nilsteampassnet /
TeamPass
@@ -19,7 +19,6 @@ |
||
| 19 | 19 | use ParagonIE\ConstantTime\Hex; |
| 20 | 20 | use phpseclib\Crypt\Common\BlockCipher; |
| 21 | 21 | use phpseclib\Crypt\AES; |
| 22 | -use phpseclib\Crypt\Base; |
|
| 23 | 22 | use phpseclib\Crypt\DES; |
| 24 | 23 | use phpseclib\Crypt\TripleDES; |
| 25 | 24 | use phpseclib\Math\BigInteger; |
@@ -26,10 +26,8 @@ |
||
| 26 | 26 | |
| 27 | 27 | use ParagonIE\ConstantTime\Base64; |
| 28 | 28 | use ParagonIE\ConstantTime\Hex; |
| 29 | -use phpseclib\Crypt\AES; |
|
| 30 | 29 | use phpseclib\Crypt\DES; |
| 31 | 30 | use phpseclib\Crypt\Random; |
| 32 | -use phpseclib\Crypt\TripleDES; |
|
| 33 | 31 | use phpseclib\Math\BigInteger; |
| 34 | 32 | use phpseclib\Common\Functions\ASN1; |
| 35 | 33 | |
@@ -48,7 +48,6 @@ |
||
| 48 | 48 | |
| 49 | 49 | namespace phpseclib\Net; |
| 50 | 50 | |
| 51 | -use ParagonIE\ConstantTime\Hex; |
|
| 52 | 51 | use phpseclib\Crypt\DES; |
| 53 | 52 | use phpseclib\Crypt\Random; |
| 54 | 53 | use phpseclib\Crypt\TripleDES; |
@@ -79,7 +79,6 @@ |
||
| 79 | 79 | // phpcrypt |
| 80 | 80 | require_once $_SESSION['settings']['cpassman_dir'] . '/includes/libraries/phpcrypt/phpCrypt.php'; |
| 81 | 81 | use PHP_Crypt\PHP_Crypt as PHP_Crypt; |
| 82 | -use PHP_Crypt\Cipher as Cipher; |
|
| 83 | 82 | |
| 84 | 83 | // prepare Encryption class calls |
| 85 | 84 | use \Defuse\Crypto\Crypto; |
@@ -543,8 +543,11 @@ discard block |
||
| 543 | 543 | ) |
| 544 | 544 | ); |
| 545 | 545 | // prepare display |
| 546 | - if (empty($tags)) $return_tags = "<span class='round-grey pointer tip' title='".addslashes($LANG['list_items_with_tag'])."' onclick='searchItemsWithTags(\"".strtolower($tag)."\")'><i class='fa fa-tag fa-sm'></i> <span class=\"item_tag\">".strtolower($tag)."</span></span>"; |
|
| 547 | - else $return_tags .= " <span class='round-grey pointer tip' title='".addslashes($LANG['list_items_with_tag'])."' onclick='searchItemsWithTags(\"".strtolower($tag)."\")'><i class='fa fa-tag fa-sm'></i> <span class=\"item_tag\">".strtolower($tag)."</span></span>"; |
|
| 546 | + if (empty($tags)) { |
|
| 547 | + $return_tags = "<span class='round-grey pointer tip' title='".addslashes($LANG['list_items_with_tag'])."' onclick='searchItemsWithTags(\"".strtolower($tag)."\")'><i class='fa fa-tag fa-sm'></i> <span class=\"item_tag\">".strtolower($tag)."</span></span>"; |
|
| 548 | + } else { |
|
| 549 | + $return_tags .= " <span class='round-grey pointer tip' title='".addslashes($LANG['list_items_with_tag'])."' onclick='searchItemsWithTags(\"".strtolower($tag)."\")'><i class='fa fa-tag fa-sm'></i> <span class=\"item_tag\">".strtolower($tag)."</span></span>"; |
|
| 550 | + } |
|
| 548 | 551 | } |
| 549 | 552 | } |
| 550 | 553 | |
@@ -765,8 +768,11 @@ discard block |
||
| 765 | 768 | // add roles for item |
| 766 | 769 | foreach (array_filter(explode(';', $dataReceived['restricted_to_roles'])) as $role) { |
| 767 | 770 | $role = explode("role_", $role); |
| 768 | - if (count($role) > 1) $role = $role[1]; |
|
| 769 | - else $role = $role[0]; |
|
| 771 | + if (count($role) > 1) { |
|
| 772 | + $role = $role[1]; |
|
| 773 | + } else { |
|
| 774 | + $role = $role[0]; |
|
| 775 | + } |
|
| 770 | 776 | DB::insert( |
| 771 | 777 | prefix_table('restriction_to_roles'), |
| 772 | 778 | array( |
@@ -1314,8 +1320,11 @@ discard block |
||
| 1314 | 1320 | $tags = ""; |
| 1315 | 1321 | $rows = DB::query("SELECT tag FROM ".prefix_table("tags")." WHERE item_id=%i", $_POST['id']); |
| 1316 | 1322 | foreach ($rows as $record) { |
