diff --git a/composer.json b/composer.json index df63226bec..eb739a8cdc 100644 --- a/composer.json +++ b/composer.json @@ -16,7 +16,7 @@ "ezyang/htmlpurifier": "~4.7.0", "mobiledetect/mobiledetectlib": "2.8.*", "league/html-to-markdown": "~4.4.1", - "defuse/php-encryption": "2.*", + "defuse/php-encryption": "1.*", "pear/Text_LanguageDetect": "1.*", "pear-pear.php.net/Text_Highlighter": "*" }, diff --git a/composer.lock b/composer.lock index 6f2bc8f118..1d59865b9a 100644 --- a/composer.lock +++ b/composer.lock @@ -4,39 +4,32 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], - "content-hash": "ce088458d9f01920ccee128082ef924a", + "content-hash": "a6a3dae4b15752d8f377b1fc1e5a2b47", "packages": [ { "name": "defuse/php-encryption", - "version": "v2.1.0", + "version": "v1.2.1", "source": { "type": "git", "url": "https://github.com/defuse/php-encryption.git", - "reference": "5176f5abb38d3ea8a6e3ac6cd3bbb54d8185a689" + "reference": "b87737b2eec06b13f025cabea847338fa203d1b4" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/defuse/php-encryption/zipball/5176f5abb38d3ea8a6e3ac6cd3bbb54d8185a689", - "reference": "5176f5abb38d3ea8a6e3ac6cd3bbb54d8185a689", + "url": "https://api.github.com/repos/defuse/php-encryption/zipball/b87737b2eec06b13f025cabea847338fa203d1b4", + "reference": "b87737b2eec06b13f025cabea847338fa203d1b4", "shasum": "" }, "require": { + "ext-mcrypt": "*", "ext-openssl": "*", - "paragonie/random_compat": "~2.0", "php": ">=5.4.0" }, - "require-dev": { - "nikic/php-parser": "^2.0|^3.0", - "phpunit/phpunit": "^4|^5" - }, - "bin": [ - "bin/generate-defuse-key" - ], "type": "library", "autoload": { - "psr-4": { - "Defuse\\Crypto\\": "src" - } + "files": [ + "Crypto.php" + ] }, "notification-url": "https://packagist.org/downloads/", "license": [ @@ -45,29 +38,18 @@ "authors": [ { "name": "Taylor Hornby", - "email": "taylor@defuse.ca", - "homepage": "https://defuse.ca/" - }, - { - "name": "Scott Arciszewski", - "email": "info@paragonie.com", - "homepage": "https://paragonie.com" + "email": "havoc@defuse.ca" } ], "description": "Secure PHP Encryption Library", "keywords": [ "aes", - "authenticated encryption", "cipher", - "crypto", - "cryptography", - "encrypt", "encryption", - "openssl", - "security", - "symmetric key cryptography" + "mcrypt", + "security" ], - "time": "2017-05-18T21:28:48+00:00" + "time": "2015-03-14T20:27:45+00:00" }, { "name": "ezyang/htmlpurifier", @@ -229,54 +211,6 @@ ], "time": "2017-08-29T18:23:54+00:00" }, - { - "name": "paragonie/random_compat", - "version": "v2.0.11", - "source": { - "type": "git", - "url": "https://github.com/paragonie/random_compat.git", - "reference": "5da4d3c796c275c55f057af5a643ae297d96b4d8" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/paragonie/random_compat/zipball/5da4d3c796c275c55f057af5a643ae297d96b4d8", - "reference": "5da4d3c796c275c55f057af5a643ae297d96b4d8", - "shasum": "" - }, - "require": { - "php": ">=5.2.0" - }, - "require-dev": { - "phpunit/phpunit": "4.*|5.*" - }, - "suggest": { - "ext-libsodium": "Provides a modern crypto API that can be used to generate random bytes." - }, - "type": "library", - "autoload": { - "files": [ - "lib/random.php" - ] - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Paragon Initiative Enterprises", - "email": "security@paragonie.com", - "homepage": "https://paragonie.com" - } - ], - "description": "PHP 5.x polyfill for random_bytes() and random_int() from PHP 7", - "keywords": [ - "csprng", - "pseudorandom", - "random" - ], - "time": "2017-09-27T21:40:39+00:00" - }, { "name": "pear-pear.php.net/Archive_Tar", "version": "1.4.3", diff --git a/vendor/bin/generate-defuse-key b/vendor/bin/generate-defuse-key deleted file mode 100644 index 68ef2cac32..0000000000 --- a/vendor/bin/generate-defuse-key +++ /dev/null @@ -1,17 +0,0 @@ -#!/usr/bin/env sh - -dir=$(d=${0%[/\\]*}; cd "$d"; cd "../defuse/php-encryption/bin" && pwd) - -# See if we are running in Cygwin by checking for cygpath program -if command -v 'cygpath' >/dev/null 2>&1; then - # Cygwin paths start with /cygdrive/ which will break windows PHP, - # so we need to translate the dir path to windows format. However - # we could be using cygwin PHP which does not require this, so we - # test if the path to PHP starts with /cygdrive/ rather than /usr/bin - if [[ $(which php) == /cygdrive/* ]]; then - dir=$(cygpath -m "$dir"); - fi -fi - -dir=$(echo $dir | sed 's/ /\ /g') -"${dir}/generate-defuse-key" "$@" diff --git a/vendor/bin/generate-defuse-key.bat b/vendor/bin/generate-defuse-key.bat deleted file mode 100644 index 50b5ac6774..0000000000 --- a/vendor/bin/generate-defuse-key.bat +++ /dev/null @@ -1,4 +0,0 @@ -@ECHO OFF -setlocal DISABLEDELAYEDEXPANSION -SET BIN_TARGET=%~dp0/../defuse/php-encryption/bin/generate-defuse-key -php "%BIN_TARGET%" %* diff --git a/vendor/composer/autoload_classmap.php b/vendor/composer/autoload_classmap.php index b3bd253936..35482a8ff1 100644 --- a/vendor/composer/autoload_classmap.php +++ b/vendor/composer/autoload_classmap.php @@ -8,20 +8,6 @@ $baseDir = dirname($vendorDir); return array( 'Archive_Tar' => $vendorDir . '/pear-pear.php.net/Archive_Tar/Archive/Tar.php', 'Console_Getopt' => $vendorDir . '/pear-pear.php.net/Console_Getopt/Console/Getopt.php', - 'Defuse\\Crypto\\Core' => $vendorDir . '/defuse/php-encryption/src/Core.php', - 'Defuse\\Crypto\\Crypto' => $vendorDir . '/defuse/php-encryption/src/Crypto.php', - 'Defuse\\Crypto\\DerivedKeys' => $vendorDir . '/defuse/php-encryption/src/DerivedKeys.php', - 'Defuse\\Crypto\\Encoding' => $vendorDir . '/defuse/php-encryption/src/Encoding.php', - 'Defuse\\Crypto\\Exception\\BadFormatException' => $vendorDir . '/defuse/php-encryption/src/Exception/BadFormatException.php', - 'Defuse\\Crypto\\Exception\\CryptoException' => $vendorDir . '/defuse/php-encryption/src/Exception/CryptoException.php', - 'Defuse\\Crypto\\Exception\\EnvironmentIsBrokenException' => $vendorDir . '/defuse/php-encryption/src/Exception/EnvironmentIsBrokenException.php', - 'Defuse\\Crypto\\Exception\\IOException' => $vendorDir . '/defuse/php-encryption/src/Exception/IOException.php', - 'Defuse\\Crypto\\Exception\\WrongKeyOrModifiedCiphertextException' => $vendorDir . '/defuse/php-encryption/src/Exception/WrongKeyOrModifiedCiphertextException.php', - 'Defuse\\Crypto\\File' => $vendorDir . '/defuse/php-encryption/src/File.php', - 'Defuse\\Crypto\\Key' => $vendorDir . '/defuse/php-encryption/src/Key.php', - 'Defuse\\Crypto\\KeyOrPassword' => $vendorDir . '/defuse/php-encryption/src/KeyOrPassword.php', - 'Defuse\\Crypto\\KeyProtectedByPassword' => $vendorDir . '/defuse/php-encryption/src/KeyProtectedByPassword.php', - 'Defuse\\Crypto\\RuntimeTests' => $vendorDir . '/defuse/php-encryption/src/RuntimeTests.php', 'Detection\\MobileDetect' => $vendorDir . '/mobiledetect/mobiledetectlib/namespaced/Detection/MobileDetect.php', 'Friendica\\App' => $baseDir . '/src/App.php', 'Friendica\\Core\\Config' => $baseDir . '/src/Core/Config.php', diff --git a/vendor/composer/autoload_files.php b/vendor/composer/autoload_files.php index f3c197e2be..94f91a1b54 100644 --- a/vendor/composer/autoload_files.php +++ b/vendor/composer/autoload_files.php @@ -6,6 +6,6 @@ $vendorDir = dirname(dirname(__FILE__)); $baseDir = dirname($vendorDir); return array( - '5255c38a0faeba867671b61dfda6d864' => $vendorDir . '/paragonie/random_compat/lib/random.php', '2cffec82183ee1cea088009cef9a6fc3' => $vendorDir . '/ezyang/htmlpurifier/library/HTMLPurifier.composer.php', + '8170285c807a9f24f165f37b15bc9a36' => $vendorDir . '/defuse/php-encryption/Crypto.php', ); diff --git a/vendor/composer/autoload_psr4.php