_public_host_key : - false; - } - - $this->signature_validated = true; - - switch ($this->signature_format) { - case 'ssh-ed25519': - case 'ecdsa-sha2-nistp256': - case 'ecdsa-sha2-nistp384': - case 'ecdsa-sha2-nistp521': - $key = EC::loadFormat('OpenSSH', $server_public_host_key) - ->withSignatureFormat('SSH2'); - switch ($this->signature_format) { - case 'ssh-ed25519': - $hash = 'sha512'; - break; - case 'ecdsa-sha2-nistp256': - $hash = 'sha256'; - break; - case 'ecdsa-sha2-nistp384': - $hash = 'sha384'; - break; - case 'ecdsa-sha2-nistp521': - $hash = 'sha512'; - } - $key = $key->withHash($hash); - break; - case 'ssh-dss': - $key = DSA::loadFormat('OpenSSH', $server_public_host_key) - ->withSignatureFormat('SSH2') - ->withHash('sha1'); - break; - case 'ssh-rsa': - case 'rsa-sha2-256': - case 'rsa-sha2-512': - // could be ssh-rsa, rsa-sha2-256, rsa-sha2-512 - // we don't check here because we already checked in key_exchange - // some signatures have the type embedded within the message and some don't - list(, $signature) = Strings::unpackSSH2('ss', $signature); - - $key = RSA::loadFormat('OpenSSH', $server_public_host_key) - ->withPadding(RSA::SIGNATURE_PKCS1); - switch ($this->signature_format) { - case 'rsa-sha2-512': - $hash = 'sha512'; - break; - case 'rsa-sha2-256': - $hash = 'sha256'; - break; - //case 'ssh-rsa': - default: - $hash = 'sha1'; - } - $key = $key->withHash($hash); - break; - default: - $this->disconnect_helper(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE); - throw new NoSupportedAlgorithmsException('Unsupported signature format'); - } - - if (!$key->verify($this->exchange_hash, $signature)) { - return $this->disconnect_helper(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE); - }; - - return $this->signature_format . ' ' . $server_public_host_key; - } - - /** - * Returns the exit status of an SSH command or false. - * - * @return false|int - */ - public function getExitStatus() - { - if (is_null($this->exit_status)) { - return false; - } - return $this->exit_status; - } - - /** - * Returns the number of columns for the terminal window size. - * - * @return int - */ - public function getWindowColumns() - { - return $this->windowColumns; - } - - /** - * Returns the number of rows for the terminal window size. - * - * @return int - */ - public function getWindowRows() - { - return $this->windowRows; - } - - /** - * Sets the number of columns for the terminal window size. - * - * @param int $value - */ - public function setWindowColumns($value) - { - $this->windowColumns = $value; - } - - /** - * Sets the number of rows for the terminal window size. - * - * @param int $value - */ - public function setWindowRows($value) - { - $this->windowRows = $value; - } - - /** - * Sets the number of columns and rows for the terminal window size. - * - * @param int $columns - * @param int $rows - */ - public function setWindowSize($columns = 80, $rows = 24) - { - $this->windowColumns = $columns; - $this->windowRows = $rows; - } - - /** - * To String Magic Method - * - * @return string - */ - #[\ReturnTypeWillChange] - public function __toString() - { - return $this->getResourceId(); - } - - /** - * Get Resource ID - * - * We use {} because that symbols should not be in URL according to - * {@link http://tools.ietf.org/html/rfc3986#section-2 RFC}. - * It will safe us from any conflicts, because otherwise regexp will - * match all alphanumeric domains. - * - * @return string - */ - public function getResourceId() - { - return '{' . spl_object_hash($this) . '}'; - } - - /** - * Return existing connection - * - * @param string $id - * - * @return bool|SSH2 will return false if no such connection - */ - public static function getConnectionByResourceId($id) - { - if (isset(self::$connections[$id])) { - return self::$connections[$id] instanceof \WeakReference ? self::$connections[$id]->get() : self::$connections[$id]; - } - return false; - } - - /** - * Return all excising connections - * - * @return array - */ - public static function getConnections() - { - if (!class_exists('WeakReference')) { - /** @var array */ - return self::$connections; - } - $temp = []; - foreach (self::$connections as $key => $ref) { - $temp[$key] = $ref->get(); - } - return $temp; - } - - /* - * Update packet types in log history - * - * @param string $old - * @param string $new - */ - private function updateLogHistory($old, $new) - { - if (defined('NET_SSH2_LOGGING') && NET_SSH2_LOGGING == self::LOG_COMPLEX) { - $this->message_number_log[count($this->message_number_log) - 1] = str_replace( - $old, - $new, - $this->message_number_log[count($this->message_number_log) - 1] - ); - } - } - - /** - * Return the list of authentication methods that may productively continue authentication. - * - * @see https://tools.ietf.org/html/rfc4252#section-5.1 - * @return array|null - */ - public function getAuthMethodsToContinue() - { - return $this->auth_methods_to_continue; - } - - /** - * Enables "smart" multi-factor authentication (MFA) - */ - public function enableSmartMFA() - { - $this->smartMFA = true; - } - - /** - * Disables "smart" multi-factor authentication (MFA) - */ - public function disableSmartMFA() - { - $this->smartMFA = false; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Agent.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Agent.php deleted file mode 100644 index 26ca322..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Agent.php +++ /dev/null @@ -1,286 +0,0 @@ - - * login('username', $agent)) { - * exit('Login Failed'); - * } - * - * echo $ssh->exec('pwd'); - * echo $ssh->exec('ls -la'); - * ?> - * - * - * @author Jim Wigginton - * @copyright 2014 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\System\SSH; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\PublicKeyLoader; -use phpseclib3\Crypt\RSA; -use phpseclib3\Exception\BadConfigurationException; -use phpseclib3\Net\SSH2; -use phpseclib3\System\SSH\Agent\Identity; - -/** - * Pure-PHP ssh-agent client identity factory - * - * requestIdentities() method pumps out \phpseclib3\System\SSH\Agent\Identity objects - * - * @author Jim Wigginton - */ -class Agent -{ - use Common\Traits\ReadBytes; - - // Message numbers - - // to request SSH1 keys you have to use SSH_AGENTC_REQUEST_RSA_IDENTITIES (1) - const SSH_AGENTC_REQUEST_IDENTITIES = 11; - // this is the SSH2 response; the SSH1 response is SSH_AGENT_RSA_IDENTITIES_ANSWER (2). - const SSH_AGENT_IDENTITIES_ANSWER = 12; - // the SSH1 request is SSH_AGENTC_RSA_CHALLENGE (3) - const SSH_AGENTC_SIGN_REQUEST = 13; - // the SSH1 response is SSH_AGENT_RSA_RESPONSE (4) - const SSH_AGENT_SIGN_RESPONSE = 14; - - // Agent forwarding status - - // no forwarding requested and not active - const FORWARD_NONE = 0; - // request agent forwarding when opportune - const FORWARD_REQUEST = 1; - // forwarding has been request and is active - const FORWARD_ACTIVE = 2; - - /** - * Unused - */ - const SSH_AGENT_FAILURE = 5; - - /** - * Socket Resource - * - * @var resource - */ - private $fsock; - - /** - * Agent forwarding status - * - * @var int - */ - private $forward_status = self::FORWARD_NONE; - - /** - * Buffer for accumulating forwarded authentication - * agent data arriving on SSH data channel destined - * for agent unix socket - * - * @var string - */ - private $socket_buffer = ''; - - /** - * Tracking the number of bytes we are expecting - * to arrive for the agent socket on the SSH data - * channel - * - * @var int - */ - private $expected_bytes = 0; - - /** - * Default Constructor - * - * @return \phpseclib3\System\SSH\Agent - * @throws \phpseclib3\Exception\BadConfigurationException if SSH_AUTH_SOCK cannot be found - * @throws \RuntimeException on connection errors - */ - public function __construct($address = null) - { - if (!$address) { - switch (true) { - case isset($_SERVER['SSH_AUTH_SOCK']): - $address = $_SERVER['SSH_AUTH_SOCK']; - break; - case isset($_ENV['SSH_AUTH_SOCK']): - $address = $_ENV['SSH_AUTH_SOCK']; - break; - default: - throw new BadConfigurationException('SSH_AUTH_SOCK not found'); - } - } - - if (in_array('unix', stream_get_transports())) { - $this->fsock = fsockopen('unix://' . $address, 0, $errno, $errstr); - if (!$this->fsock) { - throw new \RuntimeException("Unable to connect to ssh-agent (Error $errno: $errstr)"); - } - } else { - if (substr($address, 0, 9) != '\\\\.\\pipe\\' || strpos(substr($address, 9), '\\') !== false) { - throw new \RuntimeException('Address is not formatted as a named pipe should be'); - } - - $this->fsock = fopen($address, 'r+b'); - if (!$this->fsock) { - throw new \RuntimeException('Unable to open address'); - } - } - } - - /** - * Request Identities - * - * See "2.5.2 Requesting a list of protocol 2 keys" - * Returns an array containing zero or more \phpseclib3\System\SSH\Agent\Identity objects - * - * @return array - * @throws \RuntimeException on receipt of unexpected packets - */ - public function requestIdentities() - { - if (!$this->fsock) { - return []; - } - - $packet = pack('NC', 1, self::SSH_AGENTC_REQUEST_IDENTITIES); - if (strlen($packet) != fputs($this->fsock, $packet)) { - throw new \RuntimeException('Connection closed while requesting identities'); - } - - $length = current(unpack('N', $this->readBytes(4))); - $packet = $this->readBytes($length); - - list($type, $keyCount) = Strings::unpackSSH2('CN', $packet); - if ($type != self::SSH_AGENT_IDENTITIES_ANSWER) { - throw new \RuntimeException('Unable to request identities'); - } - - $identities = []; - for ($i = 0; $i < $keyCount; $i++) { - list($key_blob, $comment) = Strings::unpackSSH2('ss', $packet); - $temp = $key_blob; - list($key_type) = Strings::unpackSSH2('s', $temp); - switch ($key_type) { - case 'ssh-rsa': - case 'ssh-dss': - case 'ssh-ed25519': - case 'ecdsa-sha2-nistp256': - case 'ecdsa-sha2-nistp384': - case 'ecdsa-sha2-nistp521': - $key = PublicKeyLoader::load($key_type . ' ' . base64_encode($key_blob)); - } - // resources are passed by reference by default - if (isset($key)) { - $identity = (new Identity($this->fsock)) - ->withPublicKey($key) - ->withPublicKeyBlob($key_blob); - $identities[] = $identity; - unset($key); - } - } - - return $identities; - } - - /** - * Signal that agent forwarding should - * be requested when a channel is opened - * - * @return void - */ - public function startSSHForwarding() - { - if ($this->forward_status == self::FORWARD_NONE) { - $this->forward_status = self::FORWARD_REQUEST; - } - } - - /** - * Request agent forwarding of remote server - * - * @param \phpseclib3\Net\SSH2 $ssh - * @return bool - */ - private function request_forwarding(SSH2 $ssh) - { - if (!$ssh->requestAgentForwarding()) { - return false; - } - - $this->forward_status = self::FORWARD_ACTIVE; - - return true; - } - - /** - * On successful channel open - * - * This method is called upon successful channel - * open to give the SSH Agent an opportunity - * to take further action. i.e. request agent forwarding - * - * @param \phpseclib3\Net\SSH2 $ssh - */ - public function registerChannelOpen(SSH2 $ssh) - { - if ($this->forward_status == self::FORWARD_REQUEST) { - $this->request_forwarding($ssh); - } - } - - /** - * Forward data to SSH Agent and return data reply - * - * @param string $data - * @return string Data from SSH Agent - * @throws \RuntimeException on connection errors - */ - public function forwardData($data) - { - if ($this->expected_bytes > 0) { - $this->socket_buffer .= $data; - $this->expected_bytes -= strlen($data); - } else { - $agent_data_bytes = current(unpack('N', $data)); - $current_data_bytes = strlen($data); - $this->socket_buffer = $data; - if ($current_data_bytes != $agent_data_bytes + 4) { - $this->expected_bytes = ($agent_data_bytes + 4) - $current_data_bytes; - return false; - } - } - - if (strlen($this->socket_buffer) != fwrite($this->fsock, $this->socket_buffer)) { - throw new \RuntimeException('Connection closed attempting to forward data to SSH agent'); - } - - $this->socket_buffer = ''; - $this->expected_bytes = 0; - - $agent_reply_bytes = current(unpack('N', $this->readBytes(4))); - - $agent_reply_data = $this->readBytes($agent_reply_bytes); - $agent_reply_data = current(unpack('a*', $agent_reply_data)); - - return pack('Na*', $agent_reply_bytes, $agent_reply_data); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Agent/Identity.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Agent/Identity.php deleted file mode 100644 index 653e8ea..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Agent/Identity.php +++ /dev/null @@ -1,320 +0,0 @@ - - * @copyright 2009 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\System\SSH\Agent; - -use phpseclib3\Common\Functions\Strings; -use phpseclib3\Crypt\Common\PrivateKey; -use phpseclib3\Crypt\Common\PublicKey; -use phpseclib3\Crypt\DSA; -use phpseclib3\Crypt\EC; -use phpseclib3\Crypt\RSA; -use phpseclib3\Exception\UnsupportedAlgorithmException; -use phpseclib3\System\SSH\Agent; -use phpseclib3\System\SSH\Common\Traits\ReadBytes; - -/** - * Pure-PHP ssh-agent client identity object - * - * Instantiation should only be performed by \phpseclib3\System\SSH\Agent class. - * This could be thought of as implementing an interface that phpseclib3\Crypt\RSA - * implements. ie. maybe a Net_SSH_Auth_PublicKey interface or something. - * The methods in this interface would be getPublicKey and sign since those are the - * methods phpseclib looks for to perform public key authentication. - * - * @author Jim Wigginton - * @internal - */ -class Identity implements PrivateKey -{ - use ReadBytes; - - // Signature Flags - // See https://tools.ietf.org/html/draft-miller-ssh-agent-00#section-5.3 - const SSH_AGENT_RSA2_256 = 2; - const SSH_AGENT_RSA2_512 = 4; - - /** - * Key Object - * - * @var PublicKey - * @see self::getPublicKey() - */ - private $key; - - /** - * Key Blob - * - * @var string - * @see self::sign() - */ - private $key_blob; - - /** - * Socket Resource - * - * @var resource - * @see self::sign() - */ - private $fsock; - - /** - * Signature flags - * - * @var int - * @see self::sign() - * @see self::setHash() - */ - private $flags = 0; - - /** - * Curve Aliases - * - * @var array - */ - private static $curveAliases = [ - 'secp256r1' => 'nistp256', - 'secp384r1' => 'nistp384', - 'secp521r1' => 'nistp521', - 'Ed25519' => 'Ed25519' - ]; - - /** - * Default Constructor. - * - * @param resource $fsock - */ - public function __construct($fsock) - { - $this->fsock = $fsock; - } - - /** - * Set Public Key - * - * Called by \phpseclib3\System\SSH\Agent::requestIdentities() - * - * @param \phpseclib3\Crypt\Common\PublicKey $key - */ - public function withPublicKey(PublicKey $key) - { - if ($key instanceof EC) { - if (is_array($key->getCurve()) || !isset(self::$curveAliases[$key->getCurve()])) { - throw new UnsupportedAlgorithmException('The only supported curves are nistp256, nistp384, nistp512 and Ed25519'); - } - } - - $new = clone $this; - $new->key = $key; - return $new; - } - - /** - * Set Public Key - * - * Called by \phpseclib3\System\SSH\Agent::requestIdentities(). The key blob could be extracted from $this->key - * but this saves a small amount of computation. - * - * @param string $key_blob - */ - public function withPublicKeyBlob($key_blob) - { - $new = clone $this; - $new->key_blob = $key_blob; - return $new; - } - - /** - * Get Public Key - * - * Wrapper for $this->key->getPublicKey() - * - * @param string $type optional - * @return mixed - */ - public function getPublicKey($type = 'PKCS8') - { - return $this->key; - } - - /** - * Sets the hash - * - * @param string $hash - */ - public function withHash($hash) - { - $new = clone $this; - - $hash = strtolower($hash); - - if ($this->key instanceof RSA) { - $new->flags = 0; - switch ($hash) { - case 'sha1': - break; - case 'sha256': - $new->flags = self::SSH_AGENT_RSA2_256; - break; - case 'sha512': - $new->flags = self::SSH_AGENT_RSA2_512; - break; - default: - throw new UnsupportedAlgorithmException('The only supported hashes for RSA are sha1, sha256 and sha512'); - } - } - if ($this->key instanceof EC) { - switch ($this->key->getCurve()) { - case 'secp256r1': - $expectedHash = 'sha256'; - break; - case 'secp384r1': - $expectedHash = 'sha384'; - break; - //case 'secp521r1': - //case 'Ed25519': - default: - $expectedHash = 'sha512'; - } - if ($hash != $expectedHash) { - throw new UnsupportedAlgorithmException('The only supported hash for ' . self::$curveAliases[$this->key->getCurve()] . ' is ' . $expectedHash); - } - } - if ($this->key instanceof DSA) { - if ($hash != 'sha1') { - throw new UnsupportedAlgorithmException('The only supported hash for DSA is sha1'); - } - } - return $new; - } - - /** - * Sets the padding - * - * Only PKCS1 padding is supported - * - * @param string $padding - */ - public function withPadding($padding) - { - if (!$this->key instanceof RSA) { - throw new UnsupportedAlgorithmException('Only RSA keys support padding'); - } - if ($padding != RSA::SIGNATURE_PKCS1 && $padding != RSA::SIGNATURE_RELAXED_PKCS1) { - throw new UnsupportedAlgorithmException('ssh-agent can only create PKCS1 signatures'); - } - return $this; - } - - /** - * Determines the signature padding mode - * - * Valid values are: ASN1, SSH2, Raw - * - * @param string $format - */ - public function withSignatureFormat($format) - { - if ($this->key instanceof RSA) { - throw new UnsupportedAlgorithmException('Only DSA and EC keys support signature format setting'); - } - if ($format != 'SSH2') { - throw new UnsupportedAlgorithmException('Only SSH2-formatted signatures are currently supported'); - } - - return $this; - } - - /** - * Returns the curve - * - * Returns a string if it's a named curve, an array if not - * - * @return string|array - */ - public function getCurve() - { - if (!$this->key instanceof EC) { - throw new UnsupportedAlgorithmException('Only EC keys have curves'); - } - - return $this->key->getCurve(); - } - - /** - * Create a signature - * - * See "2.6.2 Protocol 2 private key signature request" - * - * @param string $message - * @return string - * @throws \RuntimeException on connection errors - * @throws \phpseclib3\Exception\UnsupportedAlgorithmException if the algorithm is unsupported - */ - public function sign($message) - { - // the last parameter (currently 0) is for flags and ssh-agent only defines one flag (for ssh-dss): SSH_AGENT_OLD_SIGNATURE - $packet = Strings::packSSH2( - 'CssN', - Agent::SSH_AGENTC_SIGN_REQUEST, - $this->key_blob, - $message, - $this->flags - ); - $packet = Strings::packSSH2('s', $packet); - if (strlen($packet) != fputs($this->fsock, $packet)) { - throw new \RuntimeException('Connection closed during signing'); - } - - $length = current(unpack('N', $this->readBytes(4))); - $packet = $this->readBytes($length); - - list($type, $signature_blob) = Strings::unpackSSH2('Cs', $packet); - if ($type != Agent::SSH_AGENT_SIGN_RESPONSE) { - throw new \RuntimeException('Unable to retrieve signature'); - } - - if (!$this->key instanceof RSA) { - return $signature_blob; - } - - list($type, $signature_blob) = Strings::unpackSSH2('ss', $signature_blob); - - return $signature_blob; - } - - /** - * Returns the private key - * - * @param string $type - * @param array $options optional - * @return string - */ - public function toString($type, array $options = []) - { - throw new \RuntimeException('ssh-agent does not provide a mechanism to get the private key'); - } - - /** - * Sets the password - * - * @param string|bool $password - * @return never - */ - public function withPassword($password = false) - { - throw new \RuntimeException('ssh-agent does not provide a mechanism to get the private key'); - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Common/Traits/ReadBytes.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Common/Traits/ReadBytes.php deleted file mode 100644 index 6fd032b..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Common/Traits/ReadBytes.php +++ /dev/null @@ -1,37 +0,0 @@ - - * @copyright 2015 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - */ - -namespace phpseclib3\System\SSH\Common\Traits; - -/** - * ReadBytes trait - * - * @author Jim Wigginton - */ -trait ReadBytes -{ - /** - * Read data - * - * @param int $length - * @throws \RuntimeException on connection errors - */ - public function readBytes($length) - { - $temp = fread($this->fsock, $length); - if (strlen($temp) != $length) { - throw new \RuntimeException("Expected $length bytes; got " . strlen($temp)); - } - return $temp; - } -} diff --git a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/bootstrap.php b/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/bootstrap.php deleted file mode 100644 index 517106c..0000000 --- a/utilities/signing_and_verification/php/vendor/phpseclib/phpseclib/phpseclib/bootstrap.php +++ /dev/null @@ -1,22 +0,0 @@ -=7.2 -- gmp -- mbstring - -## Installation - -This library is available on -[Packagist](https://packagist.org/packages/sop/asn1). - -```sh -composer require sop/asn1 -``` - -## Usage - -The general idea is that each ASN.1 type has its corresponding PHP class, -that knows the details of encoding and decoding the specific type. - -To decode DER data, use `fromDER` static method of the expected type. -To encode object to DER, use `toDER` instance method. - -Many methods return an `UnspecifiedType` object, that works as an intermediate -wrapper with accessor methods ensuring type safety. - -All objects are immutable and method chaining is promoted for the fluency -of the API. Exception shall be thrown on errors. - -## [Code Examples](https://github.com/sop/asn1/tree/master/examples) - -Here are some simple usage examples. Namespaces are omitted for brevity. - -### [Encode](https://github.com/sop/asn1/blob/master/examples/encode.php) - -Encode a sequence containing a UTF-8 string, an integer -and an explicitly tagged object identifier, conforming to the following -ASN.1 specification: - -```asn.1 -Example ::= SEQUENCE { - greeting UTF8String, - answer INTEGER, - type [1] EXPLICIT OBJECT IDENTIFIER -} -``` - -```php -$seq = new Sequence( - new UTF8String('Hello'), - new Integer(42), - new ExplicitlyTaggedType( - 1, new ObjectIdentifier('1.3.6.1.3')) -); -$der = $seq->toDER(); -``` - -### [Decode](https://github.com/sop/asn1/blob/master/examples/decode.php) - -Decode DER encoding from above. - -```php -$seq = UnspecifiedType::fromDER($der)->asSequence(); -$greeting = $seq->at(0)->asUTF8String()->string(); -$answer = $seq->at(1)->asInteger()->intNumber(); -$type = $seq->at(2)->asTagged()->asExplicit()->asObjectIdentifier()->oid(); -``` - -### Real-World Examples - -See the following for more practical real-world usage examples. - -- EC Private Key - - [Decode](https://github.com/sop/crypto-types/blob/a27fa76d5f5e8c4596cb65a7be9d02a08421ba1e/lib/CryptoTypes/Asymmetric/EC/ECPrivateKey.php#L72) - - [Encode](https://github.com/sop/crypto-types/blob/a27fa76d5f5e8c4596cb65a7be9d02a08421ba1e/lib/CryptoTypes/Asymmetric/EC/ECPrivateKey.php#L206) -- X.501 Attribute - - [Decode](https://github.com/sop/x501/blob/c6bdb04673d5c04b9d49f83020e75b8ba7a20064/lib/X501/ASN1/Attribute.php#L55) - - [Encode](https://github.com/sop/x501/blob/c6bdb04673d5c04b9d49f83020e75b8ba7a20064/lib/X501/ASN1/Attribute.php#L114) -- X.509 Certificate (`TBSCertificate` sequence) - - [Decode](https://github.com/sop/x509/blob/f762c743b6930af4f45ef857ccc9f6199980a92e/lib/X509/Certificate/TBSCertificate.php#L130) - - [Encode](https://github.com/sop/x509/blob/f762c743b6930af4f45ef857ccc9f6199980a92e/lib/X509/Certificate/TBSCertificate.php#L576) - -## ASN.1 References - -- [ITU-T X.690 07/2002](https://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf) -- [ITU-T X.690 08/2015](https://www.itu.int/rec/T-REC-X.690-201508-I/en) -- Hosted by [OSS Nokalva](http://www.oss.com/asn1/resources/books-whitepapers-pubs/asn1-books.html) - - [ASN.1 — Communication Between Heterogeneous Systems by Olivier Dubuisson](http://www.oss.com/asn1/resources/books-whitepapers-pubs/dubuisson-asn1-book.PDF) - - [ASN.1 Complete by Professor John Larmouth](http://www.oss.com/asn1/resources/books-whitepapers-pubs/larmouth-asn1-book.pdf) - -## License - -This project is licensed under the MIT License. diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/composer.json b/utilities/signing_and_verification/php/vendor/sop/asn1/composer.json deleted file mode 100644 index 630511d..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/composer.json +++ /dev/null @@ -1,34 +0,0 @@ -{ - "name": "sop/asn1", - "description": "A PHP library for X.690 ASN.1 DER encoding and decoding.", - "homepage": "https://github.com/sop/asn1", - "license": "MIT", - "type": "library", - "keywords": [ - "asn1", - "asn.1", - "x690", - "x.690", - "der" - ], - "authors": [ - { - "name": "Joni Eskelinen", - "email": "jonieske@gmail.com", - "role": "Developer" - } - ], - "require": { - "php": ">=7.2", - "ext-gmp": "*", - "ext-mbstring": "*" - }, - "require-dev": { - "phpunit/phpunit": "^8.1" - }, - "autoload": { - "psr-4": { - "Sop\\ASN1\\": "lib/ASN1/" - } - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Component/Identifier.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Component/Identifier.php deleted file mode 100644 index 42d512f..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Component/Identifier.php +++ /dev/null @@ -1,290 +0,0 @@ - 'UNIVERSAL', - self::CLASS_APPLICATION => 'APPLICATION', - self::CLASS_CONTEXT_SPECIFIC => 'CONTEXT SPECIFIC', - self::CLASS_PRIVATE => 'PRIVATE', - ]; - - // P/C enumerations - const PRIMITIVE = 0b0; - const CONSTRUCTED = 0b1; - - /** - * Type class. - * - * @var int - */ - private $_class; - - /** - * Primitive or Constructed. - * - * @var int - */ - private $_pc; - - /** - * Content type tag. - * - * @var BigInt - */ - private $_tag; - - /** - * Constructor. - * - * @param int $class Type class - * @param int $pc Primitive / Constructed - * @param \GMP|int|string $tag Type tag number - */ - public function __construct(int $class, int $pc, $tag) - { - $this->_class = 0b11 & $class; - $this->_pc = 0b1 & $pc; - $this->_tag = new BigInt($tag); - } - - /** - * Decode identifier component from DER data. - * - * @param string $data DER encoded data - * @param null|int $offset Reference to the variable that contains offset - * into the data where to start parsing. - * Variable is updated to the offset next to the - * parsed identifier. If null, start from offset 0. - * - * @throws DecodeException If decoding fails - * - * @return self - */ - public static function fromDER(string $data, int &$offset = null): Identifier - { - $idx = $offset ?? 0; - $datalen = strlen($data); - if ($idx >= $datalen) { - throw new DecodeException('Invalid offset.'); - } - $byte = ord($data[$idx++]); - // bits 8 and 7 (class) - // 0 = universal, 1 = application, 2 = context-specific, 3 = private - $class = (0b11000000 & $byte) >> 6; - // bit 6 (0 = primitive / 1 = constructed) - $pc = (0b00100000 & $byte) >> 5; - // bits 5 to 1 (tag number) - $tag = (0b00011111 & $byte); - // long-form identifier - if (0x1f === $tag) { - $tag = self::_decodeLongFormTag($data, $idx); - } - if (isset($offset)) { - $offset = $idx; - } - return new self($class, $pc, $tag); - } - - /** - * {@inheritdoc} - */ - public function toDER(): string - { - $bytes = []; - $byte = $this->_class << 6 | $this->_pc << 5; - $tag = $this->_tag->gmpObj(); - if ($tag < 0x1f) { - $bytes[] = $byte | $tag; - } - // long-form identifier - else { - $bytes[] = $byte | 0x1f; - $octets = []; - for (; $tag > 0; $tag >>= 7) { - array_push($octets, gmp_intval(0x80 | ($tag & 0x7f))); - } - // last octet has bit 8 set to zero - $octets[0] &= 0x7f; - foreach (array_reverse($octets) as $octet) { - $bytes[] = $octet; - } - } - return pack('C*', ...$bytes); - } - - /** - * Get class of the type. - */ - public function typeClass(): int - { - return $this->_class; - } - - /** - * Get P/C. - */ - public function pc(): int - { - return $this->_pc; - } - - /** - * Get the tag number. - * - * @return string Base 10 integer string - */ - public function tag(): string - { - return $this->_tag->base10(); - } - - /** - * Get the tag as an integer. - */ - public function intTag(): int - { - return $this->_tag->intVal(); - } - - /** - * Check whether type is of an universal class. - */ - public function isUniversal(): bool - { - return self::CLASS_UNIVERSAL === $this->_class; - } - - /** - * Check whether type is of an application class. - */ - public function isApplication(): bool - { - return self::CLASS_APPLICATION === $this->_class; - } - - /** - * Check whether type is of a context specific class. - */ - public function isContextSpecific(): bool - { - return self::CLASS_CONTEXT_SPECIFIC === $this->_class; - } - - /** - * Check whether type is of a private class. - */ - public function isPrivate(): bool - { - return self::CLASS_PRIVATE === $this->_class; - } - - /** - * Check whether content is primitive type. - */ - public function isPrimitive(): bool - { - return self::PRIMITIVE === $this->_pc; - } - - /** - * Check hether content is constructed type. - */ - public function isConstructed(): bool - { - return self::CONSTRUCTED === $this->_pc; - } - - /** - * Get self with given type class. - * - * @param int $class One of `CLASS_*` enumerations - * - * @return self - */ - public function withClass(int $class): Identifier - { - $obj = clone $this; - $obj->_class = 0b11 & $class; - return $obj; - } - - /** - * Get self with given type tag. - * - * @param \GMP|int|string $tag Tag number - * - * @return self - */ - public function withTag($tag): Identifier - { - $obj = clone $this; - $obj->_tag = new BigInt($tag); - return $obj; - } - - /** - * Get human readable name of the type class. - */ - public static function classToName(int $class): string - { - if (!array_key_exists($class, self::MAP_CLASS_TO_NAME)) { - return "CLASS {$class}"; - } - return self::MAP_CLASS_TO_NAME[$class]; - } - - /** - * Parse long form tag. - * - * @param string $data DER data - * @param int $offset Reference to the variable containing offset to data - * - * @throws DecodeException If decoding fails - * - * @return \GMP Tag number - */ - private static function _decodeLongFormTag(string $data, int &$offset): \GMP - { - $datalen = strlen($data); - $tag = gmp_init(0, 10); - while (true) { - if ($offset >= $datalen) { - throw new DecodeException( - 'Unexpected end of data while decoding long form identifier.'); - } - $byte = ord($data[$offset++]); - $tag <<= 7; - $tag |= 0x7f & $byte; - // last byte has bit 8 set to zero - if (!(0x80 & $byte)) { - break; - } - } - return $tag; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Component/Length.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Component/Length.php deleted file mode 100644 index 27216e8..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Component/Length.php +++ /dev/null @@ -1,225 +0,0 @@ -_length = new BigInt($length); - $this->_indefinite = $indefinite; - } - - /** - * Decode length component from DER data. - * - * @param string $data DER encoded data - * @param null|int $offset Reference to the variable that contains offset - * into the data where to start parsing. - * Variable is updated to the offset next to the - * parsed length component. If null, start from offset 0. - * - * @throws DecodeException If decoding fails - */ - public static function fromDER(string $data, int &$offset = null): self - { - $idx = $offset ?? 0; - $datalen = strlen($data); - if ($idx >= $datalen) { - throw new DecodeException( - 'Unexpected end of data while decoding length.'); - } - $indefinite = false; - $byte = ord($data[$idx++]); - // bits 7 to 1 - $length = (0x7f & $byte); - // long form - if (0x80 & $byte) { - if (!$length) { - $indefinite = true; - } else { - if ($idx + $length > $datalen) { - throw new DecodeException( - 'Unexpected end of data while decoding long form length.'); - } - $length = self::_decodeLongFormLength($length, $data, $idx); - } - } - if (isset($offset)) { - $offset = $idx; - } - return new self($length, $indefinite); - } - - /** - * Decode length from DER. - * - * Throws an exception if length doesn't match with expected or if data - * doesn't contain enough bytes. - * - * Requirement of definite length is relaxed contrary to the specification - * (sect. 10.1). - * - * @see self::fromDER - * - * @param string $data DER data - * @param int $offset Reference to the offset variable - * @param null|int $expected Expected length, null to bypass checking - * - * @throws DecodeException If decoding or expectation fails - */ - public static function expectFromDER(string $data, int &$offset, - int $expected = null): self - { - $idx = $offset; - $length = self::fromDER($data, $idx); - // if certain length was expected - if (isset($expected)) { - if ($length->isIndefinite()) { - throw new DecodeException( - sprintf('Expected length %d, got indefinite.', $expected)); - } - if ($expected !== $length->intLength()) { - throw new DecodeException( - sprintf('Expected length %d, got %d.', $expected, - $length->intLength())); - } - } - // check that enough data is available - if (!$length->isIndefinite() - && strlen($data) < $idx + $length->intLength()) { - throw new DecodeException( - sprintf('Length %d overflows data, %d bytes left.', - $length->intLength(), strlen($data) - $idx)); - } - $offset = $idx; - return $length; - } - - /** - * {@inheritdoc} - * - * @throws \DomainException If length is too large to encode - */ - public function toDER(): string - { - $bytes = []; - if ($this->_indefinite) { - $bytes[] = 0x80; - } else { - $num = $this->_length->gmpObj(); - // long form - if ($num > 127) { - $octets = []; - for (; $num > 0; $num >>= 8) { - $octets[] = gmp_intval(0xff & $num); - } - $count = count($octets); - // first octet must not be 0xff - if ($count >= 127) { - throw new \DomainException('Too many length octets.'); - } - $bytes[] = 0x80 | $count; - foreach (array_reverse($octets) as $octet) { - $bytes[] = $octet; - } - } - // short form - else { - $bytes[] = gmp_intval($num); - } - } - return pack('C*', ...$bytes); - } - - /** - * Get the length. - * - * @throws \LogicException If length is indefinite - * - * @return string Length as an integer string - */ - public function length(): string - { - if ($this->_indefinite) { - throw new \LogicException('Length is indefinite.'); - } - return $this->_length->base10(); - } - - /** - * Get the length as an integer. - * - * @throws \LogicException If length is indefinite - * @throws \RuntimeException If length overflows integer size - */ - public function intLength(): int - { - if ($this->_indefinite) { - throw new \LogicException('Length is indefinite.'); - } - return $this->_length->intVal(); - } - - /** - * Whether length is indefinite. - */ - public function isIndefinite(): bool - { - return $this->_indefinite; - } - - /** - * Decode long form length. - * - * @param int $length Number of octets - * @param string $data Data - * @param int $offset reference to the variable containing offset to the data - * - * @throws DecodeException If decoding fails - */ - private static function _decodeLongFormLength(int $length, string $data, - int &$offset): \GMP - { - // first octet must not be 0xff (spec 8.1.3.5c) - if (127 === $length) { - throw new DecodeException('Invalid number of length octets.'); - } - $num = gmp_init(0, 10); - while (--$length >= 0) { - $byte = ord($data[$offset++]); - $num <<= 8; - $num |= $byte; - } - return $num; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/DERData.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/DERData.php deleted file mode 100644 index 055de94..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/DERData.php +++ /dev/null @@ -1,89 +0,0 @@ -_identifier = Identifier::fromDER($data, $this->_contentOffset); - // check that length encoding is valid - Length::expectFromDER($data, $this->_contentOffset); - $this->_der = $data; - $this->_typeTag = $this->_identifier->intTag(); - } - - /** - * {@inheritdoc} - */ - public function typeClass(): int - { - return $this->_identifier->typeClass(); - } - - /** - * {@inheritdoc} - */ - public function isConstructed(): bool - { - return $this->_identifier->isConstructed(); - } - - /** - * {@inheritdoc} - */ - public function toDER(): string - { - return $this->_der; - } - - /** - * {@inheritdoc} - */ - protected function _encodedContentDER(): string - { - // if there's no content payload - if (strlen($this->_der) === $this->_contentOffset) { - return ''; - } - return substr($this->_der, $this->_contentOffset); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Element.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Element.php deleted file mode 100644 index 864fe36..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Element.php +++ /dev/null @@ -1,465 +0,0 @@ - Primitive\EOC::class, - self::TYPE_BOOLEAN => Primitive\Boolean::class, - self::TYPE_INTEGER => Primitive\Integer::class, - self::TYPE_BIT_STRING => Primitive\BitString::class, - self::TYPE_OCTET_STRING => Primitive\OctetString::class, - self::TYPE_NULL => Primitive\NullType::class, - self::TYPE_OBJECT_IDENTIFIER => Primitive\ObjectIdentifier::class, - self::TYPE_OBJECT_DESCRIPTOR => Primitive\ObjectDescriptor::class, - self::TYPE_REAL => Primitive\Real::class, - self::TYPE_ENUMERATED => Primitive\Enumerated::class, - self::TYPE_UTF8_STRING => Primitive\UTF8String::class, - self::TYPE_RELATIVE_OID => Primitive\RelativeOID::class, - self::TYPE_SEQUENCE => Constructed\Sequence::class, - self::TYPE_SET => Constructed\Set::class, - self::TYPE_NUMERIC_STRING => Primitive\NumericString::class, - self::TYPE_PRINTABLE_STRING => Primitive\PrintableString::class, - self::TYPE_T61_STRING => Primitive\T61String::class, - self::TYPE_VIDEOTEX_STRING => Primitive\VideotexString::class, - self::TYPE_IA5_STRING => Primitive\IA5String::class, - self::TYPE_UTC_TIME => Primitive\UTCTime::class, - self::TYPE_GENERALIZED_TIME => Primitive\GeneralizedTime::class, - self::TYPE_GRAPHIC_STRING => Primitive\GraphicString::class, - self::TYPE_VISIBLE_STRING => Primitive\VisibleString::class, - self::TYPE_GENERAL_STRING => Primitive\GeneralString::class, - self::TYPE_UNIVERSAL_STRING => Primitive\UniversalString::class, - self::TYPE_CHARACTER_STRING => Primitive\CharacterString::class, - self::TYPE_BMP_STRING => Primitive\BMPString::class, - ]; - - /** - * Pseudotype for all string types. - * - * May be used as an expectation parameter. - * - * @var int - */ - const TYPE_STRING = -1; - - /** - * Pseudotype for all time types. - * - * May be used as an expectation parameter. - * - * @var int - */ - const TYPE_TIME = -2; - - /** - * Pseudotype for constructed strings. - * - * May be used as an expectation parameter. - * - * @var int - */ - const TYPE_CONSTRUCTED_STRING = -3; - - /** - * Mapping from universal type tag to human readable name. - * - * @internal - * - * @var array - */ - const MAP_TYPE_TO_NAME = [ - self::TYPE_EOC => 'EOC', - self::TYPE_BOOLEAN => 'BOOLEAN', - self::TYPE_INTEGER => 'INTEGER', - self::TYPE_BIT_STRING => 'BIT STRING', - self::TYPE_OCTET_STRING => 'OCTET STRING', - self::TYPE_NULL => 'NULL', - self::TYPE_OBJECT_IDENTIFIER => 'OBJECT IDENTIFIER', - self::TYPE_OBJECT_DESCRIPTOR => 'ObjectDescriptor', - self::TYPE_EXTERNAL => 'EXTERNAL', - self::TYPE_REAL => 'REAL', - self::TYPE_ENUMERATED => 'ENUMERATED', - self::TYPE_EMBEDDED_PDV => 'EMBEDDED PDV', - self::TYPE_UTF8_STRING => 'UTF8String', - self::TYPE_RELATIVE_OID => 'RELATIVE-OID', - self::TYPE_SEQUENCE => 'SEQUENCE', - self::TYPE_SET => 'SET', - self::TYPE_NUMERIC_STRING => 'NumericString', - self::TYPE_PRINTABLE_STRING => 'PrintableString', - self::TYPE_T61_STRING => 'T61String', - self::TYPE_VIDEOTEX_STRING => 'VideotexString', - self::TYPE_IA5_STRING => 'IA5String', - self::TYPE_UTC_TIME => 'UTCTime', - self::TYPE_GENERALIZED_TIME => 'GeneralizedTime', - self::TYPE_GRAPHIC_STRING => 'GraphicString', - self::TYPE_VISIBLE_STRING => 'VisibleString', - self::TYPE_GENERAL_STRING => 'GeneralString', - self::TYPE_UNIVERSAL_STRING => 'UniversalString', - self::TYPE_CHARACTER_STRING => 'CHARACTER STRING', - self::TYPE_BMP_STRING => 'BMPString', - self::TYPE_STRING => 'Any String', - self::TYPE_TIME => 'Any Time', - self::TYPE_CONSTRUCTED_STRING => 'Constructed String', - ]; - - /** - * Element's type tag. - * - * @var int - */ - protected $_typeTag; - - /** - * Whether type shall be encoded with indefinite length. - * - * @var bool - */ - protected $_indefiniteLength = false; - - /** - * {@inheritdoc} - */ - abstract public function typeClass(): int; - - /** - * {@inheritdoc} - */ - abstract public function isConstructed(): bool; - - /** - * Decode element from DER data. - * - * @param string $data DER encoded data - * @param null|int $offset Reference to the variable that contains offset - * into the data where to start parsing. - * Variable is updated to the offset next to the - * parsed element. If null, start from offset 0. - * - * @throws DecodeException If decoding fails - * @throws \UnexpectedValueException If called in the context of an expected - * type, but decoding yields another type - */ - public static function fromDER(string $data, int &$offset = null): ElementBase - { - $idx = $offset ?? 0; - // decode identifier - $identifier = Identifier::fromDER($data, $idx); - // determine class that implements type specific decoding - $cls = self::_determineImplClass($identifier); - // decode remaining element - $element = $cls::_decodeFromDER($identifier, $data, $idx); - // if called in the context of a concrete class, check - // that decoded type matches the type of a calling class - $called_class = get_called_class(); - if (self::class !== $called_class) { - if (!$element instanceof $called_class) { - throw new \UnexpectedValueException( - sprintf('%s expected, got %s.', $called_class, get_class($element))); - } - } - // update offset for the caller - if (isset($offset)) { - $offset = $idx; - } - return $element; - } - - /** - * {@inheritdoc} - */ - public function toDER(): string - { - $identifier = new Identifier($this->typeClass(), - $this->isConstructed() ? Identifier::CONSTRUCTED : Identifier::PRIMITIVE, - $this->_typeTag); - $content = $this->_encodedContentDER(); - if ($this->_indefiniteLength) { - $length = new Length(0, true); - $eoc = new Primitive\EOC(); - return $identifier->toDER() . $length->toDER() . $content . $eoc->toDER(); - } - $length = new Length(strlen($content)); - return $identifier->toDER() . $length->toDER() . $content; - } - - /** - * {@inheritdoc} - */ - public function tag(): int - { - return $this->_typeTag; - } - - /** - * {@inheritdoc} - */ - public function isType(int $tag): bool - { - // if element is context specific - if (Identifier::CLASS_CONTEXT_SPECIFIC === $this->typeClass()) { - return false; - } - // negative tags identify an abstract pseudotype - if ($tag < 0) { - return $this->_isPseudoType($tag); - } - return $this->_isConcreteType($tag); - } - - /** - * {@inheritdoc} - */ - public function expectType(int $tag): ElementBase - { - if (!$this->isType($tag)) { - throw new \UnexpectedValueException( - sprintf('%s expected, got %s.', self::tagToName($tag), - $this->_typeDescriptorString())); - } - return $this; - } - - /** - * {@inheritdoc} - */ - public function isTagged(): bool - { - return $this instanceof TaggedType; - } - - /** - * {@inheritdoc} - */ - public function expectTagged(?int $tag = null): TaggedType - { - if (!$this->isTagged()) { - throw new \UnexpectedValueException( - sprintf('Context specific element expected, got %s.', - Identifier::classToName($this->typeClass()))); - } - if (isset($tag) && $this->tag() !== $tag) { - throw new \UnexpectedValueException( - sprintf('Tag %d expected, got %d.', $tag, $this->tag())); - } - return $this; - } - - /** - * Whether element has indefinite length. - */ - public function hasIndefiniteLength(): bool - { - return $this->_indefiniteLength; - } - - /** - * Get self with indefinite length encoding set. - * - * @param bool $indefinite True for indefinite length, false for definite length - */ - public function withIndefiniteLength(bool $indefinite = true): self - { - $obj = clone $this; - $obj->_indefiniteLength = $indefinite; - return $obj; - } - - /** - * {@inheritdoc} - */ - final public function asElement(): Element - { - return $this; - } - - /** - * Get element decorated with `UnspecifiedType` object. - */ - public function asUnspecified(): UnspecifiedType - { - return new UnspecifiedType($this); - } - - /** - * Get human readable name for an universal tag. - */ - public static function tagToName(int $tag): string - { - if (!array_key_exists($tag, self::MAP_TYPE_TO_NAME)) { - return "TAG {$tag}"; - } - return self::MAP_TYPE_TO_NAME[$tag]; - } - - /** - * Get the content encoded in DER. - * - * Returns the DER encoded content without identifier and length header octets. - */ - abstract protected function _encodedContentDER(): string; - - /** - * Decode type-specific element from DER. - * - * @param Identifier $identifier Pre-parsed identifier - * @param string $data DER data - * @param int $offset Offset in data to the next byte after identifier - * - * @throws DecodeException If decoding fails - */ - protected static function _decodeFromDER(Identifier $identifier, - string $data, int &$offset): ElementBase - { - throw new \BadMethodCallException( - __METHOD__ . ' must be implemented in derived class.'); - } - - /** - * Determine the class that implements the type. - * - * @return string Class name - */ - protected static function _determineImplClass(Identifier $identifier): string - { - switch ($identifier->typeClass()) { - case Identifier::CLASS_UNIVERSAL: - $cls = self::_determineUniversalImplClass($identifier->intTag()); - // constructed strings may be present in BER - if ($identifier->isConstructed() - && is_subclass_of($cls, StringType::class)) { - $cls = ConstructedString::class; - } - return $cls; - case Identifier::CLASS_CONTEXT_SPECIFIC: - return ContextSpecificType::class; - case Identifier::CLASS_APPLICATION: - return ApplicationType::class; - case Identifier::CLASS_PRIVATE: - return PrivateType::class; - } - throw new \UnexpectedValueException(sprintf('%s %d not implemented.', - Identifier::classToName($identifier->typeClass()), $identifier->tag())); - } - - /** - * Determine the class that implements an universal type of the given tag. - * - * @throws \UnexpectedValueException - * - * @return string Class name - */ - protected static function _determineUniversalImplClass(int $tag): string - { - if (!array_key_exists($tag, self::MAP_TAG_TO_CLASS)) { - throw new \UnexpectedValueException( - "Universal tag {$tag} not implemented."); - } - return self::MAP_TAG_TO_CLASS[$tag]; - } - - /** - * Get textual description of the type for debugging purposes. - */ - protected function _typeDescriptorString(): string - { - if (Identifier::CLASS_UNIVERSAL === $this->typeClass()) { - return self::tagToName($this->_typeTag); - } - return sprintf('%s TAG %d', Identifier::classToName($this->typeClass()), - $this->_typeTag); - } - - /** - * Check whether the element is a concrete type of a given tag. - */ - private function _isConcreteType(int $tag): bool - { - // if tag doesn't match - if ($this->tag() !== $tag) { - return false; - } - // if type is universal check that instance is of a correct class - if (Identifier::CLASS_UNIVERSAL === $this->typeClass()) { - $cls = self::_determineUniversalImplClass($tag); - if (!$this instanceof $cls) { - return false; - } - } - return true; - } - - /** - * Check whether the element is a pseudotype. - */ - private function _isPseudoType(int $tag): bool - { - switch ($tag) { - case self::TYPE_STRING: - return $this instanceof StringType; - case self::TYPE_TIME: - return $this instanceof TimeType; - case self::TYPE_CONSTRUCTED_STRING: - return $this instanceof ConstructedString; - } - return false; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Exception/DecodeException.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Exception/DecodeException.php deleted file mode 100644 index 6d53b44..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Exception/DecodeException.php +++ /dev/null @@ -1,12 +0,0 @@ -_validateString($string)) { - throw new \InvalidArgumentException( - sprintf('Not a valid %s string.', self::tagToName($this->_typeTag))); - } - $this->_string = $string; - } - - /** - * {@inheritdoc} - */ - public function __toString(): string - { - return $this->string(); - } - - /** - * Get the string value. - */ - public function string(): string - { - return $this->_string; - } - - /** - * Check whether string is valid for the concrete type. - */ - protected function _validateString(string $string): bool - { - // Override in derived classes - return true; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/BaseTime.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/BaseTime.php deleted file mode 100644 index 3723926..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/BaseTime.php +++ /dev/null @@ -1,107 +0,0 @@ -_dateTime = $dt; - } - - /** - * {@inheritdoc} - */ - public function __toString(): string - { - return $this->string(); - } - - /** - * Initialize from datetime string. - * - * @see http://php.net/manual/en/datetime.formats.php - * - * @param string $time Time string - * @param null|string $tz timezone, if null use default - * - * @throws \RuntimeException - */ - public static function fromString(string $time, ?string $tz = null): self - { - try { - if (!isset($tz)) { - $tz = date_default_timezone_get(); - } - return new static( - new \DateTimeImmutable($time, self::_createTimeZone($tz))); - } catch (\Exception $e) { - throw new \RuntimeException( - 'Failed to create DateTime: ' . - self::_getLastDateTimeImmutableErrorsStr(), 0, $e); - } - } - - /** - * Get the date and time. - */ - public function dateTime(): \DateTimeImmutable - { - return $this->_dateTime; - } - - /** - * Get the date and time as a type specific string. - */ - public function string(): string - { - return $this->_encodedContentDER(); - } - - /** - * Create `DateTimeZone` object from string. - * - * @throws \UnexpectedValueException If timezone is invalid - */ - protected static function _createTimeZone(string $tz): \DateTimeZone - { - try { - return new \DateTimeZone($tz); - } catch (\Exception $e) { - throw new \UnexpectedValueException('Invalid timezone.', 0, $e); - } - } - - /** - * Get last error caused by `DateTimeImmutable`. - */ - protected static function _getLastDateTimeImmutableErrorsStr(): string - { - $errors = \DateTimeImmutable::getLastErrors()['errors']; - return implode(', ', $errors); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Constructed/ConstructedString.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Constructed/ConstructedString.php deleted file mode 100644 index d45dc4d..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Constructed/ConstructedString.php +++ /dev/null @@ -1,131 +0,0 @@ -string(); - } - - /** - * Create from a list of string type elements. - * - * All strings must have the same type. - * - * @param StringType ...$elements - * - * @throws \LogicException - */ - public static function create(StringType ...$elements): self - { - if (!count($elements)) { - throw new \LogicException('No elements, unable to determine type tag.'); - } - $tag = $elements[0]->tag(); - foreach ($elements as $el) { - if ($el->tag() !== $tag) { - throw new \LogicException( - 'All elements in constructed string must have the same type.'); - } - } - return self::createWithTag($tag, ...$elements); - } - - /** - * Create from strings with a given type tag. - * - * Does not perform any validation on types. - * - * @param int $tag Type tag for the constructed string element - * @param StringType ...$elements Any number of elements - * - * @return self - */ - public static function createWithTag(int $tag, StringType ...$elements) - { - $el = new self(...$elements); - $el->_typeTag = $tag; - return $el; - } - - /** - * Get a list of strings in this structure. - * - * @return string[] - */ - public function strings(): array - { - return array_map(function (StringType $el) { - return $el->string(); - }, $this->_elements); - } - - /** - * Get the contained strings concatenated together. - * - * NOTE: It's unclear how bit strings with unused bits should be concatenated. - */ - public function string(): string - { - return implode('', $this->strings()); - } - - /** - * {@inheritdoc} - * - * @return self - */ - protected static function _decodeFromDER(Identifier $identifier, - string $data, int &$offset): ElementBase - { - /** @var ConstructedString $type */ - $type = forward_static_call_array([parent::class, __FUNCTION__], - [$identifier, $data, &$offset]); - $type->_typeTag = $identifier->intTag(); - return $type; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Constructed/Sequence.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Constructed/Sequence.php deleted file mode 100644 index 52f0b86..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Constructed/Sequence.php +++ /dev/null @@ -1,25 +0,0 @@ -_typeTag = self::TYPE_SEQUENCE; - parent::__construct(...$elements); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Constructed/Set.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Constructed/Set.php deleted file mode 100644 index ce54442..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Constructed/Set.php +++ /dev/null @@ -1,63 +0,0 @@ -_typeTag = self::TYPE_SET; - parent::__construct(...$elements); - } - - /** - * Sort by canonical ascending order. - * - * Used for DER encoding of *SET* type. - */ - public function sortedSet(): self - { - $obj = clone $this; - usort($obj->_elements, - function (Element $a, Element $b) { - if ($a->typeClass() !== $b->typeClass()) { - return $a->typeClass() < $b->typeClass() ? -1 : 1; - } - if ($a->tag() === $b->tag()) { - return 0; - } - return $a->tag() < $b->tag() ? -1 : 1; - }); - return $obj; - } - - /** - * Sort by encoding ascending order. - * - * Used for DER encoding of *SET OF* type. - */ - public function sortedSetOf(): self - { - $obj = clone $this; - usort($obj->_elements, - function (Element $a, Element $b) { - $a_der = $a->toDER(); - $b_der = $b->toDER(); - return strcmp($a_der, $b_der); - }); - return $obj; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/BMPString.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/BMPString.php deleted file mode 100644 index eb9e20d..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/BMPString.php +++ /dev/null @@ -1,40 +0,0 @@ -_typeTag = self::TYPE_BMP_STRING; - parent::__construct($string); - } - - /** - * {@inheritdoc} - */ - protected function _validateString(string $string): bool - { - // UCS-2 has fixed with of 2 octets (16 bits) - if (0 !== strlen($string) % 2) { - return false; - } - return true; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/BitString.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/BitString.php deleted file mode 100644 index c8be9cc..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/BitString.php +++ /dev/null @@ -1,201 +0,0 @@ -_typeTag = self::TYPE_BIT_STRING; - parent::__construct($string); - $this->_unusedBits = $unused_bits; - } - - /** - * Get the number of bits in the string. - */ - public function numBits(): int - { - return strlen($this->_string) * 8 - $this->_unusedBits; - } - - /** - * Get the number of unused bits in the last octet of the string. - */ - public function unusedBits(): int - { - return $this->_unusedBits; - } - - /** - * Test whether bit is set. - * - * @param int $idx Bit index. Most significant bit of the first octet is index 0. - */ - public function testBit(int $idx): bool - { - // octet index - $oi = (int) floor($idx / 8); - // if octet is outside range - if ($oi < 0 || $oi >= strlen($this->_string)) { - throw new \OutOfBoundsException('Index is out of bounds.'); - } - // bit index - $bi = $idx % 8; - // if tested bit is last octet's unused bit - if ($oi === strlen($this->_string) - 1) { - if ($bi >= 8 - $this->_unusedBits) { - throw new \OutOfBoundsException('Index refers to an unused bit.'); - } - } - $byte = $this->_string[$oi]; - // index 0 is the most significant bit in byte - $mask = 0x01 << (7 - $bi); - return (ord($byte) & $mask) > 0; - } - - /** - * Get range of bits. - * - * @param int $start Index of first bit - * @param int $length Number of bits in range - * - * @throws \OutOfBoundsException - * - * @return string Integer of $length bits - */ - public function range(int $start, int $length): string - { - if (!$length) { - return '0'; - } - if ($start + $length > $this->numBits()) { - throw new \OutOfBoundsException('Not enough bits.'); - } - $bits = gmp_init(0); - $idx = $start; - $end = $start + $length; - while (true) { - $bit = $this->testBit($idx) ? 1 : 0; - $bits |= $bit; - if (++$idx >= $end) { - break; - } - $bits <<= 1; - } - return gmp_strval($bits, 10); - } - - /** - * Get a copy of the bit string with trailing zeroes removed. - */ - public function withoutTrailingZeroes(): self - { - // if bit string was empty - if (!strlen($this->_string)) { - return new self(''); - } - $bits = $this->_string; - // count number of empty trailing octets - $unused_octets = 0; - for ($idx = strlen($bits) - 1; $idx >= 0; --$idx, ++$unused_octets) { - if ("\x0" !== $bits[$idx]) { - break; - } - } - // strip trailing octets - if ($unused_octets) { - $bits = substr($bits, 0, -$unused_octets); - } - // if bit string was full of zeroes - if (!strlen($bits)) { - return new self(''); - } - // count number of trailing zeroes in the last octet - $unused_bits = 0; - $byte = ord($bits[strlen($bits) - 1]); - while (!($byte & 0x01)) { - ++$unused_bits; - $byte >>= 1; - } - return new self($bits, $unused_bits); - } - - /** - * {@inheritdoc} - */ - protected function _encodedContentDER(): string - { - $der = chr($this->_unusedBits); - $der .