| 1317 | - if (empty($tags)) $tags = "<span style='' class='round-grey pointer tip' title='".addslashes($LANG['list_items_with_tag'])."' onclick='searchItemsWithTags(\"".$record['tag']."\")'><i class='fa fa-tag fa-sm'></i> <span class=\"item_tag\">".$record['tag']."</span></span>"; |
|
| 1318 | - else $tags .= " <span style='' class='round-grey pointer tip' title='".addslashes($LANG['list_items_with_tag'])."' onclick='searchItemsWithTags(\"".$record['tag']."\")'><i class='fa fa-tag fa-sm'></i> <span class=\"item_tag\">".$record['tag']."</span></span>"; |
|
| 1323 | + if (empty($tags)) { |
|
| 1324 | + $tags = "<span style='' class='round-grey pointer tip' title='".addslashes($LANG['list_items_with_tag'])."' onclick='searchItemsWithTags(\"".$record['tag']."\")'><i class='fa fa-tag fa-sm'></i> <span class=\"item_tag\">".$record['tag']."</span></span>"; |
|
| 1325 | + } else { |
|
| 1326 | + $tags .= " <span style='' class='round-grey pointer tip' title='".addslashes($LANG['list_items_with_tag'])."' onclick='searchItemsWithTags(\"".$record['tag']."\")'><i class='fa fa-tag fa-sm'></i> <span class=\"item_tag\">".$record['tag']."</span></span>"; |
|
| 1327 | + } |
|
| 1319 | 1328 | } |
| 1320 | 1329 | |
| 1321 | 1330 | // TODO -> improve this check |
@@ -1423,8 +1432,11 @@ discard block |
||
| 1423 | 1432 | $_POST['id'] |
| 1424 | 1433 | ); |
| 1425 | 1434 | foreach ($rows as $record) { |
| 1426 | - if (empty($tmp)) $tmp = "<a class='round-grey' href='".$_SESSION['settings']['cpassman_url']."/index.php?page=kb&id=".$record['id']."'><i class='fa fa-map-pin fa-sm'></i> ".$record['label']."</a>"; |
|
| 1427 | - else $tmp .= " <a class='round-grey' href='".$_SESSION['settings']['cpassman_url']."/index.php?page=kb&id=".$record['id']."'><i class='fa fa-map-pin fa-sm'></i> ".$record['label']."</a>"; |
|
| 1435 | + if (empty($tmp)) { |
|
| 1436 | + $tmp = "<a class='round-grey' href='".$_SESSION['settings']['cpassman_url']."/index.php?page=kb&id=".$record['id']."'><i class='fa fa-map-pin fa-sm'></i> ".$record['label']."</a>"; |
|
| 1437 | + } else { |
|
| 1438 | + $tmp .= " <a class='round-grey' href='".$_SESSION['settings']['cpassman_url']."/index.php?page=kb&id=".$record['id']."'><i class='fa fa-map-pin fa-sm'></i> ".$record['label']."</a>"; |
|
| 1439 | + } |
|
| 1428 | 1440 | } |
| 1429 | 1441 | $arrData['links_to_kbs'] = $tmp; |
| 1430 | 1442 | } |
@@ -2063,9 +2075,13 @@ discard block |
||
| 2063 | 2075 | $role, |
| 2064 | 2076 | $_POST['id'] |
| 2065 | 2077 | ); |
| 2066 | - if ($access['type'] == "R") array_push($arrTmp, 1); |
|
| 2067 | - else if ($access['type'] == "W") array_push($arrTmp, 0); |
|
| 2068 | - else array_push($arrTmp, 3); |
|
| 2078 | + if ($access['type'] == "R") { |
|
| 2079 | + array_push($arrTmp, 1); |
|
| 2080 | + } else if ($access['type'] == "W") { |
|
| 2081 | + array_push($arrTmp, 0); |
|
| 2082 | + } else { |
|
| 2083 | + array_push($arrTmp, 3); |
|
| 2084 | + } |
|
| 2069 | 2085 | } |
| 2070 | 2086 | $accessLevel = min($arrTmp); |
| 2071 | 2087 | //echo $_POST['id']." - ".$accessLevel." - "; |
@@ -25,7 +25,6 @@ |
||
| 25 | 25 | require_once $_SESSION['settings']['cpassman_dir'] . '/includes/config/settings.php'; |
| 26 | 26 | } |
| 27 | 27 | use PHP_Crypt\PHP_Crypt as PHP_Crypt; |
| 28 | -use PHP_Crypt\Cipher as Cipher; |
|
| 29 | 28 | |
| 30 | 29 | |
| 31 | 30 | // prepare Encryption class calls |
@@ -309,18 +309,18 @@ discard block |
||
| 309 | 309 | ); |
| 310 | 310 | } else if ($type == "decrypt") { |