b/vendor/composer/autoload_psr4.php index 9c9cf98802..61a440ffdb 100644 --- a/vendor/composer/autoload_psr4.php +++ b/vendor/composer/autoload_psr4.php @@ -8,5 +8,4 @@ $baseDir = dirname($vendorDir); return array( 'League\\HTMLToMarkdown\\' => array($vendorDir . '/league/html-to-markdown/src'), 'Friendica\\' => array($baseDir . '/src'), - 'Defuse\\Crypto\\' => array($vendorDir . '/defuse/php-encryption/src'), ); diff --git a/vendor/composer/autoload_static.php b/vendor/composer/autoload_static.php index f560931d59..9c40e66c6f 100644 --- a/vendor/composer/autoload_static.php +++ b/vendor/composer/autoload_static.php @@ -7,8 +7,8 @@ namespace Composer\Autoload; class ComposerStaticInitFriendica { public static $files = array ( - '5255c38a0faeba867671b61dfda6d864' => __DIR__ . '/..' . '/paragonie/random_compat/lib/random.php', '2cffec82183ee1cea088009cef9a6fc3' => __DIR__ . '/..' . '/ezyang/htmlpurifier/library/HTMLPurifier.composer.php', + '8170285c807a9f24f165f37b15bc9a36' => __DIR__ . '/..' . '/defuse/php-encryption/Crypto.php', ); public static $prefixLengthsPsr4 = array ( @@ -20,10 +20,6 @@ class ComposerStaticInitFriendica array ( 'Friendica\\' => 10, ), - 'D' => - array ( - 'Defuse\\Crypto\\' => 14, - ), ); public static $prefixDirsPsr4 = array ( @@ -35,10 +31,6 @@ class ComposerStaticInitFriendica array ( 0 => __DIR__ . '/../..' . '/src', ), - 'Defuse\\Crypto\\' => - array ( - 0 => __DIR__ . '/..' . '/defuse/php-encryption/src', - ), ); public static $prefixesPsr0 = array ( @@ -68,20 +60,6 @@ class ComposerStaticInitFriendica public static $classMap = array ( 'Archive_Tar' => __DIR__ . '/..' . '/pear-pear.php.net/Archive_Tar/Archive/Tar.php', 'Console_Getopt' => __DIR__ . '/..' . '/pear-pear.php.net/Console_Getopt/Console/Getopt.php', - 'Defuse\\Crypto\\Core' => __DIR__ . '/..' . '/defuse/php-encryption/src/Core.php', - 'Defuse\\Crypto\\Crypto' => __DIR__ . '/..' . '/defuse/php-encryption/src/Crypto.php', - 'Defuse\\Crypto\\DerivedKeys' => __DIR__ . '/..' . '/defuse/php-encryption/src/DerivedKeys.php', - 'Defuse\\Crypto\\Encoding' => __DIR__ . '/..' . '/defuse/php-encryption/src/Encoding.php', - 'Defuse\\Crypto\\Exception\\BadFormatException' => __DIR__ . '/..' . '/defuse/php-encryption/src/Exception/BadFormatException.php', - 'Defuse\\Crypto\\Exception\\CryptoException' => __DIR__ . '/..' . '/defuse/php-encryption/src/Exception/CryptoException.php', - 'Defuse\\Crypto\\Exception\\EnvironmentIsBrokenException' => __DIR__ . '/..' . '/defuse/php-encryption/src/Exception/EnvironmentIsBrokenException.php', - 'Defuse\\Crypto\\Exception\\IOException' => __DIR__ . '/..' . '/defuse/php-encryption/src/Exception/IOException.php', - 'Defuse\\Crypto\\Exception\\WrongKeyOrModifiedCiphertextException' => __DIR__ . '/..' . '/defuse/php-encryption/src/Exception/WrongKeyOrModifiedCiphertextException.php', - 'Defuse\\Crypto\\File' => __DIR__ . '/..' . '/defuse/php-encryption/src/File.php', - 'Defuse\\Crypto\\Key' => __DIR__ . '/..' . '/defuse/php-encryption/src/Key.php', - 'Defuse\\Crypto\\KeyOrPassword' => __DIR__ . '/..' . '/defuse/php-encryption/src/KeyOrPassword.php', - 'Defuse\\Crypto\\KeyProtectedByPassword' => __DIR__ . '/..' . '/defuse/php-encryption/src/KeyProtectedByPassword.php', - 'Defuse\\Crypto\\RuntimeTests' => __DIR__ . '/..' . '/defuse/php-encryption/src/RuntimeTests.php', 'Detection\\MobileDetect' => __DIR__ . '/..' . '/mobiledetect/mobiledetectlib/namespaced/Detection/MobileDetect.php', 'Friendica\\App' => __DIR__ . '/../..' . '/src/App.php', 'Friendica\\Core\\Config' => __DIR__ . '/../..' . '/src/Core/Config.php', diff --git a/vendor/composer/installed.json b/vendor/composer/installed.json index 02d5f612c1..7685eabf0f 100644 --- a/vendor/composer/installed.json +++ b/vendor/composer/installed.json @@ -444,118 +444,50 @@ "homepage": "http://pear.php.net/package/Text_LanguageDetect" }, { - "name": "paragonie/random_compat", - "version": "v2.0.11", - "version_normalized": "2.0.11.0", + "name": "defuse/php-encryption", + "version": "v1.2.1", + "version_normalized": "1.2.1.0", "source": { "type": "git", - "url": "https://github.com/paragonie/random_compat.git", - "reference": "5da4d3c796c275c55f057af5a643ae297d96b4d8" + "url": "https://github.com/defuse/php-encryption.git", + "reference": "b87737b2eec06b13f025cabea847338fa203d1b4" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/paragonie/random_compat/zipball/5da4d3c796c275c55f057af5a643ae297d96b4d8", - "reference": "5da4d3c796c275c55f057af5a643ae297d96b4d8", + "url": "https://api.github.com/repos/defuse/php-encryption/zipball/b87737b2eec06b13f025cabea847338fa203d1b4", + "reference": "b87737b2eec06b13f025cabea847338fa203d1b4", "shasum": "" }, "require": { - "php": ">=5.2.0" + "ext-mcrypt": "*", + "ext-openssl": "*", + "php": ">=5.4.0" }, - "require-dev": { - "phpunit/phpunit": "4.*|5.*" - }, - "suggest": { - "ext-libsodium": "Provides a modern crypto API that can be used to generate random bytes." - }, - "time": "2017-09-27T21:40:39+00:00", + "time": "2015-03-14T20:27:45+00:00", "type": "library", "installation-source": "dist", "autoload": { "files": [ - "lib/random.php" + "Crypto.php" ] }, "notification-url": "https://packagist.org/downloads/", "license": [ "MIT" ], - "authors": [ - { - "name": "Paragon Initiative Enterprises", - "email": "security@paragonie.com", - "homepage": "https://paragonie.com" - } - ], - "description": "PHP 5.x polyfill for random_bytes() and random_int() from PHP 7", - "keywords": [ - "csprng", - "pseudorandom", - "random" - ] - }, - { - "name": "defuse/php-encryption", - "version": "v2.1.0", - "version_normalized": "2.1.0.0", - "source": { - "type": "git", - "url": "https://github.com/defuse/php-encryption.git", - "reference": "5176f5abb38d3ea8a6e3ac6cd3bbb54d8185a689" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/defuse/php-encryption/zipball/5176f5abb38d3ea8a6e3ac6cd3bbb54d8185a689", - "reference": "5176f5abb38d3ea8a6e3ac6cd3bbb54d8185a689", - "shasum": "" - }, - "require": { - "ext-openssl": "*", - "paragonie/random_compat": "~2.0", - "php": ">=5.4.0" - }, - "require-dev": { - "nikic/php-parser": "^2.0|^3.0", - "phpunit/phpunit": "^4|^5" - }, - "time": "2017-05-18T21:28:48+00:00", - "bin": [ - "bin/generate-defuse-key" - ], - "type": "library", - "installation-source": "dist", - "autoload": { - "psr-4": { - "Defuse\\Crypto\\": "src" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], "authors": [ { "name": "Taylor Hornby", - "email": "taylor@defuse.ca", - "homepage": "https://defuse.ca/" - }, - { - "name": "Scott Arciszewski", - "email": "info@paragonie.com", - "homepage": "https://paragonie.com" + "email": "havoc@defuse.ca" } ], "description": "Secure PHP Encryption Library", "keywords": [ "aes", - "authenticated encryption", "cipher", - "crypto", - "cryptography", - "encrypt", "encryption", - "openssl", - "security", - "symmetric key cryptography" + "mcrypt", + "security" ] } ] diff --git a/vendor/defuse/php-encryption/.gitignore b/vendor/defuse/php-encryption/.gitignore deleted file mode 100644 index 987c516453..0000000000 --- a/vendor/defuse/php-encryption/.gitignore +++ /dev/null @@ -1,11 +0,0 @@ -*~ -/test/unit/File/big-generated-file -/composer.lock -/vendor -defuse-crypto.phar -defuse-crypto.phar.sig -composer.phar -box.phar -phpunit.phar -phpunit.phar.asc -test/unit/File/tmp diff --git a/vendor/defuse/php-encryption/.php_cs b/vendor/defuse/php-encryption/.php_cs deleted file mode 100644 index e317732de4..0000000000 --- a/vendor/defuse/php-encryption/.php_cs +++ /dev/null @@ -1,60 +0,0 @@ -level(Symfony\CS\FixerInterface::PSR2_LEVEL) - ->fixers([ - 