= $this->_string; - if ($this->_unusedBits) { - $octet = $der[strlen($der) - 1]; - // set unused bits to zero - $octet &= chr(0xff & ~((1 << $this->_unusedBits) - 1)); - $der[strlen($der) - 1] = $octet; - } - return $der; - } - - /** - * {@inheritdoc} - */ - protected static function _decodeFromDER(Identifier $identifier, - string $data, int &$offset): ElementBase - { - $idx = $offset; - $length = Length::expectFromDER($data, $idx); - if ($length->intLength() < 1) { - throw new DecodeException('Bit string length must be at least 1.'); - } - $unused_bits = ord($data[$idx++]); - if ($unused_bits > 7) { - throw new DecodeException( - 'Unused bits in a bit string must be less than 8.'); - } - $str_len = $length->intLength() - 1; - if ($str_len) { - $str = substr($data, $idx, $str_len); - if ($unused_bits) { - $mask = (1 << $unused_bits) - 1; - if (ord($str[strlen($str) - 1]) & $mask) { - throw new DecodeException( - 'DER encoded bit string must have zero padding.'); - } - } - } else { - $str = ''; - } - $offset = $idx + $str_len; - return new self($str, $unused_bits); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Boolean.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Boolean.php deleted file mode 100644 index 4c2f020..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Boolean.php +++ /dev/null @@ -1,73 +0,0 @@ -_typeTag = self::TYPE_BOOLEAN; - $this->_bool = $bool; - } - - /** - * Get the value. - */ - public function value(): bool - { - return $this->_bool; - } - - /** - * {@inheritdoc} - */ - protected function _encodedContentDER(): string - { - return $this->_bool ? chr(0xff) : chr(0); - } - - /** - * {@inheritdoc} - */ - protected static function _decodeFromDER(Identifier $identifier, - string $data, int &$offset): ElementBase - { - $idx = $offset; - Length::expectFromDER($data, $idx, 1); - $byte = ord($data[$idx++]); - if (0 !== $byte) { - if (0xff !== $byte) { - throw new DecodeException( - 'DER encoded boolean true must have all bits set to 1.'); - } - } - $offset = $idx; - return new self(0 !== $byte); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/CharacterString.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/CharacterString.php deleted file mode 100644 index cf9476e..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/CharacterString.php +++ /dev/null @@ -1,25 +0,0 @@ -_typeTag = self::TYPE_CHARACTER_STRING; - parent::__construct($string); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/EOC.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/EOC.php deleted file mode 100644 index 394ed7f..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/EOC.php +++ /dev/null @@ -1,54 +0,0 @@ -_typeTag = self::TYPE_EOC; - } - - /** - * {@inheritdoc} - */ - protected function _encodedContentDER(): string - { - return ''; - } - - /** - * {@inheritdoc} - */ - protected static function _decodeFromDER(Identifier $identifier, - string $data, int &$offset): ElementBase - { - $idx = $offset; - if (!$identifier->isPrimitive()) { - throw new DecodeException('EOC value must be primitive.'); - } - // EOC type has always zero length - Length::expectFromDER($data, $idx, 0); - $offset = $idx; - return new self(); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Enumerated.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Enumerated.php deleted file mode 100644 index 98f467b..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Enumerated.php +++ /dev/null @@ -1,22 +0,0 @@ -_typeTag = self::TYPE_ENUMERATED; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/GeneralString.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/GeneralString.php deleted file mode 100644 index a781a49..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/GeneralString.php +++ /dev/null @@ -1,34 +0,0 @@ -_typeTag = self::TYPE_GENERAL_STRING; - parent::__construct($string); - } - - /** - * {@inheritdoc} - */ - protected function _validateString(string $string): bool - { - // allow everything - return true; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/GeneralizedTime.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/GeneralizedTime.php deleted file mode 100644 index 9cfba85..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/GeneralizedTime.php +++ /dev/null @@ -1,125 +0,0 @@ -_typeTag = self::TYPE_GENERALIZED_TIME; - parent::__construct($dt); - } - - /** - * Clear cached variables on clone. - */ - public function __clone() - { - $this->_formatted = null; - } - - /** - * {@inheritdoc} - */ - protected function _encodedContentDER(): string - { - if (!isset($this->_formatted)) { - $dt = $this->_dateTime->setTimezone( - self::_createTimeZone(self::TZ_UTC)); - $this->_formatted = $dt->format('YmdHis'); - // if fractions were used - $frac = $dt->format('u'); - if (0 !== intval($frac)) { - $frac = rtrim($frac, '0'); - $this->_formatted .= ".{$frac}"; - } - // timezone - $this->_formatted .= 'Z'; - } - return $this->_formatted; - } - - /** - * {@inheritdoc} - */ - protected static function _decodeFromDER(Identifier $identifier, - string $data, int &$offset): ElementBase - { - $idx = $offset; - $length = Length::expectFromDER($data, $idx)->intLength(); - $str = substr($data, $idx, $length); - $idx += $length; - /** @var string[] $match */ - if (!preg_match(self::REGEX, $str, $match)) { - throw new DecodeException('Invalid GeneralizedTime format.'); - } - [, $year, $month, $day, $hour, $minute, $second] = $match; - // if fractions match, there's at least one digit - if (isset($match[7])) { - $frac = $match[7]; - // DER restricts trailing zeroes in fractional seconds component - if ('0' === $frac[strlen($frac) - 1]) { - throw new DecodeException( - 'Fractional seconds must omit trailing zeroes.'); - } - $frac = $frac; - } else { - $frac = '0'; - } - $time = $year . $month . $day . $hour . $minute . $second . '.' . $frac . - self::TZ_UTC; - $dt = \DateTimeImmutable::createFromFormat('!YmdHis.uT', $time, - self::_createTimeZone(self::TZ_UTC)); - if (!$dt) { - throw new DecodeException( - 'Failed to decode GeneralizedTime: ' . - self::_getLastDateTimeImmutableErrorsStr()); - } - $offset = $idx; - return new self($dt); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/GraphicString.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/GraphicString.php deleted file mode 100644 index 0fa2480..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/GraphicString.php +++ /dev/null @@ -1,34 +0,0 @@ -_typeTag = self::TYPE_GRAPHIC_STRING; - parent::__construct($string); - } - - /** - * {@inheritdoc} - */ - protected function _validateString(string $string): bool - { - // allow everything - return true; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/IA5String.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/IA5String.php deleted file mode 100644 index 4dd29ed..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/IA5String.php +++ /dev/null @@ -1,33 +0,0 @@ -_typeTag = self::TYPE_IA5_STRING; - parent::__construct($string); - } - - /** - * {@inheritdoc} - */ - protected function _validateString(string $string): bool - { - return 0 == preg_match('/[^\x00-\x7f]/', $string); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Integer.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Integer.php deleted file mode 100644 index ed77b22..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Integer.php +++ /dev/null @@ -1,105 +0,0 @@ -_typeTag = self::TYPE_INTEGER; - if (!self::_validateNumber($number)) { - $var = is_scalar($number) ? strval($number) : gettype($number); - throw new \InvalidArgumentException("'{$var}' is not a valid number."); - } - $this->_number = new BigInt($number); - } - - /** - * Get the number as a base 10. - * - * @return string Integer as a string - */ - public function number(): string - { - return $this->_number->base10(); - } - - /** - * Get the number as an integer type. - */ - public function intNumber(): int - { - return $this->_number->intVal(); - } - - /** - * {@inheritdoc} - */ - protected function _encodedContentDER(): string - { - return $this->_number->signedOctets(); - } - - /** - * {@inheritdoc} - */ - protected static function _decodeFromDER(Identifier $identifier, - string $data, int &$offset): ElementBase - { - $idx = $offset; - $length = Length::expectFromDER($data, $idx)->intLength(); - $bytes = substr($data, $idx, $length); - $idx += $length; - $num = BigInt::fromSignedOctets($bytes)->gmpObj(); - $offset = $idx; - // late static binding since enumerated extends integer type - return new static($num); - } - - /** - * Test that number is valid for this context. - * - * @param mixed $num - */ - private static function _validateNumber($num): bool - { - if (is_int($num)) { - return true; - } - if (is_string($num) && preg_match('/-?\d+/', $num)) { - return true; - } - if ($num instanceof \GMP) { - return true; - } - return false; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/NullType.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/NullType.php deleted file mode 100644 index fa3e86b..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/NullType.php +++ /dev/null @@ -1,54 +0,0 @@ -_typeTag = self::TYPE_NULL; - } - - /** - * {@inheritdoc} - */ - protected function _encodedContentDER(): string - { - return ''; - } - - /** - * {@inheritdoc} - */ - protected static function _decodeFromDER(Identifier $identifier, - string $data, int &$offset): ElementBase - { - $idx = $offset; - if (!$identifier->isPrimitive()) { - throw new DecodeException('Null value must be primitive.'); - } - // null type has always zero length - Length::expectFromDER($data, $idx, 0); - $offset = $idx; - return new self(); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/NumericString.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/NumericString.php deleted file mode 100644 index 5a2454d..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/NumericString.php +++ /dev/null @@ -1,33 +0,0 @@ -_typeTag = self::TYPE_NUMERIC_STRING; - parent::__construct($string); - } - - /** - * {@inheritdoc} - */ - protected function _validateString(string $string): bool - { - return 0 == preg_match('/[^0-9 ]/', $string); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/ObjectDescriptor.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/ObjectDescriptor.php deleted file mode 100644 index c40bdc1..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/ObjectDescriptor.php +++ /dev/null @@ -1,33 +0,0 @@ -_string = $descriptor; - $this->_typeTag = self::TYPE_OBJECT_DESCRIPTOR; - } - - /** - * Get the object descriptor. - */ - public function descriptor(): string - { - return $this->_string; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/ObjectIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/ObjectIdentifier.php deleted file mode 100644 index f8cc9d8..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/ObjectIdentifier.php +++ /dev/null @@ -1,207 +0,0 @@ -_oid = $oid; - $this->_subids = self::_explodeDottedOID($oid); - // if OID is non-empty - if (count($this->_subids) > 0) { - // check that at least two nodes are set - if (count($this->_subids) < 2) { - throw new \UnexpectedValueException( - 'OID must have at least two nodes.'); - } - // check that root arc is in 0..2 range - if ($this->_subids[0] > 2) { - throw new \UnexpectedValueException( - 'Root arc must be in range of 0..2.'); - } - // if root arc is 0 or 1, second node must be in 0..39 range - if ($this->_subids[0] < 2 && $this->_subids[1] >= 40) { - throw new \UnexpectedValueException( - 'Second node must be in 0..39 range for root arcs 0 and 1.'); - } - } - $this->_typeTag = self::TYPE_OBJECT_IDENTIFIER; - } - - /** - * Get OID in dotted format. - */ - public function oid(): string - { - return $this->_oid; - } - - /** - * {@inheritdoc} - */ - protected function _encodedContentDER(): string - { - $subids = $this->_subids; - // encode first two subids to one according to spec section 8.19.4 - if (count($subids) >= 2) { - $num = ($subids[0] * 40) + $subids[1]; - array_splice($subids, 0, 2, [$num]); - } - return self::_encodeSubIDs(...$subids); - } - - /** - * {@inheritdoc} - */ - protected static function _decodeFromDER(Identifier $identifier, - string $data, int &$offset): ElementBase - { - $idx = $offset; - $len = Length::expectFromDER($data, $idx)->intLength(); - $subids = self::_decodeSubIDs(substr($data, $idx, $len)); - $idx += $len; - // decode first subidentifier according to spec section 8.19.4 - if (isset($subids[0])) { - if ($subids[0] < 80) { - [$x, $y] = gmp_div_qr($subids[0], '40'); - } else { - $x = gmp_init(2, 10); - $y = $subids[0] - 80; - } - array_splice($subids, 0, 1, [$x, $y]); - } - $offset = $idx; - return new self(self::_implodeSubIDs(...$subids)); - } - - /** - * Explode dotted OID to an array of sub ID's. - * - * @param string $oid OID in dotted format - * - * @return \GMP[] Array of GMP numbers - */ - protected static function _explodeDottedOID(string $oid): array - { - $subids = []; - if (strlen($oid)) { - foreach (explode('.', $oid) as $subid) { - $n = @gmp_init($subid, 10); - if (false === $n) { - throw new \UnexpectedValueException( - "'{$subid}' is not a number."); - } - $subids[] = $n; - } - } - return $subids; - } - - /** - * Implode an array of sub IDs to dotted OID format. - * - * @param \GMP ...$subids - */ - protected static function _implodeSubIDs(\GMP ...$subids): string - { - return implode('.', - array_map(function ($num) { - return gmp_strval($num, 10); - }, $subids)); - } - - /** - * Encode sub ID's to DER. - * - * @param \GMP ...$subids - */ - protected static function _encodeSubIDs(\GMP ...$subids): string - { - $data = ''; - foreach ($subids as $subid) { - // if number fits to one base 128 byte - if ($subid < 128) { - $data .= chr(intval($subid)); - } else { // encode to multiple bytes - $bytes = []; - do { - array_unshift($bytes, 0x7f & gmp_intval($subid)); - $subid >>= 7; - } while ($subid > 0); - // all bytes except last must have bit 8 set to one - foreach (array_splice($bytes, 0, -1) as $byte) { - $data .= chr(0x80 | $byte); - } - $data .= chr(reset($bytes)); - } - } - return $data; - } - - /** - * Decode sub ID's from DER data. - * - * @throws DecodeException - * - * @return \GMP[] Array of GMP numbers - */ - protected static function _decodeSubIDs(string $data): array - { - $subids = []; - $idx = 0; - $end = strlen($data); - while ($idx < $end) { - $num = gmp_init('0', 10); - while (true) { - if ($idx >= $end) { - throw new DecodeException('Unexpected end of data.'); - } - $byte = ord($data[$idx++]); - $num |= $byte & 0x7f; - // bit 8 of the last octet is zero - if (!($byte & 0x80)) { - break; - } - $num <<= 7; - } - $subids[] = $num; - } - return $subids; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/OctetString.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/OctetString.php deleted file mode 100644 index 547d040..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/OctetString.php +++ /dev/null @@ -1,25 +0,0 @@ -_typeTag = self::TYPE_OCTET_STRING; - parent::__construct($string); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/PrintableString.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/PrintableString.php deleted file mode 100644 index 0b17d22..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/PrintableString.php +++ /dev/null @@ -1,34 +0,0 @@ -_typeTag = self::TYPE_PRINTABLE_STRING; - parent::__construct($string); - } - - /** - * {@inheritdoc} - */ - protected function _validateString(string $string): bool - { - $chars = preg_quote(" '()+,-./:=?]", '/'); - return 0 == preg_match('/[^A-Za-z0-9' . $chars . ']/', $string); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Real.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Real.php deleted file mode 100644 index 3efd67f..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/Real.php +++ /dev/null @@ -1,698 +0,0 @@ -[+\-])?' . // sign - '(?\d+)' . // integer - '$/'; - - /** - * Regex pattern to parse NR2 form number. - * - * @var string - */ - const NR2_REGEX = '/^\s*' . - '(?[+\-])?' . // sign - '(?(?:\d+[\.,]\d*)|(?:\d*[\.,]\d+))' . // decimal number - '$/'; - - /** - * Regex pattern to parse NR3 form number. - * - * @var string - */ - const NR3_REGEX = '/^\s*' . - '(?[+\-])?' . // mantissa sign - '(?(?:\d+[\.,]\d*)|(?:\d*[\.,]\d+))' . // mantissa - '[Ee](?[+\-])?' . // exponent sign - '(?\d+)' . // exponent - '$/'; - - /** - * Regex pattern to parse PHP exponent number format. - * - * @see http://php.net/manual/en/language.types.float.php - * - * @var string - */ - const PHP_EXPONENT_DNUM = '/^' . - '(?[+\-])?' . // sign - '(?' . - '\d+' . // LNUM - '|' . - '(?:\d*\.\d+|\d+\.\d*)' . // DNUM - ')[eE]' . - '(?[+\-])?(?\d+)' . // exponent - '$/'; - - /** - * Exponent when value is positive or negative infinite. - * - * @var int - */ - const INF_EXPONENT = 2047; - - /** - * Exponent bias for IEEE 754 double precision float. - * - * @var int - */ - const EXP_BIAS = -1023; - - /** - * Signed integer mantissa. - * - * @var BigInt - */ - private $_mantissa; - - /** - * Signed integer exponent. - * - * @var BigInt - */ - private $_exponent; - - /** - * Abstract value base. - * - * Must be 2 or 10. - * - * @var int - */ - private $_base; - - /** - * Whether to encode strictly in DER. - * - * @var bool - */ - private $_strictDer; - - /** - * Number as a native float. - * - * @internal Lazily initialized - * - * @var null|float - */ - private $_float; - - /** - * Constructor. - * - * @param \GMP|int|string $mantissa Integer mantissa - * @param \GMP|int|string $exponent Integer exponent - * @param int $base Base, 2 or 10 - */ - public function __construct($mantissa, $exponent, int $base = 10) - { - if (10 !== $base && 2 !== $base) { - throw new \UnexpectedValueException('Base must be 2 or 10.'); - } - $this->_typeTag = self::TYPE_REAL; - $this->_strictDer = true; - $this->_mantissa = new BigInt($mantissa); - $this->_exponent = new BigInt($exponent); - $this->_base = $base; - } - - /** - * {@inheritdoc} - */ - public function __toString(): string - { - return sprintf('%g', $this->floatVal()); - } - - /** - * Create base 2 real number from float. - */ - public static function fromFloat(float $number): self - { - if (is_infinite($number)) { - return self::_fromInfinite($number); - } - if (is_nan($number)) { - throw new \UnexpectedValueException('NaN values not supported.'); - } - [$m, $e] = self::_parse754Double(pack('E', $number)); - return new self($m, $e, 2); - } - - /** - * Create base 10 real number from string. - * - * @param string $number Real number in base-10 textual form - */ - public static function fromString(string $number): self - { - [$m, $e] = self::_parseString($number); - return new self($m, $e, 10); - } - - /** - * Get self with strict DER flag set or unset. - * - * @param bool $strict whether to encode strictly in DER - */ - public function withStrictDER(bool $strict): self - { - $obj = clone $this; - $obj->_strictDer = $strict; - return $obj; - } - - /** - * Get the mantissa. - */ - public function mantissa(): BigInt - { - return $this->_mantissa; - } - - /** - * Get the exponent. - */ - public function exponent(): BigInt - { - return $this->_exponent; - } - - /** - * Get the base. - */ - public function base(): int - { - return $this->_base; - } - - /** - * Get number as a float. - */ - public function floatVal(): float - { - if (!isset($this->_float)) { - $m = $this->_mantissa->intVal(); - $e = $this->_exponent->intVal(); - $this->_float = (float) ($m * pow($this->_base, $e)); - } - return $this->_float; - } - - /** - * Get number as a NR3 form string conforming to DER rules. - */ - public function nr3Val(): string - { - // convert to base 10 - if (2 === $this->_base) { - [$m, $e] = self::_parseString(sprintf('%15E', $this->floatVal())); - } else { - $m = $this->_mantissa->gmpObj(); - $e = $this->_exponent->gmpObj(); - } - // shift trailing zeroes from the mantissa to the exponent - // (X.690 07-2002, section 11.3.2.4) - while (0 != $m && 0 == $m % 10) { - $m /= 10; - ++$e; - } - // if exponent is zero, it must be prefixed with a "+" sign - // (X.690 07-2002, section 11.3.2.6) - if (0 == $e) { - $es = '+'; - } else { - $es = $e < 0 ? '-' : ''; - } - return sprintf('%s.E%s%s', gmp_strval($m), $es, gmp_strval(gmp_abs($e))); - } - - /** - * {@inheritdoc} - */ - protected function _encodedContentDER(): string - { - if (self::INF_EXPONENT == $this->_exponent->gmpObj()) { - return $this->_encodeSpecial(); - } - // if the real value is the value zero, there shall be no contents - // octets in the encoding. (X.690 07-2002, section 8.5.2) - if (0 == $this->_mantissa->gmpObj()) { - return ''; - } - if (10 === $this->_base) { - return $this->_encodeDecimal(); - } - return $this->_encodeBinary(); - } - - /** - * Encode in binary format. - */ - protected function _encodeBinary(): string - { - [$base, $sign, $m, $e] = $this->_prepareBinaryEncoding(); - $zero = gmp_init(0, 10); - $byte = 0x80; - if ($sign < 0) { - $byte |= 0x40; - } - // normalization: mantissa must be 0 or odd - if (2 === $base) { - // while last bit is zero - while ($m > 0 && 0 === gmp_cmp($m & 0x01, $zero)) { - $m >>= 1; - ++$e; - } - } elseif (8 === $base) { - $byte |= 0x10; - // while last 3 bits are zero - while ($m > 0 && 0 === gmp_cmp($m & 0x07, $zero)) { - $m >>= 3; - ++$e; - } - } else { // base === 16 - $byte |= 0x20; - // while last 4 bits are zero - while ($m > 0 && 0 === gmp_cmp($m & 0x0f, $zero)) { - $m >>= 4; - ++$e; - } - } - // scale factor - $scale = 0; - while ($m > 0 && 0 === gmp_cmp($m & 0x01, $zero)) { - $m >>= 1; - ++$scale; - } - $byte |= ($scale & 0x03) << 2; - // encode exponent - $exp_bytes = (new BigInt($e))->signedOctets(); - $exp_len = strlen($exp_bytes); - if ($exp_len > 0xff) { - throw new \RangeException('Exponent encoding is too long.'); - } - if ($exp_len <= 3) { - $byte |= ($exp_len - 1) & 0x03; - $bytes = chr($byte); - } else { - $byte |= 0x03; - $bytes = chr($byte) . chr($exp_len); - } - $bytes .= $exp_bytes; - // encode mantissa - $bytes .= (new BigInt($m))->unsignedOctets(); - return $bytes; - } - - /** - * Encode in decimal format. - */ - protected function _encodeDecimal(): string - { - // encode in NR3 decimal encoding - return chr(0x03) . $this->nr3Val(); - } - - /** - * Encode special value. - */ - protected function _encodeSpecial(): string - { - switch ($this->_mantissa->intVal()) { - // positive infitinity - case 1: - return chr(0x40); - // negative infinity - case -1: - return chr(0x41); - } - throw new \LogicException('Invalid special value.'); - } - - /** - * {@inheritdoc} - */ - protected static function _decodeFromDER(Identifier $identifier, - string $data, int &$offset): ElementBase - { - $idx = $offset; - $length = Length::expectFromDER($data, $idx)->intLength(); - // if length is zero, value is zero (spec 8.5.2) - if (!$length) { - $obj = new self(0, 0, 10); - } else { - $bytes = substr($data, $idx, $length); - $byte = ord($bytes[0]); - if (0x80 & $byte) { // bit 8 = 1 - $obj = self::_decodeBinaryEncoding($bytes); - } elseif (0x00 === $byte >> 6) { // bit 8 = 0, bit 7 = 0 - $obj = self::_decodeDecimalEncoding($bytes); - } else { // bit 8 = 0, bit 7 = 1 - $obj = self::_decodeSpecialRealValue($bytes); - } - } - $offset = $idx + $length; - return $obj; - } - - /** - * Decode binary encoding. - */ - protected static function _decodeBinaryEncoding(string $data) - { - $byte = ord($data[0]); - // bit 7 is set if mantissa is negative - $neg = (bool) (0x40 & $byte); - // encoding base in bits 6 and 5 - switch (($byte >> 4) & 0x03) { - case 0b00: - $base = 2; - break; - case 0b01: - $base = 8; - break; - case 0b10: - $base = 16; - break; - default: - throw new DecodeException( - 'Reserved REAL binary encoding base not supported.'); - } - // scaling factor in bits 4 and 3 - $scale = ($byte >> 2) & 0x03; - $idx = 1; - // content length in bits 2 and 1 - $len = ($byte & 0x03) + 1; - // if both bits are set, the next octet encodes the length - if ($len > 3) { - if (strlen($data) < 2) { - throw new DecodeException( - 'Unexpected end of data while decoding REAL exponent length.'); - } - $len = ord($data[1]); - $idx = 2; - } - if (strlen($data) < $idx + $len) { - throw new DecodeException( - 'Unexpected end of data while decoding REAL exponent.'); - } - // decode exponent - $octets = substr($data, $idx, $len); - $exp = BigInt::fromSignedOctets($octets)->gmpObj(); - if (8 === $base) { - $exp *= 3; - } elseif (16 === $base) { - $exp *= 4; - } - if (strlen($data) <= $idx + $len) { - throw new DecodeException( - 'Unexpected end of data while decoding REAL mantissa.'); - } - // decode mantissa - $octets = substr($data, $idx + $len); - $n = BigInt::fromUnsignedOctets($octets)->gmpObj(); - $n *= 2 ** $scale; - if ($neg) { - $n = gmp_neg($n); - } - return new self($n, $exp, 2); - } - - /** - * Decode decimal encoding. - * - * @throws \RuntimeException - */ - protected static function _decodeDecimalEncoding(string $data): self - { - $nr = ord($data[0]) & 0x3f; - if (!in_array($nr, [1, 2, 3])) { - throw new DecodeException('Unsupported decimal encoding form.'); - } - $str = substr($data, 1); - return self::fromString($str); - } - - /** - * Decode special encoding. - */ - protected static function _decodeSpecialRealValue(string $data): self - { - if (1 !== strlen($data)) { - throw new DecodeException( - 'SpecialRealValue must have one content octet.'); - } - $byte = ord($data[0]); - if (0x40 === $byte) { // positive infinity - return self::_fromInfinite(INF); - } - if (0x41 === $byte) { // negative infinity - return self::_fromInfinite(-INF); - } - throw new DecodeException('Invalid SpecialRealValue encoding.'); - } - - /** - * Prepare value for binary encoding. - * - * @return array (int) base, (int) sign, (\GMP) mantissa and (\GMP) exponent - */ - protected function _prepareBinaryEncoding(): array - { - $base = 2; - $m = $this->_mantissa->gmpObj(); - $ms = gmp_sign($m); - $m = gmp_abs($m); - $e = $this->_exponent->gmpObj(); - $es = gmp_sign($e); - $e = gmp_abs($e); - // DER uses only base 2 binary encoding - if (!$this->_strictDer) { - if (0 == $e % 4) { - $base = 16; - $e = gmp_div_q($e, 4); - } elseif (0 == $e % 3) { - $base = 8; - $e = gmp_div_q($e, 3); - } - } - return [$base, $ms, $m, $e * $es]; - } - - /** - * Initialize from INF or -INF. - */ - private static function _fromInfinite(float $inf): self - { - return new self($inf === -INF ? -1 : 1, self::INF_EXPONENT, 2); - } - - /** - * Parse IEEE 754 big endian formatted double precision float to base 2 - * mantissa and exponent. - * - * @param string $octets 64 bits - * - * @return \GMP[] Tuple of mantissa and exponent - */ - private static function _parse754Double(string $octets): array - { - $n = gmp_import($octets, 1, GMP_MSW_FIRST | GMP_BIG_ENDIAN); - // sign bit - $neg = gmp_testbit($n, 63); - // 11 bits of biased exponent - $exp = (gmp_and($n, '0x7ff0000000000000') >> 52) + self::EXP_BIAS; - // 52 bits of mantissa - $man = gmp_and($n, '0xfffffffffffff'); - // zero, ASN.1 doesn't differentiate -0 from +0 - if (self::EXP_BIAS == $exp && 0 == $man) { - return [gmp_init(0, 10), gmp_init(0, 10)]; - } - // denormalized value, shift binary point - if (self::EXP_BIAS == $exp) { - ++$exp; - } - // normalized value, insert implicit leading one before the binary point - else { - gmp_setbit($man, 52); - } - // find the last fraction bit that is set - $last = gmp_scan1($man, 0); - $bits_for_fraction = 52 - $last; - // adjust mantissa and exponent so that we have integer values - $man >>= $last; - $exp -= $bits_for_fraction; - // negate mantissa if number was negative - if ($neg) { - $man = gmp_neg($man); - } - return [$man, $exp]; - } - - /** - * Parse textual REAL number to base 10 mantissa and exponent. - * - * @param string $str Number - * - * @return \GMP[] Tuple of mantissa and exponent - */ - private static function _parseString(string $str): array - { - // PHP exponent format - if (preg_match(self::PHP_EXPONENT_DNUM, $str, $match)) { - [$m, $e] = self::_parsePHPExponentMatch($match); - } - // NR3 format - elseif (preg_match(self::NR3_REGEX, $str, $match)) { - [$m, $e] = self::_parseNR3Match($match); - } - // NR2 format - elseif (preg_match(self::NR2_REGEX, $str, $match)) { - [$m, $e] = self::_parseNR2Match($match); - } - // NR1 format - elseif (preg_match(self::NR1_REGEX, $str, $match)) { - [$m, $e] = self::_parseNR1Match($match); - } - // invalid number - else { - throw new \UnexpectedValueException( - "{$str} could not be parsed to REAL."); - } - // normalize so that mantsissa has no trailing zeroes - while (0 != $m && 0 == $m % 10) { - $m /= 10; - ++$e; - } - return [$m, $e]; - } - - /** - * Parse PHP form float to base 10 mantissa and exponent. - * - * @param array $match Regexp match - * - * @return \GMP[] Tuple of mantissa and exponent - */ - private static function _parsePHPExponentMatch(array $match): array - { - // mantissa sign - $ms = '-' === $match['ms'] ? -1 : 1; - $m_parts = explode('.', $match['m']); - // integer part of the mantissa - $int = ltrim($m_parts[0], '0'); - // exponent sign - $es = '-' === $match['es'] ? -1 : 1; - // signed exponent - $e = gmp_init($match['e'], 10) * $es; - // if mantissa had fractional part - if (2 === count($m_parts)) { - $frac = rtrim($m_parts[1], '0'); - $e -= strlen($frac); - $int .= $frac; - } - $m = gmp_init($int, 10) * $ms; - return [$m, $e]; - } - - /** - * Parse NR3 form number to base 10 mantissa and exponent. - * - * @param array $match Regexp match - * - * @return \GMP[] Tuple of mantissa and exponent - */ - private static function _parseNR3Match(array $match): array - { - // mantissa sign - $ms = '-' === $match['ms'] ? -1 : 1; - // explode mantissa to integer and fraction parts - [$int, $frac] = explode('.', str_replace(',', '.', $match['m'])); - $int = ltrim($int, '0'); - $frac = rtrim($frac, '0'); - // exponent sign - $es = '-' === $match['es'] ? -1 : 1; - // signed exponent - $e = gmp_init($match['e'], 10) * $es; - // shift exponent by the number of base 10 fractions - $e -= strlen($frac); - // insert fractions to integer part and produce signed mantissa - $int .= $frac; - if ('' === $int) { - $int = '0'; - } - $m = gmp_init($int, 10) * $ms; - return [$m, $e]; - } - - /** - * Parse NR2 form number to base 10 mantissa and exponent. - * - * @param array $match Regexp match - * - * @return \GMP[] Tuple of mantissa and exponent - */ - private static function _parseNR2Match(array $match): array - { - $sign = '-' === $match['s'] ? -1 : 1; - // explode decimal number to integer and fraction parts - [$int, $frac] = explode('.', str_replace(',', '.', $match['d'])); - $int = ltrim($int, '0'); - $frac = rtrim($frac, '0'); - // shift exponent by the number of base 10 fractions - $e = gmp_init(0, 10); - $e -= strlen($frac); - // insert fractions to integer part and produce signed mantissa - $int .= $frac; - if ('' === $int) { - $int = '0'; - } - $m = gmp_init($int, 10) * $sign; - return [$m, $e]; - } - - /** - * Parse NR1 form number to base 10 mantissa and exponent. - * - * @param array $match Regexp match - * - * @return \GMP[] Tuple of mantissa and exponent - */ - private static function _parseNR1Match(array $match): array - { - $sign = '-' === $match['s'] ? -1 : 1; - $int = ltrim($match['i'], '0'); - if ('' === $int) { - $int = '0'; - } - $m = gmp_init($int, 10) * $sign; - return [$m, gmp_init(0, 10)]; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/RelativeOID.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/RelativeOID.php deleted file mode 100644 index b497527..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/RelativeOID.php +++ /dev/null @@ -1,48 +0,0 @@ -_oid = $oid; - $this->_subids = self::_explodeDottedOID($oid); - $this->_typeTag = self::TYPE_RELATIVE_OID; - } - - /** - * {@inheritdoc} - */ - protected function _encodedContentDER(): string - { - return self::_encodeSubIDs(...$this->_subids); - } - - /** - * {@inheritdoc} - */ - protected static function _decodeFromDER(Identifier $identifier, - string $data, int &$offset): ElementBase - { - $idx = $offset; - $len = Length::expectFromDER($data, $idx)->intLength(); - $subids = self::_decodeSubIDs(substr($data, $idx, $len)); - $offset = $idx + $len; - return new self(self::_implodeSubIDs(...$subids)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/T61String.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/T61String.php deleted file mode 100644 index c2bcfbc..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/T61String.php +++ /dev/null @@ -1,35 +0,0 @@ -_typeTag = self::TYPE_T61_STRING; - parent::__construct($string); - } - - /** - * {@inheritdoc} - */ - protected function _validateString(string $string): bool - { - // allow everything since there's literally - // thousands of allowed characters (16 bit composed characters) - return true; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/UTCTime.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/UTCTime.php deleted file mode 100644 index 6d07d0d..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/UTCTime.php +++ /dev/null @@ -1,83 +0,0 @@ -_typeTag = self::TYPE_UTC_TIME; - parent::__construct($dt); - } - - /** - * {@inheritdoc} - */ - protected function _encodedContentDER(): string - { - $dt = $this->_dateTime->setTimezone(self::_createTimeZone(self::TZ_UTC)); - return $dt->format('ymdHis\\Z'); - } - - /** - * {@inheritdoc} - */ - protected static function _decodeFromDER(Identifier $identifier, - string $data, int &$offset): ElementBase - { - $idx = $offset; - $length = Length::expectFromDER($data, $idx)->intLength(); - $str = substr($data, $idx, $length); - $idx += $length; - /** @var string[] $match */ - if (!preg_match(self::REGEX, $str, $match)) { - throw new DecodeException('Invalid UTCTime format.'); - } - [, $year, $month, $day, $hour, $minute, $second] = $match; - $time = $year . $month . $day . $hour . $minute . $second . self::TZ_UTC; - $dt = \DateTimeImmutable::createFromFormat('!ymdHisT', $time, - self::_createTimeZone(self::TZ_UTC)); - if (!$dt) { - throw new DecodeException('Failed to decode UTCTime: ' . - self::_getLastDateTimeImmutableErrorsStr()); - } - $offset = $idx; - return new self($dt); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/UTF8String.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/UTF8String.php deleted file mode 100644 index 9cb9aa2..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/UTF8String.php +++ /dev/null @@ -1,35 +0,0 @@ -_typeTag = self::TYPE_UTF8_STRING; - parent::__construct($string); - } - - /** - * {@inheritdoc} - */ - protected function _validateString(string $string): bool - { - return mb_check_encoding($string, 'UTF-8'); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/UniversalString.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/UniversalString.php deleted file mode 100644 index f0a6c23..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/UniversalString.php +++ /dev/null @@ -1,39 +0,0 @@ -_typeTag = self::TYPE_UNIVERSAL_STRING; - parent::__construct($string); - } - - /** - * {@inheritdoc} - */ - protected function _validateString(string $string): bool - { - // UCS-4 has fixed with of 4 octets (32 bits) - if (0 !== strlen($string) % 4) { - return false; - } - return true; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/VideotexString.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/VideotexString.php deleted file mode 100644 index d9a6721..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/VideotexString.php +++ /dev/null @@ -1,34 +0,0 @@ -_typeTag = self::TYPE_VIDEOTEX_STRING; - parent::__construct($string); - } - - /** - * {@inheritdoc} - */ - protected function _validateString(string $string): bool - { - // allow everything - return true; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/VisibleString.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/VisibleString.php deleted file mode 100644 index 659317b..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Primitive/VisibleString.php +++ /dev/null @@ -1,33 +0,0 @@ -_typeTag = self::TYPE_VISIBLE_STRING; - parent::__construct($string); - } - - /** - * {@inheritdoc} - */ - protected function _validateString(string $string): bool - { - return 0 == preg_match('/[^\x20-\x7e]/', $string); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/PrimitiveString.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/PrimitiveString.php deleted file mode 100644 index 5fef105..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/PrimitiveString.php +++ /dev/null @@ -1,53 +0,0 @@ -_string; - } - - /** - * {@inheritdoc} - */ - protected static function _decodeFromDER(Identifier $identifier, - string $data, int &$offset): ElementBase - { - $idx = $offset; - if (!$identifier->isPrimitive()) { - throw new DecodeException('DER encoded string must be primitive.'); - } - $length = Length::expectFromDER($data, $idx)->intLength(); - $str = $length ? substr($data, $idx, $length) : ''; - // substr should never return false, since length is - // checked by Length::expectFromDER. - assert(is_string($str), new DecodeException('substr')); - $offset = $idx + $length; - try { - return new static($str); - } catch (\InvalidArgumentException $e) { - throw new DecodeException($e->getMessage(), 0, $e); - } - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/PrimitiveType.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/PrimitiveType.php deleted file mode 100644 index c645e3f..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/PrimitiveType.php +++ /dev/null @@ -1,19 +0,0 @@ -_elements = array_map( - function (ElementBase $el) { - return $el->asElement(); - }, $elements); - } - - /** - * Clone magic method. - */ - public function __clone() - { - // clear cache-variables - $this->_taggedMap = null; - $this->_unspecifiedTypes = null; - } - - /** - * {@inheritdoc} - */ - public function isConstructed(): bool - { - return true; - } - - /** - * Explode DER structure to DER encoded components that it contains. - * - * @throws DecodeException - * - * @return string[] - */ - public static function explodeDER(string $data): array - { - $offset = 0; - $identifier = Identifier::fromDER($data, $offset); - if (!$identifier->isConstructed()) { - throw new DecodeException('Element is not constructed.'); - } - $length = Length::expectFromDER($data, $offset); - if ($length->isIndefinite()) { - throw new DecodeException( - 'Explode not implemented for indefinite length encoding.'); - } - $end = $offset + $length->intLength(); - $parts = []; - while ($offset < $end) { - // start of the element - $idx = $offset; - // skip identifier - Identifier::fromDER($data, $offset); - // decode element length - $length = Length::expectFromDER($data, $offset)->intLength(); - // extract der encoding of the element - $parts[] = substr($data, $idx, $offset - $idx + $length); - // update offset over content - $offset += $length; - } - return $parts; - } - - /** - * Get self with an element at the given index replaced by another. - * - * @param int $idx Element index - * @param Element $el New element to insert into the structure - * - * @throws \OutOfBoundsException - */ - public function withReplaced(int $idx, Element $el): self - { - if (!isset($this->_elements[$idx])) { - throw new \OutOfBoundsException( - "Structure doesn't have element at index {$idx}."); - } - $obj = clone $this; - $obj->_elements[$idx] = $el; - return $obj; - } - - /** - * Get self with an element inserted before the given index. - * - * @param int $idx Element index - * @param Element $el New element to insert into the structure - * - * @throws \OutOfBoundsException - */ - public function withInserted(int $idx, Element $el): self - { - if (count($this->_elements) < $idx || $idx < 0) { - throw new \OutOfBoundsException("Index {$idx} is out of bounds."); - } - $obj = clone $this; - array_splice($obj->_elements, $idx, 0, [$el]); - return $obj; - } - - /** - * Get self with an element appended to the end. - * - * @param Element $el Element to insert into the structure - */ - public function withAppended(Element $el): self - { - $obj = clone $this; - array_push($obj->_elements, $el); - return $obj; - } - - /** - * Get self with an element prepended in the beginning. - * - * @param Element $el Element to insert into the structure - */ - public function withPrepended(Element $el): self - { - $obj = clone $this; - array_unshift($obj->_elements, $el); - return $obj; - } - - /** - * Get self with an element at the given index removed. - * - * @param int $idx Element index - * - * @throws \OutOfBoundsException - */ - public function withoutElement(int $idx): self - { - if (!isset($this->_elements[$idx])) { - throw new \OutOfBoundsException( - "Structure doesn't have element at index {$idx}."); - } - $obj = clone $this; - array_splice($obj->_elements, $idx, 1); - return $obj; - } - - /** - * Get elements in the structure. - * - * @return UnspecifiedType[] - */ - public function elements(): array - { - if (!isset($this->_unspecifiedTypes)) { - $this->_unspecifiedTypes = array_map( - function (Element $el) { - return new UnspecifiedType($el); - }, $this->_elements); - } - return $this->_unspecifiedTypes; - } - - /** - * Check whether the structure has an element at the given index, optionally - * satisfying given tag expectation. - * - * @param int $idx Index 0..n - * @param null|int $expectedTag Optional type tag expectation - */ - public function has(int $idx, ?int $expectedTag = null): bool - { - if (!isset($this->_elements[$idx])) { - return false; - } - if (isset($expectedTag)) { - if (!$this->_elements[$idx]->isType($expectedTag)) { - return false; - } - } - return true; - } - - /** - * Get the element at the given index, optionally checking that the element - * has a given tag. - * - * @param int $idx Index 0..n - * - * @throws \OutOfBoundsException If element doesn't exists - * @throws \UnexpectedValueException If expectation fails - */ - public function at(int $idx): UnspecifiedType - { - if (!isset($this->_elements[$idx])) { - throw new \OutOfBoundsException( - "Structure doesn't have an element at index {$idx}."); - } - return new UnspecifiedType($this->_elements[$idx]); - } - - /** - * Check whether the structure contains a context specific element with a - * given tag. - * - * @param int $tag Tag number - */ - public function hasTagged(int $tag): bool - { - // lazily build lookup map - if (!isset($this->_taggedMap)) { - $this->_taggedMap = []; - foreach ($this->_elements as $element) { - if ($element->isTagged()) { - $this->_taggedMap[$element->tag()] = $element; - } - } - } - return isset($this->_taggedMap[$tag]); - } - - /** - * Get a context specific element tagged with a given tag. - * - * @throws \LogicException If tag doesn't exists - */ - public function getTagged(int $tag): TaggedType - { - if (!$this->hasTagged($tag)) { - throw new \LogicException("No tagged element for tag {$tag}."); - } - return $this->_taggedMap[$tag]; - } - - /** - * @see \Countable::count() - */ - public function count(): int - { - return count($this->_elements); - } - - /** - * Get an iterator for the `UnspecifiedElement` objects. - * - * @see \IteratorAggregate::getIterator() - */ - public function getIterator(): \ArrayIterator - { - return new \ArrayIterator($this->elements()); - } - - /** - * {@inheritdoc} - */ - protected function _encodedContentDER(): string - { - $data = ''; - foreach ($this->_elements as $element) { - $data .= $element->toDER(); - } - return $data; - } - - /** - * {@inheritdoc} - * - * @return self - */ - protected static function _decodeFromDER(Identifier $identifier, - string $data, int &$offset): ElementBase - { - if (!$identifier->isConstructed()) { - throw new DecodeException( - 'Structured element must have constructed bit set.'); - } - $idx = $offset; - $length = Length::expectFromDER($data, $idx); - if ($length->isIndefinite()) { - $type = self::_decodeIndefiniteLength($data, $idx); - } else { - $type = self::_decodeDefiniteLength($data, $idx, - $length->intLength()); - } - $offset = $idx; - return $type; - } - - /** - * Decode elements for a definite length. - * - * @param string $data DER data - * @param int $offset Offset to data - * @param int $length Number of bytes to decode - * - * @throws DecodeException - */ - private static function _decodeDefiniteLength(string $data, int &$offset, - int $length): ElementBase - { - $idx = $offset; - $end = $idx + $length; - $elements = []; - while ($idx < $end) { - $elements[] = Element::fromDER($data, $idx); - // check that element didn't overflow length - if ($idx > $end) { - throw new DecodeException("Structure's content overflows length."); - } - } - $offset = $idx; - // return instance by static late binding - return new static(...$elements); - } - - /** - * Decode elements for an indefinite length. - * - * @param string $data DER data - * @param int $offset Offset to data - * - * @throws DecodeException - */ - private static function _decodeIndefiniteLength(string $data, int &$offset): ElementBase - { - $idx = $offset; - $elements = []; - $end = strlen($data); - while (true) { - if ($idx >= $end) { - throw new DecodeException( - 'Unexpected end of data while decoding indefinite length structure.'); - } - $el = Element::fromDER($data, $idx); - if ($el->isType(self::TYPE_EOC)) { - break; - } - $elements[] = $el; - } - $offset = $idx; - $type = new static(...$elements); - $type->_indefiniteLength = true; - return $type; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ApplicationType.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ApplicationType.php deleted file mode 100644 index 9821e6e..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ApplicationType.php +++ /dev/null @@ -1,12 +0,0 @@ -_identifier = $identifier; - $this->_data = $data; - $this->_offset = $offset; - $this->_valueOffset = $value_offset; - $this->_valueLength = $value_length; - $this->_indefiniteLength = $indefinite_length; - $this->_typeTag = $identifier->intTag(); - } - - /** - * {@inheritdoc} - */ - public function typeClass(): int - { - return $this->_identifier->typeClass(); - } - - /** - * {@inheritdoc} - */ - public function isConstructed(): bool - { - return $this->_identifier->isConstructed(); - } - - /** - * {@inheritdoc} - */ - public function implicit(int $tag, int $class = Identifier::CLASS_UNIVERSAL): UnspecifiedType - { - $identifier = $this->_identifier->withClass($class)->withTag($tag); - $cls = self::_determineImplClass($identifier); - $idx = $this->_offset; - /** @var \Sop\ASN1\Feature\ElementBase $element */ - $element = $cls::_decodeFromDER($identifier, $this->_data, $idx); - return $element->asUnspecified(); - } - - /** - * {@inheritdoc} - */ - public function explicit(): UnspecifiedType - { - $idx = $this->_valueOffset; - return Element::fromDER($this->_data, $idx)->asUnspecified(); - } - - /** - * {@inheritdoc} - */ - protected static function _decodeFromDER(Identifier $identifier, - string $data, int &$offset): ElementBase - { - $idx = $offset; - $length = Length::expectFromDER($data, $idx); - // offset to inner value - $value_offset = $idx; - if ($length->isIndefinite()) { - if ($identifier->isPrimitive()) { - throw new DecodeException( - 'Primitive type with indefinite length is not supported.'); - } - while (!Element::fromDER($data, $idx)->isType(self::TYPE_EOC)); - // EOC consists of two octets. - $value_length = $idx - $value_offset - 2; - } else { - $value_length = $length->intLength(); - $idx += $value_length; - } - // late static binding since ApplicationType and PrivateType extend this class - $type = new static($identifier, $data, $offset, $value_offset, - $value_length, $length->isIndefinite()); - $offset = $idx; - return $type; - } - - /** - * {@inheritdoc} - */ - protected function _encodedContentDER(): string - { - return substr($this->_data, $this->_valueOffset, $this->_valueLength); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ExplicitTagging.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ExplicitTagging.php deleted file mode 100644 index be5a300..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ExplicitTagging.php +++ /dev/null @@ -1,19 +0,0 @@ -_typeTag = $tag; - $this->_element = $element; - $this->_class = $class; - } - - /** - * {@inheritdoc} - */ - public function isConstructed(): bool - { - return true; - } - - /** - * {@inheritdoc} - */ - public function explicit(): UnspecifiedType - { - return $this->_element->asUnspecified(); - } - - /** - * {@inheritdoc} - */ - protected function _encodedContentDER(): string - { - // get the full encoding of the wrapped element - return $this->_element->toDER(); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ImplicitTagging.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ImplicitTagging.php deleted file mode 100644 index ca2d5ed..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/ImplicitTagging.php +++ /dev/null @@ -1,25 +0,0 @@ -_typeTag = $tag; - $this->_element = $element; - $this->_class = $class; - } - - /** - * {@inheritdoc} - */ - public function isConstructed(): bool - { - // depends on the underlying type - return $this->_element->isConstructed(); - } - - /** - * {@inheritdoc} - */ - public function implicit( - int $tag, int $class = Identifier::CLASS_UNIVERSAL): UnspecifiedType - { - $this->_element->expectType($tag); - if ($this->_element->typeClass() !== $class) { - throw new \UnexpectedValueException( - sprintf('Type class %s expected, got %s.', - Identifier::classToName($class), - Identifier::classToName($this->_element->typeClass()))); - } - return $this->_element->asUnspecified(); - } - - /** - * {@inheritdoc} - */ - protected function _encodedContentDER(): string - { - // get only the content of the wrapped element. - return $this->_element->_encodedContentDER(); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/PrivateType.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/PrivateType.php deleted file mode 100644 index 6ab626b..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/Tagged/PrivateType.php +++ /dev/null @@ -1,12 +0,0 @@ -_class; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/TaggedType.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/TaggedType.php deleted file mode 100644 index 80ae37c..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/TaggedType.php +++ /dev/null @@ -1,84 +0,0 @@ -expectTagged($expectedTag); - } - return $el; - } - - /** - * Get the wrapped inner element employing explicit tagging. - * - * @param null|int $expectedTag Optional outer tag expectation - * - * @throws \UnexpectedValueException If expectation fails - */ - public function asExplicit(?int $expectedTag = null): UnspecifiedType - { - return $this->expectExplicit($expectedTag)->explicit(); - } - - /** - * Check whether element supports implicit tagging. - * - * @param null|int $expectedTag Optional outer tag expectation - * - * @throws \UnexpectedValueException If expectation fails - */ - public function expectImplicit(?int $expectedTag = null): ImplicitTagging - { - $el = $this; - if (!$el instanceof ImplicitTagging) { - throw new \UnexpectedValueException( - "Element doesn't implement implicit tagging."); - } - if (isset($expectedTag)) { - $el->expectTagged($expectedTag); - } - return $el; - } - - /** - * Get the wrapped inner element employing implicit tagging. - * - * @param int $tag Type tag of the inner element - * @param null|int $expectedTag Optional outer tag expectation - * @param int $expectedClass Optional inner type class expectation - * - * @throws \UnexpectedValueException If expectation fails - */ - public function asImplicit(int $tag, ?int $expectedTag = null, - int $expectedClass = Identifier::CLASS_UNIVERSAL): UnspecifiedType - { - return $this->expectImplicit($expectedTag)->implicit($tag, - $expectedClass); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/TimeType.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/TimeType.php deleted file mode 100644 index cef1a49..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Type/TimeType.php +++ /dev/null @@ -1,16 +0,0 @@ -_element = $el; - } - - /** - * Initialize from DER data. - * - * @param string $data DER encoded data - */ - public static function fromDER(string $data): self - { - return Element::fromDER($data)->asUnspecified(); - } - - /** - * Initialize from `ElementBase` interface. - */ - public static function fromElementBase(ElementBase $el): self - { - // if element is already wrapped - if ($el instanceof self) { - return $el; - } - return new self($el->asElement()); - } - - /** - * Get the wrapped element as a context specific tagged type. - * - * @throws \UnexpectedValueException If the element is not tagged - */ - public function asTagged(): TaggedType - { - if (!$this->_element instanceof TaggedType) { - throw new \UnexpectedValueException( - 'Tagged element expected, got ' . $this->_typeDescriptorString()); - } - return $this->_element; - } - - /** - * Get the wrapped element as an application specific type. - * - * @throws \UnexpectedValueException If element is not application specific - * - * @return \Sop\ASN1\Type\Tagged\ApplicationType - */ - public function asApplication(): Tagged\ApplicationType - { - if (!$this->_element instanceof Tagged\ApplicationType) { - throw new \UnexpectedValueException( - 'Application type expected, got ' . $this->_typeDescriptorString()); - } - return $this->_element; - } - - /** - * Get the wrapped element as a private tagged type. - * - * @throws \UnexpectedValueException If element is not using private tagging - * - * @return \Sop\ASN1\Type\Tagged\PrivateType - */ - public function asPrivate(): Tagged\PrivateType - { - if (!$this->_element instanceof Tagged\PrivateType) { - throw new \UnexpectedValueException( - 'Private type expected, got ' . $this->_typeDescriptorString()); - } - return $this->_element; - } - - /** - * Get the wrapped element as a boolean type. - * - * @throws \UnexpectedValueException If the element is not a boolean - * - * @return \Sop\ASN1\Type\Primitive\Boolean - */ - public function asBoolean(): Primitive\Boolean - { - if (!$this->_element instanceof Primitive\Boolean) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_BOOLEAN)); - } - return $this->_element; - } - - /** - * Get the wrapped element as an integer type. - * - * @throws \UnexpectedValueException If the element is not an integer - * - * @return \Sop\ASN1\Type\Primitive\Integer - */ - public function asInteger(): Primitive\Integer - { - if (!$this->_element instanceof Primitive\Integer) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_INTEGER)); - } - return $this->_element; - } - - /** - * Get the wrapped element as a bit string type. - * - * @throws \UnexpectedValueException If the element is not a bit string - * - * @return \Sop\ASN1\Type\Primitive\BitString - */ - public function asBitString(): Primitive\BitString - { - if (!$this->_element instanceof Primitive\BitString) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_BIT_STRING)); - } - return $this->_element; - } - - /** - * Get the wrapped element as an octet string type. - * - * @throws \UnexpectedValueException If the element is not an octet string - * - * @return \Sop\ASN1\Type\Primitive\OctetString - */ - public function asOctetString(): Primitive\OctetString - { - if (!$this->_element instanceof Primitive\OctetString) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_OCTET_STRING)); - } - return $this->_element; - } - - /** - * Get the wrapped element as a null type. - * - * @throws \UnexpectedValueException If the element is not a null - * - * @return \Sop\ASN1\Type\Primitive\NullType - */ - public function asNull(): Primitive\NullType - { - if (!$this->_element instanceof Primitive\NullType) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_NULL)); - } - return $this->_element; - } - - /** - * Get the wrapped element as an object identifier type. - * - * @throws \UnexpectedValueException If the element is not an object identifier - * - * @return \Sop\ASN1\Type\Primitive\ObjectIdentifier - */ - public function asObjectIdentifier(): Primitive\ObjectIdentifier - { - if (!$this->_element instanceof Primitive\ObjectIdentifier) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_OBJECT_IDENTIFIER)); - } - return $this->_element; - } - - /** - * Get the wrapped element as an object descriptor type. - * - * @throws \UnexpectedValueException If the element is not an object descriptor - * - * @return \Sop\ASN1\Type\Primitive\ObjectDescriptor - */ - public function asObjectDescriptor(): Primitive\ObjectDescriptor - { - if (!$this->_element instanceof Primitive\ObjectDescriptor) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_OBJECT_DESCRIPTOR)); - } - return $this->_element; - } - - /** - * Get the wrapped element as a real type. - * - * @throws \UnexpectedValueException If the element is not a real - * - * @return \Sop\ASN1\Type\Primitive\Real - */ - public function asReal(): Primitive\Real - { - if (!$this->_element instanceof Primitive\Real) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_REAL)); - } - return $this->_element; - } - - /** - * Get the wrapped element as an enumerated type. - * - * @throws \UnexpectedValueException If the element is not an enumerated - * - * @return \Sop\ASN1\Type\Primitive\Enumerated - */ - public function asEnumerated(): Primitive\Enumerated - { - if (!$this->_element instanceof Primitive\Enumerated) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_ENUMERATED)); - } - return $this->_element; - } - - /** - * Get the wrapped element as a UTF8 string type. - * - * @throws \UnexpectedValueException If the element is not a UTF8 string - * - * @return \Sop\ASN1\Type\Primitive\UTF8String - */ - public function asUTF8String(): Primitive\UTF8String - { - if (!$this->_element instanceof Primitive\UTF8String) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_UTF8_STRING)); - } - return $this->_element; - } - - /** - * Get the wrapped element as a relative OID type. - * - * @throws \UnexpectedValueException If the element is not a relative OID - * - * @return \Sop\ASN1\Type\Primitive\RelativeOID - */ - public function asRelativeOID(): Primitive\RelativeOID - { - if (!$this->_element instanceof Primitive\RelativeOID) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_RELATIVE_OID)); - } - return $this->_element; - } - - /** - * Get the wrapped element as a sequence type. - * - * @throws \UnexpectedValueException If the element is not a sequence - * - * @return \Sop\ASN1\Type\Constructed\Sequence - */ - public function asSequence(): Constructed\Sequence - { - if (!$this->_element instanceof Constructed\Sequence) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_SEQUENCE)); - } - return $this->_element; - } - - /** - * Get the wrapped element as a set type. - * - * @throws \UnexpectedValueException If the element is not a set - * - * @return \Sop\ASN1\Type\Constructed\Set - */ - public function asSet(): Constructed\Set - { - if (!