| 311 | 311 | // case if IV is empty |
| 312 | - if (empty($iv)) |
|
| 313 | - return array( |
|
| 312 | + if (empty($iv)) { |
|
| 313 | + return array( |
|
| 314 | 314 | 'string' => "", |
| 315 | 315 | 'error' => "ERR_ENCRYPTION_NOT_CORRECT" |
| 316 | 316 | ); |
| 317 | + } |
|
| 317 | 318 | |
| 318 | 319 | // convert |
| 319 | 320 | try { |
| 320 | 321 | $string = testHex2Bin(trim($string)); |
| 321 | 322 | $iv = testHex2Bin($iv); |
| 322 | - } |
|
| 323 | - catch (Exception $e) { |
|
| 323 | + } catch (Exception $e) { |
|
| 324 | 324 | // error - $e->getMessage(); |
| 325 | 325 | return array( |
| 326 | 326 | 'string' => "", |
@@ -383,20 +383,15 @@ discard block |
||
| 383 | 383 | } else if ($type === "decrypt") { |
| 384 | 384 | $text = \Defuse\Crypto\Crypto::decrypt($message, $key); |
| 385 | 385 | } |
| 386 | - } |
|
| 387 | - catch (Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException $ex) { |
|
| 386 | + } catch (Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException $ex) { |
|
| 388 | 387 | $err = "An attack! Either the wrong key was loaded, or the ciphertext has changed since it was created either corrupted in the database or intentionally modified by someone trying to carry out an attack."; |
| 389 | - } |
|
| 390 | - catch (Defuse\Crypto\Exception\BadFormatException $ex) { |
|
| 388 | + } catch (Defuse\Crypto\Exception\BadFormatException $ex) { |
|
| 391 | 389 | $err = $ex; |
| 392 | - } |
|
| 393 | - catch (Defuse\Crypto\Exception\EnvironmentIsBrokenException $ex) { |
|
| 390 | + } catch (Defuse\Crypto\Exception\EnvironmentIsBrokenException $ex) { |
|
| 394 | 391 | $err = $ex; |
| 395 | - } |
|
| 396 | - catch (Defuse\Crypto\Exception\CryptoException $ex) { |
|
| 392 | + } catch (Defuse\Crypto\Exception\CryptoException $ex) { |
|
| 397 | 393 | $err = $ex; |
| 398 | - } |
|
| 399 | - catch (Defuse\Crypto\Exception\IOException $ex) { |
|
| 394 | + } catch (Defuse\Crypto\Exception\IOException $ex) { |
|
| 400 | 395 | $err = $ex; |
| 401 | 396 | } |
| 402 | 397 | |
@@ -454,11 +449,9 @@ discard block |
||
| 454 | 449 | $protected_key = \Defuse\Crypto\KeyProtectedByPassword::loadFromAsciiSafeString($protected_key_encoded); |
| 455 | 450 | $user_key = $protected_key->unlockKey($psk); |
| 456 | 451 | $user_key_encoded = $user_key->saveToAsciiSafeString(); |
| 457 | - } |
|
| 458 | - catch (Defuse\Crypto\Exception\EnvironmentIsBrokenException $ex) { |
|
| 452 | + } catch (Defuse\Crypto\Exception\EnvironmentIsBrokenException $ex) { |
|
| 459 | 453 | return "Error - Major issue as the encryption is broken."; |
| 460 | - } |
|
| 461 | - catch (Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException $ex) { |
|
| 454 | + } catch (Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException $ex) { |
|
| 462 | 455 | return "Error - The saltkey is not the correct one."; |
| 463 | 456 | } |
| 464 | 457 | |
@@ -1126,7 +1119,9 @@ discard block |
||
| 1126 | 1119 | require_once $_SESSION['settings']['cpassman_dir'].'/includes/libraries/Email/Phpmailer/PHPMailerAutoload.php'; |
| 1127 | 1120 | |
| 1128 | 1121 | // load PHPMailer |
| 1129 | - if (!isset($mail)) $mail = new PHPMailer(); |
|
| 1122 | + if (!isset($mail)) { |
|
| 1123 | + $mail = new PHPMailer(); |
|
| 1124 | + } |
|
| 1130 | 1125 | // send to user |
| 1131 | 1126 | $mail->setLanguage("en", "../includes/libraries/Email/Phpmailer/language/"); |
| 1132 | 1127 | $mail->SMTPDebug = 0; //value 1 can be used to debug |
@@ -1195,7 +1190,9 @@ discard block |
||
| 1195 | 1190 | |