'blankline_after_open_tag', - 'empty_return', - 'extra_empty_lines', - 'function_typehint_space', - 'join_function', - 'method_argument_default_value', - 'multiline_array_trailing_comma', - 'no_blank_lines_after_class_opening', - 'no_empty_lines_after_phpdocs', - 'phpdoc_indent', - 'phpdoc_no_access', - 'phpdoc_no_empty_return', - 'phpdoc_no_package', - 'phpdoc_params', - 'phpdoc_scalar', - 'phpdoc_separation', - 'phpdoc_trim', - 'phpdoc_type_to_var', - 'phpdoc_types', - 'phpdoc_var_without_name', - 'remove_leading_slash_use', - 'remove_lines_between_uses', - 'short_bool_cast', - 'single_quote', - 'spaces_after_semicolon', - 'spaces_before_semicolon', - 'spaces_cast', - 'standardize_not_equal', - 'ternary_spaces', - 'trim_array_spaces', - 'unneeded_control_parentheses', - 'unused_use', - 'whitespacy_lines', - 'align_double_arrow', - 'concat_with_spaces', - 'logical_not_operators_with_successor_space', - 'multiline_spaces_before_semicolon', - 'newline_after_open_tag', - 'ordered_use', - 'php_unit_construct', - 'phpdoc_order', - 'short_array_syntax', - ]); - -if (null === $input->getArgument('path')) { - $config - ->finder( - Symfony\CS\Finder\DefaultFinder::create() - ->in('src') - ->in('test') - ->exclude('vendor') - ); -} - -return $config; diff --git a/vendor/defuse/php-encryption/.travis.yml b/vendor/defuse/php-encryption/.travis.yml new file mode 100644 index 0000000000..20ec31c201 --- /dev/null +++ b/vendor/defuse/php-encryption/.travis.yml @@ -0,0 +1,22 @@ +language: php +php: + - "5.6" + - "5.5" + - "5.4" + - "5.3" + - "5.2" +# Versions below here are not installed on travis-ci +# - "5.1" +# - "5.0" +# - "4.4" +# - "4.3" +# - "4.2" +# - "4.1" +# - "4.0" + +matrix: + allow_failures: + - php: "5.3" + - php: "5.2" + +script: ./test.sh diff --git a/vendor/defuse/php-encryption/Crypto.php b/vendor/defuse/php-encryption/Crypto.php new file mode 100644 index 0000000000..60b5a62cc1 --- /dev/null +++ b/vendor/defuse/php-encryption/Crypto.php @@ -0,0 +1,677 @@ + 255 * $digest_length) { + throw new CannotPerformOperationException(); + } + + // "if [salt] not provided, is set to a string of HashLen zeroes." + if (is_null($salt)) { + $salt = str_repeat("\x00", $digest_length); + } + + // HKDF-Extract: + // PRK = HMAC-Hash(salt, IKM) + // The salt is the HMAC key. + $prk = hash_hmac($hash, $ikm, $salt, true); + + // HKDF-Expand: + + // This check is useless, but it serves as a reminder to the spec. + if (self::our_strlen($prk) < $digest_length) { + throw new CannotPerformOperationException(); + } + + // T(0) = '' + $t = ''; + $last_block = ''; + for ($block_index = 1; self::our_strlen($t) < $length; $block_index++) { + // T(i) = HMAC-Hash(PRK, T(i-1) | info | 0x??) + $last_block = hash_hmac( + $hash, + $last_block . $info . chr($block_index), + $prk, + true + ); + // T = T(1) | T(2) | T(3) | ... | T(N) + $t .= $last_block; + } + + // ORM = first L octets of T + $orm = self::our_substr($t, 0, $length); + if ($orm === FALSE) { + throw new CannotPerformOperationException(); + } + return $orm; + } + + private static function VerifyHMAC($correct_hmac, $message, $key) + { + $message_hmac = hash_hmac(self::HASH_FUNCTION, $message, $key, true); + + // We can't just compare the strings with '==', since it would make + // timing attacks possible. We could use the XOR-OR constant-time + // comparison algorithm, but I'm not sure if that's good enough way up + // here in an interpreted language. So we use the method of HMACing the + // strings we want to compare with a random key, then comparing those. + + // NOTE: This leaks information when the strings are not the same + // length, but they should always be the same length here. Enforce it: + if (self::our_strlen($correct_hmac) !== self::our_strlen($message_hmac)) { + throw new CannotPerformOperationException(); + } + + $blind = self::CreateNewRandomKey(); + $message_compare = hash_hmac(self::HASH_FUNCTION, $message_hmac, $blind); + $correct_compare = hash_hmac(self::HASH_FUNCTION, $correct_hmac, $blind); + return $correct_compare === $message_compare; + } + + private static function TestEncryptDecrypt() + { + $key = self::CreateNewRandomKey(); + $data = "EnCrYpT EvErYThInG\x00\x00"; + + // Make sure encrypting then decrypting doesn't change the message. + $ciphertext = self::Encrypt($data, $key); + try { + $decrypted = self::Decrypt($ciphertext, $key); + } catch (InvalidCiphertextException $ex) { + // It's important to catch this and change it into a + // CryptoTestFailedException, otherwise a test failure could trick + // the user into thinking it's just an invalid ciphertext! + throw new CryptoTestFailedException(); + } + if($decrypted !== $data) + { + throw new CryptoTestFailedException(); + } + + // Modifying the ciphertext: Appending a string. + try { + self::Decrypt($ciphertext . "a", $key); + throw new CryptoTestFailedException(); + } catch (InvalidCiphertextException $e) { /* expected */ } + + // Modifying the ciphertext: Changing an IV byte. + try { + $ciphertext[0] = chr((ord($ciphertext[0]) + 1) % 256); + self::Decrypt($ciphertext, $key); + throw new CryptoTestFailedException(); + } catch (InvalidCiphertextException $e) { /* expected */ } + + // Decrypting with the wrong key. + $key = self::CreateNewRandomKey(); + $data = "abcdef"; + $ciphertext = self::Encrypt($data, $key); + $wrong_key = self::CreateNewRandomKey(); + try { + self::Decrypt($ciphertext, $wrong_key); + throw new CryptoTestFailedException(); + } catch (InvalidCiphertextException $e) { /* expected */ } + + // Ciphertext too small (shorter than HMAC). + $key = self::CreateNewRandomKey(); + $ciphertext = str_repeat("A", self::MAC_BYTE_SIZE - 1); + try { + self::Decrypt($ciphertext, $key); + throw new CryptoTestFailedException(); + } catch (InvalidCiphertextException $e) { /* expected */ } + } + + private static function HKDFTestVector() + { + // HKDF test vectors from RFC 5869 + + // Test Case 1 + $ikm = str_repeat("\x0b", 22); + $salt = self::hexToBytes("000102030405060708090a0b0c"); + $info = self::hexToBytes("f0f1f2f3f4f5f6f7f8f9"); + $length = 42; + $okm = self::hexToBytes( + "3cb25f25faacd57a90434f64d0362f2a" . + "2d2d0a90cf1a5a4c5db02d56ecc4c5bf" . + "34007208d5b887185865" + ); + $computed_okm = self::HKDF("sha256", $ikm, $length, $info, $salt); + if ($computed_okm !== $okm) { + throw new CryptoTestFailedException(); + } + + // Test Case 7 + $ikm = str_repeat("\x0c", 22); + $length = 42; + $okm = self::hexToBytes( + "2c91117204d745f3500d636a62f64f0a" . + "b3bae548aa53d423b0d1f27ebba6f5e5" . + "673a081d70cce7acfc48" + ); + $computed_okm = self::HKDF("sha1", $ikm, $length); + if ($computed_okm !== $okm) { + throw new CryptoTestFailedException(); + } + + } + + private static function HMACTestVector() + { + // HMAC test vector From RFC 4231 (Test Case 1) + $key = str_repeat("\x0b", 20); + $data = "Hi There"; + $correct = "b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7"; + if (hash_hmac(self::HASH_FUNCTION, $data, $key) != $correct) { + throw new CryptoTestFailedException(); + } + } + + private static function AESTestVector() + { + // AES CBC mode test vector from NIST SP 800-38A + $key = self::hexToBytes("2b7e151628aed2a6abf7158809cf4f3c"); + $iv = self::hexToBytes("000102030405060708090a0b0c0d0e0f"); + $plaintext = self::hexToBytes( + "6bc1bee22e409f96e93d7e117393172a" . + "ae2d8a571e03ac9c9eb76fac45af8e51" . + "30c81c46a35ce411e5fbc1191a0a52ef" . + "f69f2445df4f9b17ad2b417be66c3710" + ); + $ciphertext = self::hexToBytes( + "7649abac8119b246cee98e9b12e9197d" . + "5086cb9b507219ee95db113a917678b2" . + "73bed6b8e3c1743b7116e69e22229516" . + "3ff1caa1681fac09120eca307586e1a7" . + /* Block due to padding. Not from NIST test vector. + Padding Block: 10101010101010101010101010101010 + Ciphertext: 3ff1caa1681fac09120eca307586e1a7 + (+) 2fe1dab1780fbc19021eda206596f1b7 + AES 8cb82807230e1321d3fae00d18cc2012 + + */ + "8cb82807230e1321d3fae00d18cc2012" + ); + + $computed_ciphertext = self::PlainEncrypt($plaintext, $key, $iv); + if ($computed_ciphertext !