$this->_element instanceof Constructed\Set) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_SET)); - } - return $this->_element; - } - - /** - * Get the wrapped element as a numeric string type. - * - * @throws \UnexpectedValueException If the element is not a numeric string - * - * @return \Sop\ASN1\Type\Primitive\NumericString - */ - public function asNumericString(): Primitive\NumericString - { - if (!$this->_element instanceof Primitive\NumericString) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_NUMERIC_STRING)); - } - return $this->_element; - } - - /** - * Get the wrapped element as a printable string type. - * - * @throws \UnexpectedValueException If the element is not a printable string - * - * @return \Sop\ASN1\Type\Primitive\PrintableString - */ - public function asPrintableString(): Primitive\PrintableString - { - if (!$this->_element instanceof Primitive\PrintableString) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_PRINTABLE_STRING)); - } - return $this->_element; - } - - /** - * Get the wrapped element as a T61 string type. - * - * @throws \UnexpectedValueException If the element is not a T61 string - * - * @return \Sop\ASN1\Type\Primitive\T61String - */ - public function asT61String(): Primitive\T61String - { - if (!$this->_element instanceof Primitive\T61String) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_T61_STRING)); - } - return $this->_element; - } - - /** - * Get the wrapped element as a videotex string type. - * - * @throws \UnexpectedValueException If the element is not a videotex string - * - * @return \Sop\ASN1\Type\Primitive\VideotexString - */ - public function asVideotexString(): Primitive\VideotexString - { - if (!$this->_element instanceof Primitive\VideotexString) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_VIDEOTEX_STRING)); - } - return $this->_element; - } - - /** - * Get the wrapped element as a IA5 string type. - * - * @throws \UnexpectedValueException If the element is not a IA5 string - * - * @return \Sop\ASN1\Type\Primitive\IA5String - */ - public function asIA5String(): Primitive\IA5String - { - if (!$this->_element instanceof Primitive\IA5String) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_IA5_STRING)); - } - return $this->_element; - } - - /** - * Get the wrapped element as an UTC time type. - * - * @throws \UnexpectedValueException If the element is not a UTC time - * - * @return \Sop\ASN1\Type\Primitive\UTCTime - */ - public function asUTCTime(): Primitive\UTCTime - { - if (!$this->_element instanceof Primitive\UTCTime) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_UTC_TIME)); - } - return $this->_element; - } - - /** - * Get the wrapped element as a generalized time type. - * - * @throws \UnexpectedValueException If the element is not a generalized time - * - * @return \Sop\ASN1\Type\Primitive\GeneralizedTime - */ - public function asGeneralizedTime(): Primitive\GeneralizedTime - { - if (!$this->_element instanceof Primitive\GeneralizedTime) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_GENERALIZED_TIME)); - } - return $this->_element; - } - - /** - * Get the wrapped element as a graphic string type. - * - * @throws \UnexpectedValueException If the element is not a graphic string - * - * @return \Sop\ASN1\Type\Primitive\GraphicString - */ - public function asGraphicString(): Primitive\GraphicString - { - if (!$this->_element instanceof Primitive\GraphicString) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_GRAPHIC_STRING)); - } - return $this->_element; - } - - /** - * Get the wrapped element as a visible string type. - * - * @throws \UnexpectedValueException If the element is not a visible string - * - * @return \Sop\ASN1\Type\Primitive\VisibleString - */ - public function asVisibleString(): Primitive\VisibleString - { - if (!$this->_element instanceof Primitive\VisibleString) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_VISIBLE_STRING)); - } - return $this->_element; - } - - /** - * Get the wrapped element as a general string type. - * - * @throws \UnexpectedValueException If the element is not general string - * - * @return \Sop\ASN1\Type\Primitive\GeneralString - */ - public function asGeneralString(): Primitive\GeneralString - { - if (!$this->_element instanceof Primitive\GeneralString) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_GENERAL_STRING)); - } - return $this->_element; - } - - /** - * Get the wrapped element as a universal string type. - * - * @throws \UnexpectedValueException If the element is not a universal string - * - * @return \Sop\ASN1\Type\Primitive\UniversalString - */ - public function asUniversalString(): Primitive\UniversalString - { - if (!$this->_element instanceof Primitive\UniversalString) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_UNIVERSAL_STRING)); - } - return $this->_element; - } - - /** - * Get the wrapped element as a character string type. - * - * @throws \UnexpectedValueException If the element is not a character string - * - * @return \Sop\ASN1\Type\Primitive\CharacterString - */ - public function asCharacterString(): Primitive\CharacterString - { - if (!$this->_element instanceof Primitive\CharacterString) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_CHARACTER_STRING)); - } - return $this->_element; - } - - /** - * Get the wrapped element as a BMP string type. - * - * @throws \UnexpectedValueException If the element is not a bmp string - * - * @return \Sop\ASN1\Type\Primitive\BMPString - */ - public function asBMPString(): Primitive\BMPString - { - if (!$this->_element instanceof Primitive\BMPString) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_BMP_STRING)); - } - return $this->_element; - } - - /** - * Get the wrapped element as a constructed string type. - * - * @throws \UnexpectedValueException If the element is not a constructed string - * - * @return \Sop\ASN1\Type\Constructed\ConstructedString - */ - public function asConstructedString(): Constructed\ConstructedString - { - if (!$this->_element instanceof Constructed\ConstructedString) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_CONSTRUCTED_STRING)); - } - return $this->_element; - } - - /** - * Get the wrapped element as any string type. - * - * @throws \UnexpectedValueException If the element is not a string type - */ - public function asString(): StringType - { - if (!$this->_element instanceof StringType) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_STRING)); - } - return $this->_element; - } - - /** - * Get the wrapped element as any time type. - * - * @throws \UnexpectedValueException If the element is not a time type - */ - public function asTime(): TimeType - { - if (!$this->_element instanceof TimeType) { - throw new \UnexpectedValueException( - $this->_generateExceptionMessage(Element::TYPE_TIME)); - } - return $this->_element; - } - - /** - * {@inheritdoc} - */ - public function asElement(): Element - { - return $this->_element; - } - - /** - * {@inheritdoc} - */ - public function asUnspecified(): UnspecifiedType - { - return $this; - } - - /** - * {@inheritdoc} - */ - public function toDER(): string - { - return $this->_element->toDER(); - } - - /** - * {@inheritdoc} - */ - public function typeClass(): int - { - return $this->_element->typeClass(); - } - - /** - * {@inheritdoc} - */ - public function tag(): int - { - return $this->_element->tag(); - } - - /** - * {@inheritdoc} - */ - public function isConstructed(): bool - { - return $this->_element->isConstructed(); - } - - /** - * {@inheritdoc} - */ - public function isType(int $tag): bool - { - return $this->_element->isType($tag); - } - - /** - * {@inheritdoc} - */ - public function isTagged(): bool - { - return $this->_element->isTagged(); - } - - /** - * {@inheritdoc} - * - * Consider using any of the `as*` accessor methods instead. - */ - public function expectType(int $tag): ElementBase - { - return $this->_element->expectType($tag); - } - - /** - * {@inheritdoc} - * - * Consider using `asTagged()` method instead and chaining - * with `TaggedType::asExplicit()` or `TaggedType::asImplicit()`. - */ - public function expectTagged(?int $tag = null): TaggedType - { - return $this->_element->expectTagged($tag); - } - - /** - * Generate message for exceptions thrown by `as*` methods. - * - * @param int $tag Type tag of the expected element - */ - private function _generateExceptionMessage(int $tag): string - { - return sprintf('%s expected, got %s.', Element::tagToName($tag), - $this->_typeDescriptorString()); - } - - /** - * Get textual description of the wrapped element for debugging purposes. - */ - private function _typeDescriptorString(): string - { - $type_cls = $this->_element->typeClass(); - $tag = $this->_element->tag(); - $str = $this->_element->isConstructed() ? 'constructed ' : 'primitive '; - if (Identifier::CLASS_UNIVERSAL === $type_cls) { - $str .= Element::tagToName($tag); - } else { - $str .= Identifier::classToName($type_cls) . " TAG {$tag}"; - } - return $str; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Util/BigInt.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Util/BigInt.php deleted file mode 100644 index 28e5ccd..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Util/BigInt.php +++ /dev/null @@ -1,218 +0,0 @@ -_gmp = $num; - } - - public function __toString(): string - { - return $this->base10(); - } - - /** - * Initialize from an arbitrary length of octets as an unsigned integer. - */ - public static function fromUnsignedOctets(string $octets): self - { - if (!strlen($octets)) { - throw new \InvalidArgumentException('Empty octets.'); - } - return new self(gmp_import($octets, 1, GMP_MSW_FIRST | GMP_BIG_ENDIAN)); - } - - /** - * Initialize from an arbitrary length of octets as an signed integer - * having two's complement encoding. - */ - public static function fromSignedOctets(string $octets): self - { - if (!strlen($octets)) { - throw new \InvalidArgumentException('Empty octets.'); - } - $neg = ord($octets[0]) & 0x80; - // negative, apply inversion of two's complement - if ($neg) { - $octets = ~$octets; - } - $num = gmp_import($octets, 1, GMP_MSW_FIRST | GMP_BIG_ENDIAN); - // negative, apply addition of two's complement and produce negative result - if ($neg) { - $num = gmp_neg($num + 1); - } - return new self($num); - } - - /** - * Get the number as a base 10 integer string. - */ - public function base10(): string - { - if (!isset($this->_num)) { - $this->_num = gmp_strval($this->_gmp, 10); - } - return $this->_num; - } - - /** - * Get the number as an integer. - * - * @throws \RuntimeException If number overflows integer size - */ - public function intVal(): int - { - if (!isset($this->_intNum)) { - if (gmp_cmp($this->_gmp, $this->_intMaxGmp()) > 0) { - throw new \RuntimeException('Integer overflow.'); - } - if (gmp_cmp($this->_gmp, $this->_intMinGmp()) < 0) { - throw new \RuntimeException('Integer underflow.'); - } - $this->_intNum = gmp_intval($this->_gmp); - } - return $this->_intNum; - } - - /** - * Get the number as a `GMP` object. - * - * @throws \RuntimeException if number is not a valid integer - */ - public function gmpObj(): \GMP - { - return clone $this->_gmp; - } - - /** - * Get the number as an unsigned integer encoded in binary. - */ - public function unsignedOctets(): string - { - return gmp_export($this->_gmp, 1, GMP_MSW_FIRST | GMP_BIG_ENDIAN); - } - - /** - * Get the number as a signed integer encoded in two's complement binary. - */ - public function signedOctets(): string - { - switch (gmp_sign($this->_gmp)) { - case 1: - return $this->_signedPositiveOctets(); - case -1: - return $this->_signedNegativeOctets(); - } - // zero - return chr(0); - } - - /** - * Encode positive integer in two's complement binary. - */ - private function _signedPositiveOctets(): string - { - $bin = gmp_export($this->_gmp, 1, GMP_MSW_FIRST | GMP_BIG_ENDIAN); - // if first bit is 1, prepend full zero byte to represent positive two's complement - if (ord($bin[0]) & 0x80) { - $bin = chr(0x00) . $bin; - } - return $bin; - } - - /** - * Encode negative integer in two's complement binary. - */ - private function _signedNegativeOctets(): string - { - $num = gmp_abs($this->_gmp); - // compute number of bytes required - $width = 1; - if ($num > 128) { - $tmp = $num; - do { - ++$width; - $tmp >>= 8; - } while ($tmp > 128); - } - // compute two's complement 2^n - x - $num = gmp_pow('2', 8 * $width) - $num; - $bin = gmp_export($num, 1, GMP_MSW_FIRST | GMP_BIG_ENDIAN); - // if first bit is 0, prepend full inverted byte to represent negative two's complement - if (!(ord($bin[0]) & 0x80)) { - $bin = chr(0xff) . $bin; - } - return $bin; - } - - /** - * Get the maximum integer value. - */ - private function _intMaxGmp(): \GMP - { - static $gmp; - if (!isset($gmp)) { - $gmp = gmp_init(PHP_INT_MAX, 10); - } - return $gmp; - } - - /** - * Get the minimum integer value. - */ - private function _intMinGmp(): \GMP - { - static $gmp; - if (!isset($gmp)) { - $gmp = gmp_init(PHP_INT_MIN, 10); - } - return $gmp; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Util/Flags.php b/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Util/Flags.php deleted file mode 100644 index 60c2b0f..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/asn1/lib/ASN1/Util/Flags.php +++ /dev/null @@ -1,144 +0,0 @@ -_flags = ''; - } else { - // calculate number of unused bits in last octet - $last_octet_bits = $width % 8; - $unused_bits = $last_octet_bits ? 8 - $last_octet_bits : 0; - $num = gmp_init($flags); - // mask bits outside bitfield width - $mask = gmp_sub(gmp_init(1) << $width, 1); - $num &= $mask; - // shift towards MSB if needed - $data = gmp_export($num << $unused_bits, 1, - GMP_MSW_FIRST | GMP_BIG_ENDIAN); - $octets = unpack('C*', $data); - assert(is_array($octets), new \RuntimeException('unpack() failed')); - $bits = count($octets) * 8; - // pad with zeroes - while ($bits < $width) { - array_unshift($octets, 0); - $bits += 8; - } - $this->_flags = pack('C*', ...$octets); - } - $this->_width = $width; - } - - /** - * Initialize from `BitString`. - */ - public static function fromBitString(BitString $bs, int $width): self - { - $num_bits = $bs->numBits(); - $num = gmp_import($bs->string(), 1, GMP_MSW_FIRST | GMP_BIG_ENDIAN); - $num >>= $bs->unusedBits(); - if ($num_bits < $width) { - $num <<= ($width - $num_bits); - } - return new self(gmp_strval($num, 10), $width); - } - - /** - * Check whether a bit at given index is set. - * - * Index 0 is the leftmost bit. - * - * @throws \OutOfBoundsException - */ - public function test(int $idx): bool - { - if ($idx >= $this->_width) { - throw new \OutOfBoundsException('Index is out of bounds.'); - } - // octet index - $oi = (int) floor($idx / 8); - $byte = $this->_flags[$oi]; - // bit index - $bi = $idx % 8; - // index 0 is the most significant bit in byte - $mask = 0x01 << (7 - $bi); - return (ord($byte) & $mask) > 0; - } - - /** - * Get flags as an octet string. - * - * Zeroes are appended to the last octet if width is not divisible by 8. - */ - public function string(): string - { - return $this->_flags; - } - - /** - * Get flags as a base 10 integer. - * - * @return string Integer as a string - */ - public function number(): string - { - $num = gmp_import($this->_flags, 1, GMP_MSW_FIRST | GMP_BIG_ENDIAN); - $last_octet_bits = $this->_width % 8; - $unused_bits = $last_octet_bits ? 8 - $last_octet_bits : 0; - $num >>= $unused_bits; - return gmp_strval($num, 10); - } - - /** - * Get flags as an integer. - */ - public function intNumber(): int - { - $num = new BigInt($this->number()); - return $num->intVal(); - } - - /** - * Get flags as a `BitString` object. - * - * Unused bits are set accordingly. Trailing zeroes are not stripped. - */ - public function bitString(): BitString - { - $last_octet_bits = $this->_width % 8; - $unused_bits = $last_octet_bits ? 8 - $last_octet_bits : 0; - return new BitString($this->_flags, $unused_bits); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/LICENSE b/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/LICENSE deleted file mode 100644 index 146b5cf..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ -MIT License - -Copyright (c) 2016-2019 Joni Eskelinen - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. \ No newline at end of file diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/README.md b/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/README.md deleted file mode 100644 index 38770b1..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/README.md +++ /dev/null @@ -1,24 +0,0 @@ -# CryptoEncoding - -[![Build Status](https://travis-ci.org/sop/crypto-encoding.svg?branch=master)](https://travis-ci.org/sop/crypto-encoding) -[![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/sop/crypto-encoding/badges/quality-score.png?b=master)](https://scrutinizer-ci.com/g/sop/crypto-encoding/?branch=master) -[![Coverage Status](https://coveralls.io/repos/github/sop/crypto-encoding/badge.svg?branch=master)](https://coveralls.io/github/sop/crypto-encoding?branch=master) -[![License](https://poser.pugx.org/sop/crypto-encoding/license)](https://github.com/sop/crypto-encoding/blob/master/LICENSE) - -A PHP implementation of [RFC 7468](https://tools.ietf.org/html/rfc7468) -textual encodings of cryptographic structures _(PEM)_. - -## Requirements - -- PHP >=7.2 - -## Installation - -This library is available on -[Packagist](https://packagist.org/packages/sop/crypto-encoding). - - composer require sop/crypto-encoding - -## License - -This project is licensed under the MIT License. diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/composer.json b/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/composer.json deleted file mode 100644 index d1764e1..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/composer.json +++ /dev/null @@ -1,31 +0,0 @@ -{ - "name": "sop/crypto-encoding", - "description": "A PHP implementation of textual encodings of cryptographic structures.", - "homepage": "https://github.com/sop/crypto-encoding", - "license": "MIT", - "type": "library", - "keywords": [ - "pem", - "public key", - "private key", - "certificate" - ], - "authors": [ - { - "name": "Joni Eskelinen", - "email": "jonieske@gmail.com", - "role": "Developer" - } - ], - "require": { - "php": ">=7.2" - }, - "require-dev": { - "phpunit/phpunit": "^8.1" - }, - "autoload": { - "psr-4": { - "Sop\\CryptoEncoding\\": "lib/CryptoEncoding/" - } - } -} \ No newline at end of file diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/lib/CryptoEncoding/PEM.php b/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/lib/CryptoEncoding/PEM.php deleted file mode 100644 index d55b858..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/lib/CryptoEncoding/PEM.php +++ /dev/null @@ -1,145 +0,0 @@ -_type = $type; - $this->_data = $data; - } - - /** - * @return string - */ - public function __toString(): string - { - return $this->string(); - } - - /** - * Initialize from a PEM-formatted string. - * - * @param string $str - * - * @throws \UnexpectedValueException If string is not valid PEM - * - * @return self - */ - public static function fromString(string $str): self - { - if (!preg_match(self::PEM_REGEX, $str, $match)) { - throw new \UnexpectedValueException('Not a PEM formatted string.'); - } - $payload = preg_replace('/\s+/', '', $match[2]); - $data = base64_decode($payload, true); - if (false === $data) { - throw new \UnexpectedValueException('Failed to decode PEM data.'); - } - return new self($match[1], $data); - } - - /** - * Initialize from a file. - * - * @param string $filename Path to file - * - * @throws \RuntimeException If file reading fails - * - * @return self - */ - public static function fromFile(string $filename): self - { - if (!is_readable($filename) || - false === ($str = file_get_contents($filename))) { - throw new \RuntimeException("Failed to read {$filename}."); - } - return self::fromString($str); - } - - /** - * Get content type. - * - * @return string - */ - public function type(): string - { - return $this->_type; - } - - /** - * Get payload. - * - * @return string - */ - public function data(): string - { - return $this->_data; - } - - /** - * Encode to PEM string. - * - * @return string - */ - public function string(): string - { - return "-----BEGIN {$this->_type}-----\n" . - trim(chunk_split(base64_encode($this->_data), 64, "\n")) . "\n" . - "-----END {$this->_type}-----"; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/lib/CryptoEncoding/PEMBundle.php b/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/lib/CryptoEncoding/PEMBundle.php deleted file mode 100644 index 54c528d..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-encoding/lib/CryptoEncoding/PEMBundle.php +++ /dev/null @@ -1,173 +0,0 @@ -_pems = $pems; - } - - /** - * @return string - */ - public function __toString(): string - { - return $this->string(); - } - - /** - * Initialize from a string. - * - * @param string $str - * - * @throws \UnexpectedValueException - * - * @return self - */ - public static function fromString(string $str): self - { - if (!preg_match_all(PEM::PEM_REGEX, $str, $matches, PREG_SET_ORDER)) { - throw new \UnexpectedValueException('No PEM blocks.'); - } - $pems = array_map( - function ($match) { - $payload = preg_replace('/\s+/', '', $match[2]); - $data = base64_decode($payload, true); - if (false === $data) { - throw new \UnexpectedValueException( - 'Failed to decode PEM data.'); - } - return new PEM($match[1], $data); - }, $matches); - return new self(...$pems); - } - - /** - * Initialize from a file. - * - * @param string $filename - * - * @throws \RuntimeException If file reading fails - * - * @return self - */ - public static function fromFile(string $filename): self - { - if (!is_readable($filename) || - false === ($str = file_get_contents($filename))) { - throw new \RuntimeException("Failed to read {$filename}."); - } - return self::fromString($str); - } - - /** - * Get self with PEM objects appended. - * - * @param PEM ...$pems - * - * @return self - */ - public function withPEMs(PEM ...$pems): self - { - $obj = clone $this; - $obj->_pems = array_merge($obj->_pems, $pems); - return $obj; - } - - /** - * Get all PEMs in a bundle. - * - * @return PEM[] - */ - public function all(): array - { - return $this->_pems; - } - - /** - * Get the first PEM in a bundle. - * - * @throws \LogicException If bundle contains no PEM objects - * - * @return PEM - */ - public function first(): PEM - { - if (!count($this->_pems)) { - throw new \LogicException('No PEMs.'); - } - return $this->_pems[0]; - } - - /** - * Get the last PEM in a bundle. - * - * @throws \LogicException If bundle contains no PEM objects - * - * @return PEM - */ - public function last(): PEM - { - if (!count($this->_pems)) { - throw new \LogicException('No PEMs.'); - } - return $this->_pems[count($this->_pems) - 1]; - } - - /** - * @see \Countable::count() - * - * @return int - */ - public function count(): int - { - return count($this->_pems); - } - - /** - * Get iterator for PEMs. - * - * @see \IteratorAggregate::getIterator() - * - * @return \ArrayIterator - */ - public function getIterator(): \ArrayIterator - { - return new \ArrayIterator($this->_pems); - } - - /** - * Encode bundle to a string of contiguous PEM blocks. - * - * @return string - */ - public function string(): string - { - return implode("\n", - array_map( - function (PEM $pem) { - return $pem->string(); - }, $this->_pems)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/LICENSE b/utilities/signing_and_verification/php/vendor/sop/crypto-types/LICENSE deleted file mode 100644 index 0453e40..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ -MIT License - -Copyright (c) 2016-2021 Joni Eskelinen - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. \ No newline at end of file diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/README.md b/utilities/signing_and_verification/php/vendor/sop/crypto-types/README.md deleted file mode 100644 index bbdccd4..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/README.md +++ /dev/null @@ -1,42 +0,0 @@ -# CryptoTypes - -[![Build Status](https://travis-ci.com/sop/crypto-types.svg?branch=master)](https://travis-ci.com/sop/crypto-types) -[![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/sop/crypto-types/badges/quality-score.png?b=master)](https://scrutinizer-ci.com/g/sop/crypto-types/?branch=master) -[![Coverage Status](https://coveralls.io/repos/github/sop/crypto-types/badge.svg?branch=master)](https://coveralls.io/github/sop/crypto-types?branch=master) -[![License](https://poser.pugx.org/sop/crypto-types/license)](https://github.com/sop/crypto-types/blob/master/LICENSE) - -A PHP library of various ASN.1 types for cryptographic applications. - -## Requirements - -- PHP >=7.2 -- gmp -- [sop/asn1](https://github.com/sop/asn1) -- [sop/crypto-encoding](https://github.com/sop/crypto-encoding) -- [sop/x501](https://github.com/sop/x501) - -## Features - -- Asymmetric keys - - [`RSAPrivateKey`](https://tools.ietf.org/html/rfc2437#section-11.1.2), - [`RSAPublicKey`](https://tools.ietf.org/html/rfc2437#section-11.1.1) - - [`ECPrivateKey`](https://tools.ietf.org/html/rfc5915#section-3), - [`ECPublicKey`](https://tools.ietf.org/html/rfc5480#section-2.2) - - [`PrivateKeyInfo`](https://tools.ietf.org/html/rfc5208#section-5) - ([PKCS #8](https://tools.ietf.org/html/rfc5208)) - - [`SubjectPublicKeyInfo`](https://tools.ietf.org/html/rfc5280#section-4.1) - ([X.509](https://tools.ietf.org/html/rfc5280)) -- [RSA](https://tools.ietf.org/html/rfc2313#section-10) and - [EC](https://tools.ietf.org/html/rfc3278#section-8.2) signature types -- Various `AlgorithmIdentifier` types and their OID's - -## Installation - -This library is available on -[Packagist](https://packagist.org/packages/sop/crypto-types). - - composer require sop/crypto-types - -## License - -This project is licensed under the MIT License. diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/composer.json b/utilities/signing_and_verification/php/vendor/sop/crypto-types/composer.json deleted file mode 100644 index d8ba537..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/composer.json +++ /dev/null @@ -1,39 +0,0 @@ -{ - "name": "sop/crypto-types", - "description": "A PHP library of various ASN.1 types for cryptographic applications.", - "homepage": "https://github.com/sop/crypto-types", - "license": "MIT", - "type": "library", - "keywords": [ - "cryptography", - "asn1", - "algorithm identifier", - "rsa", - "ec", - "public key", - "private key", - "signature" - ], - "authors": [ - { - "name": "Joni Eskelinen", - "email": "jonieske@gmail.com", - "role": "Developer" - } - ], - "require": { - "php": ">=7.2", - "ext-gmp": "*", - "sop/asn1": "^4.0.0", - "sop/crypto-encoding": "^0.3.0", - "sop/x501": "0.6.1" - }, - "require-dev": { - "phpunit/phpunit": "^8.1" - }, - "autoload": { - "psr-4": { - "Sop\\CryptoTypes\\": "lib/CryptoTypes/" - } - } -} \ No newline at end of file diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/AlgorithmIdentifier.php deleted file mode 100644 index 239940f..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/AlgorithmIdentifier.php +++ /dev/null @@ -1,116 +0,0 @@ -parse($seq); - } - - /** - * {@inheritdoc} - */ - public function oid(): string - { - return $this->_oid; - } - - /** - * {@inheritdoc} - */ - public function toASN1(): Sequence - { - $elements = [new ObjectIdentifier($this->_oid)]; - $params = $this->_paramsASN1(); - if (isset($params)) { - $elements[] = $params; - } - return new Sequence(...$elements); - } - - /** - * Get algorithm identifier parameters as ASN.1. - * - * If type allows parameters to be omitted, return null. - */ - abstract protected function _paramsASN1(): ?Element; -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/AlgorithmIdentifierFactory.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/AlgorithmIdentifierFactory.php deleted file mode 100644 index 3dc182c..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/AlgorithmIdentifierFactory.php +++ /dev/null @@ -1,119 +0,0 @@ - Asymmetric\RSAEncryptionAlgorithmIdentifier::class, - AlgorithmIdentifier::OID_EC_PUBLIC_KEY => Asymmetric\ECPublicKeyAlgorithmIdentifier::class, - AlgorithmIdentifier::OID_X25519 => Asymmetric\X25519AlgorithmIdentifier::class, - AlgorithmIdentifier::OID_X448 => Asymmetric\X448AlgorithmIdentifier::class, - AlgorithmIdentifier::OID_ED25519 => Asymmetric\Ed25519AlgorithmIdentifier::class, - AlgorithmIdentifier::OID_ED448 => Asymmetric\Ed448AlgorithmIdentifier::class, - AlgorithmIdentifier::OID_DES_CBC => Cipher\DESCBCAlgorithmIdentifier::class, - AlgorithmIdentifier::OID_DES_EDE3_CBC => Cipher\DESEDE3CBCAlgorithmIdentifier::class, - AlgorithmIdentifier::OID_RC2_CBC => Cipher\RC2CBCAlgorithmIdentifier::class, - AlgorithmIdentifier::OID_AES_128_CBC => Cipher\AES128CBCAlgorithmIdentifier::class, - AlgorithmIdentifier::OID_AES_192_CBC => Cipher\AES192CBCAlgorithmIdentifier::class, - AlgorithmIdentifier::OID_AES_256_CBC => Cipher\AES256CBCAlgorithmIdentifier::class, - AlgorithmIdentifier::OID_HMAC_WITH_SHA1 => Hash\HMACWithSHA1AlgorithmIdentifier::class, - AlgorithmIdentifier::OID_HMAC_WITH_SHA224 => Hash\HMACWithSHA224AlgorithmIdentifier::class, - AlgorithmIdentifier::OID_HMAC_WITH_SHA256 => Hash\HMACWithSHA256AlgorithmIdentifier::class, - AlgorithmIdentifier::OID_HMAC_WITH_SHA384 => Hash\HMACWithSHA384AlgorithmIdentifier::class, - AlgorithmIdentifier::OID_HMAC_WITH_SHA512 => Hash\HMACWithSHA512AlgorithmIdentifier::class, - AlgorithmIdentifier::OID_MD5 => Hash\MD5AlgorithmIdentifier::class, - AlgorithmIdentifier::OID_SHA1 => Hash\SHA1AlgorithmIdentifier::class, - AlgorithmIdentifier::OID_SHA224 => Hash\SHA224AlgorithmIdentifier::class, - AlgorithmIdentifier::OID_SHA256 => Hash\SHA256AlgorithmIdentifier::class, - AlgorithmIdentifier::OID_SHA384 => Hash\SHA384AlgorithmIdentifier::class, - AlgorithmIdentifier::OID_SHA512 => Hash\SHA512AlgorithmIdentifier::class, - AlgorithmIdentifier::OID_MD2_WITH_RSA_ENCRYPTION => Signature\MD2WithRSAEncryptionAlgorithmIdentifier::class, - AlgorithmIdentifier::OID_MD4_WITH_RSA_ENCRYPTION => Signature\MD4WithRSAEncryptionAlgorithmIdentifier::class, - AlgorithmIdentifier::OID_MD5_WITH_RSA_ENCRYPTION => Signature\MD5WithRSAEncryptionAlgorithmIdentifier::class, - AlgorithmIdentifier::OID_SHA1_WITH_RSA_ENCRYPTION => Signature\SHA1WithRSAEncryptionAlgorithmIdentifier::class, - AlgorithmIdentifier::OID_SHA224_WITH_RSA_ENCRYPTION => Signature\SHA224WithRSAEncryptionAlgorithmIdentifier::class, - AlgorithmIdentifier::OID_SHA256_WITH_RSA_ENCRYPTION => Signature\SHA256WithRSAEncryptionAlgorithmIdentifier::class, - AlgorithmIdentifier::OID_SHA384_WITH_RSA_ENCRYPTION => Signature\SHA384WithRSAEncryptionAlgorithmIdentifier::class, - AlgorithmIdentifier::OID_SHA512_WITH_RSA_ENCRYPTION => Signature\SHA512WithRSAEncryptionAlgorithmIdentifier::class, - AlgorithmIdentifier::OID_ECDSA_WITH_SHA1 => Signature\ECDSAWithSHA1AlgorithmIdentifier::class, - AlgorithmIdentifier::OID_ECDSA_WITH_SHA224 => Signature\ECDSAWithSHA224AlgorithmIdentifier::class, - AlgorithmIdentifier::OID_ECDSA_WITH_SHA256 => Signature\ECDSAWithSHA256AlgorithmIdentifier::class, - AlgorithmIdentifier::OID_ECDSA_WITH_SHA384 => Signature\ECDSAWithSHA384AlgorithmIdentifier::class, - AlgorithmIdentifier::OID_ECDSA_WITH_SHA512 => Signature\ECDSAWithSHA512AlgorithmIdentifier::class, - ]; - - /** - * Additional algorithm identifier providers. - * - * @var AlgorithmIdentifierProvider[] - */ - private $_additionalProviders; - - /** - * Constructor. - * - * @param AlgorithmIdentifierProvider ...$providers Additional providers - */ - public function __construct(AlgorithmIdentifierProvider ...$providers) - { - $this->_additionalProviders = $providers; - } - - /** - * Get the name of a class that implements algorithm identifier for given - * OID. - * - * @param string $oid Object identifier in dotted format - * - * @return null|string Fully qualified class name or null if not supported - */ - public function getClass(string $oid): ?string - { - // if OID is provided by this factory - if (array_key_exists($oid, self::MAP_OID_TO_CLASS)) { - return self::MAP_OID_TO_CLASS[$oid]; - } - // try additional providers - foreach ($this->_additionalProviders as $provider) { - if ($provider->supportsOID($oid)) { - return $provider->getClassByOID($oid); - } - } - return null; - } - - /** - * Parse AlgorithmIdentifier from an ASN.1 sequence. - */ - public function parse(Sequence $seq): AlgorithmIdentifier - { - $oid = $seq->at(0)->asObjectIdentifier()->oid(); - $params = $seq->has(1) ? $seq->at(1) : null; - /** @var SpecificAlgorithmIdentifier $cls */ - $cls = $this->getClass($oid); - if ($cls) { - return $cls::fromASN1Params($params); - } - // fallback to generic algorithm identifier - return new GenericAlgorithmIdentifier($oid, $params); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/AlgorithmIdentifierProvider.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/AlgorithmIdentifierProvider.php deleted file mode 100644 index 5041677..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/AlgorithmIdentifierProvider.php +++ /dev/null @@ -1,35 +0,0 @@ - 192, - self::CURVE_PRIME192V2 => 192, - self::CURVE_PRIME192V3 => 192, - self::CURVE_PRIME239V1 => 239, - self::CURVE_PRIME239V2 => 239, - self::CURVE_PRIME239V3 => 239, - self::CURVE_PRIME256V1 => 256, - self::CURVE_SECP112R1 => 112, - self::CURVE_SECP112R2 => 112, - self::CURVE_SECP128R1 => 128, - self::CURVE_SECP128R2 => 128, - self::CURVE_SECP160K1 => 160, - self::CURVE_SECP160R1 => 160, - self::CURVE_SECP160R2 => 160, - self::CURVE_SECP192K1 => 192, - self::CURVE_SECP224K1 => 224, - self::CURVE_SECP224R1 => 224, - self::CURVE_SECP256K1 => 256, - self::CURVE_SECP384R1 => 384, - self::CURVE_SECP521R1 => 521, - ]; - - /** - * OID of the named curve. - * - * @var string - */ - protected $_namedCurve; - - /** - * Constructor. - * - * @param string $named_curve Curve identifier - */ - public function __construct(string $named_curve) - { - $this->_oid = self::OID_EC_PUBLIC_KEY; - $this->_namedCurve = $named_curve; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'ecPublicKey'; - } - - /** - * {@inheritdoc} - * - * @return self - */ - public static function fromASN1Params( - ?UnspecifiedType $params = null): SpecificAlgorithmIdentifier - { - if (!isset($params)) { - throw new \UnexpectedValueException('No parameters.'); - } - $named_curve = $params->asObjectIdentifier()->oid(); - return new self($named_curve); - } - - /** - * Get OID of the named curve. - */ - public function namedCurve(): string - { - return $this->_namedCurve; - } - - /** - * {@inheritdoc} - * - * @return ObjectIdentifier - */ - protected function _paramsASN1(): ?Element - { - return new ObjectIdentifier($this->_namedCurve); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/Ed25519AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/Ed25519AlgorithmIdentifier.php deleted file mode 100644 index b0fbe31..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/Ed25519AlgorithmIdentifier.php +++ /dev/null @@ -1,44 +0,0 @@ -_oid = self::OID_ED25519; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'id-Ed25519'; - } - - /** - * {@inheritdoc} - */ - public function supportsKeyAlgorithm(AlgorithmIdentifier $algo): bool - { - return self::OID_ED25519 === $algo->oid(); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/Ed448AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/Ed448AlgorithmIdentifier.php deleted file mode 100644 index 3b6b270..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/Ed448AlgorithmIdentifier.php +++ /dev/null @@ -1,44 +0,0 @@ -_oid = self::OID_ED448; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'id-Ed448'; - } - - /** - * {@inheritdoc} - */ - public function supportsKeyAlgorithm(AlgorithmIdentifier $algo): bool - { - return self::OID_ED448 === $algo->oid(); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/RFC8410EdAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/RFC8410EdAlgorithmIdentifier.php deleted file mode 100644 index e1a6188..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/RFC8410EdAlgorithmIdentifier.php +++ /dev/null @@ -1,59 +0,0 @@ -_oid = self::OID_RSA_ENCRYPTION; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'rsaEncryption'; - } - - /** - * {@inheritdoc} - * - * @return self - */ - public static function fromASN1Params( - ?UnspecifiedType $params = null): SpecificAlgorithmIdentifier - { - if (!isset($params)) { - throw new \UnexpectedValueException('No parameters.'); - } - $params->asNull(); - return new self(); - } - - /** - * {@inheritdoc} - * - * @return NullType - */ - protected function _paramsASN1(): ?Element - { - return new NullType(); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/X25519AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/X25519AlgorithmIdentifier.php deleted file mode 100644 index f20005a..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/X25519AlgorithmIdentifier.php +++ /dev/null @@ -1,29 +0,0 @@ -_oid = self::OID_X25519; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'id-X25519'; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/X448AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/X448AlgorithmIdentifier.php deleted file mode 100644 index 86635b5..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Asymmetric/X448AlgorithmIdentifier.php +++ /dev/null @@ -1,29 +0,0 @@ -_oid = self::OID_X448; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'id-X448'; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AES128CBCAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AES128CBCAlgorithmIdentifier.php deleted file mode 100644 index 6e043cf..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AES128CBCAlgorithmIdentifier.php +++ /dev/null @@ -1,42 +0,0 @@ -_oid = self::OID_AES_128_CBC; - parent::__construct($iv); - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'aes128-CBC'; - } - - /** - * {@inheritdoc} - */ - public function keySize(): int - { - return 16; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AES192CBCAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AES192CBCAlgorithmIdentifier.php deleted file mode 100644 index e228f13..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AES192CBCAlgorithmIdentifier.php +++ /dev/null @@ -1,42 +0,0 @@ -_oid = self::OID_AES_192_CBC; - parent::__construct($iv); - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'aes192-CBC'; - } - - /** - * {@inheritdoc} - */ - public function keySize(): int - { - return 24; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AES256CBCAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AES256CBCAlgorithmIdentifier.php deleted file mode 100644 index e076d09..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AES256CBCAlgorithmIdentifier.php +++ /dev/null @@ -1,42 +0,0 @@ -_oid = self::OID_AES_256_CBC; - parent::__construct($iv); - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'aes256-CBC'; - } - - /** - * {@inheritdoc} - */ - public function keySize(): int - { - return 32; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AESCBCAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AESCBCAlgorithmIdentifier.php deleted file mode 100644 index 44fcb66..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/AESCBCAlgorithmIdentifier.php +++ /dev/null @@ -1,82 +0,0 @@ -_checkIVSize($iv); - $this->_initializationVector = $iv; - } - - /** - * {@inheritdoc} - * - * @return self - */ - public static function fromASN1Params( - ?UnspecifiedType $params = null): SpecificAlgorithmIdentifier - { - if (!isset($params)) { - throw new \UnexpectedValueException('No parameters.'); - } - $iv = $params->asOctetString()->string(); - return new static($iv); - } - - /** - * {@inheritdoc} - */ - public function blockSize(): int - { - return 16; - } - - /** - * {@inheritdoc} - */ - public function ivSize(): int - { - return 16; - } - - /** - * {@inheritdoc} - * - * @return OctetString - */ - protected function _paramsASN1(): ?Element - { - if (!isset($this->_initializationVector)) { - throw new \LogicException('IV not set.'); - } - return new OctetString($this->_initializationVector); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/BlockCipherAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/BlockCipherAlgorithmIdentifier.php deleted file mode 100644 index 49f0f30..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/BlockCipherAlgorithmIdentifier.php +++ /dev/null @@ -1,16 +0,0 @@ -_initializationVector; - } - - /** - * Get copy of the object with given initialization vector. - * - * @param null|string $iv Initialization vector or null to remove - * - * @throws \UnexpectedValueException If initialization vector size is invalid - */ - public function withInitializationVector(?string $iv): self - { - $this->_checkIVSize($iv); - $obj = clone $this; - $obj->_initializationVector = $iv; - return $obj; - } - - /** - * Check that initialization vector size is valid for the cipher. - * - * @throws \UnexpectedValueException - */ - protected function _checkIVSize(?string $iv): void - { - if (null !== $iv && strlen($iv) !== $this->ivSize()) { - throw new \UnexpectedValueException('Invalid IV size.'); - } - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/DESCBCAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/DESCBCAlgorithmIdentifier.php deleted file mode 100644 index e3bd9c2..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/DESCBCAlgorithmIdentifier.php +++ /dev/null @@ -1,98 +0,0 @@ -_checkIVSize($iv); - $this->_oid = self::OID_DES_CBC; - $this->_initializationVector = $iv; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'desCBC'; - } - - /** - * {@inheritdoc} - * - * @return self - */ - public static function fromASN1Params( - ?UnspecifiedType $params = null): SpecificAlgorithmIdentifier - { - if (!isset($params)) { - throw new \UnexpectedValueException('No parameters.'); - } - $iv = $params->asOctetString()->string(); - return new self($iv); - } - - /** - * {@inheritdoc} - */ - public function blockSize(): int - { - return 8; - } - - /** - * {@inheritdoc} - */ - public function keySize(): int - { - return 8; - } - - /** - * {@inheritdoc} - */ - public function ivSize(): int - { - return 8; - } - - /** - * {@inheritdoc} - * - * @return OctetString - */ - protected function _paramsASN1(): ?Element - { - if (!isset($this->_initializationVector)) { - throw new \LogicException('IV not set.'); - } - return new OctetString($this->_initializationVector); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/DESEDE3CBCAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/DESEDE3CBCAlgorithmIdentifier.php deleted file mode 100644 index 79121d6..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/DESEDE3CBCAlgorithmIdentifier.php +++ /dev/null @@ -1,99 +0,0 @@ -_checkIVSize($iv); - $this->_oid = self::OID_DES_EDE3_CBC; - $this->_initializationVector = $iv; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'des-EDE3-CBC'; - } - - /** - * {@inheritdoc} - * - * @return self - */ - public static function fromASN1Params( - ?UnspecifiedType $params = null): SpecificAlgorithmIdentifier - { - if (!isset($params)) { - throw new \UnexpectedValueException('No parameters.'); - } - $iv = $params->asOctetString()->string(); - return new self($iv); - } - - /** - * {@inheritdoc} - */ - public function blockSize(): int - { - return 8; - } - - /** - * {@inheritdoc} - */ - public function keySize(): int - { - return 24; - } - - /** - * {@inheritdoc} - */ - public function ivSize(): int - { - return 8; - } - - /** - * {@inheritdoc} - * - * @return OctetString - */ - protected function _paramsASN1(): ?Element - { - if (!isset($this->_initializationVector)) { - throw new \LogicException('IV not set.'); - } - return new OctetString($this->_initializationVector); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/RC2CBCAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/RC2CBCAlgorithmIdentifier.php deleted file mode 100644 index 52154a7..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Cipher/RC2CBCAlgorithmIdentifier.php +++ /dev/null @@ -1,215 +0,0 @@ - version - */ - private const EKB_TABLE = [ - 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, - 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0, - 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, - 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a, - 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, - 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36, - 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, - 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c, - 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, - 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60, - 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, - 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa, - 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, - 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e, - 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, - 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf, - 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, - 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6, - 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, - 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3, - 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, - 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c, - 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, - 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2, - 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, - 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5, - 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, - 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5, - 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, - 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f, - 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, - 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab - ]; - - /** - * Effective key bits. - * - * @var int - */ - protected $_effectiveKeyBits; - - /** - * Constructor. - * - * @param int $key_bits Number of effective key bits - * @param null|string $iv Initialization vector - */ - public function __construct(int $key_bits = 64, ?string $iv = null) - { - $this->_checkIVSize($iv); - $this->_oid = self::OID_RC2_CBC; - $this->_effectiveKeyBits = $key_bits; - $this->_initializationVector = $iv; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'rc2-cbc'; - } - - /** - * {@inheritdoc} - * - * @return self - */ - public static function fromASN1Params( - ?UnspecifiedType $params = null): SpecificAlgorithmIdentifier - { - if (!isset($params)) { - throw new \UnexpectedValueException('No parameters.'); - } - $key_bits = 32; - // rfc2268 a choice containing only IV - if ($params->isType(Element::TYPE_OCTET_STRING)) { - $iv = $params->asOctetString()->string(); - } else { - $seq = $params->asSequence(); - $idx = 0; - // version is optional in rfc2898 - if ($seq->has($idx, Element::TYPE_INTEGER)) { - $version = $seq->at($idx++)->asInteger()->intNumber(); - $key_bits = self::_versionToEKB($version); - } - // IV is present in all variants - $iv = $seq->at($idx)->asOctetString()->string(); - } - return new self($key_bits, $iv); - } - - /** - * Get number of effective key bits. - */ - public function effectiveKeyBits(): int - { - return $this->_effectiveKeyBits; - } - - /** - * {@inheritdoc} - */ - public function blockSize(): int - { - return 8; - } - - /** - * {@inheritdoc} - */ - public function keySize(): int - { - return (int) round($this->_effectiveKeyBits / 8); - } - - /** - * {@inheritdoc} - */ - public function ivSize(): int - { - return 8; - } - - /** - * {@inheritdoc} - * - * @return Sequence - */ - protected function _paramsASN1(): ?Element - { - if ($this->_effectiveKeyBits >= 256) { - $version = $this->_effectiveKeyBits; - } else { - $version = self::EKB_TABLE[$this->_effectiveKeyBits]; - } - if (!isset($this->_initializationVector)) { - throw new \LogicException('IV not set.'); - } - return new Sequence(new Integer($version), - new OctetString($this->_initializationVector)); - } - - /** - * Translate version number to number of effective key bits. - */ - private static function _versionToEKB(int $version): int - { - static $lut; - if ($version > 255) { - return $version; - } - if (!isset($lut)) { - $lut = array_flip(self::EKB_TABLE); - } - return $lut[$version]; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Feature/AlgorithmIdentifierType.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Feature/AlgorithmIdentifierType.php deleted file mode 100644 index 5f03e5b..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Feature/AlgorithmIdentifierType.php +++ /dev/null @@ -1,30 +0,0 @@ -_oid = $oid; - $this->_params = $params; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return $this->_oid; - } - - /** - * Get parameters. - */ - public function parameters(): ?UnspecifiedType - { - return $this->_params; - } - - /** - * {@inheritdoc} - */ - protected function _paramsASN1(): ?Element - { - return $this->_params ? $this->_params->asElement() : null; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA1AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA1AlgorithmIdentifier.php deleted file mode 100644 index 93e59b6..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA1AlgorithmIdentifier.php +++ /dev/null @@ -1,66 +0,0 @@ -_oid = self::OID_HMAC_WITH_SHA1; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'hmacWithSHA1'; - } - - /** - * {@inheritdoc} - * - * @return self - */ - public static function fromASN1Params( - ?UnspecifiedType $params = null): SpecificAlgorithmIdentifier - { - if (isset($params)) { - throw new \UnexpectedValueException('Parameters must be omitted.'); - } - return new self(); - } - - /** - * {@inheritdoc} - */ - protected function _paramsASN1(): ?Element - { - return null; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA224AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA224AlgorithmIdentifier.php deleted file mode 100644 index 766da40..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA224AlgorithmIdentifier.php +++ /dev/null @@ -1,29 +0,0 @@ -_oid = self::OID_HMAC_WITH_SHA224; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'hmacWithSHA224'; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA256AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA256AlgorithmIdentifier.php deleted file mode 100644 index ecec77f..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA256AlgorithmIdentifier.php +++ /dev/null @@ -1,29 +0,0 @@ -_oid = self::OID_HMAC_WITH_SHA256; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'hmacWithSHA256'; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA384AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA384AlgorithmIdentifier.php deleted file mode 100644 index 1867ac2..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA384AlgorithmIdentifier.php +++ /dev/null @@ -1,29 +0,0 @@ -_oid = self::OID_HMAC_WITH_SHA384; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'hmacWithSHA384'; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA512AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA512AlgorithmIdentifier.php deleted file mode 100644 index 25f720e..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/HMACWithSHA512AlgorithmIdentifier.php +++ /dev/null @@ -1,29 +0,0 @@ -_oid = self::OID_HMAC_WITH_SHA512; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'hmacWithSHA512'; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/MD5AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/MD5AlgorithmIdentifier.php deleted file mode 100644 index b592de3..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/MD5AlgorithmIdentifier.php +++ /dev/null @@ -1,85 +0,0 @@ -_oid = self::OID_MD5; - $this->_params = new NullType(); - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'md5'; - } - - /** - * {@inheritdoc} - * - * @return self - */ - public static function fromASN1Params( - ?UnspecifiedType $params = null): SpecificAlgorithmIdentifier - { - $obj = new static(); - // if parameters field is present, it must be null type - if (isset($params)) { - $obj->_params = $params->asNull(); - } - return $obj; - } - - /** - * {@inheritdoc} - * - * @return null|NullType - */ - protected function _paramsASN1(): ?Element - { - return $this->_params; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/RFC4231HMACAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/RFC4231HMACAlgorithmIdentifier.php deleted file mode 100644 index 3a7f0bb..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/RFC4231HMACAlgorithmIdentifier.php +++ /dev/null @@ -1,56 +0,0 @@ -_params = $params->asNull(); - } - return $obj; - } - - /** - * {@inheritdoc} - * - * @return null|NullType - */ - protected function _paramsASN1(): ?Element - { - return $this->_params; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA1AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA1AlgorithmIdentifier.php deleted file mode 100644 index 60ce36b..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA1AlgorithmIdentifier.php +++ /dev/null @@ -1,81 +0,0 @@ -_oid = self::OID_SHA1; - $this->_params = null; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'sha1'; - } - - /** - * {@inheritdoc} - * - * @return self - */ - public static function fromASN1Params( - ?UnspecifiedType $params = null): SpecificAlgorithmIdentifier - { - $obj = new static(); - // if parameters field is present, it must be null type - if (isset($params)) { - $obj->_params = $params->asNull(); - } - return $obj; - } - - /** - * {@inheritdoc} - * - * @return null|NullType - */ - protected function _paramsASN1(): ?Element - { - return $this->_params; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA224AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA224AlgorithmIdentifier.php deleted file mode 100644 index daf566f..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA224AlgorithmIdentifier.php +++ /dev/null @@ -1,33 +0,0 @@ -_oid = self::OID_SHA224; - parent::__construct(); - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'sha224'; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA256AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA256AlgorithmIdentifier.php deleted file mode 100644 index 22677b8..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA256AlgorithmIdentifier.php +++ /dev/null @@ -1,32 +0,0 @@ -_oid = self::OID_SHA256; - parent::__construct(); - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'sha256'; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA2AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA2AlgorithmIdentifier.php deleted file mode 100644 index ed68edd..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA2AlgorithmIdentifier.php +++ /dev/null @@ -1,71 +0,0 @@ -_params = null; - } - - /** - * {@inheritdoc} - * - * @return self - */ - public static function fromASN1Params( - ?UnspecifiedType $params = null): SpecificAlgorithmIdentifier - { - $obj = new static(); - // if parameters field is present, it must be null type - if (isset($params)) { - $obj->_params = $params->asNull(); - } - return $obj; - } - - /** - * {@inheritdoc} - * - * @return null|NullType - */ - protected function _paramsASN1(): ?Element - { - return $this->_params; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA384AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA384AlgorithmIdentifier.php deleted file mode 100644 index 846adad..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA384AlgorithmIdentifier.php +++ /dev/null @@ -1,32 +0,0 @@ -_oid = self::OID_SHA384; - parent::__construct(); - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'sha384'; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA512AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA512AlgorithmIdentifier.php deleted file mode 100644 index a38a24c..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Hash/SHA512AlgorithmIdentifier.php +++ /dev/null @@ -1,32 +0,0 @@ -_oid = self::OID_SHA512; - parent::__construct(); - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'sha512'; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA1AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA1AlgorithmIdentifier.php deleted file mode 100644 index 509c332..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA1AlgorithmIdentifier.php +++ /dev/null @@ -1,29 +0,0 @@ -_oid = self::OID_ECDSA_WITH_SHA1; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'ecdsa-with-SHA1'; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA224AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA224AlgorithmIdentifier.php deleted file mode 100644 index 00c38cb..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA224AlgorithmIdentifier.php +++ /dev/null @@ -1,29 +0,0 @@ -_oid = self::OID_ECDSA_WITH_SHA224; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'ecdsa-with-SHA224'; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA256AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA256AlgorithmIdentifier.php deleted file mode 100644 index 0ecef8b..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA256AlgorithmIdentifier.php +++ /dev/null @@ -1,29 +0,0 @@ -_oid = self::OID_ECDSA_WITH_SHA256; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'ecdsa-with-SHA256'; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA384AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA384AlgorithmIdentifier.php deleted file mode 100644 index 9b57697..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA384AlgorithmIdentifier.php +++ /dev/null @@ -1,29 +0,0 @@ -_oid = self::OID_ECDSA_WITH_SHA384; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'ecdsa-with-SHA384'; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA512AlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA512AlgorithmIdentifier.php deleted file mode 100644 index 4c2c2f5..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECDSAWithSHA512AlgorithmIdentifier.php +++ /dev/null @@ -1,29 +0,0 @@ -_oid = self::OID_ECDSA_WITH_SHA512; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'ecdsa-with-SHA512'; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECSignatureAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECSignatureAlgorithmIdentifier.php deleted file mode 100644 index 1fd0b09..