| 1196 | 1191 | function isUTF8($string) |
| 1197 | 1192 | { |
| 1198 | - if (is_array($string) === true) $string = $string['string']; |
|
| 1193 | + if (is_array($string) === true) { |
|
| 1194 | + $string = $string['string']; |
|
| 1195 | + } |
|
| 1199 | 1196 | return preg_match( |
| 1200 | 1197 | '%^(?: |
| 1201 | 1198 | [\x09\x0A\x0D\x20-\x7E] # ASCII |
@@ -1311,12 +1308,24 @@ discard block |
||
| 1311 | 1308 | $pwgen = new Encryption\PwGen\pwgen(); |
| 1312 | 1309 | |
| 1313 | 1310 | // init |
| 1314 | - if(!empty($size)) $pwgen->setLength($size); |
|
| 1315 | - if(!empty($secure)) $pwgen->setSecure($secure); |
|
| 1316 | - if(!empty($numerals)) $pwgen->setNumerals($numerals); |
|
| 1317 | - if(!empty($capitalize)) $pwgen->setCapitalize($capitalize); |
|
| 1318 | - if(!empty($ambiguous)) $pwgen->setAmbiguous($ambiguous); |
|
| 1319 | - if(!empty($symbols)) $pwgen->setSymbols($symbols); |
|
| 1311 | + if(!empty($size)) { |
|
| 1312 | + $pwgen->setLength($size); |
|
| 1313 | + } |
|
| 1314 | + if(!empty($secure)) { |
|
| 1315 | + $pwgen->setSecure($secure); |
|
| 1316 | + } |
|
| 1317 | + if(!empty($numerals)) { |
|
| 1318 | + $pwgen->setNumerals($numerals); |
|
| 1319 | + } |
|
| 1320 | + if(!empty($capitalize)) { |
|
| 1321 | + $pwgen->setCapitalize($capitalize); |
|
| 1322 | + } |
|
| 1323 | + if(!empty($ambiguous)) { |
|
| 1324 | + $pwgen->setAmbiguous($ambiguous); |
|
| 1325 | + } |
|
| 1326 | + if(!empty($symbols)) { |
|
| 1327 | + $pwgen->setSymbols($symbols); |
|
| 1328 | + } |
|
| 1320 | 1329 | |
| 1321 | 1330 | // generate and send back |
| 1322 | 1331 | return $pwgen->generate(); |
@@ -1345,7 +1354,9 @@ discard block |
||
| 1345 | 1354 | { |
| 1346 | 1355 | global $server, $user, $pass, $database, $pre, $port, $encoding; |
| 1347 | 1356 | |
| 1348 | - if (empty($who)) $who = get_client_ip_server(); |
|
| 1357 | + if (empty($who)) { |
|
| 1358 | + $who = get_client_ip_server(); |
|
| 1359 | + } |
|
| 1349 | 1360 | |
| 1350 | 1361 | // include librairies & connect to DB |
| 1351 | 1362 | require_once $_SESSION['settings']['cpassman_dir'].'/includes/libraries/Database/Meekrodb/db.class.php'; |
@@ -1415,20 +1426,21 @@ discard block |
||
| 1415 | 1426 | */ |
| 1416 | 1427 | function get_client_ip_server() { |
| 1417 | 1428 | $ipaddress = ''; |
| 1418 | - if (getenv('HTTP_CLIENT_IP')) |
|
| 1419 | - $ipaddress = getenv('HTTP_CLIENT_IP'); |
|
| 1420 | - else if(getenv('HTTP_X_FORWARDED_FOR')) |
|
| 1421 | - $ipaddress = getenv('HTTP_X_FORWARDED_FOR'); |
|
| 1422 | - else if(getenv('HTTP_X_FORWARDED')) |
|
| 1423 | - $ipaddress = getenv('HTTP_X_FORWARDED'); |
|
| 1424 | - else if(getenv('HTTP_FORWARDED_FOR')) |
|
| 1425 | - $ipaddress = getenv('HTTP_FORWARDED_FOR'); |
|
| 1426 | - else if(getenv('HTTP_FORWARDED')) |
|
| 1427 | - $ipaddress = getenv('HTTP_FORWARDED'); |
|
| 1428 | - else if(getenv('REMOTE_ADDR')) |
|
| 1429 | - $ipaddress = getenv('REMOTE_ADDR'); |
|
| 1430 | - else |
|
| 1431 | - $ipaddress = 'UNKNOWN'; |
|
| 1429 | + if (getenv('HTTP_CLIENT_IP')) { |
|
| 1430 | + $ipaddress = getenv('HTTP_CLIENT_IP'); |
|
| 1431 | + } else if(getenv('HTTP_X_FORWARDED_FOR')) { |
|
| 1432 | + $ipaddress = getenv('HTTP_X_FORWARDED_FOR'); |
|
| 1433 | + } else if(getenv('HTTP_X_FORWARDED')) { |
|
| 1434 | + $ipaddress = getenv('HTTP_X_FORWARDED'); |
|
| 1435 | + } else if(getenv('HTTP_FORWARDED_FOR')) { |
|
| 1436 | + $ipaddress = getenv('HTTP_FORWARDED_FOR'); |
|
| 1437 | + } else if(getenv('HTTP_FORWARDED')) { |
|