== $ciphertext) { + throw new CryptoTestFailedException(); + } + + $computed_plaintext = self::PlainDecrypt($ciphertext, $key, $iv); + if ($computed_plaintext !== $plaintext) { + throw new CryptoTestFailedException(); + } + } + + /* WARNING: Do not call this function on secrets. It creates side channels. */ + private static function hexToBytes($hex_string) + { + return pack("H*", $hex_string); + } + + private static function EnsureConstantExists($name) + { + if (!defined($name)) { + throw new CannotPerformOperationException(); + } + } + + private static function EnsureFunctionExists($name) + { + if (!function_exists($name)) { + throw new CannotPerformOperationException(); + } + } + + /* + * We need these strlen() and substr() functions because when + * 'mbstring.func_overload' is set in php.ini, the standard strlen() and + * substr() are replaced by mb_strlen() and mb_substr(). + */ + + private static function our_strlen($str) + { + if (function_exists('mb_strlen')) { + $length = mb_strlen($str, '8bit'); + if ($length === FALSE) { + throw new CannotPerformOperationException(); + } + return $length; + } else { + return strlen($str); + } + } + + private static function our_substr($str, $start, $length = NULL) + { + if (function_exists('mb_substr')) + { + // mb_substr($str, 0, NULL, '8bit') returns an empty string on PHP + // 5.3, so we have to find the length ourselves. + if (!isset($length)) { + if ($start >= 0) { + $length = self::our_strlen($str) - $start; + } else { + $length = -$start; + } + } + + return mb_substr($str, $start, $length, '8bit'); + } + + // Unlike mb_substr(), substr() doesn't accept NULL for length + if (isset($length)) { + return substr($str, $start, $length); + } else { + return substr($str, $start); + } + } + +} + +/* + * We want to catch all uncaught exceptions that come from the Crypto class, + * since by default, PHP will leak the key in the stack trace from an uncaught + * exception. This is a really ugly hack, but I think it's justified. + * + * Everything up to handler() getting called should be reliable, so this should + * reliably suppress the stack traces. The rest is just a bonus so that we don't + * make it impossible to debug other exceptions. + * + * This bit of code was adapted from: http://stackoverflow.com/a/7939492 + */ + +class CryptoExceptionHandler +{ + private $rethrow = NULL; + + public function __construct() + { + set_exception_handler(array($this, "handler")); + } + + public function handler($ex) + { + if ( + $ex instanceof InvalidCiphertextException || + $ex instanceof CannotPerformOperationException || + $ex instanceof CryptoTestFailedException + ) { + echo "FATAL ERROR: Uncaught crypto exception. Suppresssing output.\n"; + } else { + /* Re-throw the exception in the destructor. */ + $this->rethrow = $ex; + } + } + + public function __destruct() { + if ($this->rethrow) { + throw $this->rethrow; + } + } +} + +$crypto_exception_handler_object_dont_touch_me = new CryptoExceptionHandler(); + diff --git a/vendor/defuse/php-encryption/LICENSE b/vendor/defuse/php-encryption/LICENSE deleted file mode 100644 index f3e7c8e606..0000000000 --- a/vendor/defuse/php-encryption/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2016 Taylor Hornby and Paragon Initiative -Enterprises . - -Permission is hereby granted, free of charge, to any person obtaining a copy of -this software and associated documentation files (the "Software"), to deal in -the Software without restriction, including without limitation the rights to -use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of -the Software, and to permit persons to whom the Software is furnished to do so, -subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS -FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR -COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER -IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/vendor/defuse/php-encryption/README.md b/vendor/defuse/php-encryption/README.md index a8f29258d3..292ecf957e 100644 --- a/vendor/defuse/php-encryption/README.md +++ b/vendor/defuse/php-encryption/README.md @@ -1,88 +1,79 @@ php-encryption =============== +This is a class for doing symmetric encryption in PHP. **Requires PHP 5.4 or newer.** + [![Build Status](https://travis-ci.org/defuse/php-encryption.svg?branch=master)](https://travis-ci.org/defuse/php-encryption) -This is a library for encrypting data with a key or password in PHP. **It -requires PHP 5.4 or newer.** The current version is v2.0.0, which is expected to -remain stable and supported by its authors with security and bugfixes until at -least January 1st, 2019. +Implementation +-------------- -The library is a joint effort between [Taylor Hornby](https://defuse.ca/) and -[Scott Arciszewski](https://paragonie.com/blog/author/scott-arcizewski) as well -as numerous open-source contributors. +Messages are encrypted with AES-128 in CBC mode and are authenticated with +HMAC-SHA256 (Encrypt-then-Mac). PKCS7 padding is used to pad the message to +a multiple of the block size. HKDF is used to split the user-provided key into +two keys: one for encryption, and the other for authentication. It is +implemented using the `openssl_` and `hash_hmac` functions. -What separates this library from other PHP encryption libraries is, firstly, -that it is secure. The authors used to encounter insecure PHP encryption code on -a daily basis, so they created this library to bring more security to the -ecosystem. Secondly, this library is "difficult to misuse." Like -[libsodium](https://github.com/jedisct1/libsodium), its API is designed to be -easy to use in a secure way and hard to use in an insecure way. +Warning +-------- -Dependencies ------------- +This is new code, and it hasn't received much review by experts. I have spent +many hours making it as secure as possible (extensive runtime tests, secure +coding practices), and auditing it for problems, but I may have missed some +issues. So be careful. Don't trust it with your life. Check out the open GitHub +issues for a list of known issues. If you find a problem with this library, +please report it by opening a GitHub issue. -This library requres no special dependencies except for PHP 5.4 or newer with -the OpenSSL extensions enabled (this is the default). It uses -[random\_compat](https://github.com/paragonie/random_compat), which is bundled -in with this library so that your users will not need to follow any special -installation steps. +That said, you're probably much better off using this library than any other +encryption library written in PHP. -Getting Started ----------------- +Philosophy +----------- -Start with the [**Tutorial**](docs/Tutorial.md). You can find instructions for -obtaining this library's code securely in the [Installing and -Verifying](docs/InstallingAndVerifying.md) documentation. +This library was created after noticing how much insecure PHP encryption code +there is. I once did a Google search for "php encryption" and found insecure +code or advice on 9 of the top 10 results. -After you've read the tutorial and got the code, refer to the formal -documentation for each of the classes this library provides: +Encryption is becoming