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/ECSignatureAlgorithmIdentifier.php +++ /dev/null @@ -1,59 +0,0 @@ -oid(); - } - - /** - * {@inheritdoc} - */ - protected function _paramsASN1(): ?Element - { - return null; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/MD2WithRSAEncryptionAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/MD2WithRSAEncryptionAlgorithmIdentifier.php deleted file mode 100644 index ec7cb4a..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/MD2WithRSAEncryptionAlgorithmIdentifier.php +++ /dev/null @@ -1,29 +0,0 @@ -_oid = self::OID_MD2_WITH_RSA_ENCRYPTION; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'md2WithRSAEncryption'; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/MD4WithRSAEncryptionAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/MD4WithRSAEncryptionAlgorithmIdentifier.php deleted file mode 100644 index 5a3e7e2..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/MD4WithRSAEncryptionAlgorithmIdentifier.php +++ /dev/null @@ -1,29 +0,0 @@ -_oid = self::OID_MD4_WITH_RSA_ENCRYPTION; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'md4withRSAEncryption'; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/MD5WithRSAEncryptionAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/MD5WithRSAEncryptionAlgorithmIdentifier.php deleted file mode 100644 index e50eeda..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/MD5WithRSAEncryptionAlgorithmIdentifier.php +++ /dev/null @@ -1,29 +0,0 @@ -_oid = self::OID_MD5_WITH_RSA_ENCRYPTION; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'md5WithRSAEncryption'; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/RFC3279RSASignatureAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/RFC3279RSASignatureAlgorithmIdentifier.php deleted file mode 100644 index a2de151..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/RFC3279RSASignatureAlgorithmIdentifier.php +++ /dev/null @@ -1,51 +0,0 @@ -asNull(); - return new static(); - } - - /** - * {@inheritdoc} - * - * @return NullType - */ - protected function _paramsASN1(): ?Element - { - return new NullType(); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/RFC4055RSASignatureAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/RFC4055RSASignatureAlgorithmIdentifier.php deleted file mode 100644 index 001f744..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/RFC4055RSASignatureAlgorithmIdentifier.php +++ /dev/null @@ -1,65 +0,0 @@ -_params = new NullType(); - } - - /** - * {@inheritdoc} - * - * @return self - */ - public static function fromASN1Params( - ?UnspecifiedType $params = null): SpecificAlgorithmIdentifier - { - $obj = new static(); - // store parameters so re-encoding doesn't change - if (isset($params)) { - $obj->_params = $params->asElement(); - } - return $obj; - } - - /** - * {@inheritdoc} - */ - protected function _paramsASN1(): ?Element - { - return $this->_params; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/RSASignatureAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/RSASignatureAlgorithmIdentifier.php deleted file mode 100644 index 074f6a1..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/RSASignatureAlgorithmIdentifier.php +++ /dev/null @@ -1,23 +0,0 @@ -oid(); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA1WithRSAEncryptionAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA1WithRSAEncryptionAlgorithmIdentifier.php deleted file mode 100644 index 49dca5c..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA1WithRSAEncryptionAlgorithmIdentifier.php +++ /dev/null @@ -1,29 +0,0 @@ -_oid = self::OID_SHA1_WITH_RSA_ENCRYPTION; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'sha1-with-rsa-signature'; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA224WithRSAEncryptionAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA224WithRSAEncryptionAlgorithmIdentifier.php deleted file mode 100644 index 38db332..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA224WithRSAEncryptionAlgorithmIdentifier.php +++ /dev/null @@ -1,30 +0,0 @@ -_oid = self::OID_SHA224_WITH_RSA_ENCRYPTION; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'sha224WithRSAEncryption'; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA256WithRSAEncryptionAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA256WithRSAEncryptionAlgorithmIdentifier.php deleted file mode 100644 index 88fbf3c..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA256WithRSAEncryptionAlgorithmIdentifier.php +++ /dev/null @@ -1,30 +0,0 @@ -_oid = self::OID_SHA256_WITH_RSA_ENCRYPTION; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'sha256WithRSAEncryption'; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA384WithRSAEncryptionAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA384WithRSAEncryptionAlgorithmIdentifier.php deleted file mode 100644 index 84f18d7..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA384WithRSAEncryptionAlgorithmIdentifier.php +++ /dev/null @@ -1,30 +0,0 @@ -_oid = self::OID_SHA384_WITH_RSA_ENCRYPTION; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'sha384WithRSAEncryption'; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA512WithRSAEncryptionAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA512WithRSAEncryptionAlgorithmIdentifier.php deleted file mode 100644 index e4c1eba..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SHA512WithRSAEncryptionAlgorithmIdentifier.php +++ /dev/null @@ -1,30 +0,0 @@ -_oid = self::OID_SHA512_WITH_RSA_ENCRYPTION; - } - - /** - * {@inheritdoc} - */ - public function name(): string - { - return 'sha512WithRSAEncryption'; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SignatureAlgorithmIdentifierFactory.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SignatureAlgorithmIdentifierFactory.php deleted file mode 100644 index 8c63ff4..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/Signature/SignatureAlgorithmIdentifierFactory.php +++ /dev/null @@ -1,105 +0,0 @@ - AlgorithmIdentifier::OID_MD5_WITH_RSA_ENCRYPTION, - AlgorithmIdentifier::OID_SHA1 => AlgorithmIdentifier::OID_SHA1_WITH_RSA_ENCRYPTION, - AlgorithmIdentifier::OID_SHA224 => AlgorithmIdentifier::OID_SHA224_WITH_RSA_ENCRYPTION, - AlgorithmIdentifier::OID_SHA256 => AlgorithmIdentifier::OID_SHA256_WITH_RSA_ENCRYPTION, - AlgorithmIdentifier::OID_SHA384 => AlgorithmIdentifier::OID_SHA384_WITH_RSA_ENCRYPTION, - AlgorithmIdentifier::OID_SHA512 => AlgorithmIdentifier::OID_SHA512_WITH_RSA_ENCRYPTION, - ]; - - /** - * Mapping of hash algorithm OID's to EC signature algorithm OID's. - * - * @internal - * - * @var array - */ - public const MAP_EC_OID = [ - AlgorithmIdentifier::OID_SHA1 => AlgorithmIdentifier::OID_ECDSA_WITH_SHA1, - AlgorithmIdentifier::OID_SHA224 => AlgorithmIdentifier::OID_ECDSA_WITH_SHA224, - AlgorithmIdentifier::OID_SHA256 => AlgorithmIdentifier::OID_ECDSA_WITH_SHA256, - AlgorithmIdentifier::OID_SHA384 => AlgorithmIdentifier::OID_ECDSA_WITH_SHA384, - AlgorithmIdentifier::OID_SHA512 => AlgorithmIdentifier::OID_ECDSA_WITH_SHA512, - ]; - - /** - * Get signature algorithm identifier of given asymmetric cryptographic type - * utilizing given hash algorithm. - * - * @param AsymmetricCryptoAlgorithmIdentifier $crypto_algo Cryptographic algorithm identifier, eg. RSA or EC - * @param HashAlgorithmIdentifier $hash_algo Hash algorithm identifier - * - * @throws \UnexpectedValueException - */ - public static function algoForAsymmetricCrypto( - AsymmetricCryptoAlgorithmIdentifier $crypto_algo, - HashAlgorithmIdentifier $hash_algo): SignatureAlgorithmIdentifier - { - switch ($crypto_algo->oid()) { - case AlgorithmIdentifier::OID_RSA_ENCRYPTION: - $oid = self::_oidForRSA($hash_algo); - break; - case AlgorithmIdentifier::OID_EC_PUBLIC_KEY: - $oid = self::_oidForEC($hash_algo); - break; - default: - throw new \UnexpectedValueException( - sprintf('Crypto algorithm %s not supported.', - $crypto_algo->name())); - } - $cls = (new AlgorithmIdentifierFactory())->getClass($oid); - return new $cls(); - } - - /** - * Get RSA signature algorithm OID for the given hash algorithm identifier. - * - * @throws \UnexpectedValueException - */ - private static function _oidForRSA(HashAlgorithmIdentifier $hash_algo): string - { - if (!array_key_exists($hash_algo->oid(), self::MAP_RSA_OID)) { - throw new \UnexpectedValueException( - sprintf('No RSA signature algorithm for %s.', $hash_algo->name())); - } - return self::MAP_RSA_OID[$hash_algo->oid()]; - } - - /** - * Get EC signature algorithm OID for the given hash algorithm identifier. - * - * @throws \UnexpectedValueException - */ - private static function _oidForEC(HashAlgorithmIdentifier $hash_algo): string - { - if (!array_key_exists($hash_algo->oid(), self::MAP_EC_OID)) { - throw new \UnexpectedValueException( - sprintf('No EC signature algorithm for %s.', $hash_algo->name())); - } - return self::MAP_EC_OID[$hash_algo->oid()]; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/SpecificAlgorithmIdentifier.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/SpecificAlgorithmIdentifier.php deleted file mode 100644 index f5d1320..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/AlgorithmIdentifier/SpecificAlgorithmIdentifier.php +++ /dev/null @@ -1,30 +0,0 @@ -string(); - if ($bs->unusedBits()) { - // @todo pad string - throw new \RuntimeException('Unaligned bitstrings to supported'); - } - return new OctetString($str); - } - - /** - * Perform Octet-String-to-Bit-String Conversion. - * - * Defined in SEC 1 section 2.3.2. - */ - public static function octetStringToBitString(OctetString $os): BitString - { - return new BitString($os->string()); - } - - /** - * Perform Integer-to-Octet-String Conversion. - * - * Defined in SEC 1 section 2.3.7. - * - * @param int $num - * @param null|int $mlen Optional desired output length - * - * @throws \UnexpectedValueException - */ - public static function integerToOctetString(Integer $num, ?int $mlen = null): OctetString - { - $gmp = gmp_init($num->number(), 10); - $str = gmp_export($gmp, 1, GMP_MSW_FIRST | GMP_BIG_ENDIAN); - if (null !== $mlen) { - $len = strlen($str); - if ($len > $mlen) { - throw new \RangeException('Number is too large.'); - } - // pad with zeroes - if ($len < $mlen) { - $str = str_repeat("\0", $mlen - $len) . $str; - } - } - return new OctetString($str); - } - - /** - * Perform Octet-String-to-Integer Conversion. - * - * Defined in SEC 1 section 2.3.8. - * - * @return int - */ - public static function octetStringToInteger(OctetString $os): Integer - { - $num = gmp_import($os->string(), 1, GMP_MSW_FIRST | GMP_BIG_ENDIAN); - assert($num instanceof \GMP, new \RuntimeException('gmp_import() failed.')); - return new Integer(gmp_strval($num, 10)); - } - - /** - * Convert a base-10 number to octets. - * - * This is a convenicence method for integer <-> octet string conversion - * without the need for external ASN.1 dependencies. - * - * @param int|string $num Number in base-10 - * @param null|int $mlen Optional desired output length - */ - public static function numberToOctets($num, ?int $mlen = null): string - { - return self::integerToOctetString(new Integer($num), $mlen)->string(); - } - - /** - * Convert octets to a base-10 number. - * - * This is a convenicence method for integer <-> octet string conversion - * without the need for external ASN.1 dependencies. - * - * @return string Number in base-10 - */ - public static function octetsToNumber(string $str): string - { - return self::octetStringToInteger(new OctetString($str))->number(); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/EC/ECPrivateKey.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/EC/ECPrivateKey.php deleted file mode 100644 index 1649ae0..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/EC/ECPrivateKey.php +++ /dev/null @@ -1,223 +0,0 @@ -_privateKey = $private_key; - $this->_namedCurve = $named_curve; - $this->_publicKey = $public_key; - } - - /** - * Initialize from ASN.1. - * - * @throws \UnexpectedValueException - * - * @return self - */ - public static function fromASN1(Sequence $seq): ECPrivateKey - { - $version = $seq->at(0)->asInteger()->intNumber(); - if (1 !== $version) { - throw new \UnexpectedValueException('Version must be 1.'); - } - $private_key = $seq->at(1)->asOctetString()->string(); - $named_curve = null; - if ($seq->hasTagged(0)) { - $params = $seq->getTagged(0)->asExplicit(); - $named_curve = $params->asObjectIdentifier()->oid(); - } - $public_key = null; - if ($seq->hasTagged(1)) { - $public_key = $seq->getTagged(1)->asExplicit() - ->asBitString()->string(); - } - return new self($private_key, $named_curve, $public_key); - } - - /** - * Initialize from DER data. - * - * @return self - */ - public static function fromDER(string $data): ECPrivateKey - { - return self::fromASN1(UnspecifiedType::fromDER($data)->asSequence()); - } - - /** - * @see PrivateKey::fromPEM() - * - * @throws \UnexpectedValueException - * - * @return self - */ - public static function fromPEM(PEM $pem): ECPrivateKey - { - $pk = parent::fromPEM($pem); - if (!($pk instanceof self)) { - throw new \UnexpectedValueException('Not an EC private key.'); - } - return $pk; - } - - /** - * Get the EC private key value. - * - * @return string Octets of the private key - */ - public function privateKeyOctets(): string - { - return $this->_privateKey; - } - - /** - * Whether named curve is present. - */ - public function hasNamedCurve(): bool - { - return isset($this->_namedCurve); - } - - /** - * Get named curve OID. - * - * @throws \LogicException - */ - public function namedCurve(): string - { - if (!$this->hasNamedCurve()) { - throw new \LogicException('namedCurve not set.'); - } - return $this->_namedCurve; - } - - /** - * Get self with named curve. - * - * @param null|string $named_curve Named curve OID - * - * @return self - */ - public function withNamedCurve(?string $named_curve): ECPrivateKey - { - $obj = clone $this; - $obj->_namedCurve = $named_curve; - return $obj; - } - - /** - * {@inheritdoc} - */ - public function algorithmIdentifier(): AlgorithmIdentifierType - { - return new ECPublicKeyAlgorithmIdentifier($this->namedCurve()); - } - - /** - * Whether public key is present. - */ - public function hasPublicKey(): bool - { - return isset($this->_publicKey); - } - - /** - * {@inheritdoc} - * - * @return ECPublicKey - */ - public function publicKey(): PublicKey - { - if (!$this->hasPublicKey()) { - throw new \LogicException('publicKey not set.'); - } - return new ECPublicKey($this->_publicKey, $this->namedCurve()); - } - - /** - * Generate ASN.1 structure. - */ - public function toASN1(): Sequence - { - $elements = [new Integer(1), new OctetString($this->_privateKey)]; - if (isset($this->_namedCurve)) { - $elements[] = new ExplicitlyTaggedType(0, - new ObjectIdentifier($this->_namedCurve)); - } - if (isset($this->_publicKey)) { - $elements[] = new ExplicitlyTaggedType(1, - new BitString($this->_publicKey)); - } - return new Sequence(...$elements); - } - - /** - * {@inheritdoc} - */ - public function toDER(): string - { - return $this->toASN1()->toDER(); - } - - /** - * {@inheritdoc} - */ - public function toPEM(): PEM - { - return new PEM(PEM::TYPE_EC_PRIVATE_KEY, $this->toDER()); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/EC/ECPublicKey.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/EC/ECPublicKey.php deleted file mode 100644 index f8b0e93..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/EC/ECPublicKey.php +++ /dev/null @@ -1,222 +0,0 @@ -_ecPoint = $ec_point; - $this->_namedCurve = $named_curve; - } - - /** - * Initialize from curve point coordinates. - * - * @param int|string $x X coordinate as a base10 number - * @param int|string $y Y coordinate as a base10 number - * @param null|string $named_curve Named curve OID - * @param null|int $bits Size of *p* in bits - * - * @return self - */ - public static function fromCoordinates($x, $y, - ?string $named_curve = null, ?int $bits = null): ECPublicKey - { - // if bitsize is not explicitly set, check from supported curves - if (!isset($bits) && isset($named_curve)) { - $bits = self::_curveSize($named_curve); - } - $mlen = null; - if (isset($bits)) { - $mlen = (int) ceil($bits / 8); - } - $x_os = ECConversion::integerToOctetString(new Integer($x), $mlen)->string(); - $y_os = ECConversion::integerToOctetString(new Integer($y), $mlen)->string(); - $ec_point = "\x4{$x_os}{$y_os}"; - return new self($ec_point, $named_curve); - } - - /** - * @see PublicKey::fromPEM() - * - * @throws \UnexpectedValueException - * - * @return self - */ - public static function fromPEM(PEM $pem): ECPublicKey - { - if (PEM::TYPE_PUBLIC_KEY !== $pem->type()) { - throw new \UnexpectedValueException('Not a public key.'); - } - $pki = PublicKeyInfo::fromDER($pem->data()); - $algo = $pki->algorithmIdentifier(); - if (AlgorithmIdentifier::OID_EC_PUBLIC_KEY !== $algo->oid() - || !($algo instanceof ECPublicKeyAlgorithmIdentifier)) { - throw new \UnexpectedValueException('Not an elliptic curve key.'); - } - // ECPoint is directly mapped into public key data - return new self($pki->publicKeyData()->string(), $algo->namedCurve()); - } - - /** - * Get ECPoint value. - */ - public function ECPoint(): string - { - return $this->_ecPoint; - } - - /** - * Get curve point coordinates. - * - * @return string[] Tuple of X and Y coordinates as base-10 numbers - */ - public function curvePoint(): array - { - return array_map( - function ($str) { - return ECConversion::octetsToNumber($str); - }, $this->curvePointOctets()); - } - - /** - * Get curve point coordinates in octet string representation. - * - * @return string[] tuple of X and Y field elements as a string - */ - public function curvePointOctets(): array - { - if ($this->isCompressed()) { - throw new \RuntimeException('EC point compression not supported.'); - } - $str = substr($this->_ecPoint, 1); - [$x, $y] = str_split($str, (int) floor(strlen($str) / 2)); - return [$x, $y]; - } - - /** - * Whether ECPoint is in compressed form. - */ - public function isCompressed(): bool - { - $c = ord($this->_ecPoint[0]); - return 4 !== $c; - } - - /** - * Whether named curve is present. - */ - public function hasNamedCurve(): bool - { - return isset($this->_namedCurve); - } - - /** - * Get named curve OID. - * - * @throws \LogicException - */ - public function namedCurve(): string - { - if (!$this->hasNamedCurve()) { - throw new \LogicException('namedCurve not set.'); - } - return $this->_namedCurve; - } - - /** - * {@inheritdoc} - */ - public function algorithmIdentifier(): AlgorithmIdentifierType - { - return new ECPublicKeyAlgorithmIdentifier($this->namedCurve()); - } - - /** - * Generate ASN.1 element. - */ - public function toASN1(): OctetString - { - return new OctetString($this->_ecPoint); - } - - /** - * {@inheritdoc} - */ - public function toDER(): string - { - return $this->toASN1()->toDER(); - } - - /** - * {@inheritdoc} - * - * @see https://tools.ietf.org/html/rfc5480#section-2.2 - */ - public function subjectPublicKey(): BitString - { - // ECPoint is directly mapped to subjectPublicKey - return new BitString($this->_ecPoint); - } - - /** - * Get the curve size *p* in bits. - * - * @param string $oid Curve OID - */ - private static function _curveSize(string $oid): ?int - { - if (!array_key_exists($oid, ECPublicKeyAlgorithmIdentifier::MAP_CURVE_TO_SIZE)) { - return null; - } - return ECPublicKeyAlgorithmIdentifier::MAP_CURVE_TO_SIZE[$oid]; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/OneAsymmetricKey.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/OneAsymmetricKey.php deleted file mode 100644 index 5e7099e..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/OneAsymmetricKey.php +++ /dev/null @@ -1,359 +0,0 @@ -_version = self::VERSION_2; - $this->_algo = $algo; - $this->_privateKeyData = $key; - $this->_attributes = $attributes; - $this->_publicKeyData = $public_key; - } - - /** - * Initialize from ASN.1. - * - * @throws \UnexpectedValueException - */ - public static function fromASN1(Sequence $seq): self - { - $version = $seq->at(0)->asInteger()->intNumber(); - if (!in_array($version, [self::VERSION_1, self::VERSION_2])) { - throw new \UnexpectedValueException( - "Version {$version} not supported."); - } - $algo = AlgorithmIdentifier::fromASN1($seq->at(1)->asSequence()); - $key = $seq->at(2)->asOctetString()->string(); - $attribs = null; - if ($seq->hasTagged(0)) { - $attribs = OneAsymmetricKeyAttributes::fromASN1($seq->getTagged(0) - ->asImplicit(Element::TYPE_SET)->asSet()); - } - $pubkey = null; - if ($seq->hasTagged(1)) { - $pubkey = $seq->getTagged(1) - ->asImplicit(Element::TYPE_BIT_STRING)->asBitString(); - } - $obj = new static($algo, $key, $attribs, $pubkey); - $obj->_version = $version; - return $obj; - } - - /** - * Initialize from DER data. - */ - public static function fromDER(string $data): self - { - return self::fromASN1(UnspecifiedType::fromDER($data)->asSequence()); - } - - /** - * Initialize from a `PrivateKey`. - * - * Note that `OneAsymmetricKey` <-> `PrivateKey` conversions may not be - * bidirectional with all key types, since `OneAsymmetricKey` may include - * attributes as well the public key that are not conveyed in a specific - * `PrivateKey` object. - */ - public static function fromPrivateKey(PrivateKey $private_key): self - { - return new static( - $private_key->algorithmIdentifier(), - $private_key->privateKeyData() - ); - } - - /** - * Initialize from PEM. - * - * @throws \UnexpectedValueException If PEM type is not supported - */ - public static function fromPEM(PEM $pem): self - { - switch ($pem->type()) { - case PEM::TYPE_PRIVATE_KEY: - return self::fromDER($pem->data()); - case PEM::TYPE_RSA_PRIVATE_KEY: - return self::fromPrivateKey( - RSA\RSAPrivateKey::fromDER($pem->data())); - case PEM::TYPE_EC_PRIVATE_KEY: - return self::fromPrivateKey( - EC\ECPrivateKey::fromDER($pem->data())); - } - throw new \UnexpectedValueException('Invalid PEM type.'); - } - - /** - * Get self with version set. - */ - public function withVersion(int $version): self - { - $obj = clone $this; - $obj->_version = $version; - return $obj; - } - - /** - * Get version number. - */ - public function version(): int - { - return $this->_version; - } - - /** - * Get algorithm identifier. - */ - public function algorithmIdentifier(): AlgorithmIdentifierType - { - return $this->_algo; - } - - /** - * Get private key data. - */ - public function privateKeyData(): string - { - return $this->_privateKeyData; - } - - /** - * Get private key. - * - * @throws \RuntimeException - */ - public function privateKey(): PrivateKey - { - $algo = $this->algorithmIdentifier(); - switch ($algo->oid()) { - // RSA - case AlgorithmIdentifier::OID_RSA_ENCRYPTION: - return RSA\RSAPrivateKey::fromDER($this->_privateKeyData); - // elliptic curve - case AlgorithmIdentifier::OID_EC_PUBLIC_KEY: - $pk = EC\ECPrivateKey::fromDER($this->_privateKeyData); - // NOTE: OpenSSL strips named curve from ECPrivateKey structure - // when serializing into PrivateKeyInfo. However RFC 5915 dictates - // that parameters (NamedCurve) must always be included. - // If private key doesn't encode named curve, assign from parameters. - if (!$pk->hasNamedCurve()) { - if (!$algo instanceof ECPublicKeyAlgorithmIdentifier) { - throw new \UnexpectedValueException('Not an EC algorithm.'); - } - $pk = $pk->withNamedCurve($algo->namedCurve()); - } - return $pk; - // Ed25519 - case AlgorithmIdentifier::OID_ED25519: - $pubkey = $this->_publicKeyData ? - $this->_publicKeyData->string() : null; - // RFC 8410 defines `CurvePrivateKey ::= OCTET STRING` that - // is encoded into private key data. So Ed25519 private key - // is doubly wrapped into octet string encodings. - return RFC8410\Curve25519\Ed25519PrivateKey::fromOctetString( - OctetString::fromDER($this->_privateKeyData), $pubkey) - ->withVersion($this->_version) - ->withAttributes($this->_attributes); - // X25519 - case AlgorithmIdentifier::OID_X25519: - $pubkey = $this->_publicKeyData ? - $this->_publicKeyData->string() : null; - return RFC8410\Curve25519\X25519PrivateKey::fromOctetString( - OctetString::fromDER($this->_privateKeyData), $pubkey) - ->withVersion($this->_version) - ->withAttributes($this->_attributes); - // Ed448 - case AlgorithmIdentifier::OID_ED448: - $pubkey = $this->_publicKeyData ? - $this->_publicKeyData->string() : null; - return RFC8410\Curve448\Ed448PrivateKey::fromOctetString( - OctetString::fromDER($this->_privateKeyData), $pubkey) - ->withVersion($this->_version) - ->withAttributes($this->_attributes); - // X448 - case AlgorithmIdentifier::OID_X448: - $pubkey = $this->_publicKeyData ? - $this->_publicKeyData->string() : null; - return RFC8410\Curve448\X448PrivateKey::fromOctetString( - OctetString::fromDER($this->_privateKeyData), $pubkey) - ->withVersion($this->_version) - ->withAttributes($this->_attributes); - } - throw new \RuntimeException( - 'Private key ' . $algo->name() . ' not supported.'); - } - - /** - * Get public key info corresponding to the private key. - */ - public function publicKeyInfo(): PublicKeyInfo - { - // if public key is explicitly defined - if ($this->hasPublicKeyData()) { - return new PublicKeyInfo($this->_algo, $this->_publicKeyData); - } - // else derive from private key - return $this->privateKey()->publicKey()->publicKeyInfo(); - } - - /** - * Whether attributes are present. - */ - public function hasAttributes(): bool - { - return isset($this->_attributes); - } - - /** - * Get attributes. - * - * @throws \LogicException If attributes are not present - */ - public function attributes(): OneAsymmetricKeyAttributes - { - if (!$this->hasAttributes()) { - throw new \LogicException('Attributes not set.'); - } - return $this->_attributes; - } - - /** - * Whether explicit public key data is present. - */ - public function hasPublicKeyData(): bool - { - return isset($this->_publicKeyData); - } - - /** - * Get the explicit public key data. - * - * @return \LogicException If public key is not present - */ - public function publicKeyData(): BitString - { - if (!$this->hasPublicKeyData()) { - throw new \LogicException('No explicit public key.'); - } - return $this->_publicKeyData; - } - - /** - * Generate ASN.1 structure. - */ - public function toASN1(): Sequence - { - $elements = [ - new Integer($this->_version), - $this->_algo->toASN1(), - new OctetString($this->_privateKeyData) - ]; - if ($this->_attributes) { - $elements[] = new ImplicitlyTaggedType(0, - $this->_attributes->toASN1()); - } - if ($this->_publicKeyData) { - $elements[] = new ImplicitlyTaggedType(1, $this->_publicKeyData); - } - return new Sequence(...$elements); - } - - /** - * Generate DER encoding. - */ - public function toDER(): string - { - return $this->toASN1()->toDER(); - } - - /** - * Generate PEM. - */ - public function toPEM(): PEM - { - return new PEM(PEM::TYPE_PRIVATE_KEY, $this->toDER()); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PrivateKey.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PrivateKey.php deleted file mode 100644 index c3b4bea..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PrivateKey.php +++ /dev/null @@ -1,74 +0,0 @@ -toDER(); - } - - /** - * Get the private key as a PrivateKeyInfo type. - */ - public function privateKeyInfo(): PrivateKeyInfo - { - return PrivateKeyInfo::fromPrivateKey($this); - } - - /** - * Initialize private key from PEM. - * - * @throws \UnexpectedValueException - * - * @return PrivateKey - */ - public static function fromPEM(PEM $pem) - { - switch ($pem->type()) { - case PEM::TYPE_RSA_PRIVATE_KEY: - return RSA\RSAPrivateKey::fromDER($pem->data()); - case PEM::TYPE_EC_PRIVATE_KEY: - return EC\ECPrivateKey::fromDER($pem->data()); - case PEM::TYPE_PRIVATE_KEY: - return PrivateKeyInfo::fromDER($pem->data())->privateKey(); - } - throw new \UnexpectedValueException( - 'PEM type ' . $pem->type() . ' is not a valid private key.'); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PrivateKeyInfo.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PrivateKeyInfo.php deleted file mode 100644 index f1a946e..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PrivateKeyInfo.php +++ /dev/null @@ -1,33 +0,0 @@ -_version = parent::VERSION_1; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PublicKey.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PublicKey.php deleted file mode 100644 index 8b7e581..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PublicKey.php +++ /dev/null @@ -1,60 +0,0 @@ -toDER()); - } - - /** - * Get the public key as a PublicKeyInfo type. - */ - public function publicKeyInfo(): PublicKeyInfo - { - return PublicKeyInfo::fromPublicKey($this); - } - - /** - * Initialize public key from PEM. - * - * @throws \UnexpectedValueException - * - * @return PublicKey - */ - public static function fromPEM(PEM $pem) - { - switch ($pem->type()) { - case PEM::TYPE_RSA_PUBLIC_KEY: - return RSA\RSAPublicKey::fromDER($pem->data()); - case PEM::TYPE_PUBLIC_KEY: - return PublicKeyInfo::fromPEM($pem)->publicKey(); - } - throw new \UnexpectedValueException( - 'PEM type ' . $pem->type() . ' is not a valid public key.'); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PublicKeyInfo.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PublicKeyInfo.php deleted file mode 100644 index 176b57b..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/PublicKeyInfo.php +++ /dev/null @@ -1,197 +0,0 @@ -_algo = $algo; - $this->_publicKey = $key; - } - - /** - * Initialize from ASN.1. - */ - public static function fromASN1(Sequence $seq): self - { - $algo = AlgorithmIdentifier::fromASN1($seq->at(0)->asSequence()); - $key = $seq->at(1)->asBitString(); - return new self($algo, $key); - } - - /** - * Initialize from a PublicKey. - */ - public static function fromPublicKey(PublicKey $key): self - { - return new self($key->algorithmIdentifier(), $key->subjectPublicKey()); - } - - /** - * Initialize from PEM. - * - * @throws \UnexpectedValueException - */ - public static function fromPEM(PEM $pem): self - { - switch ($pem->type()) { - case PEM::TYPE_PUBLIC_KEY: - return self::fromDER($pem->data()); - case PEM::TYPE_RSA_PUBLIC_KEY: - return RSA\RSAPublicKey::fromDER($pem->data())->publicKeyInfo(); - } - throw new \UnexpectedValueException('Invalid PEM type.'); - } - - /** - * Initialize from DER data. - */ - public static function fromDER(string $data): self - { - return self::fromASN1(UnspecifiedType::fromDER($data)->asSequence()); - } - - /** - * Get algorithm identifier. - */ - public function algorithmIdentifier(): AlgorithmIdentifierType - { - return $this->_algo; - } - - /** - * Get public key data. - */ - public function publicKeyData(): BitString - { - return $this->_publicKey; - } - - /** - * Get public key. - * - * @throws \RuntimeException - */ - public function publicKey(): PublicKey - { - $algo = $this->algorithmIdentifier(); - switch ($algo->oid()) { - // RSA - case AlgorithmIdentifier::OID_RSA_ENCRYPTION: - return RSA\RSAPublicKey::fromDER($this->_publicKey->string()); - // Elliptic Curve - case AlgorithmIdentifier::OID_EC_PUBLIC_KEY: - if (!$algo instanceof ECPublicKeyAlgorithmIdentifier) { - throw new \UnexpectedValueException('Not an EC algorithm.'); - } - // ECPoint is directly mapped into public key data - return new EC\ECPublicKey($this->_publicKey->string(), - $algo->namedCurve()); - // Ed25519 - case AlgorithmIdentifier::OID_ED25519: - return new RFC8410\Curve25519\Ed25519PublicKey( - $this->_publicKey->string()); - // X25519 - case AlgorithmIdentifier::OID_X25519: - return new RFC8410\Curve25519\X25519PublicKey( - $this->_publicKey->string()); - // Ed448 - case AlgorithmIdentifier::OID_ED448: - return new RFC8410\Curve448\Ed448PublicKey( - $this->_publicKey->string()); - // X448 - case AlgorithmIdentifier::OID_X448: - return new RFC8410\Curve448\X448PublicKey( - $this->_publicKey->string()); - } - throw new \RuntimeException( - 'Public key ' . $algo->name() . ' not supported.'); - } - - /** - * Get key identifier using method 1 as described by RFC 5280. - * - * @see https://tools.ietf.org/html/rfc5280#section-4.2.1.2 - * - * @return string 20 bytes (160 bits) long identifier - */ - public function keyIdentifier(): string - { - return sha1($this->_publicKey->string(), true); - } - - /** - * Get key identifier using method 2 as described by RFC 5280. - * - * @see https://tools.ietf.org/html/rfc5280#section-4.2.1.2 - * - * @return string 8 bytes (64 bits) long identifier - */ - public function keyIdentifier64(): string - { - $id = substr($this->keyIdentifier(), -8); - $c = (ord($id[0]) & 0x0f) | 0x40; - $id[0] = chr($c); - return $id; - } - - /** - * Generate ASN.1 structure. - */ - public function toASN1(): Sequence - { - return new Sequence($this->_algo->toASN1(), $this->_publicKey); - } - - /** - * Generate DER encoding. - */ - public function toDER(): string - { - return $this->toASN1()->toDER(); - } - - /** - * Generate PEM. - */ - public function toPEM(): PEM - { - return new PEM(PEM::TYPE_PUBLIC_KEY, $this->toDER()); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/Curve25519PrivateKey.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/Curve25519PrivateKey.php deleted file mode 100644 index 5e11fdf..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/Curve25519PrivateKey.php +++ /dev/null @@ -1,34 +0,0 @@ -hasPublicKey()) { - throw new \LogicException('Public key not set.'); - } - return new Ed25519PublicKey($this->_publicKeyData); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/Ed25519PublicKey.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/Ed25519PublicKey.php deleted file mode 100644 index f111459..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/Ed25519PublicKey.php +++ /dev/null @@ -1,24 +0,0 @@ -hasPublicKey()) { - throw new \LogicException('Public key not set.'); - } - return new X25519PublicKey($this->_publicKeyData); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/X25519PublicKey.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/X25519PublicKey.php deleted file mode 100644 index b9abd45..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve25519/X25519PublicKey.php +++ /dev/null @@ -1,24 +0,0 @@ -hasPublicKey()) { - throw new \LogicException('Public key not set.'); - } - return new Ed448PublicKey($this->_publicKeyData); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve448/Ed448PublicKey.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve448/Ed448PublicKey.php deleted file mode 100644 index aa499ae..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve448/Ed448PublicKey.php +++ /dev/null @@ -1,39 +0,0 @@ -hasPublicKey()) { - throw new \LogicException('Public key not set.'); - } - return new X448PublicKey($this->_publicKeyData); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve448/X448PublicKey.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve448/X448PublicKey.php deleted file mode 100644 index 7af5227..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/Curve448/X448PublicKey.php +++ /dev/null @@ -1,39 +0,0 @@ -_privateKeyData = $private_key; - $this->_publicKeyData = $public_key; - $this->_version = OneAsymmetricKey::VERSION_2; - $this->_attributes = null; - } - - /** - * Initialize from `CurvePrivateKey` OctetString. - * - * @param OctetString $str Private key data wrapped into OctetString - * @param null|string $public_key Optional public key data - */ - public static function fromOctetString(OctetString $str, - ?string $public_key = null): self - { - return new static($str->string(), $public_key); - } - - /** - * Get self with version number. - */ - public function withVersion(int $version): self - { - $obj = clone $this; - $obj->_version = $version; - return $obj; - } - - /** - * Get self with attributes. - */ - public function withAttributes(?OneAsymmetricKeyAttributes $attribs): self - { - $obj = clone $this; - $obj->_attributes = $attribs; - return $obj; - } - - /** - * {@inheritdoc} - */ - public function privateKeyData(): string - { - return $this->_privateKeyData; - } - - /** - * Whether public key is set. - */ - public function hasPublicKey(): bool - { - return isset($this->_publicKeyData); - } - - /** - * Generate ASN.1 structure. - */ - public function toASN1(): OctetString - { - return new OctetString($this->_privateKeyData); - } - - /** - * {@inheritdoc} - */ - public function toDER(): string - { - return $this->toASN1()->toDER(); - } - - /** - * {@inheritdoc} - */ - public function toPEM(): PEM - { - $pub = $this->_publicKeyData ? - new BitString($this->_publicKeyData) : null; - $pki = new OneAsymmetricKey($this->algorithmIdentifier(), - $this->toDER(), $this->_attributes, $pub); - return $pki->withVersion($this->_version)->toPEM(); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/RFC8410PublicKey.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/RFC8410PublicKey.php deleted file mode 100644 index 6a18542..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RFC8410/RFC8410PublicKey.php +++ /dev/null @@ -1,52 +0,0 @@ -_publicKey = $public_key; - } - - /** - * {@inheritdoc} - */ - public function toDER(): string - { - throw new \LogicException("RFC 8410 public key doesn't have a DER encoding."); - } - - /** - * {@inheritdoc} - */ - public function subjectPublicKey(): BitString - { - return new BitString($this->_publicKey); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RSA/RSAPrivateKey.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RSA/RSAPrivateKey.php deleted file mode 100644 index 15bf587..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RSA/RSAPrivateKey.php +++ /dev/null @@ -1,286 +0,0 @@ -_modulus = strval($n); - $this->_publicExponent = strval($e); - $this->_privateExponent = strval($d); - $this->_prime1 = strval($p); - $this->_prime2 = strval($q); - $this->_exponent1 = strval($dp); - $this->_exponent2 = strval($dq); - $this->_coefficient = strval($qi); - } - - /** - * Initialize from ASN.1. - * - * @throws \UnexpectedValueException - * - * @return self - */ - public static function fromASN1(Sequence $seq): RSAPrivateKey - { - $version = $seq->at(0)->asInteger()->intNumber(); - if (0 !== $version) { - throw new \UnexpectedValueException('Version must be 0.'); - } - // helper function get integer from given index - $get_int = function ($idx) use ($seq) { - return $seq->at($idx)->asInteger()->number(); - }; - $n = $get_int(1); - $e = $get_int(2); - $d = $get_int(3); - $p = $get_int(4); - $q = $get_int(5); - $dp = $get_int(6); - $dq = $get_int(7); - $qi = $get_int(8); - return new self($n, $e, $d, $p, $q, $dp, $dq, $qi); - } - - /** - * Initialize from DER data. - * - * @return self - */ - public static function fromDER(string $data): RSAPrivateKey - { - return self::fromASN1(UnspecifiedType::fromDER($data)->asSequence()); - } - - /** - * @see PrivateKey::fromPEM() - * - * @throws \UnexpectedValueException - * - * @return self - */ - public static function fromPEM(PEM $pem): RSAPrivateKey - { - $pk = parent::fromPEM($pem); - if (!($pk instanceof self)) { - throw new \UnexpectedValueException('Not an RSA private key.'); - } - return $pk; - } - - /** - * Get modulus. - * - * @return string Base 10 integer - */ - public function modulus(): string - { - return $this->_modulus; - } - - /** - * Get public exponent. - * - * @return string Base 10 integer - */ - public function publicExponent(): string - { - return $this->_publicExponent; - } - - /** - * Get private exponent. - * - * @return string Base 10 integer - */ - public function privateExponent(): string - { - return $this->_privateExponent; - } - - /** - * Get first prime factor. - * - * @return string Base 10 integer - */ - public function prime1(): string - { - return $this->_prime1; - } - - /** - * Get second prime factor. - * - * @return string Base 10 integer - */ - public function prime2(): string - { - return $this->_prime2; - } - - /** - * Get first factor exponent. - * - * @return string Base 10 integer - */ - public function exponent1(): string - { - return $this->_exponent1; - } - - /** - * Get second factor exponent. - * - * @return string Base 10 integer - */ - public function exponent2(): string - { - return $this->_exponent2; - } - - /** - * Get CRT coefficient of the second factor. - * - * @return string Base 10 integer - */ - public function coefficient(): string - { - return $this->_coefficient; - } - - /** - * {@inheritdoc} - */ - public function algorithmIdentifier(): AlgorithmIdentifierType - { - return new RSAEncryptionAlgorithmIdentifier(); - } - - /** - * {@inheritdoc} - * - * @return RSAPublicKey - */ - public function publicKey(): PublicKey - { - return new RSAPublicKey($this->_modulus, $this->_publicExponent); - } - - /** - * Generate ASN.1 structure. - */ - public function toASN1(): Sequence - { - return new Sequence(new Integer(0), - new Integer($this->_modulus), - new Integer($this->_publicExponent), - new Integer($this->_privateExponent), - new Integer($this->_prime1), - new Integer($this->_prime2), - new Integer($this->_exponent1), - new Integer($this->_exponent2), - new Integer($this->_coefficient)); - } - - /** - * {@inheritdoc} - */ - public function toDER(): string - { - return $this->toASN1()->toDER(); - } - - /** - * {@inheritdoc} - */ - public function toPEM(): PEM - { - return new PEM(PEM::TYPE_RSA_PRIVATE_KEY, $this->toDER()); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RSA/RSAPublicKey.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RSA/RSAPublicKey.php deleted file mode 100644 index b4e55d4..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Asymmetric/RSA/RSAPublicKey.php +++ /dev/null @@ -1,147 +0,0 @@ -_modulus = strval($n); - $this->_publicExponent = strval($e); - } - - /** - * Initialize from ASN.1. - * - * @return self - */ - public static function fromASN1(Sequence $seq): RSAPublicKey - { - $n = $seq->at(0)->asInteger()->number(); - $e = $seq->at(1)->asInteger()->number(); - return new self($n, $e); - } - - /** - * Initialize from DER data. - * - * @return self - */ - public static function fromDER(string $data): RSAPublicKey - { - return self::fromASN1(UnspecifiedType::fromDER($data)->asSequence()); - } - - /** - * @see PublicKey::fromPEM() - * - * @throws \UnexpectedValueException - * - * @return self - */ - public static function fromPEM(PEM $pem): RSAPublicKey - { - switch ($pem->type()) { - case PEM::TYPE_RSA_PUBLIC_KEY: - return self::fromDER($pem->data()); - case PEM::TYPE_PUBLIC_KEY: - $pki = PublicKeyInfo::fromDER($pem->data()); - if (AlgorithmIdentifier::OID_RSA_ENCRYPTION !== - $pki->algorithmIdentifier()->oid()) { - throw new \UnexpectedValueException('Not an RSA public key.'); - } - return self::fromDER($pki->publicKeyData()->string()); - } - throw new \UnexpectedValueException('Invalid PEM type ' . $pem->type()); - } - - /** - * Get modulus. - * - * @return string Base 10 integer - */ - public function modulus(): string - { - return $this->_modulus; - } - - /** - * Get public exponent. - * - * @return string Base 10 integer - */ - public function publicExponent(): string - { - return $this->_publicExponent; - } - - /** - * {@inheritdoc} - */ - public function algorithmIdentifier(): AlgorithmIdentifierType - { - return new RSAEncryptionAlgorithmIdentifier(); - } - - /** - * Generate ASN.1 structure. - */ - public function toASN1(): Sequence - { - return new Sequence(new Integer($this->_modulus), - new Integer($this->_publicExponent)); - } - - /** - * {@inheritdoc} - */ - public function toDER(): string - { - return $this->toASN1()->toDER(); - } - - /** - * Generate PEM. - */ - public function toPEM(): PEM - { - return new PEM(PEM::TYPE_RSA_PUBLIC_KEY, $this->toDER()); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/ECSignature.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/ECSignature.php deleted file mode 100644 index 808f8e6..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/ECSignature.php +++ /dev/null @@ -1,108 +0,0 @@ -_r = strval($r); - $this->_s = strval($s); - } - - /** - * Initialize from ASN.1. - */ - public static function fromASN1(Sequence $seq): self - { - $r = $seq->at(0)->asInteger()->number(); - $s = $seq->at(1)->asInteger()->number(); - return new self($r, $s); - } - - /** - * Initialize from DER. - */ - public static function fromDER(string $data): self - { - return self::fromASN1(UnspecifiedType::fromDER($data)->asSequence()); - } - - /** - * Get the r-value. - * - * @return string Base 10 integer string - */ - public function r(): string - { - return $this->_r; - } - - /** - * Get the s-value. - * - * @return string Base 10 integer string - */ - public function s(): string - { - return $this->_s; - } - - /** - * Generate ASN.1 structure. - */ - public function toASN1(): Sequence - { - return new Sequence(new Integer($this->_r), new Integer($this->_s)); - } - - /** - * Get DER encoding of the signature. - */ - public function toDER(): string - { - return $this->toASN1()->toDER(); - } - - /** - * {@inheritdoc} - */ - public function bitString(): BitString - { - return new BitString($this->toDER()); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/Ed25519Signature.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/Ed25519Signature.php deleted file mode 100644 index 4d50108..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/Ed25519Signature.php +++ /dev/null @@ -1,44 +0,0 @@ -_signature = $signature; - } - - /** - * {@inheritdoc} - */ - public function bitString(): BitString - { - return new BitString($this->_signature); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/Ed448Signature.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/Ed448Signature.php deleted file mode 100644 index 9090a38..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/Ed448Signature.php +++ /dev/null @@ -1,44 +0,0 @@ -_signature = $signature; - } - - /** - * {@inheritdoc} - */ - public function bitString(): BitString - { - return new BitString($this->_signature); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/GenericSignature.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/GenericSignature.php deleted file mode 100644 index 4e6635a..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/GenericSignature.php +++ /dev/null @@ -1,56 +0,0 @@ -_signature = $signature; - $this->_signatureAlgorithm = $algo; - } - - /** - * Get the signature algorithm. - */ - public function signatureAlgorithm(): AlgorithmIdentifierType - { - return $this->_signatureAlgorithm; - } - - /** - * {@inheritdoc} - */ - public function bitString(): BitString - { - return $this->_signature; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/RSASignature.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/RSASignature.php deleted file mode 100644 index cf3710d..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/RSASignature.php +++ /dev/null @@ -1,58 +0,0 @@ -_signature = strval($signature); - return $obj; - } - - /** - * {@inheritdoc} - */ - public function bitString(): BitString - { - return new BitString($this->_signature); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/Signature.php b/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/Signature.php deleted file mode 100644 index 75ad8c0..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/crypto-types/lib/CryptoTypes/Signature/Signature.php +++ /dev/null @@ -1,49 +0,0 @@ -=7.2 -- intl -- mbstring -- [sop/asn1](https://github.com/sop/asn1) - -## Installation - -This library is available on -[Packagist](https://packagist.org/packages/sop/x501). - - composer require sop/x501 - -## License - -This project is licensed under the MIT License. diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/composer.json b/utilities/signing_and_verification/php/vendor/sop/x501/composer.json deleted file mode 100644 index 0901490..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/composer.json +++ /dev/null @@ -1,38 +0,0 @@ -{ - "name": "sop/x501", - "description": "A PHP library for X.501 ASN.1 types, X.520 attributes and DN parsing.", - "homepage": "https://github.com/sop/x501", - "license": "MIT", - "type": "library", - "keywords": [ - "x501", - "x.501", - "x520", - "x.520", - "ldap", - "dn", - "rdn", - "attribute" - ], - "authors": [ - { - "name": "Joni Eskelinen", - "email": "jonieske@gmail.com", - "role": "Developer" - } - ], - "require": { - "php": ">=7.2", - "ext-intl": "*", - "ext-mbstring": "*", - "sop/asn1": "^4.0.0" - }, - "require-dev": { - "phpunit/phpunit": "^8.1" - }, - "autoload": { - "psr-4": { - "Sop\\X501\\": "lib/X501/" - } - } -} \ No newline at end of file diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Attribute.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Attribute.php deleted file mode 100644 index 9b3c08a..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Attribute.php +++ /dev/null @@ -1,176 +0,0 @@ -oid() !== $type->oid()) { - throw new \LogicException('Attribute OID mismatch.'); - } - } - $this->_type = $type; - $this->_values = $values; - } - - /** - * Initialize from ASN.1. - * - * @param Sequence $seq - * - * @return self - */ - public static function fromASN1(Sequence $seq): self - { - $type = AttributeType::fromASN1($seq->at(0)->asObjectIdentifier()); - $values = array_map( - function (UnspecifiedType $el) use ($type) { - return AttributeValue::fromASN1ByOID($type->oid(), $el); - }, $seq->at(1)->asSet()->elements()); - return new self($type, ...$values); - } - - /** - * Convenience method to initialize from attribute values. - * - * @param AttributeValue ...$values One or more values - * - * @throws \LogicException - * - * @return self - */ - public static function fromAttributeValues(AttributeValue ...$values): self - { - // we need at least one value to determine OID - if (!count($values)) { - throw new \LogicException('No values.'); - } - $oid = reset($values)->oid(); - return new self(new AttributeType($oid), ...$values); - } - - /** - * Get first value of the attribute. - * - * @throws \LogicException - * - * @return AttributeValue - */ - public function first(): AttributeValue - { - if (!count($this->_values)) { - throw new \LogicException('Attribute contains no values.'); - } - return $this->_values[0]; - } - - /** - * Get all values. - * - * @return AttributeValue[] - */ - public function values(): array - { - return $this->_values; - } - - /** - * Generate ASN.1 structure. - * - * @return Sequence - */ - public function toASN1(): Sequence - { - $values = array_map( - function (AttributeValue $value) { - return $value->toASN1(); - }, $this->_values); - $valueset = new Set(...$values); - return new Sequence($this->_type->toASN1(), $valueset->sortedSetOf()); - } - - /** - * Cast attribute values to another AttributeValue class. - * - * This method is generally used to cast UnknownAttributeValue values - * to specific objects when class is declared outside this package. - * - * The new class must be derived from AttributeValue and have the same OID - * as current attribute values. - * - * @param string $cls AttributeValue class name - * - * @throws \LogicException - * - * @return self - */ - public function castValues(string $cls): self - { - // check that target class derives from AttributeValue - if (!is_subclass_of($cls, AttributeValue::class)) { - throw new \LogicException(sprintf( - '%s must be derived from %s.', $cls, AttributeValue::class)); - } - $values = array_map( - function (AttributeValue $value) use ($cls) { - /** @var AttributeValue $cls Class name as a string */ - $value = $cls::fromSelf($value); - if ($value->oid() !== $this->oid()) { - throw new \LogicException('Attribute OID mismatch.'); - } - return $value; - }, $this->_values); - return self::fromAttributeValues(...$values); - } - - /** - * @see \Countable::count() - * - * @return int - */ - public function count(): int - { - return count($this->_values); - } - - /** - * @see \IteratorAggregate::getIterator() - * - * @return \ArrayIterator - */ - public function getIterator(): \ArrayIterator - { - return new \ArrayIterator($this->_values); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeType.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeType.php deleted file mode 100644 index c9c58d4..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeType.php +++ /dev/null @@ -1,457 +0,0 @@ - Element::TYPE_PRINTABLE_STRING, - self::OID_COUNTRY_NAME => Element::TYPE_PRINTABLE_STRING, - self::OID_SERIAL_NUMBER => Element::TYPE_PRINTABLE_STRING, - ]; - - /** - * OID to attribute names mapping. - * - * First name is the primary name. If there's more than one name, others may - * be used as an alias. - * - * Generated using ldap-attribs.py. - * - * @internal - * - * @var array - */ - const MAP_OID_TO_NAME = [ - '0.9.2342.19200300.100.1.1' => ['uid', 'userid'], - '0.9.2342.19200300.100.1.2' => ['textEncodedORAddress'], - '0.9.2342.19200300.100.1.3' => ['mail', 'rfc822Mailbox'], - '0.9.2342.19200300.100.1.4' => ['info'], - '0.9.2342.19200300.100.1.5' => ['drink', 'favouriteDrink'], - '0.9.2342.19200300.100.1.6' => ['roomNumber'], - '0.9.2342.19200300.100.1.7' => ['photo'], - '0.9.2342.19200300.100.1.8' => ['userClass'], - '0.9.2342.19200300.100.1.9' => ['host'], - '0.9.2342.19200300.100.1.10' => ['manager'], - '0.9.2342.19200300.100.1.11' => ['documentIdentifier'], - '0.9.2342.19200300.100.1.12' => ['documentTitle'], - '0.9.2342.19200300.100.1.13' => ['documentVersion'], - '0.9.2342.19200300.100.1.14' => ['documentAuthor'], - '0.9.2342.19200300.100.1.15' => ['documentLocation'], - '0.9.2342.19200300.100.1.20' => ['homePhone', 'homeTelephoneNumber'], - '0.9.2342.19200300.100.1.21' => ['secretary'], - '0.9.2342.19200300.100.1.22' => ['otherMailbox'], - '0.9.2342.19200300.100.1.25' => ['dc', 'domainComponent'], - '0.9.2342.19200300.100.1.26' => ['aRecord'], - '0.9.2342.19200300.100.1.27' => ['mDRecord'], - '0.9.2342.19200300.100.1.28' => ['mXRecord'], - '0.9.2342.19200300.100.1.29' => ['nSRecord'], - '0.9.2342.19200300.100.1.30' => ['sOARecord'], - '0.9.2342.19200300.100.1.31' => ['cNAMERecord'], - '0.9.2342.19200300.100.1.37' => ['associatedDomain'], - '0.9.2342.19200300.100.1.38' => ['associatedName'], - '0.9.2342.19200300.100.1.39' => ['homePostalAddress'], - '0.9.2342.19200300.100.1.40' => ['personalTitle'], - '0.9.2342.19200300.100.1.41' => ['mobile', 'mobileTelephoneNumber'], - '0.9.2342.19200300.100.1.42' => ['pager', 'pagerTelephoneNumber'], - '0.9.2342.19200300.100.1.43' => ['co', 'friendlyCountryName'], - '0.9.2342.19200300.100.1.44' => ['uniqueIdentifier'], - '0.9.2342.19200300.100.1.45' => ['organizationalStatus'], - '0.9.2342.19200300.100.1.46' => ['janetMailbox'], - '0.9.2342.19200300.100.1.47' => ['mailPreferenceOption'], - '0.9.2342.19200300.100.1.48' => ['buildingName'], - '0.9.2342.19200300.100.1.49' => ['dSAQuality'], - '0.9.2342.19200300.100.1.50' => ['singleLevelQuality'], - '0.9.2342.19200300.100.1.51' => ['subtreeMinimumQuality'], - '0.9.2342.19200300.100.1.52' => ['subtreeMaximumQuality'], - '0.9.2342.19200300.100.1.53' => ['personalSignature'], - '0.9.2342.19200300.100.1.54' => ['dITRedirect'], - '0.9.2342.19200300.100.1.55' => ['audio'], - '0.9.2342.19200300.100.1.56' => ['documentPublisher'], - '0.9.2342.19200300.100.1.60' => ['jpegPhoto'], - '1.2.840.113549.1.9.1' => ['email', 'emailAddress', 'pkcs9email'], - '1.2.840.113556.1.2.102' => ['memberOf'], - '1.3.6.1.1.1.1.0' => ['uidNumber'], - '1.3.6.1.1.1.1.1' => ['gidNumber'], - '1.3.6.1.1.1.1.2' => ['gecos'], - '1.3.6.1.1.1.1.3' => ['homeDirectory'], - '1.3.6.1.1.1.1.4' => ['loginShell'], - '1.3.6.1.1.1.1.5' => ['shadowLastChange'], - '1.3.6.1.1.1.1.6' => ['shadowMin'], - '1.3.6.1.1.1.1.7' => ['shadowMax'], - '1.3.6.1.1.1.1.8' => ['shadowWarning'], - '1.3.6.1.1.1.1.9' => ['shadowInactive'], - '1.3.6.1.1.1.1.10' => ['shadowExpire'], - '1.3.6.1.1.1.1.11' => ['shadowFlag'], - '1.3.6.1.1.1.1.12' => ['memberUid'], - '1.3.6.1.1.1.1.13' => ['memberNisNetgroup'], - '1.3.6.1.1.1.1.14' => ['nisNetgroupTriple'], - '1.3.6.1.1.1.1.15' => ['ipServicePort'], - '1.3.6.1.1.1.1.16' => ['ipServiceProtocol'], - '1.3.6.1.1.1.1.17' => ['ipProtocolNumber'], - '1.3.6.1.1.1.1.18' => ['oncRpcNumber'], - '1.3.6.1.1.1.1.19' => ['ipHostNumber'], - '1.3.6.1.1.1.1.20' => ['ipNetworkNumber'], - '1.3.6.1.1.1.1.21' => ['ipNetmaskNumber'], - '1.3.6.1.1.1.1.22' => ['macAddress'], - '1.3.6.1.1.1.1.23' => ['bootParameter'], - '1.3.6.1.1.1.1.24' => ['bootFile'], - '1.3.6.1.1.1.1.26' => ['nisMapName'], - '1.3.6.1.1.1.1.27' => ['nisMapEntry'], - '1.3.6.1.1.4' => ['vendorName'], - '1.3.6.1.1.5' => ['vendorVersion'], - '1.3.6.1.1.16.4' => ['entryUUID'], - '1.3.6.1.1.20' => ['entryDN'], - '2.5.4.0' => ['objectClass'], - '2.5.4.1' => ['aliasedObjectName', 'aliasedEntryName'], - '2.5.4.2' => ['knowledgeInformation'], - '2.5.4.3' => ['cn', 'commonName'], - '2.5.4.4' => ['sn', 'surname'], - '2.5.4.5' => ['serialNumber'], - '2.5.4.6' => ['c', 'countryName'], - '2.5.4.7' => ['l', 'localityName'], - '2.5.4.8' => ['st', 'stateOrProvinceName'], - '2.5.4.9' => ['street', 'streetAddress'], - '2.5.4.10' => ['o', 'organizationName'], - '2.5.4.11' => ['ou', 'organizationalUnitName'], - '2.5.4.12' => ['title'], - '2.5.4.13' => ['description'], - '2.5.4.14' => ['searchGuide'], - '2.5.4.15' => ['businessCategory'], - '2.5.4.16' => ['postalAddress'], - '2.5.4.17' => ['postalCode'], - '2.5.4.18' => ['postOfficeBox'], - '2.5.4.19' => ['physicalDeliveryOfficeName'], - '2.5.4.20' => ['telephoneNumber'], - '2.5.4.21' => ['telexNumber'], - '2.5.4.22' => ['teletexTerminalIdentifier'], - '2.5.4.23' => ['facsimileTelephoneNumber', 'fax'], - '2.5.4.24' => ['x121Address'], - '2.5.4.25' => ['internationaliSDNNumber'], - '2.5.4.26' => ['registeredAddress'], - '2.5.4.27' => ['destinationIndicator'], - '2.5.4.28' => ['preferredDeliveryMethod'], - '2.5.4.29' => ['presentationAddress'], - '2.5.4.30' => ['supportedApplicationContext'], - '2.5.4.31' => ['member'], - '2.5.4.32' => ['owner'], - '2.5.4.33' => ['roleOccupant'], - '2.5.4.34' => ['seeAlso'], - '2.5.4.35' => ['userPassword'], - '2.5.4.36' => ['userCertificate'], - '2.5.4.37' => ['cACertificate'], - '2.5.4.38' => ['authorityRevocationList'], - '2.5.4.39' => ['certificateRevocationList'], - '2.5.4.40' => ['crossCertificatePair'], - '2.5.4.41' => ['name'], - '2.5.4.42' => ['givenName', 'gn'], - '2.5.4.43' => ['initials'], - '2.5.4.44' => ['generationQualifier'], - '2.5.4.45' => ['x500UniqueIdentifier'], - '2.5.4.46' => ['dnQualifier'], - '2.5.4.47' => ['enhancedSearchGuide'], - '2.5.4.48' => ['protocolInformation'], - '2.5.4.49' => ['distinguishedName'], - '2.5.4.50' => ['uniqueMember'], - '2.5.4.51' => ['houseIdentifier'], - '2.5.4.52' => ['supportedAlgorithms'], - '2.5.4.53' => ['deltaRevocationList'], - '2.5.4.54' => ['dmdName'], - '2.5.4.65' => ['pseudonym'], - '2.5.18.1' => ['createTimestamp'], - '2.5.18.2' => ['modifyTimestamp'], - '2.5.18.3' => ['creatorsName'], - '2.5.18.4' => ['modifiersName'], - '2.5.18.5' => ['administrativeRole'], - '2.5.18.6' => ['subtreeSpecification'], - '2.5.18.9' => ['hasSubordinates'], - '2.5.18.10' => ['subschemaSubentry'], - '2.5.21.1' => ['dITStructureRules'], - '2.5.21.2' => ['dITContentRules'], - '2.5.21.4' => ['matchingRules'], - '2.5.21.5' => ['attributeTypes'], - '2.5.21.6' => ['objectClasses'], - '2.5.21.7' => ['nameForms'], - '2.5.21.8' => ['matchingRuleUse'], - '2.5.21.9' => ['structuralObjectClass'], - '2.16.840.1.113730.3.1.1' => ['carLicense'], - '2.16.840.1.113730.3.1.2' => ['departmentNumber'], - '2.16.840.1.113730.3.1.3' => ['employeeNumber'], - '2.16.840.1.113730.3.1.4' => ['employeeType'], - '2.16.840.1.113730.3.1.34' => ['ref'], - '2.16.840.1.113730.3.1.39' => ['preferredLanguage'], - '2.16.840.1.113730.3.1.40' => ['userSMIMECertificate'], - '2.16.840.1.113730.3.1.216' => ['userPKCS12'], - '2.16.840.1.113730.3.1.241' => ['displayName'], - ]; - - /** - * OID of the attribute. - * - * @var string - */ - protected $_oid; - - /** - * Constructor. - * - * @param string $oid OID in dotted format - */ - public function __construct(string $oid) - { - $this->_oid = $oid; - } - - /** - * Initialize from ASN.1. - * - * @param ObjectIdentifier $oi - * - * @return self - */ - public static function fromASN1(ObjectIdentifier $oi): self - { - return new self($oi->oid()); - } - - /** - * Initialize from attribute name. - * - * @param string $name - * - * @return self - */ - public static function fromName(string $name): self - { - $oid = self::attrNameToOID($name); - return new self($oid); - } - - /** - * Get OID of the attribute. - * - * @return string OID in dotted format - */ - public function oid(): string - { - return $this->_oid; - } - - /** - * Get name of the attribute. - * - * @return string - */ - public function typeName(): string - { - if (array_key_exists($this->_oid, self::MAP_OID_TO_NAME)) { - return self::MAP_OID_TO_NAME[$this->_oid][0]; - } - return $this->_oid; - } - - /** - * Generate ASN.1 element. - * - * @return ObjectIdentifier - */ - public function toASN1(): ObjectIdentifier - { - return new ObjectIdentifier($this->_oid); - } - - /** - * Convert attribute name to OID. - * - * @param string $name Primary attribute name or an alias - * - * @throws \OutOfBoundsException - * - * @return string OID in dotted format - */ - public static function attrNameToOID(string $name): string - { - // if already in OID form - if (preg_match('/^[0-9]+(?:\.