| 1438 | + $ipaddress = getenv('HTTP_FORWARDED'); |
|
| 1439 | + } else if(getenv('REMOTE_ADDR')) { |
|
| 1440 | + $ipaddress = getenv('REMOTE_ADDR'); |
|
| 1441 | + } else { |
|
| 1442 | + $ipaddress = 'UNKNOWN'; |
|
| 1443 | + } |
|
| 1432 | 1444 | |
| 1433 | 1445 | return $ipaddress; |
| 1434 | 1446 | } |
@@ -1495,7 +1507,9 @@ discard block |
||
| 1495 | 1507 | $x = 0; |
| 1496 | 1508 | $bFound = false; |
| 1497 | 1509 | foreach($data as $line) { |
| 1498 | - if (stristr($line, ");")) break; |
|
| 1510 | + if (stristr($line, ");")) { |
|
| 1511 | + break; |
|
| 1512 | + } |
|
| 1499 | 1513 | if (stristr($line, "'".$field."' => '")) { |
| 1500 | 1514 | $data[$x] = " '".$field."' => '".$value."',\n"; |
| 1501 | 1515 | $bFound = true; |
@@ -95,8 +95,10 @@ discard block |
||
| 95 | 95 | <li class="menu_150" style="padding:4px; text-align:left;"><i class="fa fa-bars fa-fw"></i> '.$LANG['admin_actions_title'].' |
| 96 | 96 | <ul class="menu_250" style="text-align:left;"> |
| 97 | 97 | <li id="but_pickfiles_photo"><i class="fa fa-camera fa-fw"></i> '.$LANG['upload_new_avatar'].'</li>'; |
| 98 | - if (!isset($_SESSION['settings']['duo']) || $_SESSION['settings']['duo'] == 0) echo ' |
|
| 98 | + if (!isset($_SESSION['settings']['duo']) || $_SESSION['settings']['duo'] == 0) { |
|
| 99 | + echo ' |
|
| 99 | 100 | <li id="but_change_password"><i class="fa fa-key fa-fw"></i> '.$LANG['index_change_pw'].'</li>'; |
| 101 | + } |
|
| 100 | 102 | echo ' |
| 101 | 103 | <li id="but_change_psk"><i class="fa fa-lock fa-fw"></i> '.$LANG['menu_title_new_personal_saltkey'].'</li> |
| 102 | 104 | <li id="but_reset_psk"><i class="fa fa-eraser fa-fw"></i> '.$LANG['personal_saltkey_lost'].'</li> |
@@ -157,7 +159,7 @@ discard block |
||
| 157 | 159 | <div id="filelist_photo" style="display:none;"></div>'; |
| 158 | 160 | |
| 159 | 161 | // if DUOSecurity enabled then changing PWD is not allowed |
| 160 | -if (!isset($_SESSION['settings']['duo']) || $_SESSION['settings']['duo'] == 0) |
|
| 162 | +if (!isset($_SESSION['settings']['duo']) || $_SESSION['settings']['duo'] == 0) { |
|
| 161 | 163 | echo ' |
| 162 | 164 | <div id="div_change_password" style="display:none; padding:5px;" class="ui-widget ui-state-default"> |
| 163 | 165 | <div style="text-align:center;margin:5px;padding:3px;" id="change_pwd_complexPw" class="ui-widget ui-state-active ui-corner-all"></div> |
@@ -171,6 +173,7 @@ discard block |
||
| 171 | 173 | <span class="button" id="button_change_pw">'.$LANG['index_change_pw_button'].'</span> |
| 172 | 174 | <span id="password_change_wait" style="display:none;"><i class="fa fa-cog fa-spin"></i> '.$LANG['please_wait'].'</span> |
| 173 | 175 | </div>'; |
| 176 | +} |
|
| 174 | 177 | |
| 175 | 178 | //change the saltkey dialogbox |
| 176 | 179 | echo ' |
@@ -100,9 +100,12 @@ discard block |
||
| 100 | 100 | AND table_name = '$tablename'" |
| 101 | 101 | ); |
| 102 | 102 | |
| 103 | - if ($res > 0) return true; |
|
| 104 | - else return false; |
|
| 105 | -} |
|
| 103 | + if ($res > 0) { |
|
| 104 | + return true; |
|
| 105 | + } else { |
|
| 106 | + return false; |
|
| 107 | + } |
|
| 108 | + } |
|
| 106 | 109 | |
| 107 | 110 | //define pbkdf2 iteration count |
| 108 | 111 | @define('ITCOUNT', '2072'); |
@@ -852,7 +855,7 @@ discard block |
||
| 852 | 855 | } |
| 853 | 856 | if(($r+1) == $row_count || ($r % 400) == 399){ |
| 854 | 857 | $contents .= ");\n\n"; |
| 855 | - }else{ |
|
| 858 | + } else{ |
|
| 856 | 859 | $contents .= "),\n"; |
| 857 | 860 | } |
| 858 | 861 | $r++; |