an essential component of modern websites. This library +aims to fulfil a subset of that need: Authenticated symmetric encryption of +short strings, given a random key. -- [Crypto](docs/classes/Crypto.md) -- [File](docs/classes/File.md) -- [Key](docs/classes/Key.md) -- [KeyProtectedByPassword](docs/classes/KeyProtectedByPassword.md) +This library is developed around several core values: -If you encounter difficulties, see the [FAQ](docs/FAQ.md) answers. The fixes to -the most commonly-reported problems are explained there. +- Rule #1: Security is prioritized over everything else. -If you're a cryptographer and want to understand the nitty-gritty details of how -this library works, look at the [Cryptography Details](docs/CryptoDetails.md) -documentation. + > Whenever there is a conflict between security and some other property, + > security will be favored. For example, the library has runtime tests, + > which make it slower, but will hopefully stop it from encrypting stuff + > if the platform it's running on is broken. -If you're interested in contributing to this library, see the [Internal -Developer Documentation](docs/InternalDeveloperDocs.md). +- Rule #2: It should be difficult to misuse the library. -Examples ---------- + > We assume the developers using this library have no experience with + > cryptography. We only assume that they know that the "key" is something + > you need to encrypt and decrypt the messages, and that it must be + > protected. Whenever possible, the library should refuse to encrypt or + > decrypt messages when it is not being used correctly. -If the documentation is not enough for you to understand how to use this -library, then you can look at an example project that uses this library: +- Rule #3: The library aims only to be compatible with itself. -- [encutil](https://github.com/defuse/encutil) -- [fileencrypt](https://github.com/tsusanka/fileencrypt) + > Other PHP encryption libraries try to support every possible type of + > encryption, even the insecure ones (e.g. ECB mode). Because there are so + > many options, inexperienced developers must make decisions between + > things like "CBC" mode and "ECB" mode, knowing nothing about either one, + > which inevitably creates vulnerabilities. -Security Audit Status ---------------------- + > This library will only support one secure mode. A developer using this + > library will call "encrypt" and "decrypt" not caring about how they are + > implemented. -This code has not been subjected to a formal, paid, security audit. However, it -has received lots of review from members of the PHP security community, and the -authors are experienced with cryptography. In all likelihood, you are safer -using this library than almost any other encryption library for PHP. +- Rule #4: The library should consist of a single PHP file and nothing more. -If you use this library as a part of your business and would like to help fund -a formal audit, please [contact Taylor Hornby](https://defuse.ca/contact.htm). + > Some PHP encryption libraries, like libsodium-php [1], are not + > straightforward to install and cannot packaged with "just download and + > extract" applications. This library will always be just one PHP file + > that you can put in your source tree and require(). -Public Keys ------------- +References: -The GnuPG public key used to sign releases is available in -[dist/signingkey.asc](https://github.com/defuse/php-encryption/raw/master/dist/signingkey.asc). Its fingerprint is: - -``` -2FA6 1D8D 99B9 2658 6BAC 3D53 385E E055 A129 1538 -``` - -You can verify it against the Taylor Hornby's [contact -page](https://defuse.ca/contact.htm) and -[twitter](https://twitter.com/DefuseSec/status/723741424253059074). + [1] https://github.com/jedisct1/libsodium-php diff --git a/vendor/defuse/php-encryption/benchmark.php b/vendor/defuse/php-encryption/benchmark.php new file mode 100644 index 0000000000..3da61a6285 --- /dev/null +++ b/vendor/defuse/php-encryption/benchmark.php @@ -0,0 +1,42 @@ + diff --git a/vendor/defuse/php-encryption/bin/generate-defuse-key b/vendor/defuse/php-encryption/bin/generate-defuse-key deleted file mode 100644 index 24e31b5e00..0000000000 --- a/vendor/defuse/php-encryption/bin/generate-defuse-key +++ /dev/null @@ -1,14 +0,0 @@ -#!/usr/bin/env php -saveToAsciiSafeString(), "\n"; diff --git a/vendor/defuse/php-encryption/composer.json b/vendor/defuse/php-encryption/composer.json index 866b4975e0..6856b9c72c 100644 --- a/vendor/defuse/php-encryption/composer.json +++ b/vendor/defuse/php-encryption/composer.json @@ -2,34 +2,19 @@ "name": "defuse/php-encryption", "description": "Secure PHP Encryption Library", "license": "MIT", - "keywords": ["security", "encryption", "AES", "openssl", "cipher", "cryptography", "symmetric key cryptography", "crypto", "encrypt", "authenticated encryption"], + "keywords": ["security", "encryption", "AES", "mcrypt", "cipher"], "authors": [ { "name": "Taylor Hornby", - "email": "taylor@defuse.ca", - "homepage": "https://defuse.ca/" - }, - { - "name": "Scott Arciszewski", - "email": "info@paragonie.com", - "homepage": "https://paragonie.com" + "email": "havoc@defuse.ca" } ], "autoload": { - "psr-4": { - "Defuse\\Crypto\\": "src" - } + "files": ["Crypto.php"] }, "require": { - "paragonie/random_compat": "~2.0", + "php": ">=5.4.0", "ext-openssl": "*", - "php": ">=5.4.0" - }, - "require-dev": { - "phpunit/phpunit": "^4|^5", - "nikic/php-parser": "^2.0|^3.0" - }, - "bin": [ - "bin/generate-defuse-key" - ] + "ext-mcrypt": "*" + } } diff --git a/vendor/defuse/php-encryption/dist/Makefile b/vendor/defuse/php-encryption/dist/Makefile deleted file mode 100644 index 4b65c9ec41..0000000000 --- a/vendor/defuse/php-encryption/dist/Makefile +++ /dev/null @@ -1,37 +0,0 @@ -# This builds defuse-crypto.phar. To run this Makefile, `box` and `composer` -# must be installed and in your $PATH. Run it from inside the dist/ directory. - -box := $(shell which box) -composer := "composer" - -.PHONY: all -all: build-phar - -.PHONY: sign-phar -sign-phar: - gpg -u 7B4B2D98 --armor --output defuse-crypto.phar.sig --detach-sig defuse-crypto.phar - -# ensure we run in clean tree. export git tree and run there. -.PHONY: build-phar -build-phar: - @echo "Creating .phar from revision $(shell git rev-parse HEAD)." - rm -rf worktree - install -d worktree - (cd $(CURDIR)/..; git archive HEAD) | tar -x -C worktree - $(MAKE) -f $(CURDIR)/Makefile -C worktree defuse-crypto.phar - mv worktree/*.phar . - rm -rf worktree - -.PHONY: clean -clean: - rm -vf defuse-crypto.phar defuse-crypto.phar.sig - -# Inside workdir/: - -defuse-crypto.phar: dist/box.json composer.lock - cp dist/box.json . - php -d phar.readonly=0 $(box) build -c box.json -v - -composer.lock: - $(composer) install --no-dev - diff --git a/vendor/defuse/php-encryption/dist/box.json b/vendor/defuse/php-encryption/dist/box.json deleted file mode 100644 index f225f781e1..0000000000 --- a/vendor/defuse/php-encryption/dist/box.json +++ /dev/null @@ -1,25 +0,0 @@ -{ - "chmod": "0755", - "finder": [ - { - "in": "src", - "name": "*.php" - }, - { - "in": "vendor/composer", - "name": "*.php" - }, - { - "in": "vendor/paragonie", - "name": "*.php", - "exclude": "other" - } - ], - "compactors": [ - "Herrera\\Box\\Compactor\\Php" - ], - "main": "vendor/autoload.php", - "output": "defuse-crypto.phar", - "shebang": false, - "stub": true -} diff --git a/vendor/defuse/php-encryption/dist/signingkey.asc b/vendor/defuse/php-encryption/dist/signingkey.asc deleted file mode 100644 index 63b6aa3dd4..0000000000 --- a/vendor/defuse/php-encryption/dist/signingkey.asc +++ /dev/null @@ -1,52 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- -Version: GnuPG v2 - -mQINBFarvO4BEACdQBaLt6SUBx1cB5liUu1qo+YwVLh9bxTregQtmEREMdTVqXYt -e5b79uL4pQp2GlKHcEyRURS+6rIIruM0oh9ZYGTJYPAkCDzJxaU2awZeFbfBvpCm -iF66/O4ZJI4mlT8dFKmxBJxDhfeOR2UmmhDiEsJK9FxBKUzvo/dWrX2pBzf8Y122 -iIaVraSo+tymaf7vriaIf/NnSKhDw8dtQYGM4NMrxxsPTfbCF8XiboDgTkoD2A+6 -NpOJYxA4Veedsf2TP9YLhljH4m5yYlfjjqBzbBCPWuE6Hhy5Xze9mncgDr7LKenm -Ctf2NxW6y4O3RCI+9eLlBfFWB+KuGV87/b5daetX7NNLbjID8z2rqEa+d6wu5xA5 -Ta2uiVkAOEovr3XnkayZ9zth+Za7w7Ai0ln0N/LVMkM+Gu4z/pJv6HjmTGDM2wJb -fs+UOM0TFdg+N81Do67XT2M4o0MeHyUqsIiWpYa2Qf1PNmqTQNJnRk8uZZ9I96Nh -eCgNuCbhsQiYBMicox+xmuWAlGAfA06y0kCtmqGhiBGArdJlWvUqPqGiZ4Hln9z0 -FJmXDOh0Q/FIPxcDg8mKRRbx+lOP389PLsPpj4b2B/4PEgfpCCOwuKpLotATZxC1 -9JwFk0Y/cvUUkq4a+nAJBNtBbtRJkEesuuUnRq6XexmnE3uUucDcV0XCSwARAQAB -tCBUYXlsb3IgSG9ybmJ5IDx0YXlsb3JAZGVmdXNlLmNhPokCPQQTAQgAJwUCVqu8 -7gIbAwUJB4TOAAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRA4XuBVoSkVOJbx -EACG0F9blPMAsK05EWyNnnS4mw25zPfbaqqEvYbquAeM0nBpRDm7sRn2MNR0AL4g -7XrtxE/4qYkdEl6f2wFCQeRhZgxE3w22llredzLme11Hic8hn4i7ysdIw0r9dMMR -kjgR5UcWpv8iU847czyK09PkKW2EaLRbX2qbA7rNU5qCFKeD4Sy4bBTteISeVsHo -Vr9o1/bRrMhgZ++ts8hYf0LmujIf5cxp+qcdKwCXSnS/gmmXaKRMCPv/Wdlq9bt6 -LX9jZB9lXBdGxcBJeFOsTG+QRDiVjg3d6i3o3TAKV87ALBI4v2ADEYtN8lviHo3/ -SovVKv6zrUsZHxhoGiLTiksNrYsKMmiMxdJCoOazmtUPnZ4UOtT8NdqMPoKvdoRz -f4rhZ+f5jSVD9OuX2PDmfyq21Rdiym7Vcgr+uTIFJ3ShRHjWb/ytCwoB2FeGY6+G -AKY58bTQvUIqEJvSov/+TAqZ4BfOuSdTLcHglV1OdUu2SFZvU2gmyVp0l5elGv5t -FyUlBJUkQT9MtvsdLOR7vQi8QapV+9LWpqwvaj9hyEJz848DQ2sdYTphUytFHv7H -k58DAtVhTrVjHyeefjiYtMl6vSAgTjy5LWAUpo5TfhdGrAi0Tdd/GD7amHoWoDy8 -EKXKq2xPLo3JOdkWYQUi5NErzEskfsSzpCOgyDJmGetWK7kCDQRWq7zuARAAu7/i -cm8cjgLhHEX/bgfwOT2hLOLSjjve0O8YFSuJO9XqIHXqmfVOrqWtfG0Mh4bwlfqc -MAvBfF5NSSPfAE4ftBAQ1e5jEv8hJeqICpq3IHTFX4etBs49NfNkyveQl/amVTu1 -+/O5J4CuIcsEf3y0Xuu38n7EB3SfMQCWLcOR1NyZoX3bI+CGRpOVVoFse3ljSWL4 -LhLVl0WiEMXULsussEoN+c6x9KCyAi/jFOrxrTrFC//sZesKj6KucoqKGfwMWrrv -IeRT9Ga8Wn5MJnQu0aWg+zVVYqTedXZLNLODgQIInFnXO0seBXy15yDok1y5bkx2 -sinKg4+mueYaGUpoUti0hM3J3yaC34i6Cwa8MQoLNw1JIS/oNtKjpMxyV10w8aoc -PHRK3n7UYp10mJHx7aM+lldSKvVS1NTQmI4vloNLwMp324H5ANDFAlRUz7mysVnu -DEEvigPSPxs5ZYENu/i7pCQC5qHfhrlBrQwTjhegr0pQPcumy2fO5SGC9l/5B7ev -bqQSZmDeWWoTvh2w2wl5/RWAsgZKx6rDtkCqYx7sSBY17uorrxP24LP4zhq7NxRV -nfdsLogbCFNVQ66u7qvq5zFccdFtg9h1HQWdS7wbnKSBGZoo5gl6js7GGtxfGbb0 -oQ9kp6eciF4U92r6POhVgbRe4CfPo50nqgZBddkAEQEAAYkCJQQYAQgADwUCVqu8 -7gIbDAUJB4TOAAAKCRA4XuBVoSkVOFJ8D/9J8IJ4XWUU3FYIaHJ3XeSoxDmTi7d5 -WmNdf1lmwz82MQjG4uw17oCbvQzmj4/a/CM1Ly4v0WwBhUf9aiNErD0ByHASFnuc -tlQBLVJdk0vRyD0fZakGg64qCA76hiySjMhlGHkQFyP2mDORc2GNu/OqFGm79pXT -ZUplXxd431E603/agM5xJrweutMMpP1nBFTSEMJvbMNzDVN8I1A1CH4zVmAVxOUk -sQ5L5rXW+KeXWyiMF24+l2CMnkQ2CxfHpkcpfPJs1Cbt+TIBSSofIqK8QJXrb/2f -Zpl/ftqW7Xe86rJFrB/Y/77LDWx10rqWEvfCqrBxrMj7ONAQfbKQF/IjAwDN17Wf -1K74rqKnRu+KHCyNM89s1iDbQC9kzZfzYt4AEOvAH/ZQDMZffzPSbnfkBerExFpa -93XMuiR66jiBsf9IXIQeydpJD4Ogl2sSUSxFEJxJ/bBSxPxC5w7/BVMA7Am1y8Zo -3hrpqnX2PBzxG7L0FZ6fYkfR3p8JS7vI6nByBf2IDv8W32wn43olPf+u6uobHLvt -ttapOjwPAhPDalRuxs9U6WSg06QJkT/0F8TFUPWpsFmKTl+G4Ty7PHWsjeeNHJCL -7/5RQboFY3k8Jy3/sIofABO6Un9LJivDuu9PxqA0IgvaS6Mja8JdCCk9Nyk4vHB7 -IEgAL/CYqrk38w== -=lmD7 ------END PGP PUBLIC KEY BLOCK----- diff --git a/vendor/defuse/php-encryption/docs/CryptoDetails.md b/vendor/defuse/php-encryption/docs/CryptoDetails.md deleted file mode 100644 index 43abd72ab5..0000000000 --- a/vendor/defuse/php-encryption/docs/CryptoDetails.md +++ /dev/null @@ -1,64 +0,0 @@ -Cryptography Details -===================== - -Here is a high-level description of how this library works. Any discrepancy -between this documentation and the actual implementation will be considered -a security bug. - -Let's start with the following definitions: - -- HKDF-SHA256(*k*, *n*, *info*, *s*) is the key derivation function specified in - RFC 5869 (using the SHA256 hash function). The parameters are: - - *k*: The initial keying material. - - *n*: The number of output bytes. - - *info*: The info string. - - *s*: The salt. -- AES-256-CTR(*m*, *k*, *iv*) is AES-256 encryption in CTR mode. The parameters - are: - - *m*: An arbitrary-length (possibly zero-length) message. - - *k*: A 32-byte key. - - *iv*: A 16-byte initialization vector (nonce). -- PBKDF2-SHA256(*p*, *s*, *i*, *n*) is the password-based key derivation - function defined in RFC 2898 (using the SHA256 hash function). The parameters - are: - - *p*: The password string. - - *s*: The salt string. - - *i*: The iteration count. - - *n*: The output length in bytes. -- VERSION is the string `"\xDE\xF5\x02\x00"`. -- AUTHINFO is the string `"DefusePHP|V2|KeyForAuthentication"`. -- ENCRINFO is the string `"DefusePHP|V2|KeyForEncryption"`. - -To encrypt a message *m* using a 32-byte key *k*, the following steps are taken: - -1. Generate a random 32-byte string *salt*. -2. Derive the 32-byte authentication key *akey* = HKDF-SHA256(*k*, 32, AUTHINFO, *salt*). -3. Derive the 32-byte encryption key *ekey* = HKDF-SHA256(*k*, 32, ENCRINFO, *salt*). -4. Generate a random 16-byte initialization vector *iv*. -5. Compute *c* = AES-256-CTR(*m*, *ekey*, *iv*). -6. Combine *ctxt* = VERSION || *salt* || *iv* || *c*. -7. Compute *h* = HMAC-SHA256(*ctxt*, *akey*). -8. Output *ctxt* || *h*. - -Decryption is roughly the reverse process (see the code for details, since the -security of the decryption routine is highly implementation-dependent). - -For encryption using a password *p*, steps 1-3 above are replaced by: - -1. Generate a random 32-byte string *salt*. -2. Compute *k* = PBKDF2-SHA256(SHA256(*p*), *salt*, 100000, 32). -3. Derive the 32-byte authentication key *akey* = HKDF-SHA256(*k*, 32, AUTHINFO, *salt*) -4. Derive the 32-byte encryption key *ekey* = HKDF-SHA256(*k*, 32, ENCRINFO, *salt*) - -The remainder of the process is the same. Notice the reuse of the same *salt* -for PBKDF2-SHA256 and HKDF-SHA256. The prehashing of the password in step 2 is -done to prevent a [DoS attack using long -passwords](https://github.com/defuse/php-encryption/issues/230). - -For `KeyProtectedByPassword`, the serialized key is encrypted according to the -password encryption defined above. However, the actual password used for -encryption is the SHA256 hash of the password the user provided. This is done in -order to provide domain separation between the message encryption in the user's -application and the internal key encryption done by this library. It fixes -a [key replacement chosen-protocol -attack](https://github.com/defuse/php-encryption/issues/240). diff --git a/vendor/defuse/php-encryption/docs/FAQ.md b/vendor/defuse/php-encryption/docs/FAQ.md deleted file mode 100644 index 135e235ce5..0000000000 --- a/vendor/defuse/php-encryption/docs/FAQ.md +++ /dev/null @@ -1,39 +0,0 @@ -Frequently Asked Questions -=========================== - -How do I use this library to encrypt passwords? ------------------------------------------------- - -Passwords should not be encrypted, they should be hashed with a *slow* password -hashing function that's designed to slow down password guessing attacks. See -[How to Safely Store Your Users' Passwords in -2016](https://paragonie.com/blog/2016/02/how-safely-store-password-in-2016). - -How do I give it the same key every time instead of a new random key? ----------------------------------------------------------------------- - -A `Key` object can be saved to a string by calling its `saveToAsciiSafeString()` -method. You will have to save that string somewhere safe, and then load it back -into a `Key` object using `Key`'s `loadFromAsciiSafeString` static method. - -Where you store the string