[0-9]+)*$/', $name)) { - return $name; - } - $map = self::_oidReverseMap(); - $k = strtolower($name); - if (!isset($map[$k])) { - throw new \OutOfBoundsException("No OID for {$name}."); - } - return $map[$k]; - } - - /** - * Get ASN.1 string for given attribute type. - * - * @param string $oid Attribute OID - * @param string $str String - * - * @throws \LogicException - * - * @return StringType - */ - public static function asn1StringForType(string $oid, string $str): StringType - { - if (!array_key_exists($oid, self::MAP_ATTR_TO_STR_TYPE)) { - return new UTF8String($str); - } - switch (self::MAP_ATTR_TO_STR_TYPE[$oid]) { - case Element::TYPE_PRINTABLE_STRING: - return new PrintableString($str); - // @codeCoverageIgnoreStart - default: - // only reachable during development - throw new \LogicException(); - } - // @codeCoverageIgnoreEnd - } - - /** - * Get name to OID lookup map. - * - * @return array - */ - private static function _oidReverseMap(): array - { - static $map; - if (!isset($map)) { - $map = []; - // for each attribute type - foreach (self::MAP_OID_TO_NAME as $oid => $names) { - // for primary name and aliases - foreach ($names as $name) { - $map[strtolower($name)] = $oid; - } - } - } - return $map; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeTypeAndValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeTypeAndValue.php deleted file mode 100644 index 6806d4a..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeTypeAndValue.php +++ /dev/null @@ -1,128 +0,0 @@ -_type = $type; - $this->_value = $value; - } - - /** - * @return string - */ - public function __toString() - { - return $this->toString(); - } - - /** - * Initialize from ASN.1. - * - * @param Sequence $seq - * - * @return self - */ - public static function fromASN1(Sequence $seq): self - { - $type = AttributeType::fromASN1($seq->at(0)->asObjectIdentifier()); - $value = AttributeValue::fromASN1ByOID($type->oid(), $seq->at(1)); - return new self($type, $value); - } - - /** - * Convenience method to initialize from attribute value. - * - * @param AttributeValue $value Attribute value - * - * @return self - */ - public static function fromAttributeValue(AttributeValue $value): self - { - return new self(new AttributeType($value->oid()), $value); - } - - /** - * Get attribute value. - * - * @return AttributeValue - */ - public function value(): AttributeValue - { - return $this->_value; - } - - /** - * Generate ASN.1 structure. - * - * @return Sequence - */ - public function toASN1(): Sequence - { - return new Sequence($this->_type->toASN1(), $this->_value->toASN1()); - } - - /** - * Get attributeTypeAndValue string conforming to RFC 2253. - * - * @see https://tools.ietf.org/html/rfc2253#section-2.3 - * - * @return string - */ - public function toString(): string - { - return $this->_type->typeName() . '=' . $this->_value->rfc2253String(); - } - - /** - * Check whether attribute is semantically equal to other. - * - * @param AttributeTypeAndValue $other Object to compare to - * - * @return bool - */ - public function equals(AttributeTypeAndValue $other): bool - { - // check that attribute types match - if ($this->oid() !== $other->oid()) { - return false; - } - $matcher = $this->_value->equalityMatchingRule(); - $result = $matcher->compare($this->_value->stringValue(), - $other->_value->stringValue()); - // match - if ($result) { - return true; - } - // no match or Undefined - return false; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/AttributeValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/AttributeValue.php deleted file mode 100644 index 89f061d..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/AttributeValue.php +++ /dev/null @@ -1,174 +0,0 @@ - CommonNameValue::class, - AttributeType::OID_SURNAME => SurnameValue::class, - AttributeType::OID_SERIAL_NUMBER => SerialNumberValue::class, - AttributeType::OID_COUNTRY_NAME => CountryNameValue::class, - AttributeType::OID_LOCALITY_NAME => LocalityNameValue::class, - AttributeType::OID_STATE_OR_PROVINCE_NAME => StateOrProvinceNameValue::class, - AttributeType::OID_ORGANIZATION_NAME => OrganizationNameValue::class, - AttributeType::OID_ORGANIZATIONAL_UNIT_NAME => OrganizationalUnitNameValue::class, - AttributeType::OID_TITLE => TitleValue::class, - AttributeType::OID_DESCRIPTION => DescriptionValue::class, - AttributeType::OID_NAME => NameValue::class, - AttributeType::OID_GIVEN_NAME => GivenNameValue::class, - AttributeType::OID_PSEUDONYM => PseudonymValue::class, - ]; - - /** - * OID of the attribute type. - * - * @var string - */ - protected $_oid; - - /** - * Get attribute value as an UTF-8 encoded string. - * - * @return string - */ - public function __toString() - { - return $this->_transcodedString(); - } - - /** - * Generate ASN.1 element. - * - * @return Element - */ - abstract public function toASN1(): Element; - - /** - * Get attribute value as a string. - * - * @return string - */ - abstract public function stringValue(): string; - - /** - * Get matching rule for equality comparison. - * - * @return MatchingRule - */ - abstract public function equalityMatchingRule(): MatchingRule; - - /** - * Get attribute value as a string conforming to RFC 2253. - * - * @see https://tools.ietf.org/html/rfc2253#section-2.4 - * - * @return string - */ - abstract public function rfc2253String(): string; - - /** - * Initialize from ASN.1. - * - * @param UnspecifiedType $el - * - * @return self - */ - public static function fromASN1(UnspecifiedType $el): AttributeValue - { - throw new \BadMethodCallException( - 'ASN.1 parsing must be implemented in a concrete class.'); - } - - /** - * Initialize from ASN.1 with given OID hint. - * - * @param string $oid Attribute's OID - * @param UnspecifiedType $el - * - * @return self - */ - public static function fromASN1ByOID(string $oid, UnspecifiedType $el): self - { - if (!array_key_exists($oid, self::MAP_OID_TO_CLASS)) { - return new UnknownAttributeValue($oid, $el->asElement()); - } - $cls = self::MAP_OID_TO_CLASS[$oid]; - return $cls::fromASN1($el); - } - - /** - * Initialize from another AttributeValue. - * - * This method is generally used to cast UnknownAttributeValue to - * specific object when class is declared outside this package. - * - * @param self $obj Instance of AttributeValue - * - * @return self - */ - public static function fromSelf(self $obj): self - { - return static::fromASN1($obj->toASN1()->asUnspecified()); - } - - /** - * Get attribute type's OID. - * - * @return string - */ - public function oid(): string - { - return $this->_oid; - } - - /** - * Get Attribute object with this as a single value. - * - * @return Attribute - */ - public function toAttribute(): Attribute - { - return Attribute::fromAttributeValues($this); - } - - /** - * Get AttributeTypeAndValue object with this as a value. - * - * @return AttributeTypeAndValue - */ - public function toAttributeTypeAndValue(): AttributeTypeAndValue - { - return AttributeTypeAndValue::fromAttributeValue($this); - } - - /** - * Get attribute value as an UTF-8 string conforming to RFC 4518. - * - * @see https://tools.ietf.org/html/rfc4518#section-2.1 - * - * @return string - */ - abstract protected function _transcodedString(): string; -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/CommonNameValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/CommonNameValue.php deleted file mode 100644 index 924aa52..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/CommonNameValue.php +++ /dev/null @@ -1,29 +0,0 @@ -_oid = AttributeType::OID_COMMON_NAME; - parent::__construct($value, $string_tag); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/CountryNameValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/CountryNameValue.php deleted file mode 100644 index 4d4f3b1..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/CountryNameValue.php +++ /dev/null @@ -1,27 +0,0 @@ -_oid = AttributeType::OID_COUNTRY_NAME; - parent::__construct($value); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/DescriptionValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/DescriptionValue.php deleted file mode 100644 index 025b19e..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/DescriptionValue.php +++ /dev/null @@ -1,29 +0,0 @@ -_oid = AttributeType::OID_DESCRIPTION; - parent::__construct($value, $string_tag); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/Feature/DirectoryString.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/Feature/DirectoryString.php deleted file mode 100644 index 1d26453..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/Feature/DirectoryString.php +++ /dev/null @@ -1,179 +0,0 @@ - T61String::class, - self::PRINTABLE => PrintableString::class, - self::UNIVERSAL => UniversalString::class, - self::UTF8 => UTF8String::class, - self::BMP => BMPString::class, - ]; - - /** - * ASN.1 type tag for the chosen syntax. - * - * @var int - */ - protected $_stringTag; - - /** - * String value. - * - * @var string - */ - protected $_string; - - /** - * Constructor. - * - * @param string $value String value - * @param int $string_tag Syntax choice - */ - public function __construct(string $value, int $string_tag) - { - $this->_string = $value; - $this->_stringTag = $string_tag; - } - - /** - * {@inheritdoc} - * - * @return self - */ - public static function fromASN1(UnspecifiedType $el): AttributeValue - { - $tag = $el->tag(); - self::_tagToASN1Class($tag); - return new static($el->asString()->string(), $tag); - } - - /** - * {@inheritdoc} - */ - public function toASN1(): Element - { - $cls = self::_tagToASN1Class($this->_stringTag); - return new $cls($this->_string); - } - - /** - * {@inheritdoc} - */ - public function stringValue(): string - { - return $this->_string; - } - - /** - * {@inheritdoc} - */ - public function equalityMatchingRule(): MatchingRule - { - return new CaseIgnoreMatch($this->_stringTag); - } - - /** - * {@inheritdoc} - */ - public function rfc2253String(): string - { - // TeletexString is encoded as binary - if (self::TELETEX === $this->_stringTag) { - return $this->_transcodedString(); - } - return DNParser::escapeString($this->_transcodedString()); - } - - /** - * {@inheritdoc} - */ - protected function _transcodedString(): string - { - $step = new TranscodeStep($this->_stringTag); - return $step->apply($this->_string); - } - - /** - * Get ASN.1 class name for given DirectoryString type tag. - * - * @param int $tag - * - * @throws \UnexpectedValueException - * - * @return string - */ - private static function _tagToASN1Class(int $tag): string - { - if (!array_key_exists($tag, self::MAP_TAG_TO_CLASS)) { - throw new \UnexpectedValueException( - 'Type ' . Element::tagToName($tag) . - ' is not valid DirectoryString.'); - } - return self::MAP_TAG_TO_CLASS[$tag]; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/Feature/PrintableStringValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/Feature/PrintableStringValue.php deleted file mode 100644 index f9c3e69..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/Feature/PrintableStringValue.php +++ /dev/null @@ -1,88 +0,0 @@ -_string = $value; - } - - /** - * {@inheritdoc} - * - * @return self - */ - public static function fromASN1(UnspecifiedType $el): AttributeValue - { - return new static($el->asPrintableString()->string()); - } - - /** - * {@inheritdoc} - */ - public function toASN1(): Element - { - return new PrintableString($this->_string); - } - - /** - * {@inheritdoc} - */ - public function stringValue(): string - { - return $this->_string; - } - - /** - * {@inheritdoc} - */ - public function equalityMatchingRule(): MatchingRule - { - // default to caseIgnoreMatch - return new CaseIgnoreMatch(Element::TYPE_PRINTABLE_STRING); - } - - /** - * {@inheritdoc} - */ - public function rfc2253String(): string - { - return DNParser::escapeString($this->_transcodedString()); - } - - /** - * {@inheritdoc} - */ - protected function _transcodedString(): string - { - // PrintableString maps directly to UTF-8 - return $this->_string; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/GivenNameValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/GivenNameValue.php deleted file mode 100644 index 593f3b6..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/GivenNameValue.php +++ /dev/null @@ -1,29 +0,0 @@ -_oid = AttributeType::OID_GIVEN_NAME; - parent::__construct($value, $string_tag); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/LocalityNameValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/LocalityNameValue.php deleted file mode 100644 index a316b7c..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/LocalityNameValue.php +++ /dev/null @@ -1,29 +0,0 @@ -_oid = AttributeType::OID_LOCALITY_NAME; - parent::__construct($value, $string_tag); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/NameValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/NameValue.php deleted file mode 100644 index de6792d..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/NameValue.php +++ /dev/null @@ -1,29 +0,0 @@ -_oid = AttributeType::OID_NAME; - parent::__construct($value, $string_tag); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/OrganizationNameValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/OrganizationNameValue.php deleted file mode 100644 index 71fd859..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/OrganizationNameValue.php +++ /dev/null @@ -1,29 +0,0 @@ -_oid = AttributeType::OID_ORGANIZATION_NAME; - parent::__construct($value, $string_tag); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/OrganizationalUnitNameValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/OrganizationalUnitNameValue.php deleted file mode 100644 index a8743d5..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/OrganizationalUnitNameValue.php +++ /dev/null @@ -1,29 +0,0 @@ -_oid = AttributeType::OID_ORGANIZATIONAL_UNIT_NAME; - parent::__construct($value, $string_tag); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/PseudonymValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/PseudonymValue.php deleted file mode 100644 index 674befb..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/PseudonymValue.php +++ /dev/null @@ -1,29 +0,0 @@ -_oid = AttributeType::OID_PSEUDONYM; - parent::__construct($value, $string_tag); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/SerialNumberValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/SerialNumberValue.php deleted file mode 100644 index 8ff3d65..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/SerialNumberValue.php +++ /dev/null @@ -1,27 +0,0 @@ -_oid = AttributeType::OID_SERIAL_NUMBER; - parent::__construct($value); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/StateOrProvinceNameValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/StateOrProvinceNameValue.php deleted file mode 100644 index 7759013..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/StateOrProvinceNameValue.php +++ /dev/null @@ -1,29 +0,0 @@ -_oid = AttributeType::OID_STATE_OR_PROVINCE_NAME; - parent::__construct($value, $string_tag); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/SurnameValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/SurnameValue.php deleted file mode 100644 index 17b3eac..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/SurnameValue.php +++ /dev/null @@ -1,29 +0,0 @@ -_oid = AttributeType::OID_SURNAME; - parent::__construct($value, $string_tag); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/TitleValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/TitleValue.php deleted file mode 100644 index 9467035..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/TitleValue.php +++ /dev/null @@ -1,29 +0,0 @@ -_oid = AttributeType::OID_TITLE; - parent::__construct($value, $string_tag); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/UnknownAttributeValue.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/UnknownAttributeValue.php deleted file mode 100644 index c8d0e49..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/AttributeValue/UnknownAttributeValue.php +++ /dev/null @@ -1,75 +0,0 @@ -_oid = $oid; - $this->_element = $el; - } - - /** - * {@inheritdoc} - */ - public function toASN1(): Element - { - return $this->_element; - } - - /** - * {@inheritdoc} - */ - public function stringValue(): string - { - // return DER encoding as a hexstring - return '#' . bin2hex($this->_element->toDER()); - } - - /** - * {@inheritdoc} - */ - public function equalityMatchingRule(): MatchingRule - { - return new BinaryMatch(); - } - - /** - * {@inheritdoc} - */ - public function rfc2253String(): string - { - return $this->stringValue(); - } - - /** - * {@inheritdoc} - */ - protected function _transcodedString(): string - { - return $this->stringValue(); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Collection/AttributeCollection.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Collection/AttributeCollection.php deleted file mode 100644 index 14114e6..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Collection/AttributeCollection.php +++ /dev/null @@ -1,221 +0,0 @@ -_attributes = $attribs; - } - - /** - * Initialize from attribute values. - * - * @param AttributeValue ...$values List of attribute values - * - * @return static - */ - public static function fromAttributeValues(AttributeValue ...$values): self - { - return new static(...array_map( - function (AttributeValue $value) { - return $value->toAttribute(); - }, $values)); - } - - /** - * Check whether attribute is present. - * - * @param string $name OID or attribute name - * - * @return bool - */ - public function has(string $name): bool - { - return null !== $this->_findFirst($name); - } - - /** - * Get first attribute by OID or attribute name. - * - * @param string $name OID or attribute name - * - * @throws \UnexpectedValueException if attribute is not present - * - * @return Attribute - */ - public function firstOf(string $name): Attribute - { - $attr = $this->_findFirst($name); - if (!$attr) { - throw new \UnexpectedValueException("No {$name} attribute."); - } - return $attr; - } - - /** - * Get all attributes of given name. - * - * @param string $name OID or attribute name - * - * @return Attribute[] - */ - public function allOf(string $name): array - { - $oid = AttributeType::attrNameToOID($name); - return array_values( - array_filter($this->_attributes, - function (Attribute $attr) use ($oid) { - return $attr->oid() === $oid; - })); - } - - /** - * Get all attributes. - * - * @return Attribute[] - */ - public function all(): array - { - return $this->_attributes; - } - - /** - * Get self with additional attributes added. - * - * @param Attribute ...$attribs List of attributes to add - * - * @return self - */ - public function withAdditional(Attribute ...$attribs): self - { - $obj = clone $this; - foreach ($attribs as $attr) { - $obj->_attributes[] = $attr; - } - return $obj; - } - - /** - * Get self with single unique attribute added. - * - * All previous attributes of the same type are removed. - * - * @param Attribute $attr Attribute to add - * - * @return self - */ - public function withUnique(Attribute $attr): self - { - $attribs = array_values( - array_filter($this->_attributes, - function (Attribute $a) use ($attr) { - return $a->oid() !== $attr->oid(); - })); - $attribs[] = $attr; - $obj = clone $this; - $obj->_attributes = $attribs; - return $obj; - } - - /** - * Get number of attributes. - * - * @see \Countable::count() - * - * @return int - */ - public function count(): int - { - return count($this->_attributes); - } - - /** - * Get iterator for attributes. - * - * @see \IteratorAggregate::getIterator() - * - * @return \ArrayIterator|Attribute[] - */ - public function getIterator(): \ArrayIterator - { - return new \ArrayIterator($this->_attributes); - } - - /** - * Find first attribute of given name or OID. - * - * @param string $name OID or attribute name - * - * @return null|Attribute - */ - protected function _findFirst(string $name): ?Attribute - { - $oid = AttributeType::attrNameToOID($name); - foreach ($this->_attributes as $attr) { - if ($attr->oid() === $oid) { - return $attr; - } - } - return null; - } - - /** - * Initialize from ASN.1 constructed element. - * - * @param Structure $struct ASN.1 structure - * - * @return static - */ - protected static function _fromASN1Structure(Structure $struct): self - { - return new static(...array_map( - function (UnspecifiedType $el) { - return static::_castAttributeValues( - Attribute::fromASN1($el->asSequence())); - }, $struct->elements())); - } - - /** - * Cast Attribute's AttributeValues to implementation specific objects. - * - * Overridden in derived classes. - * - * @param Attribute $attribute Attribute to cast - * - * @return Attribute - */ - protected static function _castAttributeValues(Attribute $attribute): Attribute - { - // pass through by default - return $attribute; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Collection/SequenceOfAttributes.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Collection/SequenceOfAttributes.php deleted file mode 100644 index 9da1419..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Collection/SequenceOfAttributes.php +++ /dev/null @@ -1,44 +0,0 @@ -toASN1(); - }, $this->_attributes)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Collection/SetOfAttributes.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Collection/SetOfAttributes.php deleted file mode 100644 index e38506c..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Collection/SetOfAttributes.php +++ /dev/null @@ -1,45 +0,0 @@ -toASN1(); - }, $this->_attributes)); - return $set->sortedSetOf(); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Feature/TypedAttribute.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Feature/TypedAttribute.php deleted file mode 100644 index 36c020d..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Feature/TypedAttribute.php +++ /dev/null @@ -1,40 +0,0 @@ -_type; - } - - /** - * Get OID of the attribute. - * - * @return string - */ - public function oid(): string - { - return $this->_type->oid(); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Name.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Name.php deleted file mode 100644 index f527c2a..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/Name.php +++ /dev/null @@ -1,227 +0,0 @@ -_rdns = $rdns; - } - - /** - * @return string - */ - public function __toString() - { - return $this->toString(); - } - - /** - * Initialize from ASN.1. - * - * @param Sequence $seq - * - * @return self - */ - public static function fromASN1(Sequence $seq): self - { - $rdns = array_map( - function (UnspecifiedType $el) { - return RDN::fromASN1($el->asSet()); - }, $seq->elements()); - return new self(...$rdns); - } - - /** - * Initialize from distinguished name string. - * - * @see https://tools.ietf.org/html/rfc1779 - * - * @param string $str - * - * @return self - */ - public static function fromString(string $str): self - { - $rdns = []; - foreach (DNParser::parseString($str) as $nameComponent) { - $attribs = []; - foreach ($nameComponent as [$name, $val]) { - $type = AttributeType::fromName($name); - // hexstrings are parsed to ASN.1 elements - if ($val instanceof Element) { - $el = $val; - } else { - $el = AttributeType::asn1StringForType($type->oid(), $val); - } - $value = AttributeValue::fromASN1ByOID($type->oid(), - $el->asUnspecified()); - $attribs[] = new AttributeTypeAndValue($type, $value); - } - $rdns[] = new RDN(...$attribs); - } - return new self(...$rdns); - } - - /** - * Generate ASN.1 structure. - * - * @return Sequence - */ - public function toASN1(): Sequence - { - $elements = array_map( - function (RDN $rdn) { - return $rdn->toASN1(); - }, $this->_rdns); - return new Sequence(...$elements); - } - - /** - * Get distinguised name string conforming to RFC 2253. - * - * @see https://tools.ietf.org/html/rfc2253#section-2.1 - * - * @return string - */ - public function toString(): string - { - $parts = array_map( - function (RDN $rdn) { - return $rdn->toString(); - }, array_reverse($this->_rdns)); - return implode(',', $parts); - } - - /** - * Whether name is semantically equal to other. - * - * Comparison conforms to RFC 4518 string preparation algorithm. - * - * @see https://tools.ietf.org/html/rfc4518 - * - * @param Name $other Object to compare to - * - * @return bool - */ - public function equals(Name $other): bool - { - // if RDN count doesn't match - if (count($this) !== count($other)) { - return false; - } - for ($i = count($this) - 1; $i >= 0; --$i) { - $rdn1 = $this->_rdns[$i]; - $rdn2 = $other->_rdns[$i]; - if (!$rdn1->equals($rdn2)) { - return false; - } - } - return true; - } - - /** - * Get all RDN objects. - * - * @return RDN[] - */ - public function all(): array - { - return $this->_rdns; - } - - /** - * Get the first AttributeValue of given type. - * - * Relative name components shall be traversed in encoding order, which is - * reversed in regards to the string representation. - * Multi-valued RDN with multiple attributes of the requested type is - * ambiguous and shall throw an exception. - * - * @param string $name Attribute OID or name - * - * @throws \RuntimeException If attribute cannot be resolved - * - * @return AttributeValue - */ - public function firstValueOf(string $name): AttributeValue - { - $oid = AttributeType::attrNameToOID($name); - foreach ($this->_rdns as $rdn) { - $tvs = $rdn->allOf($oid); - if (count($tvs) > 1) { - throw new \RangeException("RDN with multiple {$name} attributes."); - } - if (1 === count($tvs)) { - return $tvs[0]->value(); - } - } - throw new \RangeException("Attribute {$name} not found."); - } - - /** - * @see \Countable::count() - * - * @return int - */ - public function count(): int - { - return count($this->_rdns); - } - - /** - * Get the number of attributes of given type. - * - * @param string $name Attribute OID or name - * - * @return int - */ - public function countOfType(string $name): int - { - $oid = AttributeType::attrNameToOID($name); - return (int) array_sum( - array_map( - function (RDN $rdn) use ($oid): int { - return count($rdn->allOf($oid)); - }, $this->_rdns)); - } - - /** - * @see \IteratorAggregate::getIterator() - * - * @return \ArrayIterator - */ - public function getIterator(): \ArrayIterator - { - return new \ArrayIterator($this->_rdns); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/RDN.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/RDN.php deleted file mode 100644 index 2a8b099..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/ASN1/RDN.php +++ /dev/null @@ -1,187 +0,0 @@ -_attribs = $attribs; - } - - /** - * @return string - */ - public function __toString() - { - return $this->toString(); - } - - /** - * Convenience method to initialize RDN from AttributeValue objects. - * - * @param AttributeValue ...$values One or more attributes - * - * @return self - */ - public static function fromAttributeValues(AttributeValue ...$values): self - { - $attribs = array_map( - function (AttributeValue $value) { - return new AttributeTypeAndValue( - new AttributeType($value->oid()), $value); - }, $values); - return new self(...$attribs); - } - - /** - * Initialize from ASN.1. - * - * @param Set $set - * - * @return self - */ - public static function fromASN1(Set $set): self - { - $attribs = array_map( - function (UnspecifiedType $el) { - return AttributeTypeAndValue::fromASN1($el->asSequence()); - }, $set->elements()); - return new self(...$attribs); - } - - /** - * Generate ASN.1 structure. - * - * @return Set - */ - public function toASN1(): Set - { - $elements = array_map( - function (AttributeTypeAndValue $tv) { - return $tv->toASN1(); - }, $this->_attribs); - $set = new Set(...$elements); - return $set->sortedSetOf(); - } - - /** - * Get name-component string conforming to RFC 2253. - * - * @see https://tools.ietf.org/html/rfc2253#section-2.2 - * - * @return string - */ - public function toString(): string - { - $parts = array_map( - function (AttributeTypeAndValue $tv) { - return $tv->toString(); - }, $this->_attribs); - return implode('+', $parts); - } - - /** - * Check whether RDN is semantically equal to other. - * - * @param RDN $other Object to compare to - * - * @return bool - */ - public function equals(RDN $other): bool - { - // if attribute count doesn't match - if (count($this) !== count($other)) { - return false; - } - $attribs1 = $this->_attribs; - $attribs2 = $other->_attribs; - // if there's multiple attributes, sort using SET OF rules - if (count($attribs1) > 1) { - $attribs1 = self::fromASN1($this->toASN1())->_attribs; - $attribs2 = self::fromASN1($other->toASN1())->_attribs; - } - for ($i = count($attribs1) - 1; $i >= 0; --$i) { - $tv1 = $attribs1[$i]; - $tv2 = $attribs2[$i]; - if (!$tv1->equals($tv2)) { - return false; - } - } - return true; - } - - /** - * Get all AttributeTypeAndValue objects. - * - * @return AttributeTypeAndValue[] - */ - public function all(): array - { - return $this->_attribs; - } - - /** - * Get all AttributeTypeAndValue objects of the given attribute type. - * - * @param string $name Attribute OID or name - * - * @return AttributeTypeAndValue[] - */ - public function allOf(string $name): array - { - $oid = AttributeType::attrNameToOID($name); - $attribs = array_filter($this->_attribs, - function (AttributeTypeAndValue $tv) use ($oid) { - return $tv->oid() === $oid; - }); - return array_values($attribs); - } - - /** - * @see \Countable::count() - * - * @return int - */ - public function count(): int - { - return count($this->_attribs); - } - - /** - * @see \IteratorAggregate::getIterator() - * - * @return \ArrayIterator - */ - public function getIterator(): \ArrayIterator - { - return new \ArrayIterator($this->_attribs); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/DN/DNParser.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/DN/DNParser.php deleted file mode 100644 index 32b3228..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/DN/DNParser.php +++ /dev/null @@ -1,428 +0,0 @@ -#;'; - - /** - * DN string. - * - * @var string - */ - private $_dn; - - /** - * DN string length. - * - * @var int - */ - private $_len; - - /** - * Constructor. - * - * @param string $dn Distinguised name - */ - protected function __construct(string $dn) - { - $this->_dn = $dn; - $this->_len = strlen($dn); - } - - /** - * Parse distinguished name string to name-components. - * - * @param string $dn - * - * @return array - */ - public static function parseString(string $dn): array - { - $parser = new self($dn); - return $parser->parse(); - } - - /** - * Escape a AttributeValue string conforming to RFC 2253. - * - * @see https://tools.ietf.org/html/rfc2253#section-2.4 - * - * @param string $str - * - * @return string - */ - public static function escapeString(string $str): string - { - // one of the characters ",", "+", """, "\", "<", ">" or ";" - $str = preg_replace('/([,\+"\\\<\>;])/u', '\\\\$1', $str); - // a space character occurring at the end of the string - $str = preg_replace('/( )$/u', '\\\\$1', $str); - // a space or "#" character occurring at the beginning of the string - $str = preg_replace('/^([ #])/u', '\\\\$1', $str); - // implementation specific special characters - $str = preg_replace_callback('/([\pC])/u', - function ($m) { - $octets = str_split(bin2hex($m[1]), 2); - return implode('', - array_map( - function ($octet) { - return '\\' . strtoupper($octet); - }, $octets)); - }, $str); - return $str; - } - - /** - * Parse DN to name-components. - * - * @throws \RuntimeException - * - * @return array - */ - protected function parse(): array - { - $offset = 0; - $name = $this->_parseName($offset); - if ($offset < $this->_len) { - $remains = substr($this->_dn, $offset); - throw new \UnexpectedValueException( - 'Parser finished before the end of string' . - ", remaining: '{$remains}'."); - } - return $name; - } - - /** - * Parse 'name'. - * - * name-component *("," name-component) - * - * @param int $offset - * - * @return array Array of name-components - */ - private function _parseName(int &$offset): array - { - $idx = $offset; - $names = []; - while ($idx < $this->_len) { - $names[] = $this->_parseNameComponent($idx); - if ($idx >= $this->_len) { - break; - } - $this->_skipWs($idx); - if (',' != $this->_dn[$idx] && ';' != $this->_dn[$idx]) { - break; - } - ++$idx; - $this->_skipWs($idx); - } - $offset = $idx; - return array_reverse($names); - } - - /** - * Parse 'name-component'. - * - * attributeTypeAndValue *("+" attributeTypeAndValue) - * - * @param int $offset - * - * @return array Array of [type, value] tuples - */ - private function _parseNameComponent(int &$offset): array - { - $idx = $offset; - $tvpairs = []; - while ($idx < $this->_len) { - $tvpairs[] = $this->_parseAttrTypeAndValue($idx); - $this->_skipWs($idx); - if ($idx >= $this->_len || '+' != $this->_dn[$idx]) { - break; - } - ++$idx; - $this->_skipWs($idx); - } - $offset = $idx; - return $tvpairs; - } - - /** - * Parse 'attributeTypeAndValue'. - * - * attributeType "=" attributeValue - * - * @param int $offset - * - * @throws \UnexpectedValueException - * - * @return array A tuple of [type, value]. Value may be either a string or - * an Element, if it's encoded as hexstring. - */ - private function _parseAttrTypeAndValue(int &$offset): array - { - $idx = $offset; - $type = $this->_parseAttrType($idx); - $this->_skipWs($idx); - if ($idx >= $this->_len || '=' != $this->_dn[$idx++]) { - throw new \UnexpectedValueException('Invalid type and value pair.'); - } - $this->_skipWs($idx); - // hexstring - if ($idx < $this->_len && '#' == $this->_dn[$idx]) { - ++$idx; - $data = $this->_parseAttrHexValue($idx); - try { - $value = Element::fromDER($data); - } catch (DecodeException $e) { - throw new \UnexpectedValueException( - 'Invalid DER encoding from hexstring.', 0, $e); - } - } else { - $value = $this->_parseAttrStringValue($idx); - } - $offset = $idx; - return [$type, $value]; - } - - /** - * Parse 'attributeType'. - * - * (ALPHA 1*keychar) / oid - * - * @param int $offset - * - * @throws \UnexpectedValueException - * - * @return string - */ - private function _parseAttrType(int &$offset): string - { - $idx = $offset; - // dotted OID - $type = $this->_regexMatch('/^(?:oid\.)?([0-9]+(?:\.[0-9]+)*)/i', $idx); - if (null === $type) { - // name - $type = $this->_regexMatch('/^[a-z][a-z0-9\-]*/i', $idx); - if (null === $type) { - throw new \UnexpectedValueException('Invalid attribute type.'); - } - } - $offset = $idx; - return $type; - } - - /** - * Parse 'attributeValue' of string type. - * - * @param int $offset - * - * @throws \UnexpectedValueException - * - * @return string - */ - private function _parseAttrStringValue(int &$offset): string - { - $idx = $offset; - if ($idx >= $this->_len) { - return ''; - } - if ('"' == $this->_dn[$idx]) { // quoted string - $val = $this->_parseQuotedAttrString($idx); - } else { // string - $val = $this->_parseAttrString($idx); - } - $offset = $idx; - return $val; - } - - /** - * Parse plain 'attributeValue' string. - * - * @param int $offset - * - * @throws \UnexpectedValueException - * - * @return string - */ - private function _parseAttrString(int &$offset): string - { - $idx = $offset; - $val = ''; - $wsidx = null; - while ($idx < $this->_len) { - $c = $this->_dn[$idx]; - // pair (escape sequence) - if ('\\' == $c) { - ++$idx; - $val .= $this->_parsePairAfterSlash($idx); - $wsidx = null; - continue; - } - if ('"' == $c) { - throw new \UnexpectedValueException('Unexpected quotation.'); - } - if (false !== strpos(self::SPECIAL_CHARS, $c)) { - break; - } - // keep track of the first consecutive whitespace - if (' ' == $c) { - if (null === $wsidx) { - $wsidx = $idx; - } - } else { - $wsidx = null; - } - // stringchar - $val .= $c; - ++$idx; - } - // if there was non-escaped whitespace in the end of the value - if (null !== $wsidx) { - $val = substr($val, 0, -($idx - $wsidx)); - } - $offset = $idx; - return $val; - } - - /** - * Parse quoted 'attributeValue' string. - * - * @param int $offset Offset to starting quote - * - * @throws \UnexpectedValueException - * - * @return string - */ - private function _parseQuotedAttrString(int &$offset): string - { - $idx = $offset + 1; - $val = ''; - while ($idx < $this->_len) { - $c = $this->_dn[$idx]; - if ('\\' == $c) { // pair - ++$idx; - $val .= $this->_parsePairAfterSlash($idx); - continue; - } - if ('"' == $c) { - ++$idx; - break; - } - $val .= $c; - ++$idx; - } - $offset = $idx; - return $val; - } - - /** - * Parse 'attributeValue' of binary type. - * - * @param int $offset - * - * @throws \UnexpectedValueException - * - * @return string - */ - private function _parseAttrHexValue(int &$offset): string - { - $idx = $offset; - $hexstr = $this->_regexMatch('/^(?:[0-9a-f]{2})+/i', $idx); - if (null === $hexstr) { - throw new \UnexpectedValueException('Invalid hexstring.'); - } - $data = hex2bin($hexstr); - $offset = $idx; - return $data; - } - - /** - * Parse 'pair' after leading slash. - * - * @param int $offset - * - * @throws \UnexpectedValueException - * - * @return string - */ - private function _parsePairAfterSlash(int &$offset): string - { - $idx = $offset; - if ($idx >= $this->_len) { - throw new \UnexpectedValueException( - 'Unexpected end of escape sequence.'); - } - $c = $this->_dn[$idx++]; - // special | \ | " | SPACE - if (false !== strpos(self::SPECIAL_CHARS . '\\" ', $c)) { - $val = $c; - } else { // hexpair - if ($idx >= $this->_len) { - throw new \UnexpectedValueException('Unexpected end of hexpair.'); - } - $val = @hex2bin($c . $this->_dn[$idx++]); - if (false === $val) { - throw new \UnexpectedValueException('Invalid hexpair.'); - } - } - $offset = $idx; - return $val; - } - - /** - * Match DN to pattern and extract the last capture group. - * - * Updates offset to fully matched pattern. - * - * @param string $pattern - * @param int $offset - * - * @return null|string Null if pattern doesn't match - */ - private function _regexMatch(string $pattern, int &$offset): ?string - { - $idx = $offset; - if (!preg_match($pattern, substr($this->_dn, $idx), $match)) { - return null; - } - $idx += strlen($match[0]); - $offset = $idx; - return end($match); - } - - /** - * Skip consecutive spaces. - * - * @param int $offset - */ - private function _skipWs(int &$offset): void - { - $idx = $offset; - while ($idx < $this->_len) { - if (' ' != $this->_dn[$idx]) { - break; - } - ++$idx; - } - $offset = $idx; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/MatchingRule/BinaryMatch.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/MatchingRule/BinaryMatch.php deleted file mode 100644 index 34af3c6..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/MatchingRule/BinaryMatch.php +++ /dev/null @@ -1,21 +0,0 @@ -withCaseFolding(true)); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/MatchingRule/MatchingRule.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/MatchingRule/MatchingRule.php deleted file mode 100644 index 9997547..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/MatchingRule/MatchingRule.php +++ /dev/null @@ -1,24 +0,0 @@ -_prep = $preparer; - } - - /** - * {@inheritdoc} - */ - public function compare($assertion, $value): ?bool - { - $assertion = $this->_prep->prepare($assertion); - $value = $this->_prep->prepare($value); - return 0 === strcmp($assertion, $value); - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/CheckBidiStep.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/CheckBidiStep.php deleted file mode 100644 index 9f65487..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/CheckBidiStep.php +++ /dev/null @@ -1,25 +0,0 @@ -_fold = $fold_case; - } - - /** - * @param string $string UTF-8 encoded string - * - * @return string - */ - public function apply(string $string): string - { - // @todo Implement character mappings - if ($this->_fold) { - $string = mb_convert_case($string, MB_CASE_LOWER, 'UTF-8'); - } - return $string; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/NormalizeStep.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/NormalizeStep.php deleted file mode 100644 index fbca4fb..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/NormalizeStep.php +++ /dev/null @@ -1,24 +0,0 @@ -_steps = $steps; - } - - /** - * Get default instance for given string type. - * - * @param int $string_type ASN.1 string type tag. - * - * @return self - */ - public static function forStringType(int $string_type): self - { - $steps = [ - self::STEP_TRANSCODE => new TranscodeStep($string_type), - self::STEP_MAP => new MapStep(), - self::STEP_NORMALIZE => new NormalizeStep(), - self::STEP_PROHIBIT => new ProhibitStep(), - self::STEP_CHECK_BIDI => new CheckBidiStep(), - // @todo Vary by string type - self::STEP_INSIGNIFICANT_CHARS => new InsignificantNonSubstringSpaceStep(), - ]; - return new self($steps); - } - - /** - * Get self with case folding set. - * - * @param bool $fold True to apply case folding - * - * @return self - */ - public function withCaseFolding(bool $fold): self - { - $obj = clone $this; - $obj->_steps[self::STEP_MAP] = new MapStep($fold); - return $obj; - } - - /** - * Prepare string. - * - * @param string $string - * - * @return string - */ - public function prepare(string $string): string - { - foreach ($this->_steps as $step) { - $string = $step->apply($string); - } - return $string; - } -} diff --git a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/TranscodeStep.php b/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/TranscodeStep.php deleted file mode 100644 index 3d29fc6..0000000 --- a/utilities/signing_and_verification/php/vendor/sop/x501/lib/X501/StringPrep/TranscodeStep.php +++ /dev/null @@ -1,66 +0,0 @@ -_type = $type; - } - - /** - * @param string $string String to prepare - * - * @throws \LogicException If string type is not supported - * - * @return string UTF-8 encoded string - */ - public function apply(string $string): string - { - switch ($this->_type) { - // UTF-8 string as is - case Element::TYPE_UTF8_STRING: - return $string; - // PrintableString maps directly to UTF-8 - case Element::TYPE_PRINTABLE_STRING: - return $string; - // UCS-2 to UTF-8 - case Element::TYPE_BMP_STRING: - return mb_convert_encoding($string, 'UTF-8', 'UCS-2BE'); - // UCS-4 to UTF-8 - case Element::TYPE_UNIVERSAL_STRING: - return mb_convert_encoding($string, 'UTF-8', 'UCS-4BE'); - // TeletexString mapping is a local matter. - // We take a shortcut here and encode it as a hexstring. - case Element::TYPE_T61_STRING: - $el = new T61String($string); - return '#' . bin2hex($el->toDER()); - } - throw new \LogicException( - 'Unsupported string type ' . Element::tagToName($this->_type) . '.'); - } -} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/Ctype.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/Ctype.php deleted file mode 100644 index ba75a2c..0000000 --- a/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/Ctype.php +++ /dev/null @@ -1,232 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Polyfill\Ctype; - -/** - * Ctype implementation through regex. - * - * @internal - * - * @author Gert de Pagter - */ -final class Ctype -{ - /** - * Returns TRUE if every character in text is either a letter or a digit, FALSE otherwise. - * - * @see https://php.net/ctype-alnum - * - * @param mixed $text - * - * @return bool - */ - public static function ctype_alnum($text) - { - $text = self::convert_int_to_char_for_ctype($text, __FUNCTION__); - - return \is_string($text) && '' !== $text && !preg_match('/[^A-Za-z0-9]/', $text); - } - - /** - * Returns TRUE if every character in text is a letter, FALSE otherwise. - * - * @see https://php.net/ctype-alpha - * - * @param mixed $text - * - * @return bool - */ - public static function ctype_alpha($text) - { - $text = self::convert_int_to_char_for_ctype($text, __FUNCTION__); - - return \is_string($text) && '' !== $text && !preg_match('/[^A-Za-z]/', $text); - } - - /** - * Returns TRUE if every character in text is a control character from the current locale, FALSE otherwise. - * - * @see https://php.net/ctype-cntrl - * - * @param mixed $text - * - * @return bool - */ - public static function ctype_cntrl($text) - { - $text = self::convert_int_to_char_for_ctype($text, __FUNCTION__); - - return \is_string($text) && '' !== $text && !preg_match('/[^\x00-\x1f\x7f]/', $text); - } - - /** - * Returns TRUE if every character in the string text is a decimal digit, FALSE otherwise. - * - * @see https://php.net/ctype-digit - * - * @param mixed $text - * - * @return bool - */ - public static function ctype_digit($text) - { - $text = self::convert_int_to_char_for_ctype($text, __FUNCTION__); - - return \is_string($text) && '' !== $text && !preg_match('/[^0-9]/', $text); - } - - /** - * Returns TRUE if every character in text is printable and actually creates visible output (no white space), FALSE otherwise. - * - * @see https://php.net/ctype-graph - * - * @param mixed $text - * - * @return bool - */ - public static function ctype_graph($text) - { - $text = self::convert_int_to_char_for_ctype($text, __FUNCTION__); - - return \is_string($text) && '' !== $text && !preg_match('/[^!-~]/', $text); - } - - /** - * Returns TRUE if every character in text is a lowercase letter. - * - * @see https://php.net/ctype-lower - * - * @param mixed $text - * - * @return bool - */ - public static function ctype_lower($text) - { - $text = self::convert_int_to_char_for_ctype($text, __FUNCTION__); - - return \is_string($text) && '' !== $text && !preg_match('/[^a-z]/', $text); - } - - /** - * Returns TRUE if every character in text will actually create output (including blanks). Returns FALSE if text contains control characters or characters that do not have any output or control function at all. - * - * @see https://php.net/ctype-print - * - * @param mixed $text - * - * @return bool - */ - public static function ctype_print($text) - { - $text = self::convert_int_to_char_for_ctype($text, __FUNCTION__); - - return \is_string($text) && '' !== $text && !preg_match('/[^ -~]/', $text); - } - - /** - * Returns TRUE if every character in text is printable, but neither letter, digit or blank, FALSE otherwise. - * - * @see https://php.net/ctype-punct - * - * @param mixed $text - * - * @return bool - */ - public static function ctype_punct($text) - { - $text = self::convert_int_to_char_for_ctype($text, __FUNCTION__); - - return \is_string($text) && '' !== $text && !preg_match('/[^!-\/\:-@\[-`\{-~]/', $text); - } - - /** - * Returns TRUE if every character in text creates some sort of white space, FALSE otherwise. Besides the blank character this also includes tab, vertical tab, line feed, carriage return and form feed characters. - * - * @see https://php.net/ctype-space - * - * @param mixed $text - * - * @return bool - */ - public static function ctype_space($text) - { - $text = self::convert_int_to_char_for_ctype($text, __FUNCTION__); - - return \is_string($text) && '' !== $text && !preg_match('/[^\s]/', $text); - } - - /** - * Returns TRUE if every character in text is an uppercase letter. - * - * @see https://php.net/ctype-upper - * - * @param mixed $text - * - * @return bool - */ - public static function ctype_upper($text) - { - $text = self::convert_int_to_char_for_ctype($text, __FUNCTION__); - - return \is_string($text) && '' !== $text && !preg_match('/[^A-Z]/', $text); - } - - /** - * Returns TRUE if every character in text is a hexadecimal 'digit', that is a decimal digit or a character from [A-Fa-f] , FALSE otherwise. - * - * @see https://php.net/ctype-xdigit - * - * @param mixed $text - * - * @return bool - */ - public static function ctype_xdigit($text) - { - $text = self::convert_int_to_char_for_ctype($text, __FUNCTION__); - - return \is_string($text) && '' !== $text && !preg_match('/[^A-Fa-f0-9]/', $text); - } - - /** - * Converts integers to their char versions according to normal ctype behaviour, if needed. - * - * If an integer between -128 and 255 inclusive is provided, - * it is interpreted as the ASCII value of a single character - * (negative values have 256 added in order to allow characters in the Extended ASCII range). - * Any other integer is interpreted as a string containing the decimal digits of the integer. - * - * @param mixed $int - * @param string $function - * - * @return mixed - */ - private static function convert_int_to_char_for_ctype($int, $function) - { - if (!\is_int($int)) { - return $int; - } - - if ($int < -128 || $int > 255) { - return (string) $int; - } - - if (\PHP_VERSION_ID >= 80100) { - @trigger_error($function.'(): Argument of type int will be interpreted as string in the future', \E_USER_DEPRECATED); - } - - if ($int < 0) { - $int += 256; - } - - return \chr($int); - } -} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/LICENSE b/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/LICENSE deleted file mode 100644 index 7536cae..0000000 --- a/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/LICENSE +++ /dev/null @@ -1,19 +0,0 @@ -Copyright (c) 2018-present Fabien Potencier - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is furnished -to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/README.md b/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/README.md deleted file mode 100644 index b144d03..0000000 --- a/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/README.md +++ /dev/null @@ -1,12 +0,0 @@ -Symfony Polyfill / Ctype -======================== - -This component provides `ctype_*` functions to users who run php versions without the ctype extension. - -More information can be found in the -[main Polyfill README](https://github.com/symfony/polyfill/blob/main/README.md). - -License -======= - -This library is released under the [MIT license](LICENSE). diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/bootstrap.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/bootstrap.php deleted file mode 100644 index d54524b..0000000 --- a/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/bootstrap.php +++ /dev/null @@ -1,50 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -use Symfony\Polyfill\Ctype as p; - -if (\PHP_VERSION_ID >= 80000) { - return require __DIR__.'/bootstrap80.php'; -} - -if (!function_exists('ctype_alnum')) { - function ctype_alnum($text) { return p\Ctype::ctype_alnum($text); } -} -if (!function_exists('ctype_alpha')) { - function ctype_alpha($text) { return p\Ctype::ctype_alpha($text); } -} -if (!function_exists('ctype_cntrl')) { - function ctype_cntrl($text) { return p\Ctype::ctype_cntrl($text); } -} -if (!function_exists('ctype_digit')) { - function ctype_digit($text) { return p\Ctype::ctype_digit($text); } -} -if (!function_exists('ctype_graph')) { - function ctype_graph($text) { return p\Ctype::ctype_graph($text); } -} -if (!function_exists('ctype_lower')) { - function ctype_lower($text) { return p\Ctype::ctype_lower($text); } -} -if (!function_exists('ctype_print')) { - function ctype_print($text) { return p\Ctype::ctype_print($text); } -} -if (!function_exists('ctype_punct')) { - function ctype_punct($text) { return p\Ctype::ctype_punct($text); } -} -if (!function_exists('ctype_space')) { - function ctype_space($text) { return p\Ctype::ctype_space($text); } -} -if (!function_exists('ctype_upper')) { - function ctype_upper($text) { return p\Ctype::ctype_upper($text); } -} -if (!function_exists('ctype_xdigit')) { - function ctype_xdigit($text) { return p\Ctype::ctype_xdigit($text); } -} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/bootstrap80.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/bootstrap80.php deleted file mode 100644 index ab2f861..0000000 --- a/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/bootstrap80.php +++ /dev/null @@ -1,46 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -use Symfony\Polyfill\Ctype as p; - -if (!function_exists('ctype_alnum')) { - function ctype_alnum(mixed $text): bool { return p\Ctype::ctype_alnum($text); } -} -if (!function_exists('ctype_alpha')) { - function ctype_alpha(mixed $text): bool { return p\Ctype::ctype_alpha($text); } -} -if (!function_exists('ctype_cntrl')) { - function ctype_cntrl(mixed $text): bool { return p\Ctype::ctype_cntrl($text); } -} -if (!function_exists('ctype_digit')) { - function ctype_digit(mixed $text): bool { return p\Ctype::ctype_digit($text); } -} -if (!function_exists('ctype_graph')) { - function ctype_graph(mixed $text): bool { return p\Ctype::ctype_graph($text); } -} -if (!function_exists('ctype_lower')) { - function ctype_lower(mixed $text): bool { return p\Ctype::ctype_lower($text); } -} -if (!function_exists('ctype_print')) { - function ctype_print(mixed $text): bool { return p\Ctype::ctype_print($text); } -} -if (!function_exists('ctype_punct')) { - function ctype_punct(mixed $text): bool { return p\Ctype::ctype_punct($text); } -} -if (!function_exists('ctype_space')) { - function ctype_space(mixed $text): bool { return p\Ctype::ctype_space($text); } -} -if (!function_exists('ctype_upper')) { - function ctype_upper(mixed $text): bool { return p\Ctype::ctype_upper($text); } -} -if (!function_exists('ctype_xdigit')) { - function ctype_xdigit(mixed $text): bool { return p\Ctype::ctype_xdigit($text); } -} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/composer.json b/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/composer.json deleted file mode 100644 index e5c978f..0000000 --- a/utilities/signing_and_verification/php/vendor/symfony/polyfill-ctype/composer.json +++ /dev/null @@ -1,41 +0,0 @@ -{ - "name": "symfony/polyfill-ctype", - "type": "library", - "description": "Symfony polyfill for ctype functions", - "keywords": ["polyfill", "compatibility", "portable", "ctype"], - "homepage": "https://symfony.com", - "license": "MIT", - "authors": [ - { - "name": "Gert de Pagter", - "email": "BackEndTea@gmail.com" - }, - { - "name": "Symfony Community", - "homepage": "https://symfony.com/contributors" - } - ], - "require": { - "php": ">=7.1" - }, - "provide": { - "ext-ctype": "*" - }, - "autoload": { - "psr-4": { "Symfony\\Polyfill\\Ctype\\": "" }, - "files": [ "bootstrap.php" ] - }, - "suggest": { - "ext-ctype": "For best performance" - }, - "minimum-stability": "dev", - "extra": { - "branch-alias": { - "dev-main": "1.28-dev" - }, - "thanks": { - "name": "symfony/polyfill", - "url": "https://github.com/symfony/polyfill" - } - } -} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/LICENSE b/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/LICENSE deleted file mode 100644 index 6e3afce..0000000 --- a/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/LICENSE +++ /dev/null @@ -1,19 +0,0 @@ -Copyright (c) 2015-present Fabien Potencier - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is furnished -to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Mbstring.