@@ -19,7 +19,9 @@ discard block |
||
| 19 | 19 | $Nr = count($w)/$Nb - 1; // no of rounds: 10/12/14 for 128/192/256-bit keys |
| 20 | 20 | |
| 21 | 21 | $state = array(); // initialise 4xNb byte-array 'state' with input [Ă©3.4] |
| 22 | - for ($i=0; $i<4*$Nb; $i++) $state[$i%4][floor($i/4)] = $input[$i]; |
|
| 22 | + for ($i=0; $i<4*$Nb; $i++) { |
|
| 23 | + $state[$i%4][floor($i/4)] = $input[$i]; |
|
| 24 | + } |
|
| 23 | 25 | |
| 24 | 26 | $state = self::addRoundKey($state, $w, 0, $Nb); |
| 25 | 27 | |
@@ -35,14 +37,18 @@ discard block |
||
| 35 | 37 | $state = self::addRoundKey($state, $w, $Nr, $Nb); |
| 36 | 38 | |
| 37 | 39 | $output = array(4*$Nb); // convert state to 1-d array before returning [Ă©3.4] |
| 38 | - for ($i=0; $i<4*$Nb; $i++) $output[$i] = $state[$i%4][floor($i/4)]; |
|
| 40 | + for ($i=0; $i<4*$Nb; $i++) { |
|
| 41 | + $output[$i] = $state[$i%4][floor($i/4)]; |
|
| 42 | + } |
|
| 39 | 43 | |
| 40 | 44 | return $output; |
| 41 | 45 | } |
| 42 | 46 | |
| 43 | 47 | private static function addRoundKey($state, $w, $rnd, $Nb) { // xor Round Key into state S [Ă©5.1.4] |
| 44 | 48 | for ($r=0; $r<4; $r++) { |
| 45 | - for ($c=0; $c<$Nb; $c++) $state[$r][$c] ^= $w[$rnd*4+$c][$r]; |
|
| 49 | + for ($c=0; $c<$Nb; $c++) { |
|
| 50 | + $state[$r][$c] ^= $w[$rnd*4+$c][$r]; |
|
| 51 | + } |
|
| 46 | 52 | } |
| 47 | 53 | |
| 48 | 54 | return $state; |
@@ -50,7 +56,9 @@ discard block |
||
| 50 | 56 | |
| 51 | 57 | private static function subBytes($s, $Nb) { // apply SBox to state S [Ă©5.1.1] |
| 52 | 58 | for ($r=0; $r<4; $r++) { |
| 53 | - for ($c=0; $c<$Nb; $c++) $s[$r][$c] = self::$sBox[$s[$r][$c]]; |
|
| 59 | + for ($c=0; $c<$Nb; $c++) { |
|
| 60 | + $s[$r][$c] = self::$sBox[$s[$r][$c]]; |
|
| 61 | + } |
|
| 54 | 62 | } |
| 55 | 63 | |
| 56 | 64 | return $s; |
@@ -59,8 +67,14 @@ discard block |
||
| 59 | 67 | private static function shiftRows($s, $Nb) { // shift row r of state S left by r bytes [Ă©5.1.2] |
| 60 | 68 | $t = array(4); |
| 61 | 69 | for ($r=1; $r<4; $r++) { |
| 62 | - for ($c=0; $c<4; $c++) $t[$c] = $s[$r][($c+$r)%$Nb]; // shift into temp copy |
|
| 63 | - for ($c=0; $c<4; $c++) $s[$r][$c] = $t[$c]; // and copy back |
|
| 70 | + for ($c=0; $c<4; $c++) { |
|
| 71 | + $t[$c] = $s[$r][($c+$r)%$Nb]; |
|
| 72 | + } |
|
| 73 | + // shift into temp copy |
|
| 74 | + for ($c=0; $c<4; $c++) { |
|
| 75 | + $s[$r][$c] = $t[$c]; |
|
| 76 | + } |
|
| 77 | + // and copy back |
|
| 64 | 78 | } // note that this will work for Nb=4,5,6, but not 7,8 (always 4 for AES): |
| 65 | 79 | return $s; // see fp.gladman.plus.com/cryptography_technology/rijndael/aes.spec.311.pdf |
| 66 | 80 | } |
@@ -105,28 +119,38 @@ discard block |
||
| 105 | 119 | |
| 106 | 120 | for ($i=$Nk; $i<($Nb*($Nr+1)); $i++) { |
| 107 | 121 | $w[$i] = array(); |
| 108 | - for ($t=0; $t<4; $t++) $temp[$t] = $w[$i-1][$t]; |
|
| 122 | + for ($t=0; $t<4; $t++) { |
|
| 123 | + $temp[$t] = $w[$i-1][$t]; |
|
| 124 | + } |
|
| 109 | 125 | if ($i % $Nk == 0) { |
| 110 | 126 | $temp = self::subWord(self::rotWord($temp)); |
| 111 | - for ($t=0; $t<4; $t++) $temp[$t] ^= self::$rCon[$i/$Nk][$t]; |
|
| 127 | + for ($t=0; $t<4; $t++) { |
|
| 128 | + $temp[$t] ^= self::$rCon[$i/$Nk][$t]; |
|
| 129 | + } |
|
| 112 | 130 | } elseif ($Nk > 6 && $i%$Nk == 4) { |
| 113 | 131 | $temp = self::subWord($temp); |
| 114 | 132 | } |
| 115 | - for ($t=0; $t<4; $t++) $w[$i][$t] = $w[$i-$Nk][$t] ^ $temp[$t]; |
|
| 133 | + for ($t=0; $t<4; $t++) { |
|
| 134 | + $w[$i][$t] = $w[$i-$Nk][$t] ^ $temp[$t]; |
|
| 135 | + } |