depends on your application. For example if you are -using `KeyProtectedByPassword` to encrypt files with a user's login password, -then you should not store the `Key` at all. If you are protecting sensitive data -on a server that may be compromised, then you should store it in a hardware -security module. When in doubt, consult a security expert. - -Why is an EnvironmentIsBrokenException getting thrown? -------------------------------------------------------- - -Either you've encountered a bug in this library, or your system doesn't support -the use of this library. For example, if your system does not have a secure -random number generator, this library will refuse to run, by throwing that -exception, instead of falling back to an insecure random number generator. - -Why am I getting a BadFormatException when loading a Key from a string? ------------------------------------------------------------------------- - -If you're getting this exception, then the string you're giving to -`loadFromAsciiSafeString()` is *not* the same as the string you got from -`saveToAsciiSafeString()`. Perhaps your database column isn't wide enough and -it's truncating the string as you insert it? diff --git a/vendor/defuse/php-encryption/docs/InstallingAndVerifying.md b/vendor/defuse/php-encryption/docs/InstallingAndVerifying.md deleted file mode 100644 index 12b5fee430..0000000000 --- a/vendor/defuse/php-encryption/docs/InstallingAndVerifying.md +++ /dev/null @@ -1,53 +0,0 @@ -Getting The Code -================= - -There are two ways to use this library in your applications. You can either: - -1. Use [Composer](https://getcomposer.org/), or -2. `require_once` a single `.phar` file in your application. - -If you are not using either option (for example, because you're using Git submodules), you may need to write your own autoloader ([example](https://gist.github.com/paragonie-scott/949daee819bb7f19c50e5e103170b400)). - -Option 1: Using Composer -------------------------- - -Run this inside the directory of your composer-enabled project: - -```sh -composer require defuse/php-encryption -``` - -Unfortunately, composer doesn't provide a way for you to verify that the code -you're getting was signed by this library's authors. If you want a more secure -option, use the `.phar` method described below. - -Option 2: Including a PHAR ----------------------------- - -The `.phar` option lets you include this library into your project simply by -calling `require_once` on a single file. Download `defuse-crypto.phar` and -`defuse-crypto.phar.sig` from this project's -[releases](https://github.com/defuse/php-encryption/releases) page. - -You should verify the integrity of the `.phar`. The `defuse-crypto.phar.sig` -contains the signature of `defuse-crypto.phar`. It is signed with Taylor -Hornby's PGP key. You can find Taylor's public key in `dist/signingkey.asc`. You -can verify the public key's fingerprint against the Taylor Hornby's [contact -page](https://defuse.ca/contact.htm) and -[twitter](https://twitter.com/DefuseSec/status/723741424253059074). - -Once you have verified the signature, it is safe to use the `.phar`. Place it -somewhere in your file system, e.g. `/var/www/lib/defuse-crypto.phar`, and then -pass that path to `require_once`. - -```php - Whenever there is a conflict between security and some other property, - > security will be favored. For example, the library has runtime tests, - > which make it slower, but will hopefully stop it from encrypting stuff - > if the platform it's running on is broken. - -- Rule #2: It should be difficult to misuse the library. - - > We assume the developers using this library have no experience with - > cryptography. We only assume that they know that the "key" is something - > you need to encrypt and decrypt the messages, and that it must be kept - > secret. Whenever possible, the library should refuse to encrypt or decrypt - > messages when it is not being used correctly. - -- Rule #3: The library aims only to be compatible with itself. - - > Other PHP encryption libraries try to support every possible type of - > encryption, even the insecure ones (e.g. ECB mode). Because there are so - > many options, inexperienced developers must decide whether to use "CBC - > mode" or "ECB mode" when both are meaningless terms to them. This - > inevitably leads to vulnerabilities. - - > This library will only support one secure mode. A developer using this - > library will call "encrypt" and "decrypt" methods without worrying about - > how they are implemented. - -- Rule #4: The library should require no special installation. - - > Some PHP encryption libraries, like libsodium-php, are not straightforward - > to install and cannot packaged with "just download and extract" - > applications. This library will always be just a handful of PHP files that - > you can copy to your source tree and require(). - -Publishing Releases --------------------- - -To make a release, you will need to install [composer](https://getcomposer.org/) -and [box](https://github.com/box-project/box2) on your system. They will need to -be available in your `$PATH` so that running the commands `composer` and `box` -in your terminal run them, respectively. You will also need the private key for -signing (ID: 7B4B2D98) available. - -Once you have those tools installed and the key available follow these steps: - -**Remember to set the version number in `composer.json`!** - -Make a fresh clone of the repository: - -``` -git clone -``` - -Check out the branch you want to release: - -``` -git checkout -``` - -Check that the version number in composer.json is correct: - -``` -cat composer.json -``` - -Run the tests: - -``` -composer install -./test.sh -``` - -Generate the `.phar`: - -``` -cd dist -make build-phar -``` - -Test the `.phar`: - -``` -cd ../ -./test.sh dist/defuse-crypto.phar -``` - -Sign the `.phar`: - -``` -cd dist -make sign-phar -``` - -Tag the release: - -``` -git -c user.signingkey=7B4B2D98 tag -s "" -m "" -``` - -`` should be in the format `v2.0.0` and `` should look -like "Release of v2.0.0." - -Push the tag to github, then use the -[releases](https://github.com/defuse/php-encryption/releases) page to draft -a new release for that tag. Upload the `.phar` and the `.phar.sig` file to be -included as part of that release. diff --git a/vendor/defuse/php-encryption/docs/Tutorial.md b/vendor/defuse/php-encryption/docs/Tutorial.md deleted file mode 100644 index 40285cc33e..0000000000 --- a/vendor/defuse/php-encryption/docs/Tutorial.md +++ /dev/null @@ -1,298 +0,0 @@ -Tutorial -========= - -Hello! If you're reading this file, it's because you want to add encryption to -one of your PHP projects. My job, as the person writing this documentation, is -to help you make sure you're doing the right thing and then show you how to use -this library to do it. To help me help you, please read the documentation -*carefully* and *deliberately*. - -A Word of Caution ------------------- - -Encryption is not magic dust you can sprinkle on a system to make it more -secure. The way encryption is integrated into a system's design needs to be -carefully thought out. Sometimes, encryption is the wrong thing to use. Other -times, encryption needs to be used in a very specific way in order for it to -work as intended. Even if you are sure of what you are doing, we strongly -recommend seeking advice from an expert. - -The first step is to think about your application's threat model. Ask yourself -the following questions. Who will want to attack my application, and what will -they get out of it? Are they