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Mbstring.php deleted file mode 100644 index 2e0b969..0000000 --- a/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Mbstring.php +++ /dev/null @@ -1,947 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Polyfill\Mbstring; - -/** - * Partial mbstring implementation in PHP, iconv based, UTF-8 centric. - * - * Implemented: - * - mb_chr - Returns a specific character from its Unicode code point - * - mb_convert_encoding - Convert character encoding - * - mb_convert_variables - Convert character code in variable(s) - * - mb_decode_mimeheader - Decode string in MIME header field - * - mb_encode_mimeheader - Encode string for MIME header XXX NATIVE IMPLEMENTATION IS REALLY BUGGED - * - mb_decode_numericentity - Decode HTML numeric string reference to character - * - mb_encode_numericentity - Encode character to HTML numeric string reference - * - mb_convert_case - Perform case folding on a string - * - mb_detect_encoding - Detect character encoding - * - mb_get_info - Get internal settings of mbstring - * - mb_http_input - Detect HTTP input character encoding - * - mb_http_output - Set/Get HTTP output character encoding - * - mb_internal_encoding - Set/Get internal character encoding - * - mb_list_encodings - Returns an array of all supported encodings - * - mb_ord - Returns the Unicode code point of a character - * - mb_output_handler - Callback function converts character encoding in output buffer - * - mb_scrub - Replaces ill-formed byte sequences with substitute characters - * - mb_strlen - Get string length - * - mb_strpos - Find position of first occurrence of string in a string - * - mb_strrpos - Find position of last occurrence of a string in a string - * - mb_str_split - Convert a string to an array - * - mb_strtolower - Make a string lowercase - * - mb_strtoupper - Make a string uppercase - * - mb_substitute_character - Set/Get substitution character - * - mb_substr - Get part of string - * - mb_stripos - Finds position of first occurrence of a string within another, case insensitive - * - mb_stristr - Finds first occurrence of a string within another, case insensitive - * - mb_strrchr - Finds the last occurrence of a character in a string within another - * - mb_strrichr - Finds the last occurrence of a character in a string within another, case insensitive - * - mb_strripos - Finds position of last occurrence of a string within another, case insensitive - * - mb_strstr - Finds first occurrence of a string within another - * - mb_strwidth - Return width of string - * - mb_substr_count - Count the number of substring occurrences - * - * Not implemented: - * - mb_convert_kana - Convert "kana" one from another ("zen-kaku", "han-kaku" and more) - * - mb_ereg_* - Regular expression with multibyte support - * - mb_parse_str - Parse GET/POST/COOKIE data and set global variable - * - mb_preferred_mime_name - Get MIME charset string - * - mb_regex_encoding - Returns current encoding for multibyte regex as string - * - mb_regex_set_options - Set/Get the default options for mbregex functions - * - mb_send_mail - Send encoded mail - * - mb_split - Split multibyte string using regular expression - * - mb_strcut - Get part of string - * - mb_strimwidth - Get truncated string with specified width - * - * @author Nicolas Grekas - * - * @internal - */ -final class Mbstring -{ - public const MB_CASE_FOLD = \PHP_INT_MAX; - - private const SIMPLE_CASE_FOLD = [ - ['µ', 'ſ', "\xCD\x85", 'ς', "\xCF\x90", "\xCF\x91", "\xCF\x95", "\xCF\x96", "\xCF\xB0", "\xCF\xB1", "\xCF\xB5", "\xE1\xBA\x9B", "\xE1\xBE\xBE"], - ['μ', 's', 'ι', 'σ', 'β', 'θ', 'φ', 'π', 'κ', 'ρ', 'ε', "\xE1\xB9\xA1", 'ι'], - ]; - - private static $encodingList = ['ASCII', 'UTF-8']; - private static $language = 'neutral'; - private static $internalEncoding = 'UTF-8'; - - public static function mb_convert_encoding($s, $toEncoding, $fromEncoding = null) - { - if (\is_array($fromEncoding) || (null !== $fromEncoding && false !== strpos($fromEncoding, ','))) { - $fromEncoding = self::mb_detect_encoding($s, $fromEncoding); - } else { - $fromEncoding = self::getEncoding($fromEncoding); - } - - $toEncoding = self::getEncoding($toEncoding); - - if ('BASE64' === $fromEncoding) { - $s = base64_decode($s); - $fromEncoding = $toEncoding; - } - - if ('BASE64' === $toEncoding) { - return base64_encode($s); - } - - if ('HTML-ENTITIES' === $toEncoding || 'HTML' === $toEncoding) { - if ('HTML-ENTITIES' === $fromEncoding || 'HTML' === $fromEncoding) { - $fromEncoding = 'Windows-1252'; - } - if ('UTF-8' !== $fromEncoding) { - $s = iconv($fromEncoding, 'UTF-8//IGNORE', $s); - } - - return preg_replace_callback('/[\x80-\xFF]+/', [__CLASS__, 'html_encoding_callback'], $s); - } - - if ('HTML-ENTITIES' === $fromEncoding) { - $s = html_entity_decode($s, \ENT_COMPAT, 'UTF-8'); - $fromEncoding = 'UTF-8'; - } - - return iconv($fromEncoding, $toEncoding.'//IGNORE', $s); - } - - public static function mb_convert_variables($toEncoding, $fromEncoding, &...$vars) - { - $ok = true; - array_walk_recursive($vars, function (&$v) use (&$ok, $toEncoding, $fromEncoding) { - if (false === $v = self::mb_convert_encoding($v, $toEncoding, $fromEncoding)) { - $ok = false; - } - }); - - return $ok ? $fromEncoding : false; - } - - public static function mb_decode_mimeheader($s) - { - return iconv_mime_decode($s, 2, self::$internalEncoding); - } - - public static function mb_encode_mimeheader($s, $charset = null, $transferEncoding = null, $linefeed = null, $indent = null) - { - trigger_error('mb_encode_mimeheader() is bugged. Please use iconv_mime_encode() instead', \E_USER_WARNING); - } - - public static function mb_decode_numericentity($s, $convmap, $encoding = null) - { - if (null !== $s && !\is_scalar($s) && !(\is_object($s) && method_exists($s, '__toString'))) { - trigger_error('mb_decode_numericentity() expects parameter 1 to be string, '.\gettype($s).' given', \E_USER_WARNING); - - return null; - } - - if (!\is_array($convmap) || (80000 > \PHP_VERSION_ID && !$convmap)) { - return false; - } - - if (null !== $encoding && !\is_scalar($encoding)) { - trigger_error('mb_decode_numericentity() expects parameter 3 to be string, '.\gettype($s).' given', \E_USER_WARNING); - - return ''; // Instead of null (cf. mb_encode_numericentity). - } - - $s = (string) $s; - if ('' === $s) { - return ''; - } - - $encoding = self::getEncoding($encoding); - - if ('UTF-8' === $encoding) { - $encoding = null; - if (!preg_match('//u', $s)) { - $s = @iconv('UTF-8', 'UTF-8//IGNORE', $s); - } - } else { - $s = iconv($encoding, 'UTF-8//IGNORE', $s); - } - - $cnt = floor(\count($convmap) / 4) * 4; - - for ($i = 0; $i < $cnt; $i += 4) { - // collector_decode_htmlnumericentity ignores $convmap[$i + 3] - $convmap[$i] += $convmap[$i + 2]; - $convmap[$i + 1] += $convmap[$i + 2]; - } - - $s = preg_replace_callback('/&#(?:0*([0-9]+)|x0*([0-9a-fA-F]+))(?!&);?/', function (array $m) use ($cnt, $convmap) { - $c = isset($m[2]) ? (int) hexdec($m[2]) : $m[1]; - for ($i = 0; $i < $cnt; $i += 4) { - if ($c >= $convmap[$i] && $c <= $convmap[$i + 1]) { - return self::mb_chr($c - $convmap[$i + 2]); - } - } - - return $m[0]; - }, $s); - - if (null === $encoding) { - return $s; - } - - return iconv('UTF-8', $encoding.'//IGNORE', $s); - } - - public static function mb_encode_numericentity($s, $convmap, $encoding = null, $is_hex = false) - { - if (null !== $s && !\is_scalar($s) && !(\is_object($s) && method_exists($s, '__toString'))) { - trigger_error('mb_encode_numericentity() expects parameter 1 to be string, '.\gettype($s).' given', \E_USER_WARNING); - - return null; - } - - if (!\is_array($convmap) || (80000 > \PHP_VERSION_ID && !$convmap)) { - return false; - } - - if (null !== $encoding && !\is_scalar($encoding)) { - trigger_error('mb_encode_numericentity() expects parameter 3 to be string, '.\gettype($s).' given', \E_USER_WARNING); - - return null; // Instead of '' (cf. mb_decode_numericentity). - } - - if (null !== $is_hex && !\is_scalar($is_hex)) { - trigger_error('mb_encode_numericentity() expects parameter 4 to be boolean, '.\gettype($s).' given', \E_USER_WARNING); - - return null; - } - - $s = (string) $s; - if ('' === $s) { - return ''; - } - - $encoding = self::getEncoding($encoding); - - if ('UTF-8' === $encoding) { - $encoding = null; - if (!preg_match('//u', $s)) { - $s = @iconv('UTF-8', 'UTF-8//IGNORE', $s); - } - } else { - $s = iconv($encoding, 'UTF-8//IGNORE', $s); - } - - static $ulenMask = ["\xC0" => 2, "\xD0" => 2, "\xE0" => 3, "\xF0" => 4]; - - $cnt = floor(\count($convmap) / 4) * 4; - $i = 0; - $len = \strlen($s); - $result = ''; - - while ($i < $len) { - $ulen = $s[$i] < "\x80" ? 1 : $ulenMask[$s[$i] & "\xF0"]; - $uchr = substr($s, $i, $ulen); - $i += $ulen; - $c = self::mb_ord($uchr); - - for ($j = 0; $j < $cnt; $j += 4) { - if ($c >= $convmap[$j] && $c <= $convmap[$j + 1]) { - $cOffset = ($c + $convmap[$j + 2]) & $convmap[$j + 3]; - $result .= $is_hex ? sprintf('&#x%X;', $cOffset) : '&#'.$cOffset.';'; - continue 2; - } - } - $result .= $uchr; - } - - if (null === $encoding) { - return $result; - } - - return iconv('UTF-8', $encoding.'//IGNORE', $result); - } - - public static function mb_convert_case($s, $mode, $encoding = null) - { - $s = (string) $s; - if ('' === $s) { - return ''; - } - - $encoding = self::getEncoding($encoding); - - if ('UTF-8' === $encoding) { - $encoding = null; - if (!preg_match('//u', $s)) { - $s = @iconv('UTF-8', 'UTF-8//IGNORE', $s); - } - } else { - $s = iconv($encoding, 'UTF-8//IGNORE', $s); - } - - if (\MB_CASE_TITLE == $mode) { - static $titleRegexp = null; - if (null === $titleRegexp) { - $titleRegexp = self::getData('titleCaseRegexp'); - } - $s = preg_replace_callback($titleRegexp, [__CLASS__, 'title_case'], $s); - } else { - if (\MB_CASE_UPPER == $mode) { - static $upper = null; - if (null === $upper) { - $upper = self::getData('upperCase'); - } - $map = $upper; - } else { - if (self::MB_CASE_FOLD === $mode) { - static $caseFolding = null; - if (null === $caseFolding) { - $caseFolding = self::getData('caseFolding'); - } - $s = strtr($s, $caseFolding); - } - - static $lower = null; - if (null === $lower) { - $lower = self::getData('lowerCase'); - } - $map = $lower; - } - - static $ulenMask = ["\xC0" => 2, "\xD0" => 2, "\xE0" => 3, "\xF0" => 4]; - - $i = 0; - $len = \strlen($s); - - while ($i < $len) { - $ulen = $s[$i] < "\x80" ? 1 : $ulenMask[$s[$i] & "\xF0"]; - $uchr = substr($s, $i, $ulen); - $i += $ulen; - - if (isset($map[$uchr])) { - $uchr = $map[$uchr]; - $nlen = \strlen($uchr); - - if ($nlen == $ulen) { - $nlen = $i; - do { - $s[--$nlen] = $uchr[--$ulen]; - } while ($ulen); - } else { - $s = substr_replace($s, $uchr, $i - $ulen, $ulen); - $len += $nlen - $ulen; - $i += $nlen - $ulen; - } - } - } - } - - if (null === $encoding) { - return $s; - } - - return iconv('UTF-8', $encoding.'//IGNORE', $s); - } - - public static function mb_internal_encoding($encoding = null) - { - if (null === $encoding) { - return self::$internalEncoding; - } - - $normalizedEncoding = self::getEncoding($encoding); - - if ('UTF-8' === $normalizedEncoding || false !== @iconv($normalizedEncoding, $normalizedEncoding, ' ')) { - self::$internalEncoding = $normalizedEncoding; - - return true; - } - - if (80000 > \PHP_VERSION_ID) { - return false; - } - - throw new \ValueError(sprintf('Argument #1 ($encoding) must be a valid encoding, "%s" given', $encoding)); - } - - public static function mb_language($lang = null) - { - if (null === $lang) { - return self::$language; - } - - switch ($normalizedLang = strtolower($lang)) { - case 'uni': - case 'neutral': - self::$language = $normalizedLang; - - return true; - } - - if (80000 > \PHP_VERSION_ID) { - return false; - } - - throw new \ValueError(sprintf('Argument #1 ($language) must be a valid language, "%s" given', $lang)); - } - - public static function mb_list_encodings() - { - return ['UTF-8']; - } - - public static function mb_encoding_aliases($encoding) - { - switch (strtoupper($encoding)) { - case 'UTF8': - case 'UTF-8': - return ['utf8']; - } - - return false; - } - - public static function mb_check_encoding($var = null, $encoding = null) - { - if (PHP_VERSION_ID < 70200 && \is_array($var)) { - trigger_error('mb_check_encoding() expects parameter 1 to be string, array given', \E_USER_WARNING); - - return null; - } - - if (null === $encoding) { - if (null === $var) { - return false; - } - $encoding = self::$internalEncoding; - } - - if (!\is_array($var)) { - return self::mb_detect_encoding($var, [$encoding]) || false !== @iconv($encoding, $encoding, $var); - } - - foreach ($var as $key => $value) { - if (!self::mb_check_encoding($key, $encoding)) { - return false; - } - if (!self::mb_check_encoding($value, $encoding)) { - return false; - } - } - - return true; - - } - - public static function mb_detect_encoding($str, $encodingList = null, $strict = false) - { - if (null === $encodingList) { - $encodingList = self::$encodingList; - } else { - if (!\is_array($encodingList)) { - $encodingList = array_map('trim', explode(',', $encodingList)); - } - $encodingList = array_map('strtoupper', $encodingList); - } - - foreach ($encodingList as $enc) { - switch ($enc) { - case 'ASCII': - if (!preg_match('/[\x80-\xFF]/', $str)) { - return $enc; - } - break; - - case 'UTF8': - case 'UTF-8': - if (preg_match('//u', $str)) { - return 'UTF-8'; - } - break; - - default: - if (0 === strncmp($enc, 'ISO-8859-', 9)) { - return $enc; - } - } - } - - return false; - } - - public static function mb_detect_order($encodingList = null) - { - if (null === $encodingList) { - return self::$encodingList; - } - - if (!\is_array($encodingList)) { - $encodingList = array_map('trim', explode(',', $encodingList)); - } - $encodingList = array_map('strtoupper', $encodingList); - - foreach ($encodingList as $enc) { - switch ($enc) { - default: - if (strncmp($enc, 'ISO-8859-', 9)) { - return false; - } - // no break - case 'ASCII': - case 'UTF8': - case 'UTF-8': - } - } - - self::$encodingList = $encodingList; - - return true; - } - - public static function mb_strlen($s, $encoding = null) - { - $encoding = self::getEncoding($encoding); - if ('CP850' === $encoding || 'ASCII' === $encoding) { - return \strlen($s); - } - - return @iconv_strlen($s, $encoding); - } - - public static function mb_strpos($haystack, $needle, $offset = 0, $encoding = null) - { - $encoding = self::getEncoding($encoding); - if ('CP850' === $encoding || 'ASCII' === $encoding) { - return strpos($haystack, $needle, $offset); - } - - $needle = (string) $needle; - if ('' === $needle) { - if (80000 > \PHP_VERSION_ID) { - trigger_error(__METHOD__.': Empty delimiter', \E_USER_WARNING); - - return false; - } - - return 0; - } - - return iconv_strpos($haystack, $needle, $offset, $encoding); - } - - public static function mb_strrpos($haystack, $needle, $offset = 0, $encoding = null) - { - $encoding = self::getEncoding($encoding); - if ('CP850' === $encoding || 'ASCII' === $encoding) { - return strrpos($haystack, $needle, $offset); - } - - if ($offset != (int) $offset) { - $offset = 0; - } elseif ($offset = (int) $offset) { - if ($offset < 0) { - if (0 > $offset += self::mb_strlen($needle)) { - $haystack = self::mb_substr($haystack, 0, $offset, $encoding); - } - $offset = 0; - } else { - $haystack = self::mb_substr($haystack, $offset, 2147483647, $encoding); - } - } - - $pos = '' !== $needle || 80000 > \PHP_VERSION_ID - ? iconv_strrpos($haystack, $needle, $encoding) - : self::mb_strlen($haystack, $encoding); - - return false !== $pos ? $offset + $pos : false; - } - - public static function mb_str_split($string, $split_length = 1, $encoding = null) - { - if (null !== $string && !\is_scalar($string) && !(\is_object($string) && method_exists($string, '__toString'))) { - trigger_error('mb_str_split() expects parameter 1 to be string, '.\gettype($string).' given', \E_USER_WARNING); - - return null; - } - - if (1 > $split_length = (int) $split_length) { - if (80000 > \PHP_VERSION_ID) { - trigger_error('The length of each segment must be greater than zero', \E_USER_WARNING); - - return false; - } - - throw new \ValueError('Argument #2 ($length) must be greater than 0'); - } - - if (null === $encoding) { - $encoding = mb_internal_encoding(); - } - - if ('UTF-8' === $encoding = self::getEncoding($encoding)) { - $rx = '/('; - while (65535 < $split_length) { - $rx .= '.{65535}'; - $split_length -= 65535; - } - $rx .= '.{'.$split_length.'})/us'; - - return preg_split($rx, $string, -1, \PREG_SPLIT_DELIM_CAPTURE | \PREG_SPLIT_NO_EMPTY); - } - - $result = []; - $length = mb_strlen($string, $encoding); - - for ($i = 0; $i < $length; $i += $split_length) { - $result[] = mb_substr($string, $i, $split_length, $encoding); - } - - return $result; - } - - public static function mb_strtolower($s, $encoding = null) - { - return self::mb_convert_case($s, \MB_CASE_LOWER, $encoding); - } - - public static function mb_strtoupper($s, $encoding = null) - { - return self::mb_convert_case($s, \MB_CASE_UPPER, $encoding); - } - - public static function mb_substitute_character($c = null) - { - if (null === $c) { - return 'none'; - } - if (0 === strcasecmp($c, 'none')) { - return true; - } - if (80000 > \PHP_VERSION_ID) { - return false; - } - if (\is_int($c) || 'long' === $c || 'entity' === $c) { - return false; - } - - throw new \ValueError('Argument #1 ($substitute_character) must be "none", "long", "entity" or a valid codepoint'); - } - - public static function mb_substr($s, $start, $length = null, $encoding = null) - { - $encoding = self::getEncoding($encoding); - if ('CP850' === $encoding || 'ASCII' === $encoding) { - return (string) substr($s, $start, null === $length ? 2147483647 : $length); - } - - if ($start < 0) { - $start = iconv_strlen($s, $encoding) + $start; - if ($start < 0) { - $start = 0; - } - } - - if (null === $length) { - $length = 2147483647; - } elseif ($length < 0) { - $length = iconv_strlen($s, $encoding) + $length - $start; - if ($length < 0) { - return ''; - } - } - - return (string) iconv_substr($s, $start, $length, $encoding); - } - - public static function mb_stripos($haystack, $needle, $offset = 0, $encoding = null) - { - [$haystack, $needle] = str_replace(self::SIMPLE_CASE_FOLD[0], self::SIMPLE_CASE_FOLD[1], [ - self::mb_convert_case($haystack, \MB_CASE_LOWER, $encoding), - self::mb_convert_case($needle, \MB_CASE_LOWER, $encoding), - ]); - - return self::mb_strpos($haystack, $needle, $offset, $encoding); - } - - public static function mb_stristr($haystack, $needle, $part = false, $encoding = null) - { - $pos = self::mb_stripos($haystack, $needle, 0, $encoding); - - return self::getSubpart($pos, $part, $haystack, $encoding); - } - - public static function mb_strrchr($haystack, $needle, $part = false, $encoding = null) - { - $encoding = self::getEncoding($encoding); - if ('CP850' === $encoding || 'ASCII' === $encoding) { - $pos = strrpos($haystack, $needle); - } else { - $needle = self::mb_substr($needle, 0, 1, $encoding); - $pos = iconv_strrpos($haystack, $needle, $encoding); - } - - return self::getSubpart($pos, $part, $haystack, $encoding); - } - - public static function mb_strrichr($haystack, $needle, $part = false, $encoding = null) - { - $needle = self::mb_substr($needle, 0, 1, $encoding); - $pos = self::mb_strripos($haystack, $needle, $encoding); - - return self::getSubpart($pos, $part, $haystack, $encoding); - } - - public static function mb_strripos($haystack, $needle, $offset = 0, $encoding = null) - { - $haystack = self::mb_convert_case($haystack, \MB_CASE_LOWER, $encoding); - $needle = self::mb_convert_case($needle, \MB_CASE_LOWER, $encoding); - - $haystack = str_replace(self::SIMPLE_CASE_FOLD[0], self::SIMPLE_CASE_FOLD[1], $haystack); - $needle = str_replace(self::SIMPLE_CASE_FOLD[0], self::SIMPLE_CASE_FOLD[1], $needle); - - return self::mb_strrpos($haystack, $needle, $offset, $encoding); - } - - public static function mb_strstr($haystack, $needle, $part = false, $encoding = null) - { - $pos = strpos($haystack, $needle); - if (false === $pos) { - return false; - } - if ($part) { - return substr($haystack, 0, $pos); - } - - return substr($haystack, $pos); - } - - public static function mb_get_info($type = 'all') - { - $info = [ - 'internal_encoding' => self::$internalEncoding, - 'http_output' => 'pass', - 'http_output_conv_mimetypes' => '^(text/|application/xhtml\+xml)', - 'func_overload' => 0, - 'func_overload_list' => 'no overload', - 'mail_charset' => 'UTF-8', - 'mail_header_encoding' => 'BASE64', - 'mail_body_encoding' => 'BASE64', - 'illegal_chars' => 0, - 'encoding_translation' => 'Off', - 'language' => self::$language, - 'detect_order' => self::$encodingList, - 'substitute_character' => 'none', - 'strict_detection' => 'Off', - ]; - - if ('all' === $type) { - return $info; - } - if (isset($info[$type])) { - return $info[$type]; - } - - return false; - } - - public static function mb_http_input($type = '') - { - return false; - } - - public static function mb_http_output($encoding = null) - { - return null !== $encoding ? 'pass' === $encoding : 'pass'; - } - - public static function mb_strwidth($s, $encoding = null) - { - $encoding = self::getEncoding($encoding); - - if ('UTF-8' !== $encoding) { - $s = iconv($encoding, 'UTF-8//IGNORE', $s); - } - - $s = preg_replace('/[\x{1100}-\x{115F}\x{2329}\x{232A}\x{2E80}-\x{303E}\x{3040}-\x{A4CF}\x{AC00}-\x{D7A3}\x{F900}-\x{FAFF}\x{FE10}-\x{FE19}\x{FE30}-\x{FE6F}\x{FF00}-\x{FF60}\x{FFE0}-\x{FFE6}\x{20000}-\x{2FFFD}\x{30000}-\x{3FFFD}]/u', '', $s, -1, $wide); - - return ($wide << 1) + iconv_strlen($s, 'UTF-8'); - } - - public static function mb_substr_count($haystack, $needle, $encoding = null) - { - return substr_count($haystack, $needle); - } - - public static function mb_output_handler($contents, $status) - { - return $contents; - } - - public static function mb_chr($code, $encoding = null) - { - if (0x80 > $code %= 0x200000) { - $s = \chr($code); - } elseif (0x800 > $code) { - $s = \chr(0xC0 | $code >> 6).\chr(0x80 | $code & 0x3F); - } elseif (0x10000 > $code) { - $s = \chr(0xE0 | $code >> 12).\chr(0x80 | $code >> 6 & 0x3F).\chr(0x80 | $code & 0x3F); - } else { - $s = \chr(0xF0 | $code >> 18).\chr(0x80 | $code >> 12 & 0x3F).\chr(0x80 | $code >> 6 & 0x3F).\chr(0x80 | $code & 0x3F); - } - - if ('UTF-8' !== $encoding = self::getEncoding($encoding)) { - $s = mb_convert_encoding($s, $encoding, 'UTF-8'); - } - - return $s; - } - - public static function mb_ord($s, $encoding = null) - { - if ('UTF-8' !== $encoding = self::getEncoding($encoding)) { - $s = mb_convert_encoding($s, 'UTF-8', $encoding); - } - - if (1 === \strlen($s)) { - return \ord($s); - } - - $code = ($s = unpack('C*', substr($s, 0, 4))) ? $s[1] : 0; - if (0xF0 <= $code) { - return (($code - 0xF0) << 18) + (($s[2] - 0x80) << 12) + (($s[3] - 0x80) << 6) + $s[4] - 0x80; - } - if (0xE0 <= $code) { - return (($code - 0xE0) << 12) + (($s[2] - 0x80) << 6) + $s[3] - 0x80; - } - if (0xC0 <= $code) { - return (($code - 0xC0) << 6) + $s[2] - 0x80; - } - - return $code; - } - - public static function mb_str_pad(string $string, int $length, string $pad_string = ' ', int $pad_type = \STR_PAD_RIGHT, string $encoding = null): string - { - if (!\in_array($pad_type, [\STR_PAD_RIGHT, \STR_PAD_LEFT, \STR_PAD_BOTH], true)) { - throw new \ValueError('mb_str_pad(): Argument #4 ($pad_type) must be STR_PAD_LEFT, STR_PAD_RIGHT, or STR_PAD_BOTH'); - } - - if (null === $encoding) { - $encoding = self::mb_internal_encoding(); - } - - try { - $validEncoding = @self::mb_check_encoding('', $encoding); - } catch (\ValueError $e) { - throw new \ValueError(sprintf('mb_str_pad(): Argument #5 ($encoding) must be a valid encoding, "%s" given', $encoding)); - } - - // BC for PHP 7.3 and lower - if (!$validEncoding) { - throw new \ValueError(sprintf('mb_str_pad(): Argument #5 ($encoding) must be a valid encoding, "%s" given', $encoding)); - } - - if (self::mb_strlen($pad_string, $encoding) <= 0) { - throw new \ValueError('mb_str_pad(): Argument #3 ($pad_string) must be a non-empty string'); - } - - $paddingRequired = $length - self::mb_strlen($string, $encoding); - - if ($paddingRequired < 1) { - return $string; - } - - switch ($pad_type) { - case \STR_PAD_LEFT: - return self::mb_substr(str_repeat($pad_string, $paddingRequired), 0, $paddingRequired, $encoding).$string; - case \STR_PAD_RIGHT: - return $string.self::mb_substr(str_repeat($pad_string, $paddingRequired), 0, $paddingRequired, $encoding); - default: - $leftPaddingLength = floor($paddingRequired / 2); - $rightPaddingLength = $paddingRequired - $leftPaddingLength; - - return self::mb_substr(str_repeat($pad_string, $leftPaddingLength), 0, $leftPaddingLength, $encoding).$string.self::mb_substr(str_repeat($pad_string, $rightPaddingLength), 0, $rightPaddingLength, $encoding); - } - } - - private static function getSubpart($pos, $part, $haystack, $encoding) - { - if (false === $pos) { - return false; - } - if ($part) { - return self::mb_substr($haystack, 0, $pos, $encoding); - } - - return self::mb_substr($haystack, $pos, null, $encoding); - } - - private static function html_encoding_callback(array $m) - { - $i = 1; - $entities = ''; - $m = unpack('C*', htmlentities($m[0], \ENT_COMPAT, 'UTF-8')); - - while (isset($m[$i])) { - if (0x80 > $m[$i]) { - $entities .= \chr($m[$i++]); - continue; - } - if (0xF0 <= $m[$i]) { - $c = (($m[$i++] - 0xF0) << 18) + (($m[$i++] - 0x80) << 12) + (($m[$i++] - 0x80) << 6) + $m[$i++] - 0x80; - } elseif (0xE0 <= $m[$i]) { - $c = (($m[$i++] - 0xE0) << 12) + (($m[$i++] - 0x80) << 6) + $m[$i++] - 0x80; - } else { - $c = (($m[$i++] - 0xC0) << 6) + $m[$i++] - 0x80; - } - - $entities .= '&#'.$c.';'; - } - - return $entities; - } - - private static function title_case(array $s) - { - return self::mb_convert_case($s[1], \MB_CASE_UPPER, 'UTF-8').self::mb_convert_case($s[2], \MB_CASE_LOWER, 'UTF-8'); - } - - private static function getData($file) - { - if (file_exists($file = __DIR__.'/Resources/unidata/'.$file.'.php')) { - return require $file; - } - - return false; - } - - private static function getEncoding($encoding) - { - if (null === $encoding) { - return self::$internalEncoding; - } - - if ('UTF-8' === $encoding) { - return 'UTF-8'; - } - - $encoding = strtoupper($encoding); - - if ('8BIT' === $encoding || 'BINARY' === $encoding) { - return 'CP850'; - } - - if ('UTF8' === $encoding) { - return 'UTF-8'; - } - - return $encoding; - } -} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/README.md b/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/README.md deleted file mode 100644 index 478b40d..0000000 --- a/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/README.md +++ /dev/null @@ -1,13 +0,0 @@ -Symfony Polyfill / Mbstring -=========================== - -This component provides a partial, native PHP implementation for the -[Mbstring](https://php.net/mbstring) extension. - -More information can be found in the -[main Polyfill README](https://github.com/symfony/polyfill/blob/main/README.md). - -License -======= - -This library is released under the [MIT license](LICENSE). diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Resources/unidata/caseFolding.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Resources/unidata/caseFolding.php deleted file mode 100644 index 512bba0..0000000 --- a/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Resources/unidata/caseFolding.php +++ /dev/null @@ -1,119 +0,0 @@ - 'i̇', - 'µ' => 'μ', - 'ſ' => 's', - 'ͅ' => 'ι', - 'ς' => 'σ', - 'ϐ' => 'β', - 'ϑ' => 'θ', - 'ϕ' => 'φ', - 'ϖ' => 'π', - 'ϰ' => 'κ', - 'ϱ' => 'ρ', - 'ϵ' => 'ε', - 'ẛ' => 'ṡ', - 'ι' => 'ι', - 'ß' => 'ss', - 'ʼn' => 'ʼn', - 'ǰ' => 'ǰ', - 'ΐ' => 'ΐ', - 'ΰ' => 'ΰ', - 'և' => 'եւ', - 'ẖ' => 'ẖ', - 'ẗ' => 'ẗ', - 'ẘ' => 'ẘ', - 'ẙ' => 'ẙ', - 'ẚ' => 'aʾ', - 'ẞ' => 'ss', - 'ὐ' => 'ὐ', - 'ὒ' => 'ὒ', - 'ὔ' => 'ὔ', - 'ὖ' => 'ὖ', - 'ᾀ' => 'ἀι', - 'ᾁ' => 'ἁι', - 'ᾂ' => 'ἂι', - 'ᾃ' => 'ἃι', - 'ᾄ' => 'ἄι', - 'ᾅ' => 'ἅι', - 'ᾆ' => 'ἆι', - 'ᾇ' => 'ἇι', - 'ᾈ' => 'ἀι', - 'ᾉ' => 'ἁι', - 'ᾊ' => 'ἂι', - 'ᾋ' => 'ἃι', - 'ᾌ' => 'ἄι', - 'ᾍ' => 'ἅι', - 'ᾎ' => 'ἆι', - 'ᾏ' => 'ἇι', - 'ᾐ' => 'ἠι', - 'ᾑ' => 'ἡι', - 'ᾒ' => 'ἢι', - 'ᾓ' => 'ἣι', - 'ᾔ' => 'ἤι', - 'ᾕ' => 'ἥι', - 'ᾖ' => 'ἦι', - 'ᾗ' => 'ἧι', - 'ᾘ' => 'ἠι', - 'ᾙ' => 'ἡι', - 'ᾚ' => 'ἢι', - 'ᾛ' => 'ἣι', - 'ᾜ' => 'ἤι', - 'ᾝ' => 'ἥι', - 'ᾞ' => 'ἦι', - 'ᾟ' => 'ἧι', - 'ᾠ' => 'ὠι', - 'ᾡ' => 'ὡι', - 'ᾢ' => 'ὢι', - 'ᾣ' => 'ὣι', - 'ᾤ' => 'ὤι', - 'ᾥ' => 'ὥι', - 'ᾦ' => 'ὦι', - 'ᾧ' => 'ὧι', - 'ᾨ' => 'ὠι', - 'ᾩ' => 'ὡι', - 'ᾪ' => 'ὢι', - 'ᾫ' => 'ὣι', - 'ᾬ' => 'ὤι', - 'ᾭ' => 'ὥι', - 'ᾮ' => 'ὦι', - 'ᾯ' => 'ὧι', - 'ᾲ' => 'ὰι', - 'ᾳ' => 'αι', - 'ᾴ' => 'άι', - 'ᾶ' => 'ᾶ', - 'ᾷ' => 'ᾶι', - 'ᾼ' => 'αι', - 'ῂ' => 'ὴι', - 'ῃ' => 'ηι', - 'ῄ' => 'ήι', - 'ῆ' => 'ῆ', - 'ῇ' => 'ῆι', - 'ῌ' => 'ηι', - 'ῒ' => 'ῒ', - 'ῖ' => 'ῖ', - 'ῗ' => 'ῗ', - 'ῢ' => 'ῢ', - 'ῤ' => 'ῤ', - 'ῦ' => 'ῦ', - 'ῧ' => 'ῧ', - 'ῲ' => 'ὼι', - 'ῳ' => 'ωι', - 'ῴ' => 'ώι', - 'ῶ' => 'ῶ', - 'ῷ' => 'ῶι', - 'ῼ' => 'ωι', - 'ff' => 'ff', - 'fi' => 'fi', - 'fl' => 'fl', - 'ffi' => 'ffi', - 'ffl' => 'ffl', - 'ſt' => 'st', - 'st' => 'st', - 'ﬓ' => 'մն', - 'ﬔ' => 'մե', - 'ﬕ' => 'մի', - 'ﬖ' => 'վն', - 'ﬗ' => 'մխ', -]; diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Resources/unidata/lowerCase.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Resources/unidata/lowerCase.php deleted file mode 100644 index fac60b0..0000000 --- a/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Resources/unidata/lowerCase.php +++ /dev/null @@ -1,1397 +0,0 @@ - 'a', - 'B' => 'b', - 'C' => 'c', - 'D' => 'd', - 'E' => 'e', - 'F' => 'f', - 'G' => 'g', - 'H' => 'h', - 'I' => 'i', - 'J' => 'j', - 'K' => 'k', - 'L' => 'l', - 'M' => 'm', - 'N' => 'n', - 'O' => 'o', - 'P' => 'p', - 'Q' => 'q', - 'R' => 'r', - 'S' => 's', - 'T' => 't', - 'U' => 'u', - 'V' => 'v', - 'W' => 'w', - 'X' => 'x', - 'Y' => 'y', - 'Z' => 'z', - 'À' => 'à', - 'Á' => 'á', - 'Â' => 'â', - 'Ã' => 'ã', - 'Ä' => 'ä', - 'Å' => 'å', - 'Æ' => 'æ', - 'Ç' => 'ç', - 'È' => 'è', - 'É' => 'é', - 'Ê' => 'ê', - 'Ë' => 'ë', - 'Ì' => 'ì', - 'Í' => 'í', - 'Î' => 'î', - 'Ï' => 'ï', - 'Ð' => 'ð', - 'Ñ' => 'ñ', - 'Ò' => 'ò', - 'Ó' => 'ó', - 'Ô' => 'ô', - 'Õ' => 'õ', - 'Ö' => 'ö', - 'Ø' => 'ø', - 'Ù' => 'ù', - 'Ú' => 'ú', - 'Û' => 'û', - 'Ü' => 'ü', - 'Ý' => 'ý', - 'Þ' => 'þ', - 'Ā' => 'ā', - 'Ă' => 'ă', - 'Ą' => 'ą', - 'Ć' => 'ć', - 'Ĉ' => 'ĉ', - 'Ċ' => 'ċ', - 'Č' => 'č', - 'Ď' => 'ď', - 'Đ' => 'đ', - 'Ē' => 'ē', - 'Ĕ' => 'ĕ', - 'Ė' => 'ė', - 'Ę' => 'ę', - 'Ě' => 'ě', - 'Ĝ' => 'ĝ', - 'Ğ' => 'ğ', - 'Ġ' => 'ġ', - 'Ģ' => 'ģ', - 'Ĥ' => 'ĥ', - 'Ħ' => 'ħ', - 'Ĩ' => 'ĩ', - 'Ī' => 'ī', - 'Ĭ' => 'ĭ', - 'Į' => 'į', - 'İ' => 'i̇', - 'IJ' => 'ij', - 'Ĵ' => 'ĵ', - 'Ķ' => 'ķ', - 'Ĺ' => 'ĺ', - 'Ļ' => 'ļ', - 'Ľ' => 'ľ', - 'Ŀ' => 'ŀ', - 'Ł' => 'ł', - 'Ń' => 'ń', - 'Ņ' => 'ņ', - 'Ň' => 'ň', - 'Ŋ' => 'ŋ', - 'Ō' => 'ō', - 'Ŏ' => 'ŏ', - 'Ő' => 'ő', - 'Œ' => 'œ', - 'Ŕ' => 'ŕ', - 'Ŗ' => 'ŗ', - 'Ř' => 'ř', - 'Ś' => 'ś', - 'Ŝ' => 'ŝ', - 'Ş' => 'ş', - 'Š' => 'š', - 'Ţ' => 'ţ', - 'Ť' => 'ť', - 'Ŧ' => 'ŧ', - 'Ũ' => 'ũ', - 'Ū' => 'ū', - 'Ŭ' => 'ŭ', - 'Ů' => 'ů', - 'Ű' => 'ű', - 'Ų' => 'ų', - 'Ŵ' => 'ŵ', - 'Ŷ' => 'ŷ', - 'Ÿ' => 'ÿ', - 'Ź' => 'ź', - 'Ż' => 'ż', - 'Ž' => 'ž', - 'Ɓ' => 'ɓ', - 'Ƃ' => 'ƃ', - 'Ƅ' => 'ƅ', - 'Ɔ' => 'ɔ', - 'Ƈ' => 'ƈ', - 'Ɖ' => 'ɖ', - 'Ɗ' => 'ɗ', - 'Ƌ' => 'ƌ', - 'Ǝ' => 'ǝ', - 'Ə' => 'ə', - 'Ɛ' => 'ɛ', - 'Ƒ' => 'ƒ', - 'Ɠ' => 'ɠ', - 'Ɣ' => 'ɣ', - 'Ɩ' => 'ɩ', - 'Ɨ' => 'ɨ', - 'Ƙ' => 'ƙ', - 'Ɯ' => 'ɯ', - 'Ɲ' => 'ɲ', - 'Ɵ' => 'ɵ', - 'Ơ' => 'ơ', - 'Ƣ' => 'ƣ', - 'Ƥ' => 'ƥ', - 'Ʀ' => 'ʀ', - 'Ƨ' => 'ƨ', - 'Ʃ' => 'ʃ', - 'Ƭ' => 'ƭ', - 'Ʈ' => 'ʈ', - 'Ư' => 'ư', - 'Ʊ' => 'ʊ', - 'Ʋ' => 'ʋ', - 'Ƴ' => 'ƴ', - 'Ƶ' => 'ƶ', - 'Ʒ' => 'ʒ', - 'Ƹ' => 'ƹ', - 'Ƽ' => 'ƽ', - 'DŽ' => 'dž', - 'Dž' => 'dž', - 'LJ' => 'lj', - 'Lj' => 'lj', - 'NJ' => 'nj', - 'Nj' => 'nj', - 'Ǎ' => 'ǎ', - 'Ǐ' => 'ǐ', - 'Ǒ' => 'ǒ', - 'Ǔ' => 'ǔ', - 'Ǖ' => 'ǖ', - 'Ǘ' => 'ǘ', - 'Ǚ' => 'ǚ', - 'Ǜ' => 'ǜ', - 'Ǟ' => 'ǟ', - 'Ǡ' => 'ǡ', - 'Ǣ' => 'ǣ', - 'Ǥ' => 'ǥ', - 'Ǧ' => 'ǧ', - 'Ǩ' => 'ǩ', - 'Ǫ' => 'ǫ', - 'Ǭ' => 'ǭ', - 'Ǯ' => 'ǯ', - 'DZ' => 'dz', - 'Dz' => 'dz', - 'Ǵ' => 'ǵ', - 'Ƕ' => 'ƕ', - 'Ƿ' => 'ƿ', - 'Ǹ' => 'ǹ', - 'Ǻ' => 'ǻ', - 'Ǽ' => 'ǽ', - 'Ǿ' => 'ǿ', - 'Ȁ' => 'ȁ', - 'Ȃ' => 'ȃ', - 'Ȅ' => 'ȅ', - 'Ȇ' => 'ȇ', - 'Ȉ' => 'ȉ', - 'Ȋ' => 'ȋ', - 'Ȍ' => 'ȍ', - 'Ȏ' => 'ȏ', - 'Ȑ' => 'ȑ', - 'Ȓ' => 'ȓ', - 'Ȕ' => 'ȕ', - 'Ȗ' => 'ȗ', - 'Ș' => 'ș', - 'Ț' => 'ț', - 'Ȝ' => 'ȝ', - 'Ȟ' => 'ȟ', - 'Ƞ' => 'ƞ', - 'Ȣ' => 'ȣ', - 'Ȥ' => 'ȥ', - 'Ȧ' => 'ȧ', - 'Ȩ' => 'ȩ', - 'Ȫ' => 'ȫ', - 'Ȭ' => 'ȭ', - 'Ȯ' => 'ȯ', - 'Ȱ' => 'ȱ', - 'Ȳ' => 'ȳ', - 'Ⱥ' => 'ⱥ', - 'Ȼ' => 'ȼ', - 'Ƚ' => 'ƚ', - 'Ⱦ' => 'ⱦ', - 'Ɂ' => 'ɂ', - 'Ƀ' => 'ƀ', - 'Ʉ' => 'ʉ', - 'Ʌ' => 'ʌ', - 'Ɇ' => 'ɇ', - 'Ɉ' => 'ɉ', - 'Ɋ' => 'ɋ', - 'Ɍ' => 'ɍ', - 'Ɏ' => 'ɏ', - 'Ͱ' => 'ͱ', - 'Ͳ' => 'ͳ', - 'Ͷ' => 'ͷ', - 'Ϳ' => 'ϳ', - 'Ά' => 'ά', - 'Έ' => 'έ', - 'Ή' => 'ή', - 'Ί' => 'ί', - 'Ό' => 'ό', - 'Ύ' => 'ύ', - 'Ώ' => 'ώ', - 'Α' => 'α', - 'Β' => 'β', - 'Γ' => 'γ', - 'Δ' => 'δ', - 'Ε' => 'ε', - 'Ζ' => 'ζ', - 'Η' => 'η', - 'Θ' => 'θ', - 'Ι' => 'ι', - 'Κ' => 'κ', - 'Λ' => 'λ', - 'Μ' => 'μ', - 'Ν' => 'ν', - 'Ξ' => 'ξ', - 'Ο' => 'ο', - 'Π' => 'π', - 'Ρ' => 'ρ', - 'Σ' => 'σ', - 'Τ' => 'τ', - 'Υ' => 'υ', - 'Φ' => 'φ', - 'Χ' => 'χ', - 'Ψ' => 'ψ', - 'Ω' => 'ω', - 'Ϊ' => 'ϊ', - 'Ϋ' => 'ϋ', - 'Ϗ' => 'ϗ', - 'Ϙ' => 'ϙ', - 'Ϛ' => 'ϛ', - 'Ϝ' => 'ϝ', - 'Ϟ' => 'ϟ', - 'Ϡ' => 'ϡ', - 'Ϣ' => 'ϣ', - 'Ϥ' => 'ϥ', - 'Ϧ' => 'ϧ', - 'Ϩ' => 'ϩ', - 'Ϫ' => 'ϫ', - 'Ϭ' => 'ϭ', - 'Ϯ' => 'ϯ', - 'ϴ' => 'θ', - 'Ϸ' => 'ϸ', - 'Ϲ' => 'ϲ', - 'Ϻ' => 'ϻ', - 'Ͻ' => 'ͻ', - 'Ͼ' => 'ͼ', - 'Ͽ' => 'ͽ', - 'Ѐ' => 'ѐ', - 'Ё' => 'ё', - 'Ђ' => 'ђ', - 'Ѓ' => 'ѓ', - 'Є' => 'є', - 'Ѕ' => 'ѕ', - 'І' => 'і', - 'Ї' => 'ї', - 'Ј' => 'ј', - 'Љ' => 'љ', - 'Њ' => 'њ', - 'Ћ' => 'ћ', - 'Ќ' => 'ќ', - 'Ѝ' => 'ѝ', - 'Ў' => 'ў', - 'Џ' => 'џ', - 'А' => 'а', - 'Б' => 'б', - 'В' => 'в', - 'Г' => 'г', - 'Д' => 'д', - 'Е' => 'е', - 'Ж' => 'ж', - 'З' => 'з', - 'И' => 'и', - 'Й' => 'й', - 'К' => 'к', - 'Л' => 'л', - 'М' => 'м', - 'Н' => 'н', - 'О' => 'о', - 'П' => 'п', - 'Р' => 'р', - 'С' => 'с', - 'Т' => 'т', - 'У' => 'у', - 'Ф' => 'ф', - 'Х' => 'х', - 'Ц' => 'ц', - 'Ч' => 'ч', - 'Ш' => 'ш', - 'Щ' => 'щ', - 'Ъ' => 'ъ', - 'Ы' => 'ы', - 'Ь' => 'ь', - 'Э' => 'э', - 'Ю' => 'ю', - 'Я' => 'я', - 'Ѡ' => 'ѡ', - 'Ѣ' => 'ѣ', - 'Ѥ' => 'ѥ', - 'Ѧ' => 'ѧ', - 'Ѩ' => 'ѩ', - 'Ѫ' => 'ѫ', - 'Ѭ' => 'ѭ', - 'Ѯ' => 'ѯ', - 'Ѱ' => 'ѱ', - 'Ѳ' => 'ѳ', - 'Ѵ' => 'ѵ', - 'Ѷ' => 'ѷ', - 'Ѹ' => 'ѹ', - 'Ѻ' => 'ѻ', - 'Ѽ' => 'ѽ', - 'Ѿ' => 'ѿ', - 'Ҁ' => 'ҁ', - 'Ҋ' => 'ҋ', - 'Ҍ' => 'ҍ', - 'Ҏ' => 'ҏ', - 'Ґ' => 'ґ', - 'Ғ' => 'ғ', - 'Ҕ' => 'ҕ', - 'Җ' => 'җ', - 'Ҙ' => 'ҙ', - 'Қ' => 'қ', - 'Ҝ' => 'ҝ', - 'Ҟ' => 'ҟ', - 'Ҡ' => 'ҡ', - 'Ң' => 'ң', - 'Ҥ' => 'ҥ', - 'Ҧ' => 'ҧ', - 'Ҩ' => 'ҩ', - 'Ҫ' => 'ҫ', - 'Ҭ' => 'ҭ', - 'Ү' => 'ү', - 'Ұ' => 'ұ', - 'Ҳ' => 'ҳ', - 'Ҵ' => 'ҵ', - 'Ҷ' => 'ҷ', - 'Ҹ' => 'ҹ', - 'Һ' => 'һ', - 'Ҽ' => 'ҽ', - 'Ҿ' => 'ҿ', - 'Ӏ' => 'ӏ', - 'Ӂ' => 'ӂ', - 'Ӄ' => 'ӄ', - 'Ӆ' => 'ӆ', - 'Ӈ' => 'ӈ', - 'Ӊ' => 'ӊ', - 'Ӌ' => 'ӌ', - 'Ӎ' => 'ӎ', - 'Ӑ' => 'ӑ', - 'Ӓ' => 'ӓ', - 'Ӕ' => 'ӕ', - 'Ӗ' => 'ӗ', - 'Ә' => 'ә', - 'Ӛ' => 'ӛ', - 'Ӝ' => 'ӝ', - 'Ӟ' => 'ӟ', - 'Ӡ' => 'ӡ', - 'Ӣ' => 'ӣ', - 'Ӥ' => 'ӥ', - 'Ӧ' => 'ӧ', - 'Ө' => 'ө', - 'Ӫ' => 'ӫ', - 'Ӭ' => 'ӭ', - 'Ӯ' => 'ӯ', - 'Ӱ' => 'ӱ', - 'Ӳ' => 'ӳ', - 'Ӵ' => 'ӵ', - 'Ӷ' => 'ӷ', - 'Ӹ' => 'ӹ', - 'Ӻ' => 'ӻ', - 'Ӽ' => 'ӽ', - 'Ӿ' => 'ӿ', - 'Ԁ' => 'ԁ', - 'Ԃ' => 'ԃ', - 'Ԅ' => 'ԅ', - 'Ԇ' => 'ԇ', - 'Ԉ' => 'ԉ', - 'Ԋ' => 'ԋ', - 'Ԍ' => 'ԍ', - 'Ԏ' => 'ԏ', - 'Ԑ' => 'ԑ', - 'Ԓ' => 'ԓ', - 'Ԕ' => 'ԕ', - 'Ԗ' => 'ԗ', - 'Ԙ' => 'ԙ', - 'Ԛ' => 'ԛ', - 'Ԝ' => 'ԝ', - 'Ԟ' => 'ԟ', - 'Ԡ' => 'ԡ', - 'Ԣ' => 'ԣ', - 'Ԥ' => 'ԥ', - 'Ԧ' => 'ԧ', - 'Ԩ' => 'ԩ', - 'Ԫ' => 'ԫ', - 'Ԭ' => 'ԭ', - 'Ԯ' => 'ԯ', - 'Ա' => 'ա', - 'Բ' => 'բ', - 'Գ' => 'գ', - 'Դ' => 'դ', - 'Ե' => 'ե', - 'Զ' => 'զ', - 'Է' => 'է', - 'Ը' => 'ը', - 'Թ' => 'թ', - 'Ժ' => 'ժ', - 'Ի' => 'ի', - 'Լ' => 'լ', - 'Խ' => 'խ', - 'Ծ' => 'ծ', - 'Կ' => 'կ', - 'Հ' => 'հ', - 'Ձ' => 'ձ', - 'Ղ' => 'ղ', - 'Ճ' => 'ճ', - 'Մ' => 'մ', - 'Յ' => 'յ', - 'Ն' => 'ն', - 'Շ' => 'շ', - 'Ո' => 'ո', - 'Չ' => 'չ', - 'Պ' => 'պ', - 'Ջ' => 'ջ', - 'Ռ' => 'ռ', - 'Ս' => 'ս', - 'Վ' => 'վ', - 'Տ' => 'տ', - 'Ր' => 'ր', - 'Ց' => 'ց', - 'Ւ' => 'ւ', - 'Փ' => 'փ', - 'Ք' => 'ք', - 'Օ' => 'օ', - 'Ֆ' => 'ֆ', - 'Ⴀ' => 'ⴀ', - 'Ⴁ' => 'ⴁ', - 'Ⴂ' => 'ⴂ', - 'Ⴃ' => 'ⴃ', - 'Ⴄ' => 'ⴄ', - 'Ⴅ' => 'ⴅ', - 'Ⴆ' => 'ⴆ', - 'Ⴇ' => 'ⴇ', - 'Ⴈ' => 'ⴈ', - 'Ⴉ' => 'ⴉ', - 'Ⴊ' => 'ⴊ', - 'Ⴋ' => 'ⴋ', - 'Ⴌ' => 'ⴌ', - 'Ⴍ' => 'ⴍ', - 'Ⴎ' => 'ⴎ', - 'Ⴏ' => 'ⴏ', - 'Ⴐ' => 'ⴐ', - 'Ⴑ' => 'ⴑ', - 'Ⴒ' => 'ⴒ', - 'Ⴓ' => 'ⴓ', - 'Ⴔ' => 'ⴔ', - 'Ⴕ' => 'ⴕ', - 'Ⴖ' => 'ⴖ', - 'Ⴗ' => 'ⴗ', - 'Ⴘ' => 'ⴘ', - 'Ⴙ' => 'ⴙ', - 'Ⴚ' => 'ⴚ', - 'Ⴛ' => 'ⴛ', - 'Ⴜ' => 'ⴜ', - 'Ⴝ' => 'ⴝ', - 'Ⴞ' => 'ⴞ', - 'Ⴟ' => 'ⴟ', - 'Ⴠ' => 'ⴠ', - 'Ⴡ' => 'ⴡ', - 'Ⴢ' => 'ⴢ', - 'Ⴣ' => 'ⴣ', - 'Ⴤ' => 'ⴤ', - 'Ⴥ' => 'ⴥ', - 'Ⴧ' => 'ⴧ', - 'Ⴭ' => 'ⴭ', - 'Ꭰ' => 'ꭰ', - 'Ꭱ' => 'ꭱ', - 'Ꭲ' => 'ꭲ', - 'Ꭳ' => 'ꭳ', - 'Ꭴ' => 'ꭴ', - 'Ꭵ' => 'ꭵ', - 'Ꭶ' => 'ꭶ', - 'Ꭷ' => 'ꭷ', - 'Ꭸ' => 'ꭸ', - 'Ꭹ' => 'ꭹ', - 'Ꭺ' => 'ꭺ', - 'Ꭻ' => 'ꭻ', - 'Ꭼ' => 'ꭼ', - 'Ꭽ' => 'ꭽ', - 'Ꭾ' => 'ꭾ', - 'Ꭿ' => 'ꭿ', - 'Ꮀ' => 'ꮀ', - 'Ꮁ' => 'ꮁ', - 'Ꮂ' => 'ꮂ', - 'Ꮃ' => 'ꮃ', - 'Ꮄ' => 'ꮄ', - 'Ꮅ' => 'ꮅ', - 'Ꮆ' => 'ꮆ', - 'Ꮇ' => 'ꮇ', - 'Ꮈ' => 'ꮈ', - 'Ꮉ' => 'ꮉ', - 'Ꮊ' => 'ꮊ', - 'Ꮋ' => 'ꮋ', - 'Ꮌ' => 'ꮌ', - 'Ꮍ' => 'ꮍ', - 'Ꮎ' => 'ꮎ', - 'Ꮏ' => 'ꮏ', - 'Ꮐ' => 'ꮐ', - 'Ꮑ' => 'ꮑ', - 'Ꮒ' => 'ꮒ', - 'Ꮓ' => 'ꮓ', - 'Ꮔ' => 'ꮔ', - 'Ꮕ' => 'ꮕ', - 'Ꮖ' => 'ꮖ', - 'Ꮗ' => 'ꮗ', - 'Ꮘ' => 'ꮘ', - 'Ꮙ' => 'ꮙ', - 'Ꮚ' => 'ꮚ', - 'Ꮛ' => 'ꮛ', - 'Ꮜ' => 'ꮜ', - 'Ꮝ' => 'ꮝ', - 'Ꮞ' => 'ꮞ', - 'Ꮟ' => 'ꮟ', - 'Ꮠ' => 'ꮠ', - 'Ꮡ' => 'ꮡ', - 'Ꮢ' => 'ꮢ', - 'Ꮣ' => 'ꮣ', - 'Ꮤ' => 'ꮤ', - 'Ꮥ' => 'ꮥ', - 'Ꮦ' => 'ꮦ', - 'Ꮧ' => 'ꮧ', - 'Ꮨ' => 'ꮨ', - 'Ꮩ' => 'ꮩ', - 'Ꮪ' => 'ꮪ', - 'Ꮫ' => 'ꮫ', - 'Ꮬ' => 'ꮬ', - 'Ꮭ' => 'ꮭ', - 'Ꮮ' => 'ꮮ', - 'Ꮯ' => 'ꮯ', - 'Ꮰ' => 'ꮰ', - 'Ꮱ' => 'ꮱ', - 'Ꮲ' => 'ꮲ', - 'Ꮳ' => 'ꮳ', - 'Ꮴ' => 'ꮴ', - 'Ꮵ' => 'ꮵ', - 'Ꮶ' => 'ꮶ', - 'Ꮷ' => 'ꮷ', - 'Ꮸ' => 'ꮸ', - 'Ꮹ' => 'ꮹ', - 'Ꮺ' => 'ꮺ', - 'Ꮻ' => 'ꮻ', - 'Ꮼ' => 'ꮼ', - 'Ꮽ' => 'ꮽ', - 'Ꮾ' => 'ꮾ', - 'Ꮿ' => 'ꮿ', - 'Ᏸ' => 'ᏸ', - 'Ᏹ' => 'ᏹ', - 'Ᏺ' => 'ᏺ', - 'Ᏻ' => 'ᏻ', - 'Ᏼ' => 'ᏼ', - 'Ᏽ' => 'ᏽ', - 'Ა' => 'ა', - 'Ბ' => 'ბ', - 'Გ' => 'გ', - 'Დ' => 'დ', - 'Ე' => 'ე', - 'Ვ' => 'ვ', - 'Ზ' => 'ზ', - 'Თ' => 'თ', - 'Ი' => 'ი', - 'Კ' => 'კ', - 'Ლ' => 'ლ', - 'Მ' => 'მ', - 'Ნ' => 'ნ', - 'Ო' => 'ო', - 'Პ' => 'პ', - 'Ჟ' => 'ჟ', - 'Რ' => 'რ', - 'Ს' => 'ს', - 'Ტ' => 'ტ', - 'Უ' => 'უ', - 'Ფ' => 'ფ', - 'Ქ' => 'ქ', - 'Ღ' => 'ღ', - 'Ყ' => 'ყ', - 'Შ' => 'შ', - 'Ჩ' => 'ჩ', - 'Ც' => 'ც', - 'Ძ' => 'ძ', - 'Წ' => 'წ', - 'Ჭ' => 'ჭ', - 'Ხ' => 'ხ', - 'Ჯ' => 'ჯ', - 'Ჰ' => 'ჰ', - 'Ჱ' => 'ჱ', - 'Ჲ' => 'ჲ', - 'Ჳ' => 'ჳ', - 'Ჴ' => 'ჴ', - 'Ჵ' => 'ჵ', - 'Ჶ' => 'ჶ', - 'Ჷ' => 'ჷ', - 'Ჸ' => 'ჸ', - 'Ჹ' => 'ჹ', - 'Ჺ' => 'ჺ', - 'Ჽ' => 'ჽ', - 'Ჾ' => 'ჾ', - 'Ჿ' => 'ჿ', - 'Ḁ' => 'ḁ', - 'Ḃ' => 'ḃ', - 'Ḅ' => 'ḅ', - 'Ḇ' => 'ḇ', - 'Ḉ' => 'ḉ', - 'Ḋ' => 'ḋ', - 'Ḍ' => 'ḍ', - 'Ḏ' => 'ḏ', - 'Ḑ' => 'ḑ', - 'Ḓ' => 'ḓ', - 'Ḕ' => 'ḕ', - 'Ḗ' => 'ḗ', - 'Ḙ' => 'ḙ', - 'Ḛ' => 'ḛ', - 'Ḝ' => 'ḝ', - 'Ḟ' => 'ḟ', - 'Ḡ' => 'ḡ', - 'Ḣ' => 'ḣ', - 'Ḥ' => 'ḥ', - 'Ḧ' => 'ḧ', - 'Ḩ' => 'ḩ', - 'Ḫ' => 'ḫ', - 'Ḭ' => 'ḭ', - 'Ḯ' => 'ḯ', - 'Ḱ' => 'ḱ', - 'Ḳ' => 'ḳ', - 'Ḵ' => 'ḵ', - 'Ḷ' => 'ḷ', - 'Ḹ' => 'ḹ', - 'Ḻ' => 'ḻ', - 'Ḽ' => 'ḽ', - 'Ḿ' => 'ḿ', - 'Ṁ' => 'ṁ', - 'Ṃ' => 'ṃ', - 'Ṅ' => 'ṅ', - 'Ṇ' => 'ṇ', - 'Ṉ' => 'ṉ', - 'Ṋ' => 'ṋ', - 'Ṍ' => 'ṍ', - 'Ṏ' => 'ṏ', - 'Ṑ' => 'ṑ', - 'Ṓ' => 'ṓ', - 'Ṕ' => 'ṕ', - 'Ṗ' => 'ṗ', - 'Ṙ' => 'ṙ', - 'Ṛ' => 'ṛ', - 'Ṝ' => 'ṝ', - 'Ṟ' => 'ṟ', - 'Ṡ' => 'ṡ', - 'Ṣ' => 'ṣ', - 'Ṥ' => 'ṥ', - 'Ṧ' => 'ṧ', - 'Ṩ' => 'ṩ', - 'Ṫ' => 'ṫ', - 'Ṭ' => 'ṭ', - 'Ṯ' => 'ṯ', - 'Ṱ' => 'ṱ', - 'Ṳ' => 'ṳ', - 'Ṵ' => 'ṵ', - 'Ṷ' => 'ṷ', - 'Ṹ' => 'ṹ', - 'Ṻ' => 'ṻ', - 'Ṽ' => 'ṽ', - 'Ṿ' => 'ṿ', - 'Ẁ' => 'ẁ', - 'Ẃ' => 'ẃ', - 'Ẅ' => 'ẅ', - 'Ẇ' => 'ẇ', - 'Ẉ' => 'ẉ', - 'Ẋ' => 'ẋ', - 'Ẍ' => 'ẍ', - 'Ẏ' => 'ẏ', - 'Ẑ' => 'ẑ', - 'Ẓ' => 'ẓ', - 'Ẕ' => 'ẕ', - 'ẞ' => 'ß', - 'Ạ' => 'ạ', - 'Ả' => 'ả', - 'Ấ' => 'ấ', - 'Ầ' => 'ầ', - 'Ẩ' => 'ẩ', - 'Ẫ' => 'ẫ', - 'Ậ' => 'ậ', - 'Ắ' => 'ắ', - 'Ằ' => 'ằ', - 'Ẳ' => 'ẳ', - 'Ẵ' => 'ẵ', - 'Ặ' => 'ặ', - 'Ẹ' => 'ẹ', - 'Ẻ' => 'ẻ', - 'Ẽ' => 'ẽ', - 'Ế' => 'ế', - 'Ề' => 'ề', - 'Ể' => 'ể', - 'Ễ' => 'ễ', - 'Ệ' => 'ệ', - 'Ỉ' => 'ỉ', - 'Ị' => 'ị', - 'Ọ' => 'ọ', - 'Ỏ' => 'ỏ', - 'Ố' => 'ố', - 'Ồ' => 'ồ', - 'Ổ' => 'ổ', - 'Ỗ' => 'ỗ', - 'Ộ' => 'ộ', - 'Ớ' => 'ớ', - 'Ờ' => 'ờ', - 'Ở' => 'ở', - 'Ỡ' => 'ỡ', - 'Ợ' => 'ợ', - 'Ụ' => 'ụ', - 'Ủ' => 'ủ', - 'Ứ' => 'ứ', - 'Ừ' => 'ừ', - 'Ử' => 'ử', - 'Ữ' => 'ữ', - 'Ự' => 'ự', - 'Ỳ' => 'ỳ', - 'Ỵ' => 'ỵ', - 'Ỷ' => 'ỷ', - 'Ỹ' => 'ỹ', - 'Ỻ' => 'ỻ', - 'Ỽ' => 'ỽ', - 'Ỿ' => 'ỿ', - 'Ἀ' => 'ἀ', - 'Ἁ' => 'ἁ', - 'Ἂ' => 'ἂ', - 'Ἃ' => 'ἃ', - 'Ἄ' => 'ἄ', - 'Ἅ' => 'ἅ', - 'Ἆ' => 'ἆ', - 'Ἇ' => 'ἇ', - 'Ἐ' => 'ἐ', - 'Ἑ' => 'ἑ', - 'Ἒ' => 'ἒ', - 'Ἓ' => 'ἓ', - 'Ἔ' => 'ἔ', - 'Ἕ' => 'ἕ', - 'Ἠ' => 'ἠ', - 'Ἡ' => 'ἡ', - 'Ἢ' => 'ἢ', - 'Ἣ' => 'ἣ', - 'Ἤ' => 'ἤ', - 'Ἥ' => 'ἥ', - 'Ἦ' => 'ἦ', - 'Ἧ' => 'ἧ', - 'Ἰ' => 'ἰ', - 'Ἱ' => 'ἱ', - 'Ἲ' => 'ἲ', - 'Ἳ' => 'ἳ', - 'Ἴ' => 'ἴ', - 'Ἵ' => 'ἵ', - 'Ἶ' => 'ἶ', - 'Ἷ' => 'ἷ', - 'Ὀ' => 'ὀ', - 'Ὁ' => 'ὁ', - 'Ὂ' => 'ὂ', - 'Ὃ' => 'ὃ', - 'Ὄ' => 'ὄ', - 'Ὅ' => 'ὅ', - 'Ὑ' => 'ὑ', - 'Ὓ' => 'ὓ', - 'Ὕ' => 'ὕ', - 'Ὗ' => 'ὗ', - 'Ὠ' => 'ὠ', - 'Ὡ' => 'ὡ', - 'Ὢ' => 'ὢ', - 'Ὣ' => 'ὣ', - 'Ὤ' => 'ὤ', - 'Ὥ' => 'ὥ', - 'Ὦ' => 'ὦ', - 'Ὧ' => 'ὧ', - 'ᾈ' => 'ᾀ', - 'ᾉ' => 'ᾁ', - 'ᾊ' => 'ᾂ', - 'ᾋ' => 'ᾃ', - 'ᾌ' => 'ᾄ', - 'ᾍ' => 'ᾅ', - 'ᾎ' => 'ᾆ', - 'ᾏ' => 'ᾇ', - 'ᾘ' => 'ᾐ', - 'ᾙ' => 'ᾑ', - 'ᾚ' => 'ᾒ', - 'ᾛ' => 'ᾓ', - 'ᾜ' => 'ᾔ', - 'ᾝ' => 'ᾕ', - 'ᾞ' => 'ᾖ', - 'ᾟ' => 'ᾗ', - 'ᾨ' => 'ᾠ', - 'ᾩ' => 'ᾡ', - 'ᾪ' => 'ᾢ', - 'ᾫ' => 'ᾣ', - 'ᾬ' => 'ᾤ', - 'ᾭ' => 'ᾥ', - 'ᾮ' => 'ᾦ', - 'ᾯ' => 'ᾧ', - 'Ᾰ' => 'ᾰ', - 'Ᾱ' => 'ᾱ', - 'Ὰ' => 'ὰ', - 'Ά' => 'ά', - 'ᾼ' => 'ᾳ', - 'Ὲ' => 'ὲ', - 'Έ' => 'έ', - 'Ὴ' => 'ὴ', - 'Ή' => 'ή', - 'ῌ' => 'ῃ', - 'Ῐ' => 'ῐ', - 'Ῑ' => 'ῑ', - 'Ὶ' => 'ὶ', - 'Ί' => 'ί', - 'Ῠ' => 'ῠ', - 'Ῡ' => 'ῡ', - 'Ὺ' => 'ὺ', - 'Ύ' => 'ύ', - 'Ῥ' => 'ῥ', - 'Ὸ' => 'ὸ', - 'Ό' => 'ό', - 'Ὼ' => 'ὼ', - 'Ώ' => 'ώ', - 'ῼ' => 'ῳ', - 'Ω' => 'ω', - 'K' => 'k', - 'Å' => 'å', - 'Ⅎ' => 'ⅎ', - 'Ⅰ' => 'ⅰ', - 'Ⅱ' => 'ⅱ', - 'Ⅲ' => 'ⅲ', - 'Ⅳ' => 'ⅳ', - 'Ⅴ' => 'ⅴ', - 'Ⅵ' => 'ⅵ', - 'Ⅶ' => 'ⅶ', - 'Ⅷ' => 'ⅷ', - 'Ⅸ' => 'ⅸ', - 'Ⅹ' => 'ⅹ', - 'Ⅺ' => 'ⅺ', - 'Ⅻ' => 'ⅻ', - 'Ⅼ' => 'ⅼ', - 'Ⅽ' => 'ⅽ', - 'Ⅾ' => 'ⅾ', - 'Ⅿ' => 'ⅿ', - 'Ↄ' => 'ↄ', - 'Ⓐ' => 'ⓐ', - 'Ⓑ' => 'ⓑ', - 'Ⓒ' => 'ⓒ', - 'Ⓓ' => 'ⓓ', - 'Ⓔ' => 'ⓔ', - 'Ⓕ' => 'ⓕ', - 'Ⓖ' => 'ⓖ', - 'Ⓗ' => 'ⓗ', - 'Ⓘ' => 'ⓘ', - 'Ⓙ' => 'ⓙ', - 'Ⓚ' => 'ⓚ', - 'Ⓛ' => 'ⓛ', - 'Ⓜ' => 'ⓜ', - 'Ⓝ' => 'ⓝ', - 'Ⓞ' => 'ⓞ', - 'Ⓟ' => 'ⓟ', - 'Ⓠ' => 'ⓠ', - 'Ⓡ' => 'ⓡ', - 'Ⓢ' => 'ⓢ', - 'Ⓣ' => 'ⓣ', - 'Ⓤ' => 'ⓤ', - 'Ⓥ' => 'ⓥ', - 'Ⓦ' => 'ⓦ', - 'Ⓧ' => 'ⓧ', - 'Ⓨ' => 'ⓨ', - 'Ⓩ' => 'ⓩ', - 'Ⰰ' => 'ⰰ', - 'Ⰱ' => 'ⰱ', - 'Ⰲ' => 'ⰲ', - 'Ⰳ' => 'ⰳ', - 'Ⰴ' => 'ⰴ', - 'Ⰵ' => 'ⰵ', - 'Ⰶ' => 'ⰶ', - 'Ⰷ' => 'ⰷ', - 'Ⰸ' => 'ⰸ', - 'Ⰹ' => 'ⰹ', - 'Ⰺ' => 'ⰺ', - 'Ⰻ' => 'ⰻ', - 'Ⰼ' => 'ⰼ', - 'Ⰽ' => 'ⰽ', - 'Ⰾ' => 'ⰾ', - 'Ⰿ' => 'ⰿ', - 'Ⱀ' => 'ⱀ', - 'Ⱁ' => 'ⱁ', - 'Ⱂ' => 'ⱂ', - 'Ⱃ' => 'ⱃ', - 'Ⱄ' => 'ⱄ', - 'Ⱅ' => 'ⱅ', - 'Ⱆ' => 'ⱆ', - 'Ⱇ' => 'ⱇ', - 'Ⱈ' => 'ⱈ', - 'Ⱉ' => 'ⱉ', - 'Ⱊ' => 'ⱊ', - 'Ⱋ' => 'ⱋ', - 'Ⱌ' => 'ⱌ', - 'Ⱍ' => 'ⱍ', - 'Ⱎ' => 'ⱎ', - 'Ⱏ' => 'ⱏ', - 'Ⱐ' => 'ⱐ', - 'Ⱑ' => 'ⱑ', - 'Ⱒ' => 'ⱒ', - 'Ⱓ' => 'ⱓ', - 'Ⱔ' => 'ⱔ', - 'Ⱕ' => 'ⱕ', - 'Ⱖ' => 'ⱖ', - 'Ⱗ' => 'ⱗ', - 'Ⱘ' => 'ⱘ', - 'Ⱙ' => 'ⱙ', - 'Ⱚ' => 'ⱚ', - 'Ⱛ' => 'ⱛ', - 'Ⱜ' => 'ⱜ', - 'Ⱝ' => 'ⱝ', - 'Ⱞ' => 'ⱞ', - 'Ⱡ' => 'ⱡ', - 'Ɫ' => 'ɫ', - 'Ᵽ' => 'ᵽ', - 'Ɽ' => 'ɽ', - 'Ⱨ' => 'ⱨ', - 'Ⱪ' => 'ⱪ', - 'Ⱬ' => 'ⱬ', - 'Ɑ' => 'ɑ', - 'Ɱ' => 'ɱ', - 'Ɐ' => 'ɐ', - 'Ɒ' => 'ɒ', - 'Ⱳ' => 'ⱳ', - 'Ⱶ' => 'ⱶ', - 'Ȿ' => 'ȿ', - 'Ɀ' => 'ɀ', - 'Ⲁ' => 'ⲁ', - 'Ⲃ' => 'ⲃ', - 'Ⲅ' => 'ⲅ', - 'Ⲇ' => 'ⲇ', - 'Ⲉ' => 'ⲉ', - 'Ⲋ' => 'ⲋ', - 'Ⲍ' => 'ⲍ', - 'Ⲏ' => 'ⲏ', - 'Ⲑ' => 'ⲑ', - 'Ⲓ' => 'ⲓ', - 'Ⲕ' => 'ⲕ', - 'Ⲗ' => 'ⲗ', - 'Ⲙ' => 'ⲙ', - 'Ⲛ' => 'ⲛ', - 'Ⲝ' => 'ⲝ', - 'Ⲟ' => 'ⲟ', - 'Ⲡ' => 'ⲡ', - 'Ⲣ' => 'ⲣ', - 'Ⲥ' => 'ⲥ', - 'Ⲧ' => 'ⲧ', - 'Ⲩ' => 'ⲩ', - 'Ⲫ' => 'ⲫ', - 'Ⲭ' => 'ⲭ', - 'Ⲯ' => 'ⲯ', - 'Ⲱ' => 'ⲱ', - 'Ⲳ' => 'ⲳ', - 'Ⲵ' => 'ⲵ', - 'Ⲷ' => 'ⲷ', - 'Ⲹ' => 'ⲹ', - 'Ⲻ' => 'ⲻ', - 'Ⲽ' => 'ⲽ', - 'Ⲿ' => 'ⲿ', - 'Ⳁ' => 'ⳁ', - 'Ⳃ' => 'ⳃ', - 'Ⳅ' => 'ⳅ', - 'Ⳇ' => 'ⳇ', - 'Ⳉ' => 'ⳉ', - 'Ⳋ' => 'ⳋ', - 'Ⳍ' => 'ⳍ', - 'Ⳏ' => 'ⳏ', - 'Ⳑ' => 'ⳑ', - 'Ⳓ' => 'ⳓ', - 'Ⳕ' => 'ⳕ', - 'Ⳗ' => 'ⳗ', - 'Ⳙ' => 'ⳙ', - 'Ⳛ' => 'ⳛ', - 'Ⳝ' => 'ⳝ', - 'Ⳟ' => 'ⳟ', - 'Ⳡ' => 'ⳡ', - 'Ⳣ' => 'ⳣ', - 'Ⳬ' => 'ⳬ', - 'Ⳮ' => 'ⳮ', - 'Ⳳ' => 'ⳳ', - 'Ꙁ' => 'ꙁ', - 'Ꙃ' => 'ꙃ', - 'Ꙅ' => 'ꙅ', - 'Ꙇ' => 'ꙇ', - 'Ꙉ' => 'ꙉ', - 'Ꙋ' => 'ꙋ', - 'Ꙍ' => 'ꙍ', - 'Ꙏ' => 'ꙏ', - 'Ꙑ' => 'ꙑ', - 'Ꙓ' => 'ꙓ', - 'Ꙕ' => 'ꙕ', - 'Ꙗ' => 'ꙗ', - 'Ꙙ' => 'ꙙ', - 'Ꙛ' => 'ꙛ', - 'Ꙝ' => 'ꙝ', - 'Ꙟ' => 'ꙟ', - 'Ꙡ' => 'ꙡ', - 'Ꙣ' => 'ꙣ', - 'Ꙥ' => 'ꙥ', - 'Ꙧ' => 'ꙧ', - 'Ꙩ' => 'ꙩ', - 'Ꙫ' => 'ꙫ', - 'Ꙭ' => 'ꙭ', - 'Ꚁ' => 'ꚁ', - 'Ꚃ' => 'ꚃ', - 'Ꚅ' => 'ꚅ', - 'Ꚇ' => 'ꚇ', - 'Ꚉ' => 'ꚉ', - 'Ꚋ' => 'ꚋ', - 'Ꚍ' => 'ꚍ', - 'Ꚏ' => 'ꚏ', - 'Ꚑ' => 'ꚑ', - 'Ꚓ' => 'ꚓ', - 'Ꚕ' => 'ꚕ', - 'Ꚗ' => 'ꚗ', - 'Ꚙ' => 'ꚙ', - 'Ꚛ' => 'ꚛ', - 'Ꜣ' => 'ꜣ', - 'Ꜥ' => 'ꜥ', - 'Ꜧ' => 'ꜧ', - 'Ꜩ' => 'ꜩ', - 'Ꜫ' => 'ꜫ', - 'Ꜭ' => 'ꜭ', - 'Ꜯ' => 'ꜯ', - 'Ꜳ' => 'ꜳ', - 'Ꜵ' => 'ꜵ', - 'Ꜷ' => 'ꜷ', - 'Ꜹ' => 'ꜹ', - 'Ꜻ' => 'ꜻ', - 'Ꜽ' => 'ꜽ', - 'Ꜿ' => 'ꜿ', - 'Ꝁ' => 'ꝁ', - 'Ꝃ' => 'ꝃ', - 'Ꝅ' => 'ꝅ', - 'Ꝇ' => 'ꝇ', - 'Ꝉ' => 'ꝉ', - 'Ꝋ' => 'ꝋ', - 'Ꝍ' => 'ꝍ', - 'Ꝏ' => 'ꝏ', - 'Ꝑ' => 'ꝑ', - 'Ꝓ' => 'ꝓ', - 'Ꝕ' => 'ꝕ', - 'Ꝗ' => 'ꝗ', - 'Ꝙ' => 'ꝙ', - 'Ꝛ' => 'ꝛ', - 'Ꝝ' => 'ꝝ', - 'Ꝟ' => 'ꝟ', - 'Ꝡ' => 'ꝡ', - 'Ꝣ' => 'ꝣ', - 'Ꝥ' => 'ꝥ', - 'Ꝧ' => 'ꝧ', - 'Ꝩ' => 'ꝩ', - 'Ꝫ' => 'ꝫ', - 'Ꝭ' => 'ꝭ', - 'Ꝯ' => 'ꝯ', - 'Ꝺ' => 'ꝺ', - 'Ꝼ' => 'ꝼ', - 'Ᵹ' => 'ᵹ', - 'Ꝿ' => 'ꝿ', - 'Ꞁ' => 'ꞁ', - 'Ꞃ' => 'ꞃ', - 'Ꞅ' => 'ꞅ', - 'Ꞇ' => 'ꞇ', - 'Ꞌ' => 'ꞌ', - 'Ɥ' => 'ɥ', - 'Ꞑ' => 'ꞑ', - 'Ꞓ' => 'ꞓ', - 'Ꞗ' => 'ꞗ', - 'Ꞙ' => 'ꞙ', - 'Ꞛ' => 'ꞛ', - 'Ꞝ' => 'ꞝ', - 'Ꞟ' => 'ꞟ', - 'Ꞡ' => 'ꞡ', - 'Ꞣ' => 'ꞣ', - 'Ꞥ' => 'ꞥ', - 'Ꞧ' => 'ꞧ', - 'Ꞩ' => 'ꞩ', - 'Ɦ' => 'ɦ', - 'Ɜ' => 'ɜ', - 'Ɡ' => 'ɡ', - 'Ɬ' => 'ɬ', - 'Ɪ' => 'ɪ', - 'Ʞ' => 'ʞ', - 'Ʇ' => 'ʇ', - 'Ʝ' => 'ʝ', - 'Ꭓ' => 'ꭓ', - 'Ꞵ' => 'ꞵ', - 'Ꞷ' => 'ꞷ', - 'Ꞹ' => 'ꞹ', - 'Ꞻ' => 'ꞻ', - 'Ꞽ' => 'ꞽ', - 'Ꞿ' => 'ꞿ', - 'Ꟃ' => 'ꟃ', - 'Ꞔ' => 'ꞔ', - 'Ʂ' => 'ʂ', - 'Ᶎ' => 'ᶎ', - 'Ꟈ' => 'ꟈ', - 'Ꟊ' => 'ꟊ', - 'Ꟶ' => 'ꟶ', - 'A' => 'a', - 'B' => 'b', - 'C' => 'c', - 'D' => 'd', - 'E' => 'e', - 'F' => 'f', - 'G' => 'g', - 'H' => 'h', - 'I' => 'i', - 'J' => 'j', - 'K' => 'k', - 'L' => 'l', - 'M' => 'm', - 'N' => 'n', - 'O' => 'o', - 'P' => 'p', - 'Q' => 'q', - 'R' => 'r', - 'S' => 's', - 'T' => 't', - 'U' => 'u', - 'V' => 'v', - 'W' => 'w', - 'X' => 'x', - 'Y' => 'y', - 'Z' => 'z', - '𐐀' => '𐐨', - '𐐁' => '𐐩', - '𐐂' => '𐐪', - '𐐃' => '𐐫', - '𐐄' => '𐐬', - '𐐅' => '𐐭', - '𐐆' => '𐐮', - '𐐇' => '𐐯', - '𐐈' => '𐐰', - '𐐉' => '𐐱', - '𐐊' => '𐐲', - '𐐋' => '𐐳', - '𐐌' => '𐐴', - '𐐍' => '𐐵', - '𐐎' => '𐐶', - '𐐏' => '𐐷', - '𐐐' => '𐐸', - '𐐑' => '𐐹', - '𐐒' => '𐐺', - '𐐓' => '𐐻', - '𐐔' => '𐐼', - '𐐕' => '𐐽', - '𐐖' => '𐐾', - '𐐗' => '𐐿', - '𐐘' => '𐑀', - '𐐙' => '𐑁', - '𐐚' => '𐑂', - '𐐛' => '𐑃', - '𐐜' => '𐑄', - '𐐝' => '𐑅', - '𐐞' => '𐑆', - '𐐟' => '𐑇', - '𐐠' => '𐑈', - '𐐡' => '𐑉', - '𐐢' => '𐑊', - '𐐣' => '𐑋', - '𐐤' => '𐑌', - '𐐥' => '𐑍', - '𐐦' => '𐑎', - '𐐧' => '𐑏', - '𐒰' => '𐓘', - '𐒱' => '𐓙', - '𐒲' => '𐓚', - '𐒳' => '𐓛', - '𐒴' => '𐓜', - '𐒵' => '𐓝', - '𐒶' => '𐓞', - '𐒷' => '𐓟', - '𐒸' => '𐓠', - '𐒹' => '𐓡', - '𐒺' => '𐓢', - '𐒻' => '𐓣', - '𐒼' => '𐓤', - '𐒽' => '𐓥', - '𐒾' => '𐓦', - '𐒿' => '𐓧', - '𐓀' => '𐓨', - '𐓁' => '𐓩', - '𐓂' => '𐓪', - '𐓃' => '𐓫', - '𐓄' => '𐓬', - '𐓅' => '𐓭', - '𐓆' => '𐓮', - '𐓇' => '𐓯', - '𐓈' => '𐓰', - '𐓉' => '𐓱', - '𐓊' => '𐓲', - '𐓋' => '𐓳', - '𐓌' => '𐓴', - '𐓍' => '𐓵', - '𐓎' => '𐓶', - '𐓏' => '𐓷', - '𐓐' => '𐓸', - '𐓑' => '𐓹', - '𐓒' => '𐓺', - '𐓓' => '𐓻', - '𐲀' => '𐳀', - '𐲁' => '𐳁', - '𐲂' => '𐳂', - '𐲃' => '𐳃', - '𐲄' => '𐳄', - '𐲅' => '𐳅', - '𐲆' => '𐳆', - '𐲇' => '𐳇', - '𐲈' => '𐳈', - '𐲉' => '𐳉', - '𐲊' => '𐳊', - '𐲋' => '𐳋', - '𐲌' => '𐳌', - '𐲍' => '𐳍', - '𐲎' => '𐳎', - '𐲏' => '𐳏', - '𐲐' => '𐳐', - '𐲑' => '𐳑', - '𐲒' => '𐳒', - '𐲓' => '𐳓', - '𐲔' => '𐳔', - '𐲕' => '𐳕', - '𐲖' => '𐳖', - '𐲗' => '𐳗', - '𐲘' => '𐳘', - '𐲙' => '𐳙', - '𐲚' => '𐳚', - '𐲛' => '𐳛', - '𐲜' => '𐳜', - '𐲝' => '𐳝', - '𐲞' => '𐳞', - '𐲟' => '𐳟', - '𐲠' => '𐳠', - '𐲡' => '𐳡', - '𐲢' => '𐳢', - '𐲣' => '𐳣', - '𐲤' => '𐳤', - '𐲥' => '𐳥', - '𐲦' => '𐳦', - '𐲧' => '𐳧', - '𐲨' => '𐳨', - '𐲩' => '𐳩', - '𐲪' => '𐳪', - '𐲫' => '𐳫', - '𐲬' => '𐳬', - '𐲭' => '𐳭', - '𐲮' => '𐳮', - '𐲯' => '𐳯', - '𐲰' => '𐳰', - '𐲱' => '𐳱', - '𐲲' => '𐳲', - '𑢠' => '𑣀', - '𑢡' => '𑣁', - '𑢢' => '𑣂', - '𑢣' => '𑣃', - '𑢤' => '𑣄', - '𑢥' => '𑣅', - '𑢦' => '𑣆', - '𑢧' => '𑣇', - '𑢨' => '𑣈', - '𑢩' => '𑣉', - '𑢪' => '𑣊', - '𑢫' => '𑣋', - '𑢬' => '𑣌', - '𑢭' => '𑣍', - '𑢮' => '𑣎', - '𑢯' => '𑣏', - '𑢰' => '𑣐', - '𑢱' => '𑣑', - '𑢲' => '𑣒', - '𑢳' => '𑣓', - '𑢴' => '𑣔', - '𑢵' => '𑣕', - '𑢶' => '𑣖', - '𑢷' => '𑣗', - '𑢸' => '𑣘', - '𑢹' => '𑣙', - '𑢺' => '𑣚', - '𑢻' => '𑣛', - '𑢼' => '𑣜', - '𑢽' => '𑣝', - '𑢾' => '𑣞', - '𑢿' => '𑣟', - '𖹀' => '𖹠', - '𖹁' => '𖹡', - '𖹂' => '𖹢', - '𖹃' => '𖹣', - '𖹄' => '𖹤', - '𖹅' => '𖹥', - '𖹆' => '𖹦', - '𖹇' => '𖹧', - '𖹈' => '𖹨', - '𖹉' => '𖹩', - '𖹊' => '𖹪', - '𖹋' => '𖹫', - '𖹌' => '𖹬', - '𖹍' => '𖹭', - '𖹎' => '𖹮', - '𖹏' => '𖹯', - '𖹐' => '𖹰', - '𖹑' => '𖹱', - '𖹒' => '𖹲', - '𖹓' => '𖹳', - '𖹔' => '𖹴', - '𖹕' => '𖹵', - '𖹖' => '𖹶', - '𖹗' => '𖹷', - '𖹘' => '𖹸', - '𖹙' => '𖹹', - '𖹚' => '𖹺', - '𖹛' => '𖹻', - '𖹜' => '𖹼', - '𖹝' => '𖹽', - '𖹞' => '𖹾', - '𖹟' => '𖹿', - '𞤀' => '𞤢', - '𞤁' => '𞤣', - '𞤂' => '𞤤', - '𞤃' => '𞤥', - '𞤄' => '𞤦', - '𞤅' => '𞤧', - '𞤆' => '𞤨', - '𞤇' => '𞤩', - '𞤈' => '𞤪', - '𞤉' => '𞤫', - '𞤊' => '𞤬', - '𞤋' => '𞤭', - '𞤌' => '𞤮', - '𞤍' => '𞤯', - '𞤎' => '𞤰', - '𞤏' => '𞤱', - '𞤐' => '𞤲', - '𞤑' => '𞤳', - '𞤒' => '𞤴', - '𞤓' => '𞤵', - '𞤔' => '𞤶', - '𞤕' => '𞤷', - '𞤖' => '𞤸', - '𞤗' => '𞤹', - '𞤘' => '𞤺', - '𞤙' => '𞤻', - '𞤚' => '𞤼', - '𞤛' => '𞤽', - '𞤜' => '𞤾', - '𞤝' => '𞤿', - '𞤞' => '𞥀', - '𞤟' => '𞥁', - '𞤠' => '𞥂', - '𞤡' => '𞥃', -); diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Resources/unidata/titleCaseRegexp.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Resources/unidata/titleCaseRegexp.php deleted file mode 100644 index 2a8f6e7..0000000 --- a/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/Resources/unidata/titleCaseRegexp.php +++ /dev/null @@ -1,5 +0,0 @@ - 'A', - 'b' => 'B', - 'c' => 'C', - 'd' => 'D', - 'e' => 'E', - 'f' => 'F', - 'g' => 'G', - 'h' => 'H', - 'i' => 'I', - 'j' => 'J', - 'k' => 'K', - 'l' => 'L', - 'm' => 'M', - 'n' => 'N', - 'o' => 'O', - 'p' => 'P', - 'q' => 'Q', - 'r' => 'R', - 's' => 'S', - 't' => 'T', - 'u' => 'U', - 'v' => 'V', - 'w' => 'W', - 'x' => 'X', - 'y' => 'Y', - 'z' => 'Z', - 'µ' => 'Μ', - 'à' => 'À', - 'á' => 'Á', - 'â' => 'Â', - 'ã' => 'Ã', - 'ä' => 'Ä', - 'å' => 'Å', - 'æ' => 'Æ', - 'ç' => 'Ç', - 'è' => 'È', - 'é' => 'É', - 'ê' => 'Ê', - 'ë' => 'Ë', - 'ì' => 'Ì', - 'í' => 'Í', - 'î' => 'Î', - 'ï' => 'Ï', - 'ð' => 'Ð', - 'ñ' => 'Ñ', - 'ò' => 'Ò', - 'ó' => 'Ó', - 'ô' => 'Ô', - 'õ' => 'Õ', - 'ö' => 'Ö', - 'ø' => 'Ø', - 'ù' => 'Ù', - 'ú' => 'Ú', - 'û' => 'Û', - 'ü' => 'Ü', - 'ý' => 'Ý', - 'þ' => 'Þ', - 'ÿ' => 'Ÿ', - 'ā' => 'Ā', - 'ă' => 'Ă', - 'ą' => 'Ą', - 'ć' => 'Ć', - 'ĉ' => 'Ĉ', - 'ċ' => 'Ċ', - 'č' => 'Č', - 'ď' => 'Ď', - 'đ' => 'Đ', - 'ē' => 'Ē', - 'ĕ' => 'Ĕ', - 'ė' => 'Ė', - 'ę' => 'Ę', - 'ě' => 'Ě', - 'ĝ' => 'Ĝ', - 'ğ' => 'Ğ', - 'ġ' => 'Ġ', - 'ģ' => 'Ģ', - 'ĥ' => 'Ĥ', - 'ħ' => 'Ħ', - 'ĩ' => 'Ĩ', - 'ī' => 'Ī', - 'ĭ' => 'Ĭ', - 'į' => 'Į', - 'ı' => 'I', - 'ij' => 'IJ', - 'ĵ' => 'Ĵ', - 'ķ' => 'Ķ', - 'ĺ' => 'Ĺ', - 'ļ' => 'Ļ', - 'ľ' => 'Ľ', - 'ŀ' => 'Ŀ', - 'ł' => 'Ł', - 'ń' => 'Ń', - 'ņ' => 'Ņ', - 'ň' => 'Ň', - 'ŋ' => 'Ŋ', - 'ō' => 'Ō', - 'ŏ' => 'Ŏ', - 'ő' => 'Ő', - 'œ' => 'Œ', - 'ŕ' => 'Ŕ', - 'ŗ' => 'Ŗ', - 'ř' => 'Ř', - 'ś' => 'Ś', - 'ŝ' => 'Ŝ', - 'ş' => 'Ş', - 'š' => 'Š', - 'ţ' => 'Ţ', - 'ť' => 'Ť', - 'ŧ' => 'Ŧ', - 'ũ' => 'Ũ', - 'ū' => 'Ū', - 'ŭ' => 'Ŭ', - 'ů' => 'Ů', - 'ű' => 'Ű', - 'ų' => 'Ų', - 'ŵ' => 'Ŵ', - 'ŷ' => 'Ŷ', - 'ź' => 'Ź', - 'ż' => 'Ż', - 'ž' => 'Ž', - 'ſ' => 'S', - 'ƀ' => 'Ƀ', - 'ƃ' => 'Ƃ', - 'ƅ' => 'Ƅ', - 'ƈ' => 'Ƈ', - 'ƌ' => 'Ƌ', - 'ƒ' => 'Ƒ', - 'ƕ' => 'Ƕ', - 'ƙ' => 'Ƙ', - 'ƚ' => 'Ƚ', - 'ƞ' => 'Ƞ', - 'ơ' => 'Ơ', - 'ƣ' => 'Ƣ', - 'ƥ' => 'Ƥ', - 'ƨ' => 'Ƨ', - 'ƭ' => 'Ƭ', - 'ư' => 'Ư', - 'ƴ' => 'Ƴ', - 'ƶ' => 'Ƶ', - 'ƹ' => 'Ƹ', - 'ƽ' => 'Ƽ', - 'ƿ' => 'Ƿ', - 'Dž' => 'DŽ', - 'dž' => 'DŽ', - 'Lj' => 'LJ', - 'lj' => 'LJ', - 'Nj' => 'NJ', - 'nj' => 'NJ', - 'ǎ' => 'Ǎ', - 'ǐ' => 'Ǐ', - 'ǒ' => 'Ǒ', - 'ǔ' => 'Ǔ', - 'ǖ' => 'Ǖ', - 'ǘ' => 'Ǘ', - 'ǚ' => 'Ǚ', - 'ǜ' => 'Ǜ', - 'ǝ' => 'Ǝ', - 'ǟ' => 'Ǟ', - 'ǡ' => 'Ǡ', - 'ǣ' => 'Ǣ', - 'ǥ' => 'Ǥ', - 'ǧ' => 'Ǧ', - 'ǩ' => 'Ǩ', - 'ǫ' => 'Ǫ', - 'ǭ' => 'Ǭ', - 'ǯ' => 'Ǯ', - 'Dz' => 'DZ', - 'dz' => 'DZ', - 'ǵ' => 'Ǵ', - 'ǹ' => 'Ǹ', - 'ǻ' => 'Ǻ', - 'ǽ' => 'Ǽ', - 'ǿ' => 'Ǿ', - 'ȁ' => 'Ȁ', - 'ȃ' => 'Ȃ', - 'ȅ' => 'Ȅ', - 'ȇ' => 'Ȇ', - 'ȉ' => 'Ȉ', - 'ȋ' => 'Ȋ', - 'ȍ' => 'Ȍ', - 'ȏ' => 'Ȏ', - 'ȑ' => 'Ȑ', - 'ȓ' => 'Ȓ', - 'ȕ' => 'Ȕ', - 'ȗ' => 'Ȗ', - 'ș' => 'Ș', - 'ț' => 'Ț', - 'ȝ' => 'Ȝ', - 'ȟ' => 'Ȟ', - 'ȣ' => 'Ȣ', - 'ȥ' => 'Ȥ', - 'ȧ' => 'Ȧ', - 'ȩ' => 'Ȩ', - 'ȫ' => 'Ȫ', - 'ȭ' => 'Ȭ', - 'ȯ' => 'Ȯ', - 'ȱ' => 'Ȱ', - 'ȳ' => 'Ȳ', - 'ȼ' => 'Ȼ', - 'ȿ' => 'Ȿ', - 'ɀ' => 'Ɀ', - 'ɂ' => 'Ɂ', - 'ɇ' => 'Ɇ', - 'ɉ' => 'Ɉ', - 'ɋ' => 'Ɋ', - 'ɍ' => 'Ɍ', - 'ɏ' => 'Ɏ', - 'ɐ' => 'Ɐ', - 'ɑ' => 'Ɑ', - 'ɒ' => 'Ɒ', - 'ɓ' => 'Ɓ', - 'ɔ' => 'Ɔ', - 'ɖ' => 'Ɖ', - 'ɗ' => 'Ɗ', - 'ə' => 'Ə', - 'ɛ' => 'Ɛ', - 'ɜ' => 'Ɜ', - 'ɠ' => 'Ɠ', - 'ɡ' => 'Ɡ', - 'ɣ' => 'Ɣ', - 'ɥ' => 'Ɥ', - 'ɦ' => 'Ɦ', - 'ɨ' => 'Ɨ', - 'ɩ' => 'Ɩ', - 'ɪ' => 'Ɪ', - 'ɫ' => 'Ɫ', - 'ɬ' => 'Ɬ', - 'ɯ' => 'Ɯ', - 'ɱ' => 'Ɱ', - 'ɲ' => 'Ɲ', - 'ɵ' => 'Ɵ', - 'ɽ' => 'Ɽ', - 'ʀ' => 'Ʀ', - 'ʂ' => 'Ʂ', - 'ʃ' => 'Ʃ', - 'ʇ' => 'Ʇ', - 'ʈ' => 'Ʈ', - 'ʉ' => 'Ʉ', - 'ʊ' => 'Ʊ', - 'ʋ' => 'Ʋ', - 'ʌ' => 'Ʌ', - 'ʒ' => 'Ʒ', - 'ʝ' => 'Ʝ', - 'ʞ' => 'Ʞ', - 'ͅ' => 'Ι', - 'ͱ' => 'Ͱ', - 'ͳ' => 'Ͳ', - 'ͷ' => 'Ͷ', - 'ͻ' => 'Ͻ', - 'ͼ' => 'Ͼ', - 'ͽ' => 'Ͽ', - 'ά' => 'Ά', - 'έ' => 'Έ', - 'ή' => 'Ή', - 'ί' => 'Ί', - 'α' => 'Α', - 'β' => 'Β', - 'γ' => 'Γ', - 'δ' => 'Δ', - 'ε' => 'Ε', - 'ζ' => 'Ζ', - 'η' => 'Η', - 'θ' => 'Θ', - 'ι' => 'Ι', - 'κ' => 'Κ', - 'λ' => 'Λ', - 'μ' => 'Μ', - 'ν' => 'Ν', - 'ξ' => 'Ξ', - 'ο' => 'Ο', - 'π' => 'Π', - 'ρ' => 'Ρ', - 'ς' => 'Σ', - 'σ' => 'Σ', - 'τ' => 'Τ', - 'υ' => 'Υ', - 'φ' => 'Φ', - 'χ' => 'Χ', - 'ψ' => 'Ψ', - 'ω' => 'Ω', - 'ϊ' => 'Ϊ', - 'ϋ' => 'Ϋ', - 'ό' => 'Ό', - 'ύ' => 'Ύ', - 'ώ' => 'Ώ', - 'ϐ' => 'Β', - 'ϑ' => 'Θ', - 'ϕ' => 'Φ', - 'ϖ' => 'Π', - 'ϗ' => 'Ϗ', - 'ϙ' => 'Ϙ', - 'ϛ' => 'Ϛ', - 'ϝ' => 'Ϝ', - 'ϟ' => 'Ϟ', - 'ϡ' => 'Ϡ', - 'ϣ' => 'Ϣ', - 'ϥ' => 'Ϥ', - 'ϧ' => 'Ϧ', - 'ϩ' => 'Ϩ', - 'ϫ' => 'Ϫ', - 'ϭ' => 'Ϭ', - 'ϯ' => 'Ϯ', - 'ϰ' => 'Κ', - 'ϱ' => 'Ρ', - 'ϲ' => 'Ϲ', - 'ϳ' => 'Ϳ', - 'ϵ' => 'Ε', - 'ϸ' => 'Ϸ', - 'ϻ' => 'Ϻ', - 'а' => 'А', - 'б' => 'Б', - 'в' => 'В', - 'г' => 'Г', - 'д' => 'Д', - 'е' => 'Е', - 'ж' => 'Ж', - 'з' => 'З', - 'и' => 'И', - 'й' => 'Й', - 'к' => 'К', - 'л' => 'Л', - 'м' => 'М', - 'н' => 'Н', - 'о' => 'О', - 'п' => 'П', - 'р' => 'Р', - 'с' => 'С', - 'т' => 'Т', - 'у' => 'У', - 'ф' => 'Ф', - 'х' => 'Х', - 'ц' => 'Ц', - 'ч' => 'Ч', - 'ш' => 'Ш', - 'щ' => 'Щ', - 'ъ' => 'Ъ', - 'ы' => 'Ы', - 'ь' => 'Ь', - 'э' => 'Э', - 'ю' => 'Ю', - 'я' => 'Я', - 'ѐ' => 'Ѐ', - 'ё' => 'Ё', - 'ђ' => 'Ђ', - 'ѓ' => 'Ѓ', - 'є' => 'Є', - 'ѕ' => 'Ѕ', - 'і' => 'І', - 'ї' => 'Ї', - 'ј' => 'Ј', - 'љ' => 'Љ', - 'њ' => 'Њ', - 'ћ' => 'Ћ', - 'ќ' => 'Ќ', - 'ѝ' => 'Ѝ', - 'ў' => 'Ў', - 'џ' => 'Џ', - 'ѡ' => 'Ѡ', - 'ѣ' => 'Ѣ', - 'ѥ' => 'Ѥ', - 'ѧ' => 'Ѧ', - 'ѩ' => 'Ѩ', - 'ѫ' => 'Ѫ', - 'ѭ' => 'Ѭ', - 'ѯ' => 'Ѯ', - 'ѱ' => 'Ѱ', - 'ѳ' => 'Ѳ', - 'ѵ' => 'Ѵ', - 'ѷ' => 'Ѷ', - 'ѹ' => 'Ѹ', - 'ѻ' => 'Ѻ', - 'ѽ' => 'Ѽ', - 'ѿ' => 'Ѿ', - 'ҁ' => 'Ҁ', - 'ҋ' => 'Ҋ', - 'ҍ' => 'Ҍ', - 'ҏ' => 'Ҏ', - 'ґ' => 'Ґ', - 'ғ' => 'Ғ', - 'ҕ' => 'Ҕ', - 'җ' => 'Җ', - 'ҙ' => 'Ҙ', - 'қ' => 'Қ', - 'ҝ' => 'Ҝ', - 'ҟ' => 'Ҟ', - 'ҡ' => 'Ҡ', - 'ң' => 'Ң', - 'ҥ' => 'Ҥ', - 'ҧ' => 'Ҧ', - 'ҩ' => 'Ҩ', - 'ҫ' => 'Ҫ', - 'ҭ' => 'Ҭ', - 'ү' => 'Ү', - 'ұ' => 'Ұ', - 'ҳ' => 'Ҳ', - 'ҵ' => 'Ҵ', - 'ҷ' => 'Ҷ', - 'ҹ' => 'Ҹ', - 'һ' => 'Һ', - 'ҽ' => 'Ҽ', - 'ҿ' => 'Ҿ', - 'ӂ' => 'Ӂ', - 'ӄ' => 'Ӄ', - 'ӆ' => 'Ӆ', - 'ӈ' => 'Ӈ', - 'ӊ' => 'Ӊ', - 'ӌ' => 'Ӌ', - 'ӎ' => 'Ӎ', - 'ӏ' => 'Ӏ', - 'ӑ' => 'Ӑ', - 'ӓ' => 'Ӓ', - 'ӕ' => 'Ӕ', - 'ӗ' => 'Ӗ', - 'ә' => 'Ә', - 'ӛ' => 'Ӛ', - 'ӝ' => 'Ӝ', - 'ӟ' => 'Ӟ', - 'ӡ' => 'Ӡ', - 'ӣ' => 'Ӣ', - 'ӥ' => 'Ӥ', - 'ӧ' => 'Ӧ', - 'ө' => 'Ө', - 'ӫ' => 'Ӫ', - 'ӭ' => 'Ӭ', - 'ӯ' => 'Ӯ', - 'ӱ' => 'Ӱ', - 'ӳ' => 'Ӳ', - 'ӵ' => 'Ӵ', - 'ӷ' => 'Ӷ', - 'ӹ' => 'Ӹ', - 'ӻ' => 'Ӻ', - 'ӽ' => 'Ӽ', - 'ӿ' => 'Ӿ', - 'ԁ' => 'Ԁ', - 'ԃ' => 'Ԃ', - 'ԅ' => 'Ԅ', - 'ԇ' => 'Ԇ', - 'ԉ' => 'Ԉ', - 'ԋ' => 'Ԋ', - 'ԍ' => 'Ԍ', - 'ԏ' => 'Ԏ', - 'ԑ' => 'Ԑ', - 'ԓ' => 'Ԓ', - 'ԕ' => 'Ԕ', - 'ԗ' => 'Ԗ', - 'ԙ' => 'Ԙ', - 'ԛ' => 'Ԛ', - 'ԝ' => 'Ԝ', - 'ԟ' => 'Ԟ', - 'ԡ' => 'Ԡ', - 'ԣ' => 'Ԣ', - 'ԥ' => 'Ԥ', - 'ԧ' => 'Ԧ', - 'ԩ' => 'Ԩ', - 'ԫ' => 'Ԫ', - 'ԭ' => 'Ԭ', - 'ԯ' => 'Ԯ', - 'ա' => 'Ա', - 'բ' => 'Բ', - 'գ' => 'Գ', - 'դ' => 'Դ', - 'ե' => 'Ե', - 'զ' => 'Զ', - 'է' => 'Է', - 'ը' => 'Ը', - 'թ' => 'Թ', - 'ժ' => 'Ժ', - 'ի' => 'Ի', - 'լ' => 'Լ', - 'խ' => 'Խ', - 'ծ' => 'Ծ', - 'կ' => 'Կ', - 'հ' => 'Հ', - 'ձ' => 'Ձ', - 'ղ' => 'Ղ', - 'ճ' => 'Ճ', - 'մ' => 'Մ', - 'յ' => 'Յ', - 'ն' => 'Ն', - 'շ' => 'Շ', - 'ո' => 'Ո', - 'չ' => 'Չ', - 'պ' => 'Պ', - 'ջ' => 'Ջ', - 'ռ' => 'Ռ', - 'ս' => 'Ս', - 'վ' => 'Վ', - 'տ' => 'Տ', - 'ր' => 'Ր', - 'ց' => 'Ց', - 'ւ' => 'Ւ', - 'փ' => 'Փ', - 'ք' => 'Ք', - 'օ' => 'Օ', - 'ֆ' => 'Ֆ', - 'ა' => 'Ა', - 'ბ' => 'Ბ', - 'გ' => 'Გ', - 'დ' => 'Დ', - 'ე' => 'Ე', - 'ვ' => 'Ვ', - 'ზ' => 'Ზ', - 'თ' => 'Თ', - 'ი' => 'Ი', - 'კ' => 'Კ', - 'ლ' => 'Ლ', - 'მ' => 'Მ', - 'ნ' => 'Ნ', - 'ო' => 'Ო', - 'პ' => 'Პ', - 'ჟ' => 'Ჟ', - 'რ' => 'Რ', - 'ს' => 'Ს', - 'ტ' => 'Ტ', - 'უ' => 'Უ', - 'ფ' => 'Ფ', - 'ქ' => 'Ქ', - 'ღ' => 'Ღ', - 'ყ' => 'Ყ', - 'შ' => 'Შ', - 'ჩ' => 'Ჩ', - 'ც' => 'Ც', - 'ძ' => 'Ძ', - 'წ' => 'Წ', - 'ჭ' => 'Ჭ', - 'ხ' => 'Ხ', - 'ჯ' => 'Ჯ', - 'ჰ' => 'Ჰ', - 'ჱ' => 'Ჱ', - 'ჲ' => 'Ჲ', - 'ჳ' => 'Ჳ', - 'ჴ' => 'Ჴ', - 'ჵ' => 'Ჵ', - 'ჶ' => 'Ჶ', - 'ჷ' => 'Ჷ', - 'ჸ' => 'Ჸ', - 'ჹ' => 'Ჹ', - 'ჺ' => 'Ჺ', - 'ჽ' => 'Ჽ', - 'ჾ' => 'Ჾ', - 'ჿ' => 'Ჿ', - 'ᏸ' => 'Ᏸ', - 'ᏹ' => 'Ᏹ', - 'ᏺ' => 'Ᏺ', - 'ᏻ' => 'Ᏻ', - 'ᏼ' => 'Ᏼ', - 'ᏽ' => 'Ᏽ', - 'ᲀ' => 'В', - 'ᲁ' => 'Д', - 'ᲂ' => 'О', - 'ᲃ' => 'С', - 'ᲄ' => 'Т', - 'ᲅ' => 'Т', - 'ᲆ' => 'Ъ', - 'ᲇ' => 'Ѣ', - 'ᲈ' => 'Ꙋ', - 'ᵹ' => 'Ᵹ', - 'ᵽ' => 'Ᵽ', - 'ᶎ' => 'Ᶎ', - 'ḁ' => 'Ḁ', - 'ḃ' => 'Ḃ', - 'ḅ' => 'Ḅ', - 'ḇ' => 'Ḇ', - 'ḉ' => 'Ḉ', - 'ḋ' => 'Ḋ', - 'ḍ' => 'Ḍ', - 'ḏ' => 'Ḏ', - 'ḑ' => 'Ḑ', - 'ḓ' => 'Ḓ', - 'ḕ' => 'Ḕ', - 'ḗ' => 'Ḗ', - 'ḙ' => 'Ḙ', - 'ḛ' => 'Ḛ', - 'ḝ' => 'Ḝ', - 'ḟ' => 'Ḟ', - 'ḡ' => 'Ḡ', - 'ḣ' => 'Ḣ', - 'ḥ' => 'Ḥ', - 'ḧ' => 'Ḧ', - 'ḩ' => 'Ḩ', - 'ḫ' => 'Ḫ', - 'ḭ' => 'Ḭ', - 'ḯ' => 'Ḯ', - 'ḱ' => 'Ḱ', - 'ḳ' => 'Ḳ', - 'ḵ' => 'Ḵ', - 'ḷ' => 'Ḷ', - 'ḹ' => 'Ḹ', - 'ḻ' => 'Ḻ', - 'ḽ' => 'Ḽ', - 'ḿ' => 'Ḿ', - 'ṁ' => 'Ṁ', - 'ṃ' => 'Ṃ', - 'ṅ' => 'Ṅ', - 'ṇ' => 'Ṇ', - 'ṉ' => 'Ṉ', - 'ṋ' => 'Ṋ', - 'ṍ' => 'Ṍ', - 'ṏ' => 'Ṏ', - 'ṑ' => 'Ṑ', - 'ṓ' => 'Ṓ', - 'ṕ' => 'Ṕ', - 'ṗ' => 'Ṗ', - 'ṙ' => 'Ṙ', - 'ṛ' => 'Ṛ', - 'ṝ' => 'Ṝ', - 'ṟ' => 'Ṟ', - 'ṡ' => 'Ṡ', - 'ṣ' => 'Ṣ', - 'ṥ' => 'Ṥ', - 'ṧ' => 'Ṧ', - 'ṩ' => 'Ṩ', - 'ṫ' => 'Ṫ', - 'ṭ' => 'Ṭ', - 'ṯ' => 'Ṯ', - 'ṱ' => 'Ṱ', - 'ṳ' => 'Ṳ', - 'ṵ' => 'Ṵ', - 'ṷ' => 'Ṷ', - 'ṹ' => 'Ṹ', - 'ṻ' => 'Ṻ', - 'ṽ' => 'Ṽ', - 'ṿ' => 'Ṿ', - 'ẁ' => 'Ẁ', - 'ẃ' => 'Ẃ', - 'ẅ' => 'Ẅ', - 'ẇ' => 'Ẇ', - 'ẉ' => 'Ẉ', - 'ẋ' => 'Ẋ', - 'ẍ' => 'Ẍ', - 'ẏ' => 'Ẏ', - 'ẑ' => 'Ẑ', - 'ẓ' => 'Ẓ', - 'ẕ' => 'Ẕ', - 'ẛ' => 'Ṡ', - 'ạ' => 'Ạ', - 'ả' => 'Ả', - 'ấ' => 'Ấ', - 'ầ' => 'Ầ', - 'ẩ' => 'Ẩ', - 'ẫ' => 'Ẫ', - 'ậ' => 'Ậ', - 'ắ' => 'Ắ', - 'ằ' => 'Ằ', - 'ẳ' => 'Ẳ', - 'ẵ' => 'Ẵ', - 'ặ' => 'Ặ', - 'ẹ' => 'Ẹ', - 'ẻ' => 'Ẻ', - 'ẽ' => 'Ẽ', - 'ế' => 'Ế', - 'ề' => 'Ề', - 'ể' => 'Ể', - 'ễ' => 'Ễ', - 'ệ' => 'Ệ', - 'ỉ' => 'Ỉ', - 'ị' => 'Ị', - 'ọ' => 'Ọ', - 'ỏ' => 'Ỏ', - 'ố' => 'Ố', - 'ồ' => 'Ồ', - 'ổ' => 'Ổ', - 'ỗ' => 'Ỗ', - 'ộ' => 'Ộ', - 'ớ' => 'Ớ', - 'ờ' => 'Ờ', - 'ở' => 'Ở', - 'ỡ' => 'Ỡ', - 'ợ' => 'Ợ', - 'ụ' => 'Ụ', - 'ủ' => 'Ủ', - 'ứ' => 'Ứ', - 'ừ' => 'Ừ', - 'ử' => 'Ử', - 'ữ' => 'Ữ', - 'ự' => 'Ự', - 'ỳ' => 'Ỳ', - 'ỵ' => 'Ỵ', - 'ỷ' => 'Ỷ', - 'ỹ' => 'Ỹ', - 'ỻ' => 'Ỻ', - 'ỽ' => 'Ỽ', - 'ỿ' => 'Ỿ', - 'ἀ' => 'Ἀ', - 'ἁ' => 'Ἁ', - 'ἂ' => 'Ἂ', - 'ἃ' => 'Ἃ', - 