|
| 116 | 136 | } |
| 117 | 137 | |
| 118 | 138 | return $w; |
| 119 | 139 | } |
| 120 | 140 | |
| 121 | 141 | private static function subWord($w) { // apply SBox to 4-byte word w |
| 122 | - for ($i=0; $i<4; $i++) $w[$i] = self::$sBox[$w[$i]]; |
|
| 142 | + for ($i=0; $i<4; $i++) { |
|
| 143 | + $w[$i] = self::$sBox[$w[$i]]; |
|
| 144 | + } |
|
| 123 | 145 | |
| 124 | 146 | return $w; |
| 125 | 147 | } |
| 126 | 148 | |
| 127 | 149 | private static function rotWord($w) { // rotate 4-byte word w left by one byte |
| 128 | 150 | $tmp = $w[0]; |
| 129 | - for ($i=0; $i<3; $i++) $w[$i] = $w[$i+1]; |
|
| 151 | + for ($i=0; $i<3; $i++) { |
|
| 152 | + $w[$i] = $w[$i+1]; |
|
| 153 | + } |
|
| 130 | 154 | $w[3] = $tmp; |
| 131 | 155 | |
| 132 | 156 | return $w; |
@@ -21,14 +21,19 @@ discard block |
||
| 21 | 21 | public static function encrypt($plaintext, $password, $nBits) |
| 22 | 22 | { |
| 23 | 23 | $blockSize = 16; // block size fixed at 16 bytes / 128 bits (Nb=4) for AES |
| 24 | - if (!($nBits==128 || $nBits==192 || $nBits==256)) return ''; // standard allows 128/192/256 bit keys |
|
| 24 | + if (!($nBits==128 || $nBits==192 || $nBits==256)) { |
|
| 25 | + return ''; |
|
| 26 | + } |
|
| 27 | + // standard allows 128/192/256 bit keys |
|
| 25 | 28 | // note PHP (5) gives us plaintext and password in UTF8 encoding! |
| 26 | 29 | |
| 27 | 30 | // use AES itself to encrypt password to get cipher key (using plain password as source for |
| 28 | 31 | // key expansion) - gives us well encrypted key |
| 29 | 32 | $nBytes = $nBits/8; // no bytes in key |
| 30 | 33 | $pwBytes = array(); |
| 31 | - for ($i=0; $i<$nBytes; $i++) $pwBytes[$i] = ord(substr($password,$i,1)) & 0xff; |
|
| 34 | + for ($i=0; $i<$nBytes; $i++) { |
|
| 35 | + $pwBytes[$i] = ord(substr($password,$i,1)) & 0xff; |
|
| 36 | + } |
|
| 32 | 37 | $key = Aes::cipher($pwBytes, Aes::keyExpansion($pwBytes)); |
| 33 | 38 | $key = array_merge($key, array_slice($key, 0, $nBytes-16)); // expand key to 16/24/32 bytes long |
| 34 | 39 | |
@@ -39,11 +44,17 @@ discard block |
||
| 39 | 44 | $nonceSec = floor($nonce/1000); |
| 40 | 45 | $nonceMs = $nonce%1000; |
| 41 | 46 | // encode nonce with seconds in 1st 4 bytes, and (repeated) ms part filling 2nd 4 bytes |
| 42 | - for ($i=0; $i<4; $i++) $counterBlock[$i] = self::urs($nonceSec, $i*8) & 0xff; |
|
| 43 | - for ($i=0; $i<4; $i++) $counterBlock[$i+4] = $nonceMs & 0xff; |
|
| 47 | + for ($i=0; $i<4; $i++) { |
|
| 48 | + $counterBlock[$i] = self::urs($nonceSec, $i*8) & 0xff; |
|
| 49 | + } |
|
| 50 | + for ($i=0; $i<4; $i++) { |
|
| 51 | + $counterBlock[$i+4] = $nonceMs & 0xff; |
|
| 52 | + } |
|
| 44 | 53 | // and convert it to a string to go on the front of the ciphertext |
| 45 | 54 | $ctrTxt = ''; |
| 46 | - for ($i=0; $i<8; $i++) $ctrTxt .= chr($counterBlock[$i]); |
|
| 55 | + for ($i=0; $i<8; $i++) { |
|
| 56 | + $ctrTxt .= chr($counterBlock[$i]); |
|
| 57 | + } |
|
| 47 | 58 | |
| 48 | 59 | // generate key schedule - an expansion of the key into distinct Key Rounds for each round |
| 49 | 60 | $keySchedule = Aes::keyExpansion($key); |
@@ -55,8 +66,12 @@ discard block |
||
| 55 | 66 | for ($b=0; $b<$blockCount; $b++) { |
| 56 | 67 | // set counter (block #) in last 8 bytes of counter block (leaving nonce in 1st 8 bytes) |
| 57 | 68 | // done in two stages for 32-bit ops: using two words allows us to go past 2^32 blocks (68GB) |
| 58 | - for ($c=0; $c<4; $c++) $counterBlock[15-$c] = self::urs($b, $c*8) & 0xff; |
|