'ἄ' => 'Ἄ', - 'ἅ' => 'Ἅ', - 'ἆ' => 'Ἆ', - 'ἇ' => 'Ἇ', - 'ἐ' => 'Ἐ', - 'ἑ' => 'Ἑ', - 'ἒ' => 'Ἒ', - 'ἓ' => 'Ἓ', - 'ἔ' => 'Ἔ', - 'ἕ' => 'Ἕ', - 'ἠ' => 'Ἠ', - 'ἡ' => 'Ἡ', - 'ἢ' => 'Ἢ', - 'ἣ' => 'Ἣ', - 'ἤ' => 'Ἤ', - 'ἥ' => 'Ἥ', - 'ἦ' => 'Ἦ', - 'ἧ' => 'Ἧ', - 'ἰ' => 'Ἰ', - 'ἱ' => 'Ἱ', - 'ἲ' => 'Ἲ', - 'ἳ' => 'Ἳ', - 'ἴ' => 'Ἴ', - 'ἵ' => 'Ἵ', - 'ἶ' => 'Ἶ', - 'ἷ' => 'Ἷ', - 'ὀ' => 'Ὀ', - 'ὁ' => 'Ὁ', - 'ὂ' => 'Ὂ', - 'ὃ' => 'Ὃ', - 'ὄ' => 'Ὄ', - 'ὅ' => 'Ὅ', - 'ὑ' => 'Ὑ', - 'ὓ' => 'Ὓ', - 'ὕ' => 'Ὕ', - 'ὗ' => 'Ὗ', - 'ὠ' => 'Ὠ', - 'ὡ' => 'Ὡ', - 'ὢ' => 'Ὢ', - 'ὣ' => 'Ὣ', - 'ὤ' => 'Ὤ', - 'ὥ' => 'Ὥ', - 'ὦ' => 'Ὦ', - 'ὧ' => 'Ὧ', - 'ὰ' => 'Ὰ', - 'ά' => 'Ά', - 'ὲ' => 'Ὲ', - 'έ' => 'Έ', - 'ὴ' => 'Ὴ', - 'ή' => 'Ή', - 'ὶ' => 'Ὶ', - 'ί' => 'Ί', - 'ὸ' => 'Ὸ', - 'ό' => 'Ό', - 'ὺ' => 'Ὺ', - 'ύ' => 'Ύ', - 'ὼ' => 'Ὼ', - 'ώ' => 'Ώ', - 'ᾀ' => 'ἈΙ', - 'ᾁ' => 'ἉΙ', - 'ᾂ' => 'ἊΙ', - 'ᾃ' => 'ἋΙ', - 'ᾄ' => 'ἌΙ', - 'ᾅ' => 'ἍΙ', - 'ᾆ' => 'ἎΙ', - 'ᾇ' => 'ἏΙ', - 'ᾐ' => 'ἨΙ', - 'ᾑ' => 'ἩΙ', - 'ᾒ' => 'ἪΙ', - 'ᾓ' => 'ἫΙ', - 'ᾔ' => 'ἬΙ', - 'ᾕ' => 'ἭΙ', - 'ᾖ' => 'ἮΙ', - 'ᾗ' => 'ἯΙ', - 'ᾠ' => 'ὨΙ', - 'ᾡ' => 'ὩΙ', - 'ᾢ' => 'ὪΙ', - 'ᾣ' => 'ὫΙ', - 'ᾤ' => 'ὬΙ', - 'ᾥ' => 'ὭΙ', - 'ᾦ' => 'ὮΙ', - 'ᾧ' => 'ὯΙ', - 'ᾰ' => 'Ᾰ', - 'ᾱ' => 'Ᾱ', - 'ᾳ' => 'ΑΙ', - 'ι' => 'Ι', - 'ῃ' => 'ΗΙ', - 'ῐ' => 'Ῐ', - 'ῑ' => 'Ῑ', - 'ῠ' => 'Ῠ', - 'ῡ' => 'Ῡ', - 'ῥ' => 'Ῥ', - 'ῳ' => 'ΩΙ', - 'ⅎ' => 'Ⅎ', - 'ⅰ' => 'Ⅰ', - 'ⅱ' => 'Ⅱ', - 'ⅲ' => 'Ⅲ', - 'ⅳ' => 'Ⅳ', - 'ⅴ' => 'Ⅴ', - 'ⅵ' => 'Ⅵ', - 'ⅶ' => 'Ⅶ', - 'ⅷ' => 'Ⅷ', - 'ⅸ' => 'Ⅸ', - 'ⅹ' => 'Ⅹ', - 'ⅺ' => 'Ⅺ', - 'ⅻ' => 'Ⅻ', - 'ⅼ' => 'Ⅼ', - 'ⅽ' => 'Ⅽ', - 'ⅾ' => 'Ⅾ', - 'ⅿ' => 'Ⅿ', - 'ↄ' => 'Ↄ', - 'ⓐ' => 'Ⓐ', - 'ⓑ' => 'Ⓑ', - 'ⓒ' => 'Ⓒ', - 'ⓓ' => 'Ⓓ', - 'ⓔ' => 'Ⓔ', - 'ⓕ' => 'Ⓕ', - 'ⓖ' => 'Ⓖ', - 'ⓗ' => 'Ⓗ', - 'ⓘ' => 'Ⓘ', - 'ⓙ' => 'Ⓙ', - 'ⓚ' => 'Ⓚ', - 'ⓛ' => 'Ⓛ', - 'ⓜ' => 'Ⓜ', - 'ⓝ' => 'Ⓝ', - 'ⓞ' => 'Ⓞ', - 'ⓟ' => 'Ⓟ', - 'ⓠ' => 'Ⓠ', - 'ⓡ' => 'Ⓡ', - 'ⓢ' => 'Ⓢ', - 'ⓣ' => 'Ⓣ', - 'ⓤ' => 'Ⓤ', - 'ⓥ' => 'Ⓥ', - 'ⓦ' => 'Ⓦ', - 'ⓧ' => 'Ⓧ', - 'ⓨ' => 'Ⓨ', - 'ⓩ' => 'Ⓩ', - 'ⰰ' => 'Ⰰ', - 'ⰱ' => 'Ⰱ', - 'ⰲ' => 'Ⰲ', - 'ⰳ' => 'Ⰳ', - 'ⰴ' => 'Ⰴ', - 'ⰵ' => 'Ⰵ', - 'ⰶ' => 'Ⰶ', - 'ⰷ' => 'Ⰷ', - 'ⰸ' => 'Ⰸ', - 'ⰹ' => 'Ⰹ', - 'ⰺ' => 'Ⰺ', - 'ⰻ' => 'Ⰻ', - 'ⰼ' => 'Ⰼ', - 'ⰽ' => 'Ⰽ', - 'ⰾ' => 'Ⰾ', - 'ⰿ' => 'Ⰿ', - 'ⱀ' => 'Ⱀ', - 'ⱁ' => 'Ⱁ', - 'ⱂ' => 'Ⱂ', - 'ⱃ' => 'Ⱃ', - 'ⱄ' => 'Ⱄ', - 'ⱅ' => 'Ⱅ', - 'ⱆ' => 'Ⱆ', - 'ⱇ' => 'Ⱇ', - 'ⱈ' => 'Ⱈ', - 'ⱉ' => 'Ⱉ', - 'ⱊ' => 'Ⱊ', - 'ⱋ' => 'Ⱋ', - 'ⱌ' => 'Ⱌ', - 'ⱍ' => 'Ⱍ', - 'ⱎ' => 'Ⱎ', - 'ⱏ' => 'Ⱏ', - 'ⱐ' => 'Ⱐ', - 'ⱑ' => 'Ⱑ', - 'ⱒ' => 'Ⱒ', - 'ⱓ' => 'Ⱓ', - 'ⱔ' => 'Ⱔ', - 'ⱕ' => 'Ⱕ', - 'ⱖ' => 'Ⱖ', - 'ⱗ' => 'Ⱗ', - 'ⱘ' => 'Ⱘ', - 'ⱙ' => 'Ⱙ', - 'ⱚ' => 'Ⱚ', - 'ⱛ' => 'Ⱛ', - 'ⱜ' => 'Ⱜ', - 'ⱝ' => 'Ⱝ', - 'ⱞ' => 'Ⱞ', - 'ⱡ' => 'Ⱡ', - 'ⱥ' => 'Ⱥ', - 'ⱦ' => 'Ⱦ', - 'ⱨ' => 'Ⱨ', - 'ⱪ' => 'Ⱪ', - 'ⱬ' => 'Ⱬ', - 'ⱳ' => 'Ⱳ', - 'ⱶ' => 'Ⱶ', - 'ⲁ' => 'Ⲁ', - 'ⲃ' => 'Ⲃ', - 'ⲅ' => 'Ⲅ', - 'ⲇ' => 'Ⲇ', - 'ⲉ' => 'Ⲉ', - 'ⲋ' => 'Ⲋ', - 'ⲍ' => 'Ⲍ', - 'ⲏ' => 'Ⲏ', - 'ⲑ' => 'Ⲑ', - 'ⲓ' => 'Ⲓ', - 'ⲕ' => 'Ⲕ', - 'ⲗ' => 'Ⲗ', - 'ⲙ' => 'Ⲙ', - 'ⲛ' => 'Ⲛ', - 'ⲝ' => 'Ⲝ', - 'ⲟ' => 'Ⲟ', - 'ⲡ' => 'Ⲡ', - 'ⲣ' => 'Ⲣ', - 'ⲥ' => 'Ⲥ', - 'ⲧ' => 'Ⲧ', - 'ⲩ' => 'Ⲩ', - 'ⲫ' => 'Ⲫ', - 'ⲭ' => 'Ⲭ', - 'ⲯ' => 'Ⲯ', - 'ⲱ' => 'Ⲱ', - 'ⲳ' => 'Ⲳ', - 'ⲵ' => 'Ⲵ', - 'ⲷ' => 'Ⲷ', - 'ⲹ' => 'Ⲹ', - 'ⲻ' => 'Ⲻ', - 'ⲽ' => 'Ⲽ', - 'ⲿ' => 'Ⲿ', - 'ⳁ' => 'Ⳁ', - 'ⳃ' => 'Ⳃ', - 'ⳅ' => 'Ⳅ', - 'ⳇ' => 'Ⳇ', - 'ⳉ' => 'Ⳉ', - 'ⳋ' => 'Ⳋ', - 'ⳍ' => 'Ⳍ', - 'ⳏ' => 'Ⳏ', - 'ⳑ' => 'Ⳑ', - 'ⳓ' => 'Ⳓ', - 'ⳕ' => 'Ⳕ', - 'ⳗ' => 'Ⳗ', - 'ⳙ' => 'Ⳙ', - 'ⳛ' => 'Ⳛ', - 'ⳝ' => 'Ⳝ', - 'ⳟ' => 'Ⳟ', - 'ⳡ' => 'Ⳡ', - 'ⳣ' => 'Ⳣ', - 'ⳬ' => 'Ⳬ', - 'ⳮ' => 'Ⳮ', - 'ⳳ' => 'Ⳳ', - 'ⴀ' => 'Ⴀ', - 'ⴁ' => 'Ⴁ', - 'ⴂ' => 'Ⴂ', - 'ⴃ' => 'Ⴃ', - 'ⴄ' => 'Ⴄ', - 'ⴅ' => 'Ⴅ', - 'ⴆ' => 'Ⴆ', - 'ⴇ' => 'Ⴇ', - 'ⴈ' => 'Ⴈ', - 'ⴉ' => 'Ⴉ', - 'ⴊ' => 'Ⴊ', - 'ⴋ' => 'Ⴋ', - 'ⴌ' => 'Ⴌ', - 'ⴍ' => 'Ⴍ', - 'ⴎ' => 'Ⴎ', - 'ⴏ' => 'Ⴏ', - 'ⴐ' => 'Ⴐ', - 'ⴑ' => 'Ⴑ', - 'ⴒ' => 'Ⴒ', - 'ⴓ' => 'Ⴓ', - 'ⴔ' => 'Ⴔ', - 'ⴕ' => 'Ⴕ', - 'ⴖ' => 'Ⴖ', - 'ⴗ' => 'Ⴗ', - 'ⴘ' => 'Ⴘ', - 'ⴙ' => 'Ⴙ', - 'ⴚ' => 'Ⴚ', - 'ⴛ' => 'Ⴛ', - 'ⴜ' => 'Ⴜ', - 'ⴝ' => 'Ⴝ', - 'ⴞ' => 'Ⴞ', - 'ⴟ' => 'Ⴟ', - 'ⴠ' => 'Ⴠ', - 'ⴡ' => 'Ⴡ', - 'ⴢ' => 'Ⴢ', - 'ⴣ' => 'Ⴣ', - 'ⴤ' => 'Ⴤ', - 'ⴥ' => 'Ⴥ', - 'ⴧ' => 'Ⴧ', - 'ⴭ' => 'Ⴭ', - 'ꙁ' => 'Ꙁ', - 'ꙃ' => 'Ꙃ', - 'ꙅ' => 'Ꙅ', - 'ꙇ' => 'Ꙇ', - 'ꙉ' => 'Ꙉ', - 'ꙋ' => 'Ꙋ', - 'ꙍ' => 'Ꙍ', - 'ꙏ' => 'Ꙏ', - 'ꙑ' => 'Ꙑ', - 'ꙓ' => 'Ꙓ', - 'ꙕ' => 'Ꙕ', - 'ꙗ' => 'Ꙗ', - 'ꙙ' => 'Ꙙ', - 'ꙛ' => 'Ꙛ', - 'ꙝ' => 'Ꙝ', - 'ꙟ' => 'Ꙟ', - 'ꙡ' => 'Ꙡ', - 'ꙣ' => 'Ꙣ', - 'ꙥ' => 'Ꙥ', - 'ꙧ' => 'Ꙧ', - 'ꙩ' => 'Ꙩ', - 'ꙫ' => 'Ꙫ', - 'ꙭ' => 'Ꙭ', - 'ꚁ' => 'Ꚁ', - 'ꚃ' => 'Ꚃ', - 'ꚅ' => 'Ꚅ', - 'ꚇ' => 'Ꚇ', - 'ꚉ' => 'Ꚉ', - 'ꚋ' => 'Ꚋ', - 'ꚍ' => 'Ꚍ', - 'ꚏ' => 'Ꚏ', - 'ꚑ' => 'Ꚑ', - 'ꚓ' => 'Ꚓ', - 'ꚕ' => 'Ꚕ', - 'ꚗ' => 'Ꚗ', - 'ꚙ' => 'Ꚙ', - 'ꚛ' => 'Ꚛ', - 'ꜣ' => 'Ꜣ', - 'ꜥ' => 'Ꜥ', - 'ꜧ' => 'Ꜧ', - 'ꜩ' => 'Ꜩ', - 'ꜫ' => 'Ꜫ', - 'ꜭ' => 'Ꜭ', - 'ꜯ' => 'Ꜯ', - 'ꜳ' => 'Ꜳ', - 'ꜵ' => 'Ꜵ', - 'ꜷ' => 'Ꜷ', - 'ꜹ' => 'Ꜹ', - 'ꜻ' => 'Ꜻ', - 'ꜽ' => 'Ꜽ', - 'ꜿ' => 'Ꜿ', - 'ꝁ' => 'Ꝁ', - 'ꝃ' => 'Ꝃ', - 'ꝅ' => 'Ꝅ', - 'ꝇ' => 'Ꝇ', - 'ꝉ' => 'Ꝉ', - 'ꝋ' => 'Ꝋ', - 'ꝍ' => 'Ꝍ', - 'ꝏ' => 'Ꝏ', - 'ꝑ' => 'Ꝑ', - 'ꝓ' => 'Ꝓ', - 'ꝕ' => 'Ꝕ', - 'ꝗ' => 'Ꝗ', - 'ꝙ' => 'Ꝙ', - 'ꝛ' => 'Ꝛ', - 'ꝝ' => 'Ꝝ', - 'ꝟ' => 'Ꝟ', - 'ꝡ' => 'Ꝡ', - 'ꝣ' => 'Ꝣ', - 'ꝥ' => 'Ꝥ', - 'ꝧ' => 'Ꝧ', - 'ꝩ' => 'Ꝩ', - 'ꝫ' => 'Ꝫ', - 'ꝭ' => 'Ꝭ', - 'ꝯ' => 'Ꝯ', - 'ꝺ' => 'Ꝺ', - 'ꝼ' => 'Ꝼ', - 'ꝿ' => 'Ꝿ', - 'ꞁ' => 'Ꞁ', - 'ꞃ' => 'Ꞃ', - 'ꞅ' => 'Ꞅ', - 'ꞇ' => 'Ꞇ', - 'ꞌ' => 'Ꞌ', - 'ꞑ' => 'Ꞑ', - 'ꞓ' => 'Ꞓ', - 'ꞔ' => 'Ꞔ', - 'ꞗ' => 'Ꞗ', - 'ꞙ' => 'Ꞙ', - 'ꞛ' => 'Ꞛ', - 'ꞝ' => 'Ꞝ', - 'ꞟ' => 'Ꞟ', - 'ꞡ' => 'Ꞡ', - 'ꞣ' => 'Ꞣ', - 'ꞥ' => 'Ꞥ', - 'ꞧ' => 'Ꞧ', - 'ꞩ' => 'Ꞩ', - 'ꞵ' => 'Ꞵ', - 'ꞷ' => 'Ꞷ', - 'ꞹ' => 'Ꞹ', - 'ꞻ' => 'Ꞻ', - 'ꞽ' => 'Ꞽ', - 'ꞿ' => 'Ꞿ', - 'ꟃ' => 'Ꟃ', - 'ꟈ' => 'Ꟈ', - 'ꟊ' => 'Ꟊ', - 'ꟶ' => 'Ꟶ', - 'ꭓ' => 'Ꭓ', - 'ꭰ' => 'Ꭰ', - 'ꭱ' => 'Ꭱ', - 'ꭲ' => 'Ꭲ', - 'ꭳ' => 'Ꭳ', - 'ꭴ' => 'Ꭴ', - 'ꭵ' => 'Ꭵ', - 'ꭶ' => 'Ꭶ', - 'ꭷ' => 'Ꭷ', - 'ꭸ' => 'Ꭸ', - 'ꭹ' => 'Ꭹ', - 'ꭺ' => 'Ꭺ', - 'ꭻ' => 'Ꭻ', - 'ꭼ' => 'Ꭼ', - 'ꭽ' => 'Ꭽ', - 'ꭾ' => 'Ꭾ', - 'ꭿ' => 'Ꭿ', - 'ꮀ' => 'Ꮀ', - 'ꮁ' => 'Ꮁ', - 'ꮂ' => 'Ꮂ', - 'ꮃ' => 'Ꮃ', - 'ꮄ' => 'Ꮄ', - 'ꮅ' => 'Ꮅ', - 'ꮆ' => 'Ꮆ', - 'ꮇ' => 'Ꮇ', - 'ꮈ' => 'Ꮈ', - 'ꮉ' => 'Ꮉ', - 'ꮊ' => 'Ꮊ', - 'ꮋ' => 'Ꮋ', - 'ꮌ' => 'Ꮌ', - 'ꮍ' => 'Ꮍ', - 'ꮎ' => 'Ꮎ', - 'ꮏ' => 'Ꮏ', - 'ꮐ' => 'Ꮐ', - 'ꮑ' => 'Ꮑ', - 'ꮒ' => 'Ꮒ', - 'ꮓ' => 'Ꮓ', - 'ꮔ' => 'Ꮔ', - 'ꮕ' => 'Ꮕ', - 'ꮖ' => 'Ꮖ', - 'ꮗ' => 'Ꮗ', - 'ꮘ' => 'Ꮘ', - 'ꮙ' => 'Ꮙ', - 'ꮚ' => 'Ꮚ', - 'ꮛ' => 'Ꮛ', - 'ꮜ' => 'Ꮜ', - 'ꮝ' => 'Ꮝ', - 'ꮞ' => 'Ꮞ', - 'ꮟ' => 'Ꮟ', - 'ꮠ' => 'Ꮠ', - 'ꮡ' => 'Ꮡ', - 'ꮢ' => 'Ꮢ', - 'ꮣ' => 'Ꮣ', - 'ꮤ' => 'Ꮤ', - 'ꮥ' => 'Ꮥ', - 'ꮦ' => 'Ꮦ', - 'ꮧ' => 'Ꮧ', - 'ꮨ' => 'Ꮨ', - 'ꮩ' => 'Ꮩ', - 'ꮪ' => 'Ꮪ', - 'ꮫ' => 'Ꮫ', - 'ꮬ' => 'Ꮬ', - 'ꮭ' => 'Ꮭ', - 'ꮮ' => 'Ꮮ', - 'ꮯ' => 'Ꮯ', - 'ꮰ' => 'Ꮰ', - 'ꮱ' => 'Ꮱ', - 'ꮲ' => 'Ꮲ', - 'ꮳ' => 'Ꮳ', - 'ꮴ' => 'Ꮴ', - 'ꮵ' => 'Ꮵ', - 'ꮶ' => 'Ꮶ', - 'ꮷ' => 'Ꮷ', - 'ꮸ' => 'Ꮸ', - 'ꮹ' => 'Ꮹ', - 'ꮺ' => 'Ꮺ', - 'ꮻ' => 'Ꮻ', - 'ꮼ' => 'Ꮼ', - 'ꮽ' => 'Ꮽ', - 'ꮾ' => 'Ꮾ', - 'ꮿ' => 'Ꮿ', - 'a' => 'A', - 'b' => 'B', - 'c' => 'C', - 'd' => 'D', - 'e' => 'E', - 'f' => 'F', - 'g' => 'G', - 'h' => 'H', - 'i' => 'I', - 'j' => 'J', - 'k' => 'K', - 'l' => 'L', - 'm' => 'M', - 'n' => 'N', - 'o' => 'O', - 'p' => 'P', - 'q' => 'Q', - 'r' => 'R', - 's' => 'S', - 't' => 'T', - 'u' => 'U', - 'v' => 'V', - 'w' => 'W', - 'x' => 'X', - 'y' => 'Y', - 'z' => 'Z', - '𐐨' => '𐐀', - '𐐩' => '𐐁', - '𐐪' => '𐐂', - '𐐫' => '𐐃', - '𐐬' => '𐐄', - '𐐭' => '𐐅', - '𐐮' => '𐐆', - '𐐯' => '𐐇', - '𐐰' => '𐐈', - '𐐱' => '𐐉', - '𐐲' => '𐐊', - '𐐳' => '𐐋', - '𐐴' => '𐐌', - '𐐵' => '𐐍', - '𐐶' => '𐐎', - '𐐷' => '𐐏', - '𐐸' => '𐐐', - '𐐹' => '𐐑', - '𐐺' => '𐐒', - '𐐻' => '𐐓', - '𐐼' => '𐐔', - '𐐽' => '𐐕', - '𐐾' => '𐐖', - '𐐿' => '𐐗', - '𐑀' => '𐐘', - '𐑁' => '𐐙', - '𐑂' => '𐐚', - '𐑃' => '𐐛', - '𐑄' => '𐐜', - '𐑅' => '𐐝', - '𐑆' => '𐐞', - '𐑇' => '𐐟', - '𐑈' => '𐐠', - '𐑉' => '𐐡', - '𐑊' => '𐐢', - '𐑋' => '𐐣', - '𐑌' => '𐐤', - '𐑍' => '𐐥', - '𐑎' => '𐐦', - '𐑏' => '𐐧', - '𐓘' => '𐒰', - '𐓙' => '𐒱', - '𐓚' => '𐒲', - '𐓛' => '𐒳', - '𐓜' => '𐒴', - '𐓝' => '𐒵', - '𐓞' => '𐒶', - '𐓟' => '𐒷', - '𐓠' => '𐒸', - '𐓡' => '𐒹', - '𐓢' => '𐒺', - '𐓣' => '𐒻', - '𐓤' => '𐒼', - '𐓥' => '𐒽', - '𐓦' => '𐒾', - '𐓧' => '𐒿', - '𐓨' => '𐓀', - '𐓩' => '𐓁', - '𐓪' => '𐓂', - '𐓫' => '𐓃', - '𐓬' => '𐓄', - '𐓭' => '𐓅', - '𐓮' => '𐓆', - '𐓯' => '𐓇', - '𐓰' => '𐓈', - '𐓱' => '𐓉', - '𐓲' => '𐓊', - '𐓳' => '𐓋', - '𐓴' => '𐓌', - '𐓵' => '𐓍', - '𐓶' => '𐓎', - '𐓷' => '𐓏', - '𐓸' => '𐓐', - '𐓹' => '𐓑', - '𐓺' => '𐓒', - '𐓻' => '𐓓', - '𐳀' => '𐲀', - '𐳁' => '𐲁', - '𐳂' => '𐲂', - '𐳃' => '𐲃', - '𐳄' => '𐲄', - '𐳅' => '𐲅', - '𐳆' => '𐲆', - '𐳇' => '𐲇', - '𐳈' => '𐲈', - '𐳉' => '𐲉', - '𐳊' => '𐲊', - '𐳋' => '𐲋', - '𐳌' => '𐲌', - '𐳍' => '𐲍', - '𐳎' => '𐲎', - '𐳏' => '𐲏', - '𐳐' => '𐲐', - '𐳑' => '𐲑', - '𐳒' => '𐲒', - '𐳓' => '𐲓', - '𐳔' => '𐲔', - '𐳕' => '𐲕', - '𐳖' => '𐲖', - '𐳗' => '𐲗', - '𐳘' => '𐲘', - '𐳙' => '𐲙', - '𐳚' => '𐲚', - '𐳛' => '𐲛', - '𐳜' => '𐲜', - '𐳝' => '𐲝', - '𐳞' => '𐲞', - '𐳟' => '𐲟', - '𐳠' => '𐲠', - '𐳡' => '𐲡', - '𐳢' => '𐲢', - '𐳣' => '𐲣', - '𐳤' => '𐲤', - '𐳥' => '𐲥', - '𐳦' => '𐲦', - '𐳧' => '𐲧', - '𐳨' => '𐲨', - '𐳩' => '𐲩', - '𐳪' => '𐲪', - '𐳫' => '𐲫', - '𐳬' => '𐲬', - '𐳭' => '𐲭', - '𐳮' => '𐲮', - '𐳯' => '𐲯', - '𐳰' => '𐲰', - '𐳱' => '𐲱', - '𐳲' => '𐲲', - '𑣀' => '𑢠', - '𑣁' => '𑢡', - '𑣂' => '𑢢', - '𑣃' => '𑢣', - '𑣄' => '𑢤', - '𑣅' => '𑢥', - '𑣆' => '𑢦', - '𑣇' => '𑢧', - '𑣈' => '𑢨', - '𑣉' => '𑢩', - '𑣊' => '𑢪', - '𑣋' => '𑢫', - '𑣌' => '𑢬', - '𑣍' => '𑢭', - '𑣎' => '𑢮', - '𑣏' => '𑢯', - '𑣐' => '𑢰', - '𑣑' => '𑢱', - '𑣒' => '𑢲', - '𑣓' => '𑢳', - '𑣔' => '𑢴', - '𑣕' => '𑢵', - '𑣖' => '𑢶', - '𑣗' => '𑢷', - '𑣘' => '𑢸', - '𑣙' => '𑢹', - '𑣚' => '𑢺', - '𑣛' => '𑢻', - '𑣜' => '𑢼', - '𑣝' => '𑢽', - '𑣞' => '𑢾', - '𑣟' => '𑢿', - '𖹠' => '𖹀', - '𖹡' => '𖹁', - '𖹢' => '𖹂', - '𖹣' => '𖹃', - '𖹤' => '𖹄', - '𖹥' => '𖹅', - '𖹦' => '𖹆', - '𖹧' => '𖹇', - '𖹨' => '𖹈', - '𖹩' => '𖹉', - '𖹪' => '𖹊', - '𖹫' => '𖹋', - '𖹬' => '𖹌', - '𖹭' => '𖹍', - '𖹮' => '𖹎', - '𖹯' => '𖹏', - '𖹰' => '𖹐', - '𖹱' => '𖹑', - '𖹲' => '𖹒', - '𖹳' => '𖹓', - '𖹴' => '𖹔', - '𖹵' => '𖹕', - '𖹶' => '𖹖', - '𖹷' => '𖹗', - '𖹸' => '𖹘', - '𖹹' => '𖹙', - '𖹺' => '𖹚', - '𖹻' => '𖹛', - '𖹼' => '𖹜', - '𖹽' => '𖹝', - '𖹾' => '𖹞', - '𖹿' => '𖹟', - '𞤢' => '𞤀', - '𞤣' => '𞤁', - '𞤤' => '𞤂', - '𞤥' => '𞤃', - '𞤦' => '𞤄', - '𞤧' => '𞤅', - '𞤨' => '𞤆', - '𞤩' => '𞤇', - '𞤪' => '𞤈', - '𞤫' => '𞤉', - '𞤬' => '𞤊', - '𞤭' => '𞤋', - '𞤮' => '𞤌', - '𞤯' => '𞤍', - '𞤰' => '𞤎', - '𞤱' => '𞤏', - '𞤲' => '𞤐', - '𞤳' => '𞤑', - '𞤴' => '𞤒', - '𞤵' => '𞤓', - '𞤶' => '𞤔', - '𞤷' => '𞤕', - '𞤸' => '𞤖', - '𞤹' => '𞤗', - '𞤺' => '𞤘', - '𞤻' => '𞤙', - '𞤼' => '𞤚', - '𞤽' => '𞤛', - '𞤾' => '𞤜', - '𞤿' => '𞤝', - '𞥀' => '𞤞', - '𞥁' => '𞤟', - '𞥂' => '𞤠', - '𞥃' => '𞤡', - 'ß' => 'SS', - 'ff' => 'FF', - 'fi' => 'FI', - 'fl' => 'FL', - 'ffi' => 'FFI', - 'ffl' => 'FFL', - 'ſt' => 'ST', - 'st' => 'ST', - 'և' => 'ԵՒ', - 'ﬓ' => 'ՄՆ', - 'ﬔ' => 'ՄԵ', - 'ﬕ' => 'ՄԻ', - 'ﬖ' => 'ՎՆ', - 'ﬗ' => 'ՄԽ', - 'ʼn' => 'ʼN', - 'ΐ' => 'Ϊ́', - 'ΰ' => 'Ϋ́', - 'ǰ' => 'J̌', - 'ẖ' => 'H̱', - 'ẗ' => 'T̈', - 'ẘ' => 'W̊', - 'ẙ' => 'Y̊', - 'ẚ' => 'Aʾ', - 'ὐ' => 'Υ̓', - 'ὒ' => 'Υ̓̀', - 'ὔ' => 'Υ̓́', - 'ὖ' => 'Υ̓͂', - 'ᾶ' => 'Α͂', - 'ῆ' => 'Η͂', - 'ῒ' => 'Ϊ̀', - 'ΐ' => 'Ϊ́', - 'ῖ' => 'Ι͂', - 'ῗ' => 'Ϊ͂', - 'ῢ' => 'Ϋ̀', - 'ΰ' => 'Ϋ́', - 'ῤ' => 'Ρ̓', - 'ῦ' => 'Υ͂', - 'ῧ' => 'Ϋ͂', - 'ῶ' => 'Ω͂', - 'ᾈ' => 'ἈΙ', - 'ᾉ' => 'ἉΙ', - 'ᾊ' => 'ἊΙ', - 'ᾋ' => 'ἋΙ', - 'ᾌ' => 'ἌΙ', - 'ᾍ' => 'ἍΙ', - 'ᾎ' => 'ἎΙ', - 'ᾏ' => 'ἏΙ', - 'ᾘ' => 'ἨΙ', - 'ᾙ' => 'ἩΙ', - 'ᾚ' => 'ἪΙ', - 'ᾛ' => 'ἫΙ', - 'ᾜ' => 'ἬΙ', - 'ᾝ' => 'ἭΙ', - 'ᾞ' => 'ἮΙ', - 'ᾟ' => 'ἯΙ', - 'ᾨ' => 'ὨΙ', - 'ᾩ' => 'ὩΙ', - 'ᾪ' => 'ὪΙ', - 'ᾫ' => 'ὫΙ', - 'ᾬ' => 'ὬΙ', - 'ᾭ' => 'ὭΙ', - 'ᾮ' => 'ὮΙ', - 'ᾯ' => 'ὯΙ', - 'ᾼ' => 'ΑΙ', - 'ῌ' => 'ΗΙ', - 'ῼ' => 'ΩΙ', - 'ᾲ' => 'ᾺΙ', - 'ᾴ' => 'ΆΙ', - 'ῂ' => 'ῊΙ', - 'ῄ' => 'ΉΙ', - 'ῲ' => 'ῺΙ', - 'ῴ' => 'ΏΙ', - 'ᾷ' => 'Α͂Ι', - 'ῇ' => 'Η͂Ι', - 'ῷ' => 'Ω͂Ι', -); diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/bootstrap.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/bootstrap.php deleted file mode 100644 index ecf1a03..0000000 --- a/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/bootstrap.php +++ /dev/null @@ -1,151 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -use Symfony\Polyfill\Mbstring as p; - -if (\PHP_VERSION_ID >= 80000) { - return require __DIR__.'/bootstrap80.php'; -} - -if (!function_exists('mb_convert_encoding')) { - function mb_convert_encoding($string, $to_encoding, $from_encoding = null) { return p\Mbstring::mb_convert_encoding($string, $to_encoding, $from_encoding); } -} -if (!function_exists('mb_decode_mimeheader')) { - function mb_decode_mimeheader($string) { return p\Mbstring::mb_decode_mimeheader($string); } -} -if (!function_exists('mb_encode_mimeheader')) { - function mb_encode_mimeheader($string, $charset = null, $transfer_encoding = null, $newline = "\r\n", $indent = 0) { return p\Mbstring::mb_encode_mimeheader($string, $charset, $transfer_encoding, $newline, $indent); } -} -if (!function_exists('mb_decode_numericentity')) { - function mb_decode_numericentity($string, $map, $encoding = null) { return p\Mbstring::mb_decode_numericentity($string, $map, $encoding); } -} -if (!function_exists('mb_encode_numericentity')) { - function mb_encode_numericentity($string, $map, $encoding = null, $hex = false) { return p\Mbstring::mb_encode_numericentity($string, $map, $encoding, $hex); } -} -if (!function_exists('mb_convert_case')) { - function mb_convert_case($string, $mode, $encoding = null) { return p\Mbstring::mb_convert_case($string, $mode, $encoding); } -} -if (!function_exists('mb_internal_encoding')) { - function mb_internal_encoding($encoding = null) { return p\Mbstring::mb_internal_encoding($encoding); } -} -if (!function_exists('mb_language')) { - function mb_language($language = null) { return p\Mbstring::mb_language($language); } -} -if (!function_exists('mb_list_encodings')) { - function mb_list_encodings() { return p\Mbstring::mb_list_encodings(); } -} -if (!function_exists('mb_encoding_aliases')) { - function mb_encoding_aliases($encoding) { return p\Mbstring::mb_encoding_aliases($encoding); } -} -if (!function_exists('mb_check_encoding')) { - function mb_check_encoding($value = null, $encoding = null) { return p\Mbstring::mb_check_encoding($value, $encoding); } -} -if (!function_exists('mb_detect_encoding')) { - function mb_detect_encoding($string, $encodings = null, $strict = false) { return p\Mbstring::mb_detect_encoding($string, $encodings, $strict); } -} -if (!function_exists('mb_detect_order')) { - function mb_detect_order($encoding = null) { return p\Mbstring::mb_detect_order($encoding); } -} -if (!function_exists('mb_parse_str')) { - function mb_parse_str($string, &$result = []) { parse_str($string, $result); return (bool) $result; } -} -if (!function_exists('mb_strlen')) { - function mb_strlen($string, $encoding = null) { return p\Mbstring::mb_strlen($string, $encoding); } -} -if (!function_exists('mb_strpos')) { - function mb_strpos($haystack, $needle, $offset = 0, $encoding = null) { return p\Mbstring::mb_strpos($haystack, $needle, $offset, $encoding); } -} -if (!function_exists('mb_strtolower')) { - function mb_strtolower($string, $encoding = null) { return p\Mbstring::mb_strtolower($string, $encoding); } -} -if (!function_exists('mb_strtoupper')) { - function mb_strtoupper($string, $encoding = null) { return p\Mbstring::mb_strtoupper($string, $encoding); } -} -if (!function_exists('mb_substitute_character')) { - function mb_substitute_character($substitute_character = null) { return p\Mbstring::mb_substitute_character($substitute_character); } -} -if (!function_exists('mb_substr')) { - function mb_substr($string, $start, $length = 2147483647, $encoding = null) { return p\Mbstring::mb_substr($string, $start, $length, $encoding); } -} -if (!function_exists('mb_stripos')) { - function mb_stripos($haystack, $needle, $offset = 0, $encoding = null) { return p\Mbstring::mb_stripos($haystack, $needle, $offset, $encoding); } -} -if (!function_exists('mb_stristr')) { - function mb_stristr($haystack, $needle, $before_needle = false, $encoding = null) { return p\Mbstring::mb_stristr($haystack, $needle, $before_needle, $encoding); } -} -if (!function_exists('mb_strrchr')) { - function mb_strrchr($haystack, $needle, $before_needle = false, $encoding = null) { return p\Mbstring::mb_strrchr($haystack, $needle, $before_needle, $encoding); } -} -if (!function_exists('mb_strrichr')) { - function mb_strrichr($haystack, $needle, $before_needle = false, $encoding = null) { return p\Mbstring::mb_strrichr($haystack, $needle, $before_needle, $encoding); } -} -if (!function_exists('mb_strripos')) { - function mb_strripos($haystack, $needle, $offset = 0, $encoding = null) { return p\Mbstring::mb_strripos($haystack, $needle, $offset, $encoding); } -} -if (!function_exists('mb_strrpos')) { - function mb_strrpos($haystack, $needle, $offset = 0, $encoding = null) { return p\Mbstring::mb_strrpos($haystack, $needle, $offset, $encoding); } -} -if (!function_exists('mb_strstr')) { - function mb_strstr($haystack, $needle, $before_needle = false, $encoding = null) { return p\Mbstring::mb_strstr($haystack, $needle, $before_needle, $encoding); } -} -if (!function_exists('mb_get_info')) { - function mb_get_info($type = 'all') { return p\Mbstring::mb_get_info($type); } -} -if (!function_exists('mb_http_output')) { - function mb_http_output($encoding = null) { return p\Mbstring::mb_http_output($encoding); } -} -if (!function_exists('mb_strwidth')) { - function mb_strwidth($string, $encoding = null) { return p\Mbstring::mb_strwidth($string, $encoding); } -} -if (!function_exists('mb_substr_count')) { - function mb_substr_count($haystack, $needle, $encoding = null) { return p\Mbstring::mb_substr_count($haystack, $needle, $encoding); } -} -if (!function_exists('mb_output_handler')) { - function mb_output_handler($string, $status) { return p\Mbstring::mb_output_handler($string, $status); } -} -if (!function_exists('mb_http_input')) { - function mb_http_input($type = null) { return p\Mbstring::mb_http_input($type); } -} - -if (!function_exists('mb_convert_variables')) { - function mb_convert_variables($to_encoding, $from_encoding, &...$vars) { return p\Mbstring::mb_convert_variables($to_encoding, $from_encoding, ...$vars); } -} - -if (!function_exists('mb_ord')) { - function mb_ord($string, $encoding = null) { return p\Mbstring::mb_ord($string, $encoding); } -} -if (!function_exists('mb_chr')) { - function mb_chr($codepoint, $encoding = null) { return p\Mbstring::mb_chr($codepoint, $encoding); } -} -if (!function_exists('mb_scrub')) { - function mb_scrub($string, $encoding = null) { $encoding = null === $encoding ? mb_internal_encoding() : $encoding; return mb_convert_encoding($string, $encoding, $encoding); } -} -if (!function_exists('mb_str_split')) { - function mb_str_split($string, $length = 1, $encoding = null) { return p\Mbstring::mb_str_split($string, $length, $encoding); } -} - -if (!function_exists('mb_str_pad')) { - function mb_str_pad(string $string, int $length, string $pad_string = ' ', int $pad_type = STR_PAD_RIGHT, ?string $encoding = null): string { return p\Mbstring::mb_str_pad($string, $length, $pad_string, $pad_type, $encoding); } -} - -if (extension_loaded('mbstring')) { - return; -} - -if (!defined('MB_CASE_UPPER')) { - define('MB_CASE_UPPER', 0); -} -if (!defined('MB_CASE_LOWER')) { - define('MB_CASE_LOWER', 1); -} -if (!defined('MB_CASE_TITLE')) { - define('MB_CASE_TITLE', 2); -} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/bootstrap80.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/bootstrap80.php deleted file mode 100644 index 2f9fb5b..0000000 --- a/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/bootstrap80.php +++ /dev/null @@ -1,147 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -use Symfony\Polyfill\Mbstring as p; - -if (!function_exists('mb_convert_encoding')) { - function mb_convert_encoding(array|string|null $string, ?string $to_encoding, array|string|null $from_encoding = null): array|string|false { return p\Mbstring::mb_convert_encoding($string ?? '', (string) $to_encoding, $from_encoding); } -} -if (!function_exists('mb_decode_mimeheader')) { - function mb_decode_mimeheader(?string $string): string { return p\Mbstring::mb_decode_mimeheader((string) $string); } -} -if (!function_exists('mb_encode_mimeheader')) { - function mb_encode_mimeheader(?string $string, ?string $charset = null, ?string $transfer_encoding = null, ?string $newline = "\r\n", ?int $indent = 0): string { return p\Mbstring::mb_encode_mimeheader((string) $string, $charset, $transfer_encoding, (string) $newline, (int) $indent); } -} -if (!function_exists('mb_decode_numericentity')) { - function mb_decode_numericentity(?string $string, array $map, ?string $encoding = null): string { return p\Mbstring::mb_decode_numericentity((string) $string, $map, $encoding); } -} -if (!function_exists('mb_encode_numericentity')) { - function mb_encode_numericentity(?string $string, array $map, ?string $encoding = null, ?bool $hex = false): string { return p\Mbstring::mb_encode_numericentity((string) $string, $map, $encoding, (bool) $hex); } -} -if (!function_exists('mb_convert_case')) { - function mb_convert_case(?string $string, ?int $mode, ?string $encoding = null): string { return p\Mbstring::mb_convert_case((string) $string, (int) $mode, $encoding); } -} -if (!function_exists('mb_internal_encoding')) { - function mb_internal_encoding(?string $encoding = null): string|bool { return p\Mbstring::mb_internal_encoding($encoding); } -} -if (!function_exists('mb_language')) { - function mb_language(?string $language = null): string|bool { return p\Mbstring::mb_language($language); } -} -if (!function_exists('mb_list_encodings')) { - function mb_list_encodings(): array { return p\Mbstring::mb_list_encodings(); } -} -if (!function_exists('mb_encoding_aliases')) { - function mb_encoding_aliases(?string $encoding): array { return p\Mbstring::mb_encoding_aliases((string) $encoding); } -} -if (!function_exists('mb_check_encoding')) { - function mb_check_encoding(array|string|null $value = null, ?string $encoding = null): bool { return p\Mbstring::mb_check_encoding($value, $encoding); } -} -if (!function_exists('mb_detect_encoding')) { - function mb_detect_encoding(?string $string, array|string|null $encodings = null, ?bool $strict = false): string|false { return p\Mbstring::mb_detect_encoding((string) $string, $encodings, (bool) $strict); } -} -if (!function_exists('mb_detect_order')) { - function mb_detect_order(array|string|null $encoding = null): array|bool { return p\Mbstring::mb_detect_order($encoding); } -} -if (!function_exists('mb_parse_str')) { - function mb_parse_str(?string $string, &$result = []): bool { parse_str((string) $string, $result); return (bool) $result; } -} -if (!function_exists('mb_strlen')) { - function mb_strlen(?string $string, ?string $encoding = null): int { return p\Mbstring::mb_strlen((string) $string, $encoding); } -} -if (!function_exists('mb_strpos')) { - function mb_strpos(?string $haystack, ?string $needle, ?int $offset = 0, ?string $encoding = null): int|false { return p\Mbstring::mb_strpos((string) $haystack, (string) $needle, (int) $offset, $encoding); } -} -if (!function_exists('mb_strtolower')) { - function mb_strtolower(?string $string, ?string $encoding = null): string { return p\Mbstring::mb_strtolower((string) $string, $encoding); } -} -if (!function_exists('mb_strtoupper')) { - function mb_strtoupper(?string $string, ?string $encoding = null): string { return p\Mbstring::mb_strtoupper((string) $string, $encoding); } -} -if (!function_exists('mb_substitute_character')) { - function mb_substitute_character(string|int|null $substitute_character = null): string|int|bool { return p\Mbstring::mb_substitute_character($substitute_character); } -} -if (!function_exists('mb_substr')) { - function mb_substr(?string $string, ?int $start, ?int $length = null, ?string $encoding = null): string { return p\Mbstring::mb_substr((string) $string, (int) $start, $length, $encoding); } -} -if (!function_exists('mb_stripos')) { - function mb_stripos(?string $haystack, ?string $needle, ?int $offset = 0, ?string $encoding = null): int|false { return p\Mbstring::mb_stripos((string) $haystack, (string) $needle, (int) $offset, $encoding); } -} -if (!function_exists('mb_stristr')) { - function mb_stristr(?string $haystack, ?string $needle, ?bool $before_needle = false, ?string $encoding = null): string|false { return p\Mbstring::mb_stristr((string) $haystack, (string) $needle, (bool) $before_needle, $encoding); } -} -if (!function_exists('mb_strrchr')) { - function mb_strrchr(?string $haystack, ?string $needle, ?bool $before_needle = false, ?string $encoding = null): string|false { return p\Mbstring::mb_strrchr((string) $haystack, (string) $needle, (bool) $before_needle, $encoding); } -} -if (!function_exists('mb_strrichr')) { - function mb_strrichr(?string $haystack, ?string $needle, ?bool $before_needle = false, ?string $encoding = null): string|false { return p\Mbstring::mb_strrichr((string) $haystack, (string) $needle, (bool) $before_needle, $encoding); } -} -if (!function_exists('mb_strripos')) { - function mb_strripos(?string $haystack, ?string $needle, ?int $offset = 0, ?string $encoding = null): int|false { return p\Mbstring::mb_strripos((string) $haystack, (string) $needle, (int) $offset, $encoding); } -} -if (!function_exists('mb_strrpos')) { - function mb_strrpos(?string $haystack, ?string $needle, ?int $offset = 0, ?string $encoding = null): int|false { return p\Mbstring::mb_strrpos((string) $haystack, (string) $needle, (int) $offset, $encoding); } -} -if (!function_exists('mb_strstr')) { - function mb_strstr(?string $haystack, ?string $needle, ?bool $before_needle = false, ?string $encoding = null): string|false { return p\Mbstring::mb_strstr((string) $haystack, (string) $needle, (bool) $before_needle, $encoding); } -} -if (!function_exists('mb_get_info')) { - function mb_get_info(?string $type = 'all'): array|string|int|false { return p\Mbstring::mb_get_info((string) $type); } -} -if (!function_exists('mb_http_output')) { - function mb_http_output(?string $encoding = null): string|bool { return p\Mbstring::mb_http_output($encoding); } -} -if (!function_exists('mb_strwidth')) { - function mb_strwidth(?string $string, ?string $encoding = null): int { return p\Mbstring::mb_strwidth((string) $string, $encoding); } -} -if (!function_exists('mb_substr_count')) { - function mb_substr_count(?string $haystack, ?string $needle, ?string $encoding = null): int { return p\Mbstring::mb_substr_count((string) $haystack, (string) $needle, $encoding); } -} -if (!function_exists('mb_output_handler')) { - function mb_output_handler(?string $string, ?int $status): string { return p\Mbstring::mb_output_handler((string) $string, (int) $status); } -} -if (!function_exists('mb_http_input')) { - function mb_http_input(?string $type = null): array|string|false { return p\Mbstring::mb_http_input($type); } -} - -if (!function_exists('mb_convert_variables')) { - function mb_convert_variables(?string $to_encoding, array|string|null $from_encoding, mixed &$var, mixed &...$vars): string|false { return p\Mbstring::mb_convert_variables((string) $to_encoding, $from_encoding ?? '', $var, ...$vars); } -} - -if (!function_exists('mb_ord')) { - function mb_ord(?string $string, ?string $encoding = null): int|false { return p\Mbstring::mb_ord((string) $string, $encoding); } -} -if (!function_exists('mb_chr')) { - function mb_chr(?int $codepoint, ?string $encoding = null): string|false { return p\Mbstring::mb_chr((int) $codepoint, $encoding); } -} -if (!function_exists('mb_scrub')) { - function mb_scrub(?string $string, ?string $encoding = null): string { $encoding ??= mb_internal_encoding(); return mb_convert_encoding((string) $string, $encoding, $encoding); } -} -if (!function_exists('mb_str_split')) { - function mb_str_split(?string $string, ?int $length = 1, ?string $encoding = null): array { return p\Mbstring::mb_str_split((string) $string, (int) $length, $encoding); } -} - -if (!function_exists('mb_str_pad')) { - function mb_str_pad(string $string, int $length, string $pad_string = ' ', int $pad_type = STR_PAD_RIGHT, ?string $encoding = null): string { return p\Mbstring::mb_str_pad($string, $length, $pad_string, $pad_type, $encoding); } -} - -if (extension_loaded('mbstring')) { - return; -} - -if (!defined('MB_CASE_UPPER')) { - define('MB_CASE_UPPER', 0); -} -if (!defined('MB_CASE_LOWER')) { - define('MB_CASE_LOWER', 1); -} -if (!defined('MB_CASE_TITLE')) { - define('MB_CASE_TITLE', 2); -} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/composer.json b/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/composer.json deleted file mode 100644 index 943e502..0000000 --- a/utilities/signing_and_verification/php/vendor/symfony/polyfill-mbstring/composer.json +++ /dev/null @@ -1,41 +0,0 @@ -{ - "name": "symfony/polyfill-mbstring", - "type": "library", - "description": "Symfony polyfill for the Mbstring extension", - "keywords": ["polyfill", "shim", "compatibility", "portable", "mbstring"], - "homepage": "https://symfony.com", - "license": "MIT", - "authors": [ - { - "name": "Nicolas Grekas", - "email": "p@tchwork.com" - }, - { - "name": "Symfony Community", - "homepage": "https://symfony.com/contributors" - } - ], - "require": { - "php": ">=7.1" - }, - "provide": { - "ext-mbstring": "*" - }, - "autoload": { - "psr-4": { "Symfony\\Polyfill\\Mbstring\\": "" }, - "files": [ "bootstrap.php" ] - }, - "suggest": { - "ext-mbstring": "For best performance" - }, - "minimum-stability": "dev", - "extra": { - "branch-alias": { - "dev-main": "1.28-dev" - }, - "thanks": { - "name": "symfony/polyfill", - "url": "https://github.com/symfony/polyfill" - } - } -} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/LICENSE b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/LICENSE deleted file mode 100644 index 0ed3a24..0000000 --- a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/LICENSE +++ /dev/null @@ -1,19 +0,0 @@ -Copyright (c) 2020-present Fabien Potencier - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is furnished -to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Php80.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Php80.php deleted file mode 100644 index 362dd1a..0000000 --- a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Php80.php +++ /dev/null @@ -1,115 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Polyfill\Php80; - -/** - * @author Ion Bazan - * @author Nico Oelgart - * @author Nicolas Grekas - * - * @internal - */ -final class Php80 -{ - public static function fdiv(float $dividend, float $divisor): float - { - return @($dividend / $divisor); - } - - public static function get_debug_type($value): string - { - switch (true) { - case null === $value: return 'null'; - case \is_bool($value): return 'bool'; - case \is_string($value): return 'string'; - case \is_array($value): return 'array'; - case \is_int($value): return 'int'; - case \is_float($value): return 'float'; - case \is_object($value): break; - case $value instanceof \__PHP_Incomplete_Class: return '__PHP_Incomplete_Class'; - default: - if (null === $type = @get_resource_type($value)) { - return 'unknown'; - } - - if ('Unknown' === $type) { - $type = 'closed'; - } - - return "resource ($type)"; - } - - $class = \get_class($value); - - if (false === strpos($class, '@')) { - return $class; - } - - return (get_parent_class($class) ?: key(class_implements($class)) ?: 'class').'@anonymous'; - } - - public static function get_resource_id($res): int - { - if (!\is_resource($res) && null === @get_resource_type($res)) { - throw new \TypeError(sprintf('Argument 1 passed to get_resource_id() must be of the type resource, %s given', get_debug_type($res))); - } - - return (int) $res; - } - - public static function preg_last_error_msg(): string - { - switch (preg_last_error()) { - case \PREG_INTERNAL_ERROR: - return 'Internal error'; - case \PREG_BAD_UTF8_ERROR: - return 'Malformed UTF-8 characters, possibly incorrectly encoded'; - case \PREG_BAD_UTF8_OFFSET_ERROR: - return 'The offset did not correspond to the beginning of a valid UTF-8 code point'; - case \PREG_BACKTRACK_LIMIT_ERROR: - return 'Backtrack limit exhausted'; - case \PREG_RECURSION_LIMIT_ERROR: - return 'Recursion limit exhausted'; - case \PREG_JIT_STACKLIMIT_ERROR: - return 'JIT stack limit exhausted'; - case \PREG_NO_ERROR: - return 'No error'; - default: - return 'Unknown error'; - } - } - - public static function str_contains(string $haystack, string $needle): bool - { - return '' === $needle || false !== strpos($haystack, $needle); - } - - public static function str_starts_with(string $haystack, string $needle): bool - { - return 0 === strncmp($haystack, $needle, \strlen($needle)); - } - - public static function str_ends_with(string $haystack, string $needle): bool - { - if ('' === $needle || $needle === $haystack) { - return true; - } - - if ('' === $haystack) { - return false; - } - - $needleLength = \strlen($needle); - - return $needleLength <= \strlen($haystack) && 0 === substr_compare($haystack, $needle, -$needleLength); - } -} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/PhpToken.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/PhpToken.php deleted file mode 100644 index fe6e691..0000000 --- a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/PhpToken.php +++ /dev/null @@ -1,103 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Polyfill\Php80; - -/** - * @author Fedonyuk Anton - * - * @internal - */ -class PhpToken implements \Stringable -{ - /** - * @var int - */ - public $id; - - /** - * @var string - */ - public $text; - - /** - * @var int - */ - public $line; - - /** - * @var int - */ - public $pos; - - public function __construct(int $id, string $text, int $line = -1, int $position = -1) - { - $this->id = $id; - $this->text = $text; - $this->line = $line; - $this->pos = $position; - } - - public function getTokenName(): ?string - { - if ('UNKNOWN' === $name = token_name($this->id)) { - $name = \strlen($this->text) > 1 || \ord($this->text) < 32 ? null : $this->text; - } - - return $name; - } - - /** - * @param int|string|array $kind - */ - public function is($kind): bool - { - foreach ((array) $kind as $value) { - if (\in_array($value, [$this->id, $this->text], true)) { - return true; - } - } - - return false; - } - - public function isIgnorable(): bool - { - return \in_array($this->id, [\T_WHITESPACE, \T_COMMENT, \T_DOC_COMMENT, \T_OPEN_TAG], true); - } - - public function __toString(): string - { - return (string) $this->text; - } - - /** - * @return static[] - */ - public static function tokenize(string $code, int $flags = 0): array - { - $line = 1; - $position = 0; - $tokens = token_get_all($code, $flags); - foreach ($tokens as $index => $token) { - if (\is_string($token)) { - $id = \ord($token); - $text = $token; - } else { - [$id, $text, $line] = $token; - } - $tokens[$index] = new static($id, $text, $line, $position); - $position += \strlen($text); - } - - return $tokens; - } -} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/README.md b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/README.md deleted file mode 100644 index 3816c55..0000000 --- a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/README.md +++ /dev/null @@ -1,25 +0,0 @@ -Symfony Polyfill / Php80 -======================== - -This component provides features added to PHP 8.0 core: - -- [`Stringable`](https://php.net/stringable) interface -- [`fdiv`](https://php.net/fdiv) -- [`ValueError`](https://php.net/valueerror) class -- [`UnhandledMatchError`](https://php.net/unhandledmatcherror) class -- `FILTER_VALIDATE_BOOL` constant -- [`get_debug_type`](https://php.net/get_debug_type) -- [`PhpToken`](https://php.net/phptoken) class -- [`preg_last_error_msg`](https://php.net/preg_last_error_msg) -- [`str_contains`](https://php.net/str_contains) -- [`str_starts_with`](https://php.net/str_starts_with) -- [`str_ends_with`](https://php.net/str_ends_with) -- [`get_resource_id`](https://php.net/get_resource_id) - -More information can be found in the -[main Polyfill README](https://github.com/symfony/polyfill/blob/main/README.md). - -License -======= - -This library is released under the [MIT license](LICENSE). diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/Attribute.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/Attribute.php deleted file mode 100644 index 2b95542..0000000 --- a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/Attribute.php +++ /dev/null @@ -1,31 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -#[Attribute(Attribute::TARGET_CLASS)] -final class Attribute -{ - public const TARGET_CLASS = 1; - public const TARGET_FUNCTION = 2; - public const TARGET_METHOD = 4; - public const TARGET_PROPERTY = 8; - public const TARGET_CLASS_CONSTANT = 16; - public const TARGET_PARAMETER = 32; - public const TARGET_ALL = 63; - public const IS_REPEATABLE = 64; - - /** @var int */ - public $flags; - - public function __construct(int $flags = self::TARGET_ALL) - { - $this->flags = $flags; - } -} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/PhpToken.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/PhpToken.php deleted file mode 100644 index bd1212f..0000000 --- a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/PhpToken.php +++ /dev/null @@ -1,16 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -if (\PHP_VERSION_ID < 80000 && extension_loaded('tokenizer')) { - class PhpToken extends Symfony\Polyfill\Php80\PhpToken - { - } -} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/Stringable.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/Stringable.php deleted file mode 100644 index 7c62d75..0000000 --- a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/Stringable.php +++ /dev/null @@ -1,20 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -if (\PHP_VERSION_ID < 80000) { - interface Stringable - { - /** - * @return string - */ - public function __toString(); - } -} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/UnhandledMatchError.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/UnhandledMatchError.php deleted file mode 100644 index 01c6c6c..0000000 --- a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/UnhandledMatchError.php +++ /dev/null @@ -1,16 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -if (\PHP_VERSION_ID < 80000) { - class UnhandledMatchError extends Error - { - } -} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/ValueError.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/ValueError.php deleted file mode 100644 index 783dbc2..0000000 --- a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/Resources/stubs/ValueError.php +++ /dev/null @@ -1,16 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -if (\PHP_VERSION_ID < 80000) { - class ValueError extends Error - { - } -} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/bootstrap.php b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/bootstrap.php deleted file mode 100644 index e5f7dbc..0000000 --- a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/bootstrap.php +++ /dev/null @@ -1,42 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -use Symfony\Polyfill\Php80 as p; - -if (\PHP_VERSION_ID >= 80000) { - return; -} - -if (!defined('FILTER_VALIDATE_BOOL') && defined('FILTER_VALIDATE_BOOLEAN')) { - define('FILTER_VALIDATE_BOOL', \FILTER_VALIDATE_BOOLEAN); -} - -if (!function_exists('fdiv')) { - function fdiv(float $num1, float $num2): float { return p\Php80::fdiv($num1, $num2); } -} -if (!function_exists('preg_last_error_msg')) { - function preg_last_error_msg(): string { return p\Php80::preg_last_error_msg(); } -} -if (!function_exists('str_contains')) { - function str_contains(?string $haystack, ?string $needle): bool { return p\Php80::str_contains($haystack ?? '', $needle ?? ''); } -} -if (!function_exists('str_starts_with')) { - function str_starts_with(?string $haystack, ?string $needle): bool { return p\Php80::str_starts_with($haystack ?? '', $needle ?? ''); } -} -if (!function_exists('str_ends_with')) { - function str_ends_with(?string $haystack, ?string $needle): bool { return p\Php80::str_ends_with($haystack ?? '', $needle ?? ''); } -} -if (!function_exists('get_debug_type')) { - function get_debug_type($value): string { return p\Php80::get_debug_type($value); } -} -if (!function_exists('get_resource_id')) { - function get_resource_id($resource): int { return p\Php80::get_resource_id($resource); } -} diff --git a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/composer.json b/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/composer.json deleted file mode 100644 index f1801f4..0000000 --- a/utilities/signing_and_verification/php/vendor/symfony/polyfill-php80/composer.json +++ /dev/null @@ -1,40 +0,0 @@ -{ - "name": "symfony/polyfill-php80", - "type": "library", - "description": "Symfony polyfill backporting some PHP 8.0+ features to lower PHP versions", - "keywords": ["polyfill", "shim", "compatibility", "portable"], - "homepage": "https://symfony.com", - "license": "MIT", - "authors": [ - { - "name": "Ion Bazan", - "email": "ion.bazan@gmail.com" - }, - { - "name": "Nicolas Grekas", - "email": "p@tchwork.com" - }, - { - "name": "Symfony Community", - "homepage": "https://symfony.com/contributors" - } - ], - "require": { - "php": ">=7.1" - }, - "autoload": { - "psr-4": { "Symfony\\Polyfill\\Php80\\": "" }, - "files": [ "bootstrap.php" ], - "classmap": [ "Resources/stubs" ] - }, - "minimum-stability": "dev", - "extra": { - "branch-alias": { - "dev-main": "1.28-dev" - }, - "thanks": { - "name": "symfony/polyfill", - "url": "https://github.com/symfony/polyfill" - } - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/LICENSE b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/LICENSE deleted file mode 100644 index 922c552..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/LICENSE +++ /dev/null @@ -1,30 +0,0 @@ -BSD 3-Clause License - -Copyright (c) 2014, Graham Campbell. -Copyright (c) 2013, Vance Lucas. -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: - -1. Redistributions of source code must retain the above copyright notice, this - list of conditions and the following disclaimer. - -2. Redistributions in binary form must reproduce the above copyright notice, - this list of conditions and the following disclaimer in the documentation - and/or other materials provided with the distribution. - -3. Neither the name of the copyright holder nor the names of its - contributors may be used to endorse or promote products derived from - this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER -CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, -OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/composer.json b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/composer.json deleted file mode 100644 index fb972d7..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/composer.json +++ /dev/null @@ -1,60 +0,0 @@ -{ - "name": "vlucas/phpdotenv", - "description": "Loads environment variables from `.env` to `getenv()`, `$_ENV` and `$_SERVER` automagically.", - "keywords": ["env", "dotenv", "environment"], - "license": "BSD-3-Clause", - "authors": [ - { - "name": "Graham Campbell", - "email": "hello@gjcampbell.co.uk", - "homepage": "https://github.com/GrahamCampbell" - }, - { - "name": "Vance Lucas", - "email": "vance@vancelucas.com", - "homepage": "https://github.com/vlucas" - } - ], - "require": { - "php": "^7.2.5 || ^8.0", - "ext-pcre": "*", - "graham-campbell/result-type": "^1.1.2", - "phpoption/phpoption": "^1.9.2", - "symfony/polyfill-ctype": "^1.24", - "symfony/polyfill-mbstring": "^1.24", - "symfony/polyfill-php80": "^1.24" - }, - "require-dev": { - "ext-filter": "*", - "bamarni/composer-bin-plugin": "^1.8.2", - "phpunit/phpunit":"^8.5.34 || ^9.6.13 || ^10.4.2" - }, - "autoload": { - "psr-4": { - "Dotenv\\": "src/" - } - }, - "autoload-dev": { - "psr-4": { - "Dotenv\\Tests\\": "tests/Dotenv/" - } - }, - "suggest": { - "ext-filter": "Required to use the boolean validator." - }, - "config": { - "allow-plugins": { - "bamarni/composer-bin-plugin": true - }, - "preferred-install": "dist" - }, - "extra": { - "bamarni-bin": { - "bin-links": true, - "forward-command": true - }, - "branch-alias": { - "dev-master": "5.6-dev" - } - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Dotenv.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Dotenv.php deleted file mode 100644 index 0460ced..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Dotenv.php +++ /dev/null @@ -1,267 +0,0 @@ -store = $store; - $this->parser = $parser; - $this->loader = $loader; - $this->repository = $repository; - } - - /** - * Create a new dotenv instance. - * - * @param \Dotenv\Repository\RepositoryInterface $repository - * @param string|string[] $paths - * @param string|string[]|null $names - * @param bool $shortCircuit - * @param string|null $fileEncoding - * - * @return \Dotenv\Dotenv - */ - public static function create(RepositoryInterface $repository, $paths, $names = null, bool $shortCircuit = true, string $fileEncoding = null) - { - $builder = $names === null ? StoreBuilder::createWithDefaultName() : StoreBuilder::createWithNoNames(); - - foreach ((array) $paths as $path) { - $builder = $builder->addPath($path); - } - - foreach ((array) $names as $name) { - $builder = $builder->addName($name); - } - - if ($shortCircuit) { - $builder = $builder->shortCircuit(); - } - - return new self($builder->fileEncoding($fileEncoding)->make(), new Parser(), new Loader(), $repository); - } - - /** - * Create a new mutable dotenv instance with default repository. - * - * @param string|string[] $paths - * @param string|string[]|null $names - * @param bool $shortCircuit - * @param string|null $fileEncoding - * - * @return \Dotenv\Dotenv - */ - public static function createMutable($paths, $names = null, bool $shortCircuit = true, string $fileEncoding = null) - { - $repository = RepositoryBuilder::createWithDefaultAdapters()->make(); - - return self::create($repository, $paths, $names, $shortCircuit, $fileEncoding); - } - - /** - * Create a new mutable dotenv instance with default repository with the putenv adapter. - * - * @param string|string[] $paths - * @param string|string[]|null $names - * @param bool $shortCircuit - * @param string|null $fileEncoding - * - * @return \Dotenv\Dotenv - */ - public static function createUnsafeMutable($paths, $names = null, bool $shortCircuit = true, string $fileEncoding = null) - { - $repository = RepositoryBuilder::createWithDefaultAdapters() - ->addAdapter(PutenvAdapter::class) - ->make(); - - return self::create($repository, $paths, $names, $shortCircuit, $fileEncoding); - } - - /** - * Create a new immutable dotenv instance with default repository. - * - * @param string|string[] $paths - * @param string|string[]|null $names - * @param bool $shortCircuit - * @param string|null $fileEncoding - * - * @return \Dotenv\Dotenv - */ - public static function createImmutable($paths, $names = null, bool $shortCircuit = true, string $fileEncoding = null) - { - $repository = RepositoryBuilder::createWithDefaultAdapters()->immutable()->make(); - - return self::create($repository, $paths, $names, $shortCircuit, $fileEncoding); - } - - /** - * Create a new immutable dotenv instance with default repository with the putenv adapter. - * - * @param string|string[] $paths - * @param string|string[]|null $names - * @param bool $shortCircuit - * @param string|null $fileEncoding - * - * @return \Dotenv\Dotenv - */ - public static function createUnsafeImmutable($paths, $names = null, bool $shortCircuit = true, string $fileEncoding = null) - { - $repository = RepositoryBuilder::createWithDefaultAdapters() - ->addAdapter(PutenvAdapter::class) - ->immutable() - ->make(); - - return self::create($repository, $paths, $names, $shortCircuit, $fileEncoding); - } - - /** - * Create a new dotenv instance with an array backed repository. - * - * @param string|string[] $paths - * @param string|string[]|null $names - * @param bool $shortCircuit - * @param string|null $fileEncoding - * - * @return \Dotenv\Dotenv - */ - public static function createArrayBacked($paths, $names = null, bool $shortCircuit = true, string $fileEncoding = null) - { - $repository = RepositoryBuilder::createWithNoAdapters()->addAdapter(ArrayAdapter::class)->make(); - - return self::create($repository, $paths, $names, $shortCircuit, $fileEncoding); - } - - /** - * Parse the given content and resolve nested variables. - * - * This method behaves just like load(), only without mutating your actual - * environment. We do this by using an array backed repository. - * - * @param string $content - * - * @throws \Dotenv\Exception\InvalidFileException - * - * @return array - */ - public static function parse(string $content) - { - $repository = RepositoryBuilder::createWithNoAdapters()->addAdapter(ArrayAdapter::class)->make(); - - $phpdotenv = new self(new StringStore($content), new Parser(), new Loader(), $repository); - - return $phpdotenv->load(); - } - - /** - * Read and load environment file(s). - * - * @throws \Dotenv\Exception\InvalidPathException|\Dotenv\Exception\InvalidEncodingException|\Dotenv\Exception\InvalidFileException - * - * @return array - */ - public function load() - { - $entries = $this->parser->parse($this->store->read()); - - return $this->loader->load($this->repository, $entries); - } - - /** - * Read and load environment file(s), silently failing if no files can be read. - * - * @throws \Dotenv\Exception\InvalidEncodingException|\Dotenv\Exception\InvalidFileException - * - * @return array - */ - public function safeLoad() - { - try { - return $this->load(); - } catch (InvalidPathException $e) { - // suppressing exception - return []; - } - } - - /** - * Required ensures that the specified variables exist, and returns a new validator object. - * - * @param string|string[] $variables - * - * @return \Dotenv\Validator - */ - public function required($variables) - { - return (new Validator($this->repository, (array) $variables))->required(); - } - - /** - * Returns a new validator object that won't check if the specified variables exist. - * - * @param string|string[] $variables - * - * @return \Dotenv\Validator - */ - public function ifPresent($variables) - { - return new Validator($this->repository, (array) $variables); - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Exception/ExceptionInterface.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Exception/ExceptionInterface.php deleted file mode 100644 index 1e80f53..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Exception/ExceptionInterface.php +++ /dev/null @@ -1,12 +0,0 @@ - - */ - public function load(RepositoryInterface $repository, array $entries) - { - return \array_reduce($entries, static function (array $vars, Entry $entry) use ($repository) { - $name = $entry->getName(); - - $value = $entry->getValue()->map(static function (Value $value) use ($repository) { - return Resolver::resolve($repository, $value); - }); - - if ($value->isDefined()) { - $inner = $value->get(); - if ($repository->set($name, $inner)) { - return \array_merge($vars, [$name => $inner]); - } - } else { - if ($repository->clear($name)) { - return \array_merge($vars, [$name => null]); - } - } - - return $vars; - }, []); - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Loader/LoaderInterface.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Loader/LoaderInterface.php deleted file mode 100644 index 275d98e..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Loader/LoaderInterface.php +++ /dev/null @@ -1,20 +0,0 @@ - - */ - public function load(RepositoryInterface $repository, array $entries); -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Loader/Resolver.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Loader/Resolver.php deleted file mode 100644 index 36d7a4b..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Loader/Resolver.php +++ /dev/null @@ -1,65 +0,0 @@ -getVars(), static function (string $s, int $i) use ($repository) { - return Str::substr($s, 0, $i).self::resolveVariable($repository, Str::substr($s, $i)); - }, $value->getChars()); - } - - /** - * Resolve a single nested variable. - * - * @param \Dotenv\Repository\RepositoryInterface $repository - * @param string $str - * - * @return string - */ - private static function resolveVariable(RepositoryInterface $repository, string $str) - { - return Regex::replaceCallback( - '/\A\${([a-zA-Z0-9_.]+)}/', - static function (array $matches) use ($repository) { - return Option::fromValue($repository->get($matches[1])) - ->getOrElse($matches[0]); - }, - $str, - 1 - )->success()->getOrElse($str); - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Entry.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Entry.php deleted file mode 100644 index 7570f58..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Entry.php +++ /dev/null @@ -1,59 +0,0 @@ -name = $name; - $this->value = $value; - } - - /** - * Get the entry name. - * - * @return string - */ - public function getName() - { - return $this->name; - } - - /** - * Get the entry value. - * - * @return \PhpOption\Option<\Dotenv\Parser\Value> - */ - public function getValue() - { - /** @var \PhpOption\Option<\Dotenv\Parser\Value> */ - return Option::fromValue($this->value); - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/EntryParser.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/EntryParser.php deleted file mode 100644 index e286840..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/EntryParser.php +++ /dev/null @@ -1,300 +0,0 @@ - - */ - public static function parse(string $entry) - { - return self::splitStringIntoParts($entry)->flatMap(static function (array $parts) { - [$name, $value] = $parts; - - return self::parseName($name)->flatMap(static function (string $name) use ($value) { - /** @var Result */ - $parsedValue = $value === null ? Success::create(null) : self::parseValue($value); - - return $parsedValue->map(static function (?Value $value) use ($name) { - return new Entry($name, $value); - }); - }); - }); - } - - /** - * Split the compound string into parts. - * - * @param string $line - * - * @return \GrahamCampbell\ResultType\Result - */ - private static function splitStringIntoParts(string $line) - { - /** @var array{string,string|null} */ - $result = Str::pos($line, '=')->map(static function () use ($line) { - return \array_map('trim', \explode('=', $line, 2)); - })->getOrElse([$line, null]); - - if ($result[0] === '') { - /** @var \GrahamCampbell\ResultType\Result */ - return Error::create(self::getErrorMessage('an unexpected equals', $line)); - } - - /** @var \GrahamCampbell\ResultType\Result */ - return Success::create($result); - } - - /** - * Parse the given variable name. - * - * That is, strip the optional quotes and leading "export" from the - * variable name. We wrap the answer in a result type. - * - * @param string $name - * - * @return \GrahamCampbell\ResultType\Result - */ - private static function parseName(string $name) - { - if (Str::len($name) > 8 && Str::substr($name, 0, 6) === 'export' && \ctype_space(Str::substr($name, 6, 1))) { - $name = \ltrim(Str::substr($name, 6)); - } - - if (self::isQuotedName($name)) { - $name = Str::substr($name, 1, -1); - } - - if (!self::isValidName($name)) { - /** @var \GrahamCampbell\ResultType\Result */ - return Error::create(self::getErrorMessage('an invalid name', $name)); - } - - /** @var \GrahamCampbell\ResultType\Result */ - return Success::create($name); - } - - /** - * Is the given variable name quoted? - * - * @param string $name - * - * @return bool - */ - private static function isQuotedName(string $name) - { - if (Str::len($name) < 3) { - return false; - } - - $first = Str::substr($name, 0, 1); - $last = Str::substr($name, -1, 1); - - return ($first === '"' && $last === '"') || ($first === '\'' && $last === '\''); - } - - /** - * Is the given variable name valid? - * - * @param string $name - * - * @return bool - */ - private static function isValidName(string $name) - { - return Regex::matches('~(*UTF8)\A[\p{Ll}\p{Lu}\p{M}\p{N}_.]+\z~', $name)->success()->getOrElse(false); - } - - /** - * Parse the given variable value. - * - * This has the effect of stripping quotes and comments, dealing with - * special characters, and locating nested variables, but not resolving - * them. Formally, we run a finite state automaton with an output tape: a - * transducer. We wrap the answer in a result type. - * - * @param string $value - * - * @return \GrahamCampbell\ResultType\Result<\Dotenv\Parser\Value,string> - */ - private static function parseValue(string $value) - { - if (\trim($value) === '') { - /** @var \GrahamCampbell\ResultType\Result<\Dotenv\Parser\Value,string> */ - return Success::create(Value::blank()); - } - - return \array_reduce(\iterator_to_array(Lexer::lex($value)), static function (Result $data, string $token) { - return $data->flatMap(static function (array $data) use ($token) { - return self::processToken($data[1], $token)->map(static function (array $val) use ($data) { - return [$data[0]->append($val[0], $val[1]), $val[2]]; - }); - }); - }, Success::create([Value::blank(), self::INITIAL_STATE]))->flatMap(static function (array $result) { - /** @psalm-suppress DocblockTypeContradiction */ - if (in_array($result[1], self::REJECT_STATES, true)) { - /** @var \GrahamCampbell\ResultType\Result<\Dotenv\Parser\Value,string> */ - return Error::create('a missing closing quote'); - } - - /** @var \GrahamCampbell\ResultType\Result<\Dotenv\Parser\Value,string> */ - return Success::create($result[0]); - })->mapError(static function (string $err) use ($value) { - return self::getErrorMessage($err, $value); - }); - } - - /** - * Process the given token. - * - * @param int $state - * @param string $token - * - * @return \GrahamCampbell\ResultType\Result - */ - private static function processToken(int $state, string $token) - { - switch ($state) { - case self::INITIAL_STATE: - if ($token === '\'') { - /** @var \GrahamCampbell\ResultType\Result */ - return Success::create(['', false, self::SINGLE_QUOTED_STATE]); - } elseif ($token === '"') { - /** @var \GrahamCampbell\ResultType\Result */ - return Success::create(['', false, self::DOUBLE_QUOTED_STATE]); - } elseif ($token === '#') { - /** @var \GrahamCampbell\ResultType\Result */ - return Success::create(['', false, self::COMMENT_STATE]); - } elseif ($token === '$') { - /** @var \GrahamCampbell\ResultType\Result */ - return Success::create([$token, true, self::UNQUOTED_STATE]); - } else { - /** @var \GrahamCampbell\ResultType\Result */ - return Success::create([$token, false, self::UNQUOTED_STATE]); - } - case self::UNQUOTED_STATE: - if ($token === '#') { - /** @var \GrahamCampbell\ResultType\Result */ - return Success::create(['', false, self::COMMENT_STATE]); - } elseif (\ctype_space($token)) { - /** @var \GrahamCampbell\ResultType\Result */ - return Success::create(['', false, self::WHITESPACE_STATE]); - } elseif ($token === '$') { - /** @var \GrahamCampbell\ResultType\Result */ - return Success::create([$token, true, self::UNQUOTED_STATE]); - } else { - /** @var \GrahamCampbell\ResultType\Result */ - return Success::create([$token, false, self::UNQUOTED_STATE]); - } - case self::SINGLE_QUOTED_STATE: - if ($token === '\'') { - /** @var \GrahamCampbell\ResultType\Result */ - return Success::create(['', false, self::WHITESPACE_STATE]); - } else { - /** @var \GrahamCampbell\ResultType\Result */ - return Success::create([$token, false, self::SINGLE_QUOTED_STATE]); - } - case self::DOUBLE_QUOTED_STATE: - if ($token === '"') { - /** @var \GrahamCampbell\ResultType\Result */ - return Success::create(['', false, self::WHITESPACE_STATE]); - } elseif ($token === '\\') { - /** @var \GrahamCampbell\ResultType\Result */ - return Success::create(['', false, self::ESCAPE_SEQUENCE_STATE]); - } elseif ($token === '$') { - /** @var \GrahamCampbell\ResultType\Result */ - return Success::create([$token, true, self::DOUBLE_QUOTED_STATE]); - } else { - /** @var \GrahamCampbell\ResultType\Result */ - return Success::create([$token, false, self::DOUBLE_QUOTED_STATE]); - } - case self::ESCAPE_SEQUENCE_STATE: - if ($token === '"' || $token === '\\') { - /** @var \GrahamCampbell\ResultType\Result */ - return Success::create([$token, false, self::DOUBLE_QUOTED_STATE]); - } elseif ($token === '$') { - /** @var \GrahamCampbell\ResultType\Result */ - return Success::create([$token, false, self::DOUBLE_QUOTED_STATE]); - } else { - $first = Str::substr($token, 0, 1); - if (\in_array($first, ['f', 'n', 'r', 't', 'v'], true)) { - /** @var \GrahamCampbell\ResultType\Result */ - return Success::create([\stripcslashes('\\'.