| 59 | - for ($c=0; $c<4; $c++) $counterBlock[15-$c-4] = self::urs($b/0x100000000, $c*8); |
|
| 69 | + for ($c=0; $c<4; $c++) { |
|
| 70 | + $counterBlock[15-$c] = self::urs($b, $c*8) & 0xff; |
|
| 71 | + } |
|
| 72 | + for ($c=0; $c<4; $c++) { |
|
| 73 | + $counterBlock[15-$c-4] = self::urs($b/0x100000000, $c*8); |
|
| 74 | + } |
|
| 60 | 75 | |
| 61 | 76 | $cipherCntr = Aes::cipher($counterBlock, $keySchedule); // -- encrypt counter block -- |
| 62 | 77 | |
@@ -89,20 +104,27 @@ discard block |
||
| 89 | 104 | public static function decrypt($ciphertext, $password, $nBits) |
| 90 | 105 | { |
| 91 | 106 | $blockSize = 16; // block size fixed at 16 bytes / 128 bits (Nb=4) for AES |
| 92 | - if (!($nBits==128 || $nBits==192 || $nBits==256)) return ''; // standard allows 128/192/256 bit keys |
|
| 107 | + if (!($nBits==128 || $nBits==192 || $nBits==256)) { |
|
| 108 | + return ''; |
|
| 109 | + } |
|
| 110 | + // standard allows 128/192/256 bit keys |
|
| 93 | 111 | $ciphertext = base64_decode($ciphertext); |
| 94 | 112 | |
| 95 | 113 | // use AES to encrypt password (mirroring encrypt routine) |
| 96 | 114 | $nBytes = $nBits/8; // no bytes in key |
| 97 | 115 | $pwBytes = array(); |
| 98 | - for ($i=0; $i<$nBytes; $i++) $pwBytes[$i] = ord(substr($password,$i,1)) & 0xff; |
|
| 116 | + for ($i=0; $i<$nBytes; $i++) { |
|
| 117 | + $pwBytes[$i] = ord(substr($password,$i,1)) & 0xff; |
|
| 118 | + } |
|
| 99 | 119 | $key = Aes::cipher($pwBytes, Aes::keyExpansion($pwBytes)); |
| 100 | 120 | $key = array_merge($key, array_slice($key, 0, $nBytes-16)); // expand key to 16/24/32 bytes long |
| 101 | 121 | |
| 102 | 122 | // recover nonce from 1st element of ciphertext |
| 103 | 123 | $counterBlock = array(); |
| 104 | 124 | $ctrTxt = substr($ciphertext, 0, 8); |
| 105 | - for ($i=0; $i<8; $i++) $counterBlock[$i] = ord(substr($ctrTxt,$i,1)); |
|
| 125 | + for ($i=0; $i<8; $i++) { |
|
| 126 | + $counterBlock[$i] = ord(substr($ctrTxt,$i,1)); |
|
| 127 | + } |
|
| 106 | 128 | |
| 107 | 129 | // generate key schedule |
| 108 | 130 | $keySchedule = Aes::keyExpansion($key); |
@@ -110,7 +132,9 @@ discard block |
||
| 110 | 132 | // separate ciphertext into blocks (skipping past initial 8 bytes) |
| 111 | 133 | $nBlocks = ceil((strlen($ciphertext)-8) / $blockSize); |
| 112 | 134 | $ct = array(); |
| 113 | - for ($b=0; $b<$nBlocks; $b++) $ct[$b] = substr($ciphertext, 8+$b*$blockSize, 16); |
|
| 135 | + for ($b=0; $b<$nBlocks; $b++) { |
|
| 136 | + $ct[$b] = substr($ciphertext, 8+$b*$blockSize, 16); |
|
| 137 | + } |
|
| 114 | 138 | $ciphertext = $ct; // ciphertext is now array of block-length strings |
| 115 | 139 | |
| 116 | 140 | // plaintext will get generated block-by-block into array of block-length strings |
@@ -118,8 +142,12 @@ discard block |
||
| 118 | 142 | |
| 119 | 143 | for ($b=0; $b<$nBlocks; $b++) { |
| 120 | 144 | // set counter (block #) in last 8 bytes of counter block (leaving nonce in 1st 8 bytes) |
| 121 | - for ($c=0; $c<4; $c++) $counterBlock[15-$c] = self::urs($b, $c*8) & 0xff; |
|
| 122 | - for ($c=0; $c<4; $c++) $counterBlock[15-$c-4] = self::urs(($b+1)/0x100000000-1, $c*8) & 0xff; |
|
| 145 | + for ($c=0; $c<4; $c++) { |
|
| 146 | + $counterBlock[15-$c] = self::urs($b, $c*8) & 0xff; |
|
| 147 | + } |
|
| 148 | + for ($c=0; $c<4; $c++) { |
|
| 149 | + $counterBlock[15-$c-4] = self::urs(($b+1)/0x100000000-1, $c*8) & 0xff; |
|
| 150 | + } |
|
| 123 | 151 | |
| 124 | 152 | $cipherCntr = Aes::cipher($counterBlock, $keySchedule); // encrypt counter block |
| 125 | 153 | |