$first).Str::substr($token, 1), false, self::DOUBLE_QUOTED_STATE]); - } else { - /** @var \GrahamCampbell\ResultType\Result */ - return Error::create('an unexpected escape sequence'); - } - } - case self::WHITESPACE_STATE: - if ($token === '#') { - /** @var \GrahamCampbell\ResultType\Result */ - return Success::create(['', false, self::COMMENT_STATE]); - } elseif (!\ctype_space($token)) { - /** @var \GrahamCampbell\ResultType\Result */ - return Error::create('unexpected whitespace'); - } else { - /** @var \GrahamCampbell\ResultType\Result */ - return Success::create(['', false, self::WHITESPACE_STATE]); - } - case self::COMMENT_STATE: - /** @var \GrahamCampbell\ResultType\Result */ - return Success::create(['', false, self::COMMENT_STATE]); - default: - throw new \Error('Parser entered invalid state.'); - } - } - - /** - * Generate a friendly error message. - * - * @param string $cause - * @param string $subject - * - * @return string - */ - private static function getErrorMessage(string $cause, string $subject) - { - return \sprintf( - 'Encountered %s at [%s].', - $cause, - \strtok($subject, "\n") - ); - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Lexer.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Lexer.php deleted file mode 100644 index 981af24..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Lexer.php +++ /dev/null @@ -1,58 +0,0 @@ - - */ - public static function lex(string $content) - { - static $regex; - - if ($regex === null) { - $regex = '(('.\implode(')|(', self::PATTERNS).'))A'; - } - - $offset = 0; - - while (isset($content[$offset])) { - if (!\preg_match($regex, $content, $matches, 0, $offset)) { - throw new \Error(\sprintf('Lexer encountered unexpected character [%s].', $content[$offset])); - } - - $offset += \strlen($matches[0]); - - yield $matches[0]; - } - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Lines.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Lines.php deleted file mode 100644 index 6497993..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Lines.php +++ /dev/null @@ -1,127 +0,0 @@ -map(static function () use ($line) { - return self::looksLikeMultilineStop($line, true) === false; - })->getOrElse(false); - } - - /** - * Determine if the given line can be the start of a multiline variable. - * - * @param string $line - * @param bool $started - * - * @return bool - */ - private static function looksLikeMultilineStop(string $line, bool $started) - { - if ($line === '"') { - return true; - } - - return Regex::occurrences('/(?=([^\\\\]"))/', \str_replace('\\\\', '', $line))->map(static function (int $count) use ($started) { - return $started ? $count > 1 : $count >= 1; - })->success()->getOrElse(false); - } - - /** - * Determine if the line in the file is a comment or whitespace. - * - * @param string $line - * - * @return bool - */ - private static function isCommentOrWhitespace(string $line) - { - $line = \trim($line); - - return $line === '' || (isset($line[0]) && $line[0] === '#'); - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Parser.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Parser.php deleted file mode 100644 index 2d30dfd..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/Parser.php +++ /dev/null @@ -1,53 +0,0 @@ -mapError(static function () { - return 'Could not split into separate lines.'; - })->flatMap(static function (array $lines) { - return self::process(Lines::process($lines)); - })->mapError(static function (string $error) { - throw new InvalidFileException(\sprintf('Failed to parse dotenv file. %s', $error)); - })->success()->get(); - } - - /** - * Convert the raw entries into proper entries. - * - * @param string[] $entries - * - * @return \GrahamCampbell\ResultType\Result<\Dotenv\Parser\Entry[],string> - */ - private static function process(array $entries) - { - /** @var \GrahamCampbell\ResultType\Result<\Dotenv\Parser\Entry[],string> */ - return \array_reduce($entries, static function (Result $result, string $raw) { - return $result->flatMap(static function (array $entries) use ($raw) { - return EntryParser::parse($raw)->map(static function (Entry $entry) use ($entries) { - /** @var \Dotenv\Parser\Entry[] */ - return \array_merge($entries, [$entry]); - }); - }); - }, Success::create([])); - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/ParserInterface.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/ParserInterface.php deleted file mode 100644 index 17cc42a..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Parser/ParserInterface.php +++ /dev/null @@ -1,19 +0,0 @@ -chars = $chars; - $this->vars = $vars; - } - - /** - * Create an empty value instance. - * - * @return \Dotenv\Parser\Value - */ - public static function blank() - { - return new self('', []); - } - - /** - * Create a new value instance, appending the characters. - * - * @param string $chars - * @param bool $var - * - * @return \Dotenv\Parser\Value - */ - public function append(string $chars, bool $var) - { - return new self( - $this->chars.$chars, - $var ? \array_merge($this->vars, [Str::len($this->chars)]) : $this->vars - ); - } - - /** - * Get the string representation of the parsed value. - * - * @return string - */ - public function getChars() - { - return $this->chars; - } - - /** - * Get the locations of the variables in the value. - * - * @return int[] - */ - public function getVars() - { - $vars = $this->vars; - - \rsort($vars); - - return $vars; - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/AdapterInterface.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/AdapterInterface.php deleted file mode 100644 index 5604398..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/AdapterInterface.php +++ /dev/null @@ -1,15 +0,0 @@ - - */ - public static function create(); -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ApacheAdapter.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ApacheAdapter.php deleted file mode 100644 index af0aae1..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ApacheAdapter.php +++ /dev/null @@ -1,89 +0,0 @@ - - */ - public static function create() - { - if (self::isSupported()) { - /** @var \PhpOption\Option */ - return Some::create(new self()); - } - - return None::create(); - } - - /** - * Determines if the adapter is supported. - * - * This happens if PHP is running as an Apache module. - * - * @return bool - */ - private static function isSupported() - { - return \function_exists('apache_getenv') && \function_exists('apache_setenv'); - } - - /** - * Read an environment variable, if it exists. - * - * @param non-empty-string $name - * - * @return \PhpOption\Option - */ - public function read(string $name) - { - /** @var \PhpOption\Option */ - return Option::fromValue(apache_getenv($name))->filter(static function ($value) { - return \is_string($value) && $value !== ''; - }); - } - - /** - * Write to an environment variable, if possible. - * - * @param non-empty-string $name - * @param string $value - * - * @return bool - */ - public function write(string $name, string $value) - { - return apache_setenv($name, $value); - } - - /** - * Delete an environment variable, if possible. - * - * @param non-empty-string $name - * - * @return bool - */ - public function delete(string $name) - { - return apache_setenv($name, ''); - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ArrayAdapter.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ArrayAdapter.php deleted file mode 100644 index df64cf6..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ArrayAdapter.php +++ /dev/null @@ -1,80 +0,0 @@ - - */ - private $variables; - - /** - * Create a new array adapter instance. - * - * @return void - */ - private function __construct() - { - $this->variables = []; - } - - /** - * Create a new instance of the adapter, if it is available. - * - * @return \PhpOption\Option<\Dotenv\Repository\Adapter\AdapterInterface> - */ - public static function create() - { - /** @var \PhpOption\Option */ - return Some::create(new self()); - } - - /** - * Read an environment variable, if it exists. - * - * @param non-empty-string $name - * - * @return \PhpOption\Option - */ - public function read(string $name) - { - return Option::fromArraysValue($this->variables, $name); - } - - /** - * Write to an environment variable, if possible. - * - * @param non-empty-string $name - * @param string $value - * - * @return bool - */ - public function write(string $name, string $value) - { - $this->variables[$name] = $value; - - return true; - } - - /** - * Delete an environment variable, if possible. - * - * @param non-empty-string $name - * - * @return bool - */ - public function delete(string $name) - { - unset($this->variables[$name]); - - return true; - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/EnvConstAdapter.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/EnvConstAdapter.php deleted file mode 100644 index 9eb1947..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/EnvConstAdapter.php +++ /dev/null @@ -1,89 +0,0 @@ - - */ - public static function create() - { - /** @var \PhpOption\Option */ - return Some::create(new self()); - } - - /** - * Read an environment variable, if it exists. - * - * @param non-empty-string $name - * - * @return \PhpOption\Option - */ - public function read(string $name) - { - /** @var \PhpOption\Option */ - return Option::fromArraysValue($_ENV, $name) - ->filter(static function ($value) { - return \is_scalar($value); - }) - ->map(static function ($value) { - if ($value === false) { - return 'false'; - } - - if ($value === true) { - return 'true'; - } - - /** @psalm-suppress PossiblyInvalidCast */ - return (string) $value; - }); - } - - /** - * Write to an environment variable, if possible. - * - * @param non-empty-string $name - * @param string $value - * - * @return bool - */ - public function write(string $name, string $value) - { - $_ENV[$name] = $value; - - return true; - } - - /** - * Delete an environment variable, if possible. - * - * @param non-empty-string $name - * - * @return bool - */ - public function delete(string $name) - { - unset($_ENV[$name]); - - return true; - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/GuardedWriter.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/GuardedWriter.php deleted file mode 100644 index fed8b9b..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/GuardedWriter.php +++ /dev/null @@ -1,85 +0,0 @@ -writer = $writer; - $this->allowList = $allowList; - } - - /** - * Write to an environment variable, if possible. - * - * @param non-empty-string $name - * @param string $value - * - * @return bool - */ - public function write(string $name, string $value) - { - // Don't set non-allowed variables - if (!$this->isAllowed($name)) { - return false; - } - - // Set the value on the inner writer - return $this->writer->write($name, $value); - } - - /** - * Delete an environment variable, if possible. - * - * @param non-empty-string $name - * - * @return bool - */ - public function delete(string $name) - { - // Don't clear non-allowed variables - if (!$this->isAllowed($name)) { - return false; - } - - // Set the value on the inner writer - return $this->writer->delete($name); - } - - /** - * Determine if the given variable is allowed. - * - * @param non-empty-string $name - * - * @return bool - */ - private function isAllowed(string $name) - { - return \in_array($name, $this->allowList, true); - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ImmutableWriter.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ImmutableWriter.php deleted file mode 100644 index 399e6f9..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ImmutableWriter.php +++ /dev/null @@ -1,110 +0,0 @@ - - */ - private $loaded; - - /** - * Create a new immutable writer instance. - * - * @param \Dotenv\Repository\Adapter\WriterInterface $writer - * @param \Dotenv\Repository\Adapter\ReaderInterface $reader - * - * @return void - */ - public function __construct(WriterInterface $writer, ReaderInterface $reader) - { - $this->writer = $writer; - $this->reader = $reader; - $this->loaded = []; - } - - /** - * Write to an environment variable, if possible. - * - * @param non-empty-string $name - * @param string $value - * - * @return bool - */ - public function write(string $name, string $value) - { - // Don't overwrite existing environment variables - // Ruby's dotenv does this with `ENV[key] ||= value` - if ($this->isExternallyDefined($name)) { - return false; - } - - // Set the value on the inner writer - if (!$this->writer->write($name, $value)) { - return false; - } - - // Record that we have loaded the variable - $this->loaded[$name] = ''; - - return true; - } - - /** - * Delete an environment variable, if possible. - * - * @param non-empty-string $name - * - * @return bool - */ - public function delete(string $name) - { - // Don't clear existing environment variables - if ($this->isExternallyDefined($name)) { - return false; - } - - // Clear the value on the inner writer - if (!$this->writer->delete($name)) { - return false; - } - - // Leave the variable as fair game - unset($this->loaded[$name]); - - return true; - } - - /** - * Determine if the given variable is externally defined. - * - * That is, is it an "existing" variable. - * - * @param non-empty-string $name - * - * @return bool - */ - private function isExternallyDefined(string $name) - { - return $this->reader->read($name)->isDefined() && !isset($this->loaded[$name]); - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/MultiReader.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/MultiReader.php deleted file mode 100644 index 0cfda6f..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/MultiReader.php +++ /dev/null @@ -1,48 +0,0 @@ -readers = $readers; - } - - /** - * Read an environment variable, if it exists. - * - * @param non-empty-string $name - * - * @return \PhpOption\Option - */ - public function read(string $name) - { - foreach ($this->readers as $reader) { - $result = $reader->read($name); - if ($result->isDefined()) { - return $result; - } - } - - return None::create(); - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/MultiWriter.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/MultiWriter.php deleted file mode 100644 index 15a9d8f..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/MultiWriter.php +++ /dev/null @@ -1,64 +0,0 @@ -writers = $writers; - } - - /** - * Write to an environment variable, if possible. - * - * @param non-empty-string $name - * @param string $value - * - * @return bool - */ - public function write(string $name, string $value) - { - foreach ($this->writers as $writers) { - if (!$writers->write($name, $value)) { - return false; - } - } - - return true; - } - - /** - * Delete an environment variable, if possible. - * - * @param non-empty-string $name - * - * @return bool - */ - public function delete(string $name) - { - foreach ($this->writers as $writers) { - if (!$writers->delete($name)) { - return false; - } - } - - return true; - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/PutenvAdapter.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/PutenvAdapter.php deleted file mode 100644 index 6d017cd..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/PutenvAdapter.php +++ /dev/null @@ -1,91 +0,0 @@ - - */ - public static function create() - { - if (self::isSupported()) { - /** @var \PhpOption\Option */ - return Some::create(new self()); - } - - return None::create(); - } - - /** - * Determines if the adapter is supported. - * - * @return bool - */ - private static function isSupported() - { - return \function_exists('getenv') && \function_exists('putenv'); - } - - /** - * Read an environment variable, if it exists. - * - * @param non-empty-string $name - * - * @return \PhpOption\Option - */ - public function read(string $name) - { - /** @var \PhpOption\Option */ - return Option::fromValue(\getenv($name), false)->filter(static function ($value) { - return \is_string($value); - }); - } - - /** - * Write to an environment variable, if possible. - * - * @param non-empty-string $name - * @param string $value - * - * @return bool - */ - public function write(string $name, string $value) - { - \putenv("$name=$value"); - - return true; - } - - /** - * Delete an environment variable, if possible. - * - * @param non-empty-string $name - * - * @return bool - */ - public function delete(string $name) - { - \putenv($name); - - return true; - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ReaderInterface.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ReaderInterface.php deleted file mode 100644 index 306a63f..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ReaderInterface.php +++ /dev/null @@ -1,17 +0,0 @@ - - */ - public function read(string $name); -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ReplacingWriter.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ReplacingWriter.php deleted file mode 100644 index 98c0f04..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ReplacingWriter.php +++ /dev/null @@ -1,104 +0,0 @@ - - */ - private $seen; - - /** - * Create a new replacement writer instance. - * - * @param \Dotenv\Repository\Adapter\WriterInterface $writer - * @param \Dotenv\Repository\Adapter\ReaderInterface $reader - * - * @return void - */ - public function __construct(WriterInterface $writer, ReaderInterface $reader) - { - $this->writer = $writer; - $this->reader = $reader; - $this->seen = []; - } - - /** - * Write to an environment variable, if possible. - * - * @param non-empty-string $name - * @param string $value - * - * @return bool - */ - public function write(string $name, string $value) - { - if ($this->exists($name)) { - return $this->writer->write($name, $value); - } - - // succeed if nothing to do - return true; - } - - /** - * Delete an environment variable, if possible. - * - * @param non-empty-string $name - * - * @return bool - */ - public function delete(string $name) - { - if ($this->exists($name)) { - return $this->writer->delete($name); - } - - // succeed if nothing to do - return true; - } - - /** - * Does the given environment variable exist. - * - * Returns true if it currently exists, or existed at any point in the past - * that we are aware of. - * - * @param non-empty-string $name - * - * @return bool - */ - private function exists(string $name) - { - if (isset($this->seen[$name])) { - return true; - } - - if ($this->reader->read($name)->isDefined()) { - $this->seen[$name] = ''; - - return true; - } - - return false; - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ServerConstAdapter.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ServerConstAdapter.php deleted file mode 100644 index f93b6e5..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/ServerConstAdapter.php +++ /dev/null @@ -1,89 +0,0 @@ - - */ - public static function create() - { - /** @var \PhpOption\Option */ - return Some::create(new self()); - } - - /** - * Read an environment variable, if it exists. - * - * @param non-empty-string $name - * - * @return \PhpOption\Option - */ - public function read(string $name) - { - /** @var \PhpOption\Option */ - return Option::fromArraysValue($_SERVER, $name) - ->filter(static function ($value) { - return \is_scalar($value); - }) - ->map(static function ($value) { - if ($value === false) { - return 'false'; - } - - if ($value === true) { - return 'true'; - } - - /** @psalm-suppress PossiblyInvalidCast */ - return (string) $value; - }); - } - - /** - * Write to an environment variable, if possible. - * - * @param non-empty-string $name - * @param string $value - * - * @return bool - */ - public function write(string $name, string $value) - { - $_SERVER[$name] = $value; - - return true; - } - - /** - * Delete an environment variable, if possible. - * - * @param non-empty-string $name - * - * @return bool - */ - public function delete(string $name) - { - unset($_SERVER[$name]); - - return true; - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/WriterInterface.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/WriterInterface.php deleted file mode 100644 index 4cb3d61..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/Adapter/WriterInterface.php +++ /dev/null @@ -1,27 +0,0 @@ -reader = $reader; - $this->writer = $writer; - } - - /** - * Determine if the given environment variable is defined. - * - * @param string $name - * - * @return bool - */ - public function has(string $name) - { - return '' !== $name && $this->reader->read($name)->isDefined(); - } - - /** - * Get an environment variable. - * - * @param string $name - * - * @throws \InvalidArgumentException - * - * @return string|null - */ - public function get(string $name) - { - if ('' === $name) { - throw new InvalidArgumentException('Expected name to be a non-empty string.'); - } - - return $this->reader->read($name)->getOrElse(null); - } - - /** - * Set an environment variable. - * - * @param string $name - * @param string $value - * - * @throws \InvalidArgumentException - * - * @return bool - */ - public function set(string $name, string $value) - { - if ('' === $name) { - throw new InvalidArgumentException('Expected name to be a non-empty string.'); - } - - return $this->writer->write($name, $value); - } - - /** - * Clear an environment variable. - * - * @param string $name - * - * @throws \InvalidArgumentException - * - * @return bool - */ - public function clear(string $name) - { - if ('' === $name) { - throw new InvalidArgumentException('Expected name to be a non-empty string.'); - } - - return $this->writer->delete($name); - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/RepositoryBuilder.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/RepositoryBuilder.php deleted file mode 100644 index a042f9a..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/RepositoryBuilder.php +++ /dev/null @@ -1,272 +0,0 @@ -readers = $readers; - $this->writers = $writers; - $this->immutable = $immutable; - $this->allowList = $allowList; - } - - /** - * Create a new repository builder instance with no adapters added. - * - * @return \Dotenv\Repository\RepositoryBuilder - */ - public static function createWithNoAdapters() - { - return new self(); - } - - /** - * Create a new repository builder instance with the default adapters added. - * - * @return \Dotenv\Repository\RepositoryBuilder - */ - public static function createWithDefaultAdapters() - { - $adapters = \iterator_to_array(self::defaultAdapters()); - - return new self($adapters, $adapters); - } - - /** - * Return the array of default adapters. - * - * @return \Generator<\Dotenv\Repository\Adapter\AdapterInterface> - */ - private static function defaultAdapters() - { - foreach (self::DEFAULT_ADAPTERS as $adapter) { - $instance = $adapter::create(); - if ($instance->isDefined()) { - yield $instance->get(); - } - } - } - - /** - * Determine if the given name if of an adapterclass. - * - * @param string $name - * - * @return bool - */ - private static function isAnAdapterClass(string $name) - { - if (!\class_exists($name)) { - return false; - } - - return (new ReflectionClass($name))->implementsInterface(AdapterInterface::class); - } - - /** - * Creates a repository builder with the given reader added. - * - * Accepts either a reader instance, or a class-string for an adapter. If - * the adapter is not supported, then we silently skip adding it. - * - * @param \Dotenv\Repository\Adapter\ReaderInterface|string $reader - * - * @throws \InvalidArgumentException - * - * @return \Dotenv\Repository\RepositoryBuilder - */ - public function addReader($reader) - { - if (!(\is_string($reader) && self::isAnAdapterClass($reader)) && !($reader instanceof ReaderInterface)) { - throw new InvalidArgumentException( - \sprintf( - 'Expected either an instance of %s or a class-string implementing %s', - ReaderInterface::class, - AdapterInterface::class - ) - ); - } - - $optional = Some::create($reader)->flatMap(static function ($reader) { - return \is_string($reader) ? $reader::create() : Some::create($reader); - }); - - $readers = \array_merge($this->readers, \iterator_to_array($optional)); - - return new self($readers, $this->writers, $this->immutable, $this->allowList); - } - - /** - * Creates a repository builder with the given writer added. - * - * Accepts either a writer instance, or a class-string for an adapter. If - * the adapter is not supported, then we silently skip adding it. - * - * @param \Dotenv\Repository\Adapter\WriterInterface|string $writer - * - * @throws \InvalidArgumentException - * - * @return \Dotenv\Repository\RepositoryBuilder - */ - public function addWriter($writer) - { - if (!(\is_string($writer) && self::isAnAdapterClass($writer)) && !($writer instanceof WriterInterface)) { - throw new InvalidArgumentException( - \sprintf( - 'Expected either an instance of %s or a class-string implementing %s', - WriterInterface::class, - AdapterInterface::class - ) - ); - } - - $optional = Some::create($writer)->flatMap(static function ($writer) { - return \is_string($writer) ? $writer::create() : Some::create($writer); - }); - - $writers = \array_merge($this->writers, \iterator_to_array($optional)); - - return new self($this->readers, $writers, $this->immutable, $this->allowList); - } - - /** - * Creates a repository builder with the given adapter added. - * - * Accepts either an adapter instance, or a class-string for an adapter. If - * the adapter is not supported, then we silently skip adding it. We will - * add the adapter as both a reader and a writer. - * - * @param \Dotenv\Repository\Adapter\WriterInterface|string $adapter - * - * @throws \InvalidArgumentException - * - * @return \Dotenv\Repository\RepositoryBuilder - */ - public function addAdapter($adapter) - { - if (!(\is_string($adapter) && self::isAnAdapterClass($adapter)) && !($adapter instanceof AdapterInterface)) { - throw new InvalidArgumentException( - \sprintf( - 'Expected either an instance of %s or a class-string implementing %s', - WriterInterface::class, - AdapterInterface::class - ) - ); - } - - $optional = Some::create($adapter)->flatMap(static function ($adapter) { - return \is_string($adapter) ? $adapter::create() : Some::create($adapter); - }); - - $readers = \array_merge($this->readers, \iterator_to_array($optional)); - $writers = \array_merge($this->writers, \iterator_to_array($optional)); - - return new self($readers, $writers, $this->immutable, $this->allowList); - } - - /** - * Creates a repository builder with mutability enabled. - * - * @return \Dotenv\Repository\RepositoryBuilder - */ - public function immutable() - { - return new self($this->readers, $this->writers, true, $this->allowList); - } - - /** - * Creates a repository builder with the given allow list. - * - * @param string[]|null $allowList - * - * @return \Dotenv\Repository\RepositoryBuilder - */ - public function allowList(array $allowList = null) - { - return new self($this->readers, $this->writers, $this->immutable, $allowList); - } - - /** - * Creates a new repository instance. - * - * @return \Dotenv\Repository\RepositoryInterface - */ - public function make() - { - $reader = new MultiReader($this->readers); - $writer = new MultiWriter($this->writers); - - if ($this->immutable) { - $writer = new ImmutableWriter($writer, $reader); - } - - if ($this->allowList !== null) { - $writer = new GuardedWriter($writer, $this->allowList); - } - - return new AdapterRepository($reader, $writer); - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/RepositoryInterface.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/RepositoryInterface.php deleted file mode 100644 index d9b18a4..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Repository/RepositoryInterface.php +++ /dev/null @@ -1,51 +0,0 @@ - - */ - public static function read(array $filePaths, bool $shortCircuit = true, string $fileEncoding = null) - { - $output = []; - - foreach ($filePaths as $filePath) { - $content = self::readFromFile($filePath, $fileEncoding); - if ($content->isDefined()) { - $output[$filePath] = $content->get(); - if ($shortCircuit) { - break; - } - } - } - - return $output; - } - - /** - * Read the given file. - * - * @param string $path - * @param string|null $encoding - * - * @throws \Dotenv\Exception\InvalidEncodingException - * - * @return \PhpOption\Option - */ - private static function readFromFile(string $path, string $encoding = null) - { - /** @var Option */ - $content = Option::fromValue(@\file_get_contents($path), false); - - return $content->flatMap(static function (string $content) use ($encoding) { - return Str::utf8($content, $encoding)->mapError(static function (string $error) { - throw new InvalidEncodingException($error); - })->success(); - }); - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/FileStore.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/FileStore.php deleted file mode 100644 index 43f6135..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/FileStore.php +++ /dev/null @@ -1,72 +0,0 @@ -filePaths = $filePaths; - $this->shortCircuit = $shortCircuit; - $this->fileEncoding = $fileEncoding; - } - - /** - * Read the content of the environment file(s). - * - * @throws \Dotenv\Exception\InvalidEncodingException|\Dotenv\Exception\InvalidPathException - * - * @return string - */ - public function read() - { - if ($this->filePaths === []) { - throw new InvalidPathException('At least one environment file path must be provided.'); - } - - $contents = Reader::read($this->filePaths, $this->shortCircuit, $this->fileEncoding); - - if (\count($contents) > 0) { - return \implode("\n", $contents); - } - - throw new InvalidPathException( - \sprintf('Unable to read any of the environment file(s) at [%s].', \implode(', ', $this->filePaths)) - ); - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/StoreBuilder.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/StoreBuilder.php deleted file mode 100644 index 304117f..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/StoreBuilder.php +++ /dev/null @@ -1,141 +0,0 @@ -paths = $paths; - $this->names = $names; - $this->shortCircuit = $shortCircuit; - $this->fileEncoding = $fileEncoding; - } - - /** - * Create a new store builder instance with no names. - * - * @return \Dotenv\Store\StoreBuilder - */ - public static function createWithNoNames() - { - return new self(); - } - - /** - * Create a new store builder instance with the default name. - * - * @return \Dotenv\Store\StoreBuilder - */ - public static function createWithDefaultName() - { - return new self([], [self::DEFAULT_NAME]); - } - - /** - * Creates a store builder with the given path added. - * - * @param string $path - * - * @return \Dotenv\Store\StoreBuilder - */ - public function addPath(string $path) - { - return new self(\array_merge($this->paths, [$path]), $this->names, $this->shortCircuit, $this->fileEncoding); - } - - /** - * Creates a store builder with the given name added. - * - * @param string $name - * - * @return \Dotenv\Store\StoreBuilder - */ - public function addName(string $name) - { - return new self($this->paths, \array_merge($this->names, [$name]), $this->shortCircuit, $this->fileEncoding); - } - - /** - * Creates a store builder with short circuit mode enabled. - * - * @return \Dotenv\Store\StoreBuilder - */ - public function shortCircuit() - { - return new self($this->paths, $this->names, true, $this->fileEncoding); - } - - /** - * Creates a store builder with the specified file encoding. - * - * @param string|null $fileEncoding - * - * @return \Dotenv\Store\StoreBuilder - */ - public function fileEncoding(string $fileEncoding = null) - { - return new self($this->paths, $this->names, $this->shortCircuit, $fileEncoding); - } - - /** - * Creates a new store instance. - * - * @return \Dotenv\Store\StoreInterface - */ - public function make() - { - return new FileStore( - Paths::filePaths($this->paths, $this->names), - $this->shortCircuit, - $this->fileEncoding - ); - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/StoreInterface.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/StoreInterface.php deleted file mode 100644 index 6f5b986..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Store/StoreInterface.php +++ /dev/null @@ -1,17 +0,0 @@ -content = $content; - } - - /** - * Read the content of the environment file(s). - * - * @return string - */ - public function read() - { - return $this->content; - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Util/Regex.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Util/Regex.php deleted file mode 100644 index 52c1578..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Util/Regex.php +++ /dev/null @@ -1,112 +0,0 @@ - - */ - public static function matches(string $pattern, string $subject) - { - return self::pregAndWrap(static function (string $subject) use ($pattern) { - return @\preg_match($pattern, $subject) === 1; - }, $subject); - } - - /** - * Perform a preg match all, wrapping up the result. - * - * @param string $pattern - * @param string $subject - * - * @return \GrahamCampbell\ResultType\Result - */ - public static function occurrences(string $pattern, string $subject) - { - return self::pregAndWrap(static function (string $subject) use ($pattern) { - return (int) @\preg_match_all($pattern, $subject); - }, $subject); - } - - /** - * Perform a preg replace callback, wrapping up the result. - * - * @param string $pattern - * @param callable $callback - * @param string $subject - * @param int|null $limit - * - * @return \GrahamCampbell\ResultType\Result - */ - public static function replaceCallback(string $pattern, callable $callback, string $subject, int $limit = null) - { - return self::pregAndWrap(static function (string $subject) use ($pattern, $callback, $limit) { - return (string) @\preg_replace_callback($pattern, $callback, $subject, $limit ?? -1); - }, $subject); - } - - /** - * Perform a preg split, wrapping up the result. - * - * @param string $pattern - * @param string $subject - * - * @return \GrahamCampbell\ResultType\Result - */ - public static function split(string $pattern, string $subject) - { - return self::pregAndWrap(static function (string $subject) use ($pattern) { - /** @var string[] */ - return (array) @\preg_split($pattern, $subject); - }, $subject); - } - - /** - * Perform a preg operation, wrapping up the result. - * - * @template V - * - * @param callable(string):V $operation - * @param string $subject - * - * @return \GrahamCampbell\ResultType\Result - */ - private static function pregAndWrap(callable $operation, string $subject) - { - $result = $operation($subject); - - if (\preg_last_error() !== \PREG_NO_ERROR) { - /** @var \GrahamCampbell\ResultType\Result */ - return Error::create(\preg_last_error_msg()); - } - - /** @var \GrahamCampbell\ResultType\Result */ - return Success::create($result); - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Util/Str.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Util/Str.php deleted file mode 100644 index 087e236..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Util/Str.php +++ /dev/null @@ -1,98 +0,0 @@ - - */ - public static function utf8(string $input, string $encoding = null) - { - if ($encoding !== null && !\in_array($encoding, \mb_list_encodings(), true)) { - /** @var \GrahamCampbell\ResultType\Result */ - return Error::create( - \sprintf('Illegal character encoding [%s] specified.', $encoding) - ); - } - $converted = $encoding === null ? - @\mb_convert_encoding($input, 'UTF-8') : - @\mb_convert_encoding($input, 'UTF-8', $encoding); - /** - * this is for support UTF-8 with BOM encoding - * @see https://en.wikipedia.org/wiki/Byte_order_mark - * @see https://github.com/vlucas/phpdotenv/issues/500 - */ - if (\substr($converted, 0, 3) == "\xEF\xBB\xBF") { - $converted = \substr($converted, 3); - } - /** @var \GrahamCampbell\ResultType\Result */ - return Success::create($converted); - } - - /** - * Search for a given substring of the input. - * - * @param string $haystack - * @param string $needle - * - * @return \PhpOption\Option - */ - public static function pos(string $haystack, string $needle) - { - /** @var \PhpOption\Option */ - return Option::fromValue(\mb_strpos($haystack, $needle, 0, 'UTF-8'), false); - } - - /** - * Grab the specified substring of the input. - * - * @param string $input - * @param int $start - * @param int|null $length - * - * @return string - */ - public static function substr(string $input, int $start, int $length = null) - { - return \mb_substr($input, $start, $length, 'UTF-8'); - } - - /** - * Compute the length of the given string. - * - * @param string $input - * - * @return int - */ - public static function len(string $input) - { - return \mb_strlen($input, 'UTF-8'); - } -} diff --git a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Validator.php b/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Validator.php deleted file mode 100644 index 0c04ab6..0000000 --- a/utilities/signing_and_verification/php/vendor/vlucas/phpdotenv/src/Validator.php +++ /dev/null @@ -1,209 +0,0 @@ -repository = $repository; - $this->variables = $variables; - } - - /** - * Assert that each variable is present. - * - * @throws \Dotenv\Exception\ValidationException - * - * @return \Dotenv\Validator - */ - public function required() - { - return $this->assert( - static function (?string $value) { - return $value !== null; - }, - 'is missing' - ); - } - - /** - * Assert that each variable is not empty. - * - * @throws \Dotenv\Exception\ValidationException - * - * @return \Dotenv\Validator - */ - public function notEmpty() - { - return $this->assertNullable( - static function (string $value) { - return Str::len(\trim($value)) > 0; - }, - 'is empty' - ); - } - - /** - * Assert that each specified variable is an integer. - * - * @throws \Dotenv\Exception\ValidationException - * - * @return \Dotenv\Validator - */ - public function isInteger() - { - return $this->assertNullable( - static function (string $value) { - return \ctype_digit($value); - }, - 'is not an integer' - ); - } - - /** - * Assert that each specified variable is a boolean. - * - * @throws \Dotenv\Exception\ValidationException - * - * @return \Dotenv\Validator - */ - public function isBoolean() - { - return $this->assertNullable( - static function (string $value) { - if ($value === '') { - return false; - } - - return \filter_var($value, \FILTER_VALIDATE_BOOLEAN, \FILTER_NULL_ON_FAILURE) !== null; - }, - 'is not a boolean' - ); - } - - /** - * Assert that each variable is amongst the given choices. - * - * @param string[] $choices - * - * @throws \Dotenv\Exception\ValidationException - * - * @return \Dotenv\Validator - */ - public function allowedValues(array $choices) - { - return $this->assertNullable( - static function (string $value) use ($choices) { - return \in_array($value, $choices, true); - }, - \sprintf('is not one of [%s]', \implode(', ', $choices)) - ); - } - - /** - * Assert that each variable matches the given regular expression. - * - * @param string $regex - * - * @throws \Dotenv\Exception\ValidationException - * - * @return \Dotenv\Validator - */ - public function allowedRegexValues(string $regex) - { - return $this->assertNullable( - static function (string $value) use ($regex) { - return Regex::matches($regex, $value)->success()->getOrElse(false); - }, - \sprintf('does not match "%s"', $regex) - ); - } - - /** - * Assert that the callback returns true for each variable. - * - * @param callable(?string):bool $callback - * @param string $message - * - * @throws \Dotenv\Exception\ValidationException - * - * @return \Dotenv\Validator - */ - public function assert(callable $callback, string $message) - { - $failing = []; - - foreach ($this->variables as $variable) { - if ($callback($this->repository->get($variable)) === false) { - $failing[] = \sprintf('%s %s', $variable, $message); - } - } - - if (\count($failing) > 0) { - throw new ValidationException(\sprintf( - 'One or more environment variables failed assertions: %s.', - \implode(', ', $failing) - )); - } - - return $this; - } - - /** - * Assert that the callback returns true for each variable. - * - * Skip checking null variable values. - * - * @param callable(string):bool $callback - * @param string $message - * - * @throws \Dotenv\Exception\ValidationException - * - * @return \Dotenv\Validator - */ - public function assertNullable(callable $callback, string $message) - { - return $this->assert( - static function (?string $value) use ($callback) { - if ($value === null) { - return true; - } - - return $callback($value); - }, - $message - ); - } -} From 3146cff50093824d528d82fc04a37c096d480791 Mon Sep 17 00:00:00 2001 From: Charanpreet Date: Fri, 2 Feb 2024 17:05:51 +0530 Subject: [PATCH 4/4] feat: added 1:1 utility for signing and verification in PHP --- .../signing_and_verification/php/README.md | 84 ++++++ .../php/composer.json | 14 - .../signing_and_verification/php/src/.env | 4 - .../php/src/index.php | 250 ++++++++++-------- 4 files changed, 229 insertions(+), 123 deletions(-) create mode 100644 utilities/signing_and_verification/php/README.md delete mode 100644 utilities/signing_and_verification/php/composer.json delete mode 100644 utilities/signing_and_verification/php/src/.env diff --git a/utilities/signing_and_verification/php/README.md b/utilities/signing_and_verification/php/README.md new file mode 100644 index 0000000..38fb8f9 --- /dev/null +++ b/utilities/signing_and_verification/php/README.md @@ -0,0 +1,84 @@ +# Signing and Verification +Steps for signing and verification + +1. Install php and dependencies + +```sh +# linux setup +# download php +sudo apt install php php-curl +# Download Composer +curl -sS https://getcomposer.org/installer -o composer-setup.php +# install composer +sudo php composer-setup.php --install-dir=/usr/local/bin --filename=composer +# change to cloned directory +cd /reference-implementations/utilities/signing_and_verification/php +composer install + +# brew setup +# install php +brew install php # latest version is 8.0.0, this will work for versions >= 7.4 +# install composer +brew install composer +# change to cloned directory +cd /reference-implementations/utilities/signing_and_verification/php +composer install +``` +2. ENV variables +```sh +SIGNING_PRIV_KEY="your signing private key" +SIGNING_PUB_KEY="your signing public key" +COUNTERPARTY_SIGNING_PUB_KEY="the other party's signing public key" +ENC_PUB_KEY="your encryption/crypto public key" +ENC_PRIV_KEY="your encryption/crypto private key" +COUNTERPARTY_PUB_KEY="the other party's encryption/crypto public key" +SUBSCRIBER_ID="your subscriber id" +UNIQUE_KEY_ID="your ukid" +AUTH_HEADER="the auth header that is to be verified" +REQUEST_BODY="json stringified payload" +``` +3. Generate keys +```sh +composer run start -- -g + +# OUTPUT +Signing priv key: VfwASYHVjMAC63LClJKVTvjHcvuUZ4oQKhXmpY6+pwsu7b5xNQzhD/drIPer5m3kasjjicaj/+lblZsNnlQMCw== +Signing pub key: Lu2+cTUM4Q/3ayD3q+Zt5GrI44nGo//pW5WbDZ5UDAs= +Encryption priv key: MC4CAQEwBQYDK2VuBCIEINaTmxwcMRLGuxX1lrwo0Lxd2FHqn84YqQoDzVQXe46+ +Encryption pub key: MCowBQYDK2VuAyEAFT6F4dxn1waTvLUbY5tdKh/IezuOp+tlHkAwQw82qXU= +``` +4. Create authorisation header +```sh +# REQUEST_BODY, SIGNING_PRIV_KEY, SUBSCRIBER_ID, UNIQUE_KEY_ID should be set +composer run start -- -s + +# OUTPUT +Signature keyId="buyer-app.ondc.org|207|ed25519",algorithm="ed25519",created="1641287875",expires="1641291475",headers="(created) (expires) digest",signature="fKQWvXhln4UdyZdL87ViXQObdBme0dHnsclD2LvvnHoNxIgcvAwUZOmwAnH5QKi9Upg5tRaxpoGhCFGHD+d+Bw==" +``` + +5. Verify authorisation header +```sh +# AUTH_HEADER, REQUEST_BODY, COUNTERPARTY_SIGNING_PUB_KEY should be set +composer run start -- -v + +#OUTPUT +0 | 1 # depending upon truth value (true = 1) +``` + +6. Encrypt Payload +```sh +# ENC_PRIV_KEY, COUNTERPARTY_PUB_KEY should be set +composer run start -- -e 'message to encrypt' + +#OUTPUT +dq6j2KZp61G6PMM9IhHW2fbOnquy7gkwJN/tVXkKAI4= +``` + +8. Decrypt Payload +```sh +# ENC_PRIV_KEY, ENC_PUB_KEY should be set +composer run start -d 'dq6j2KZp61G6PMM9IhHW2fbOnquy7gkwJN/tVXkKAI4=' + +#OUTPUT +message to encrypt +``` diff --git a/utilities/signing_and_verification/php/composer.json b/utilities/signing_and_verification/php/composer.json deleted file mode 100644 index 3e6e13a..0000000 --- a/utilities/signing_and_verification/php/composer.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "name": "charnpreet/signver", - "type": "project", - "autoload": { - "psr-4": { - "Charnpreet\\Signver\\": "src/" - } - }, - "require": { - "vlucas/phpdotenv": "^5.6", - "sop/crypto-types": "dev-master", - "phpseclib/phpseclib": "^3.0" - } -} diff --git a/utilities/signing_and_verification/php/src/.env b/utilities/signing_and_verification/php/src/.env deleted file mode 100644 index 0bb1ff8..0000000 --- a/utilities/signing_and_verification/php/src/.env +++ /dev/null @@ -1,4 +0,0 @@ -PRIVATE_KEY="3LFlZAAuAMyppOq35pGz1b6ujlX4PAcEuGmMe6ONGuqyx2kXoC1/oh/VzDUzVSMdCqx2yZ3wtqTuoAvN58U5xg==" -PUBLIC_KEY="ssdpF6Atf6If1cw1M1UjHQqsdsmd8Lak7qALzefFOcY=" -SUBSCRIBER_ID="subscriber_id" -UNIQUE_KEY_ID="ukid" \ No newline at end of file diff --git a/utilities/signing_and_verification/php/src/index.php b/utilities/signing_and_verification/php/src/index.php index fe84563..b1b2936 100644 --- a/utilities/signing_and_verification/php/src/index.php +++ b/utilities/signing_and_verification/php/src/index.php @@ -1,135 +1,175 @@ load(); +$dotenv = Dotenv\Dotenv::createImmutable(dirname(__DIR__, 1)); +$dotenv->safeload(); -function hash_msg(string $msg): string{ - return base64_encode(sodium_crypto_generichash($msg,"",64)); +function hash_msg(string $msg): string +{ + return base64_encode(sodium_crypto_generichash($msg, "", 64)); } -function create_signing_string(string $digest_base64, string $created=null, string $expires=null): string { - $now = new DateTime(); - $one_hour = new DateInterval("PT1H"); - +function create_signing_string(string $digest_base64, string $created = null, string $expires = null): string +{ + $now = new DateTime(); + $one_hour = new DateInterval("PT1H"); - if ($created == null) { - $created = $now->getTimestamp(); - } + if ($created == null) { + $created = $now->getTimestamp(); + } - if ($expires == null) { - $expires = $now->add($one_hour)->getTimestamp(); - } + if ($expires == null) { + $expires = $now->add($one_hour)->getTimestamp(); + } - $signing_string = "(created): $created\n(expires): $expires\ndigest: BLAKE-512=$digest_base64"; - return $signing_string; + $signing_string = "(created): $created\n(expires): $expires\ndigest: BLAKE-512=$digest_base64"; + return $signing_string; } -function sign_response(string $signing_key, string $private_key): string { - return base64_encode(sodium_crypto_sign_detached($signing_key, base64_decode($private_key))); +function sign_response(string $signing_key, string $private_key): string +{ + return base64_encode(sodium_crypto_sign_detached($signing_key, base64_decode($private_key))); } -function verify_response(string $signature, string $signing_key, string $public_key): bool { - return sodium_crypto_sign_verify_detached(base64_decode($signature), $signing_key, base64_decode($public_key)); +function verify_response(string $signature, string $signing_key, string $public_key): bool +{ + return sodium_crypto_sign_verify_detached(base64_decode($signature), $signing_key, base64_decode($public_key)); } -function create_authorisation_header(string $request_body, string $created=null, string $expires=null) { - $now = new DateTime(); - $one_hour = new DateInterval("PT1H"); - - if($created == null) { - $created = $now->getTimestamp(); - } - - if($expires == null) { - $expires = $now->add($one_hour)->getTimeStamp(); - } - - $signing_key = create_signing_string(hash_msg($request_body), $created, $expires); - $signature = sign_response($signing_key, $_ENV['PRIVATE_KEY']); - - $subscriber_id = $_ENV['SUBSCRIBER_ID']; - $unique_key_id = $_ENV['UNIQUE_KEY_ID']; - - $header = "Signature keyId=\"$subscriber_id|$unique_key_id|ed25519\",algorithm=\"ed25519\",created=\"$created\",expires=\"$expires\",headers=\"($created) ($expires) digest\",signature=\"$signature\""; - return $header; +function create_authorisation_header(string $request_body, string $created = null, string $expires = null) +{ + $now = new DateTime(); + $one_hour = new DateInterval("PT1H"); + + if ($created == null) { + $created = $now->getTimestamp(); + } + + if ($expires == null) { + $expires = $now->add($one_hour)->getTimeStamp(); + } + + $signing_key = create_signing_string(hash_msg($request_body), $created, $expires); + $signature = sign_response($signing_key, $_ENV['SIGNING_PRIV_KEY']); + + $subscriber_id = $_ENV['SUBSCRIBER_ID']; + $unique_key_id = $_ENV['UNIQUE_KEY_ID']; + + $header = "Signature keyId=\"$subscriber_id|$unique_key_id|ed25519\",algorithm=\"ed25519\",created=\"$created\",expires=\"$expires\",headers=\"($created) ($expires) digest\",signature=\"$signature\""; + return $header; } // util -function get_filter_dict(string $filter_string) { - $filter_string_list = preg_split("/,/", $filter_string); - $filter_string_list = array_map(function($item) { return trim($item, " \n\r\t\v\0\""); }, $filter_string_list); - $filter_string_dict = []; - foreach($filter_string_list as $item) { - $split_item = preg_split("/=/", $item, 2); - $filter_string_dict[$split_item[0]] = trim($split_item[1], " \n\r\t\v\0\""); - } - return $filter_string_dict; +function get_filter_dict(string $filter_string) +{ + $filter_string_list = preg_split("/,/", $filter_string); + $filter_string_list = array_map(function ($item) {return trim($item, " \n\r\t\v\0\"");}, $filter_string_list); + $filter_string_dict = []; + foreach ($filter_string_list as $item) { + $split_item = preg_split("/=/", $item, 2); + $filter_string_dict[$split_item[0]] = trim($split_item[1], " \n\r\t\v\0\""); + } + return $filter_string_dict; +} + +function verify_authorisation_header(string $auth_header, string $request_body_str, string $public_key): bool +{ + $auth_header = str_replace("Signature ", "", $auth_header); + $header_parts = get_filter_dict($auth_header); + $created = (int) $header_parts["created"]; + $expires = (int) $header_parts["expires"]; + + $now = new DateTime(); + if ($created <= $now->getTimestamp() && $expires >= $now->getTimestamp()) { + $signing_key = create_signing_string(hash_msg($request_body_str), $created, $expires); + return verify_response($header_parts['signature'], $signing_key, $public_key); + } + return false; +} + +function gen_keys() +{ + $signkeypair = sodium_crypto_sign_keypair(); + $signprivkey = sodium_crypto_sign_secretkey($signkeypair); + $signpubkey = sodium_crypto_sign_publickey($signkeypair); + + // using libsodium + $enckeypair = sodium_crypto_box_keypair(); + $encprivkey = sodium_crypto_box_secretkey($enckeypair); + $encpubkey = sodium_crypto_box_publickey($enckeypair); + + // $openssl = openssl_pkey_get_private($encprivkey); + + // echo "Encryption priv key: ", base64_encode($encprivkey), "\n"; + $encprivkey = new OneAsymmetricKey(new X25519AlgorithmIdentifier(), "\x04\x20" . $encprivkey); + $encpubkey = new PublicKeyInfo(new X25519AlgorithmIdentifier(), new BitString($encpubkey)); + + echo "Signing priv key: ", base64_encode($signprivkey), "\n"; + echo "Signing pub key: ", base64_encode($signpubkey), "\n"; + echo "Encryption priv key: ", base64_encode($encprivkey->toDER()), "\n"; + echo "Encryption pub key: ", base64_encode($encpubkey->toDER()), "\n"; } -function verify_authorisation_header(string $auth_header, string $request_body_str, string $public_key): bool { - $auth_header = str_replace("Signature ", "", $auth_header); - $header_parts = get_filter_dict($auth_header); - $created = (int) $header_parts["created"]; - $expires = (int) $header_parts["expires"]; - - $now = new DateTime(); - if ($created <= $now->getTimestamp() && $expires >= $now->getTimestamp()) { - $signing_key = create_signing_string(hash_msg($request_body_str), $created, $expires); - return verify_response($header_parts['signature'], $signing_key, $public_key); - } - return false; +function encrypt(string $crypto_private_key, string $crypto_public_key, ?string $message = null): string +{ + $pkey = OneAsymmetricKey::fromDER(base64_decode($crypto_private_key)); + $pubkey = PublicKeyInfo::fromDER(base64_decode($crypto_public_key)); + $pkey = hex2bin(str_replace("0420", "", bin2hex($pkey->privateKeyData()))); + $shkey = sodium_crypto_box_keypair_from_secretkey_and_publickey($pkey, $pubkey->publicKeyData()); + $shpkey = sodium_crypto_box_secretkey($shkey); + + $cipher = new AES('ecb'); + $cipher->setKey($shpkey); + return base64_encode($cipher->encrypt($message == null ? 'ONDC is a great initiative!' : $message)); } -function gen_keys() { - $signkeypair = sodium_crypto_sign_keypair(); - $signprivkey = sodium_crypto_sign_secretkey($signkeypair); - $signpubkey = sodium_crypto_sign_publickey($signkeypair); - - // using libsodium - $enckeypair = sodium_crypto_box_keypair(); - $encprivkey = sodium_crypto_box_secretkey($enckeypair); - $encpubkey = sodium_crypto_box_publickey($enckeypair); - - // $openssl = openssl_pkey_get_private($encprivkey); - - echo "Encryption priv key: ", base64_encode($encprivkey), "\n"; - $encprivkey = new OneAsymmetricKey(new X25519AlgorithmIdentifier(), "\x04\x20".$encprivkey); - $encpubkey = new PublicKeyInfo(new X25519AlgorithmIdentifier(), new BitString($encpubkey)); - - echo "Signing priv key: ", base64_encode($signprivkey), "\n"; - echo "Signing pub key: ", base64_encode($signpubkey), "\n"; - echo "Encryption priv key: ", base64_encode($encprivkey->toDER()), "\n"; - echo "Encryption pub key: ", base64_encode($encpubkey->toDER()), "\n"; +function decrypt(string $crypto_private_key, string $crypto_public_key, string $cipher_text): string +{ + $pkey = OneAsymmetricKey::fromDER(base64_decode($crypto_private_key)); + $pubkey = PublicKeyInfo::fromDER(base64_decode($crypto_public_key)); + $pkey = hex2bin(str_replace("0420", "", bin2hex($pkey->privateKeyData()))); + $shkey = sodium_crypto_box_keypair_from_secretkey_and_publickey($pkey, $pubkey->publicKeyData()); + $shpkey = sodium_crypto_box_secretkey($shkey); + + $cipher = new AES('ecb'); + $cipher->setKey($shpkey); + return ($cipher->decrypt(base64_decode($cipher_text))); } -function encrypt(string $crypto_private_key, string $crypto_public_key, ?string $message=null): string { - $pkey = OneAsymmetricKey::fromDER(base64_decode($crypto_private_key)); - $pubkey = PublicKeyInfo::fromDER(base64_decode($crypto_public_key)); - $pkey = hex2bin(str_replace("0420","", bin2hex($pkey->privateKeyData()))); - $shkey = sodium_crypto_box_keypair_from_secretkey_and_publickey($pkey, $pubkey->publicKeyData()); - $shpkey = sodium_crypto_box_secretkey($shkey); - - $cipher = new AES('ecb'); - $cipher->setKey($shpkey); - return base64_encode($cipher->encrypt($message == null ? 'ONDC is a great initiative!':$message)); +function main(array $args) +{ + switch ($args[1]) { + case "-g": + gen_keys(); + break; + case "-e": + echo encrypt($_ENV['ENC_PRIV_KEY'], $_ENV['COUNTERPARTY_PUB_KEY'], $args[2]); + break; + case "-d": + echo decrypt($_ENV['ENC_PRIV_KEY'], $_ENV['ENC_PUB_KEY'], $args[2]); + break; + case "-s": + echo create_authorisation_header($_ENV['REQUEST_BODY']); + break; + case "-v": + echo verify_authorisation_header($_ENV['AUTH_HEADER'] || '', $_ENV['REQUEST_BODY'] || '', $_ENV["COUNTERPARTY_SIGNING_PUB_KEY"]); + break; + default: + echo "$args[1] is not a valid argument: please check" . "\n"; + echo "signing and verification helper: " . "\n"; + echo "-g: generate signing and enc key pairs" . "\n"; + echo "-e: encrypt with enc keys" . "\n"; + echo "-d: decrypt with enc keys" . "\n"; + echo "-s: create signed header" . "\n"; + echo "-v: verify signed header" . "\n"; + } } -function decrypt(string $crypto_private_key, string $crypto_public_key, string $cipher_text): string { - $pkey = OneAsymmetricKey::fromDER(base64_decode($crypto_private_key)); - $pubkey = PublicKeyInfo::fromDER(base64_decode($crypto_public_key)); - $pkey = hex2bin(str_replace("0420","", bin2hex($pkey->privateKeyData()))); - $shkey = sodium_crypto_box_keypair_from_secretkey_and_publickey($pkey, $pubkey->publicKeyData()); - $shpkey = sodium_crypto_box_secretkey($shkey); - - $cipher = new AES('ecb'); - $cipher->setKey($shpkey); - return ($cipher->decrypt(base64_decode($cipher_text))); -} \ No newline at end of file +main($argv);