trying to steal some information? Trying to alter -or destroy some information? Or just trying to make the system go down so people -can't access it? Then ask yourself how encryption can help combat those threats. -If you're going to add encryption to your application, you should have a very -clear idea of exactly which kinds of attacks it's helping to secure your -application against. Once you have your threat model, think about what kinds of -attacks it *does not* cover, and whether or not you should improve your threat -model to include those attacks. - -**This isn't for storing user login passwords:** The most common use of -cryptography in web applications is to protect the users' login passwords. If -you're trying to use this library to "encrypt" your users' passwords, you're in -the wrong place. Passwords shouldn't be *encrypted*, they should be *hashed* -with a slow computation-heavy function that makes password guessing attacks more -expensive. See [How to Safely Store Your Users' Passwords in -2016](https://paragonie.com/blog/2016/02/how-safely-store-password-in-2016). - -**This isn't for encrypting network communication:** Likewise, if you're trying -to encrypt messages sent between two parties over the Internet, you don't want -to be using this library. For that, set up a TLS connection between the two -points, or, if it's a chat app, use the [Signal -Protocol](https://whispersystems.org/blog/advanced-ratcheting/). - -What this library provides is symmetric encryption for "data at rest." This -means it is not suitable for use in building protocols where "data is in motion" -(i.e. moving over a network) except in limited set of cases. - -Getting the Code ------------------ - -There are several different ways to obtain this library's code and to add it to -your project. Even if you've already cloned the code from GitHub, you should -take steps to verify the cryptographic signatures to make sure the code you got -was not intercepted and modified by an attacker. - -Please head over to the [**Installing and -Verifying**](InstallingAndVerifying.md) documentation to get the code, and then -come back here to continue the tutorial. - -Using the Library ------------------- - -I'm going to assume you know what symmetric encryption is, and the difference -between symmetric and asymmetric encryption. If you don't, I recommend taking -[Dan Boneh's Cryptography I course](https://www.coursera.org/learn/crypto/) on -Coursera. - -To give you a quick introduction to the library, I'm going to explain how it -would be used in two sterotypical scenarios. Hopefully, one of these sterotypes -is close enough to what you want to do that you'll be able to figure out what -needs to be different on your own. - -### Formal Documentation - -While this tutorial should get you up and running fast, it's important to -understand how this library behaves. Please make sure to read the formal -documentation of all of the functions you're using, since there are some -important security warnings there. - -The following classes are available for you to use: - -- [Crypto](classes/Crypto.md): Encrypting and decrypting strings. -- [File](classes/File.md): Encrypting and decrypting files. -- [Key](classes/Key.md): Represents a secret encryption key. -- [KeyProtectedByPassword](classes/KeyProtectedByPassword.md): Represents - a secret encryption key that needs to be "unlocked" by a password before it - can be used. - -### Scenario #1: Keep data secret from the database administrator - -In this scenario, our threat model is as follows. Alice is a server -administrator responsible for managing a trusted web server. Eve is a database -administrator responsible for managing a database server. Dave is a web -developer working on code that will eventually run on the trusted web server. - -Let's say Alice and Dave trust each other, and Alice is going to host Dave's -application on her server. But both Alice and Dave don't trust Eve. They know -Eve is a good database administrator, but she might have incentive to steal the -data from the database. They want to keep some of the web application's data -secret from Eve. - -In order to do that, Alice will use the included `generate-defuse-key` script -which generates a random encryption key and prints it to standard output: - -```sh -$ composer require defuse/php-encryption -$ vendor/bin/generate-defuse-key -``` - -Alice will run this script once and save the output to a configuration file, say -in `/etc/daveapp-secret-key.txt` and set the file permissions so that only the -user that the website PHP scripts run as can access it. - -Dave will write his code to load the key from the configuration file: - -```php -saveToAsciiSafeString(); - // ... save $protected_key_encoded into the user's account record -} -``` - -Then, when the user logs in, Dave's code will load the protected key from the -user's account record, unlock it to get a `Key` object, and save the `Key` -object somewhere safe (like temporary memory-backed session storage). Note that -wherever Dave's code saves the key, it must be destroyed once the user logs out, -or else the attacker might be able to find users' keys even if they were never -logged in during the attack. - -```php -unlockKey($password); -$user_key_encoded = $user_key->saveToAsciiSafeString(); -// ... save $user_key_encoded in the session -``` - -```php - diff --git a/vendor/defuse/php-encryption/psalm.xml b/vendor/defuse/php-encryption/psalm.xml deleted file mode 100644 index b3f25cae1e..0000000000 --- a/vendor/defuse/php-encryption/psalm.xml +++ /dev/null @@ -1,9 +0,0 @@ - - - - - - diff --git a/vendor/defuse/php-encryption/src/Core.php b/vendor/defuse/php-encryption/src/Core.php deleted file mode 100644 index 3f5ed5224e..0000000000 --- a/vendor/defuse/php-encryption/src/Core.php +++ /dev/null @@ -1,446 +0,0 @@ - PHP_INT_MAX - 255) { - throw new Ex\EnvironmentIsBrokenException( - 'Integer overflow may occur.' - ); - } - - /* - * We start at the rightmost byte (big-endian) - * So, too, does OpenSSL: http://stackoverflow.com/a/3146214/2224584 - */ - for ($i = Core::BLOCK_BYTE_SIZE - 1; $i >= 0; --$i) { - $sum = \ord($ctr[$i]) + $inc; - - /* Detect integer overflow and fail. */ - if (! \is_int($sum)) { - throw new Ex\EnvironmentIsBrokenException( - 'Integer overflow in CTR mode nonce increment.' - ); - } - - $ctr[$i] = \pack('C', $sum & 0xFF); - $inc = $sum >> 8; - } - return $ctr; - } - - /** - * Returns a random byte string of the specified length. - * - * @param int $octets - * - * @throws Ex\EnvironmentIsBrokenException - * - * @return string - */ - public static function secureRandom($octets) - { - self::ensureFunctionExists('random_bytes'); - try { - return \random_bytes($octets); - } catch (\Exception $ex) { - throw new Ex\EnvironmentIsBrokenException( - 'Your system does not have a secure random number generator.' - ); - } - } - - /** - * Computes the HKDF key derivation function specified in - * http://tools.ietf.org/html/rfc5869. - * - * @param string $hash Hash Function - * @param string $ikm Initial Keying Material - * @param int $length How many bytes? - * @param string $info What sort of key are we deriving? - * @param string $salt - * - * @throws Ex\EnvironmentIsBrokenException - * @psalm-suppress UndefinedFunction - We're checking if the function exists first. - * - * @return string - */ - public static function HKDF($hash, $ikm, $length, $info = '', $salt = null) - { - static $nativeHKDF = null; - if ($nativeHKDF === null) { - $nativeHKDF = \is_callable('\\hash_hkdf'); - } - if ($nativeHKDF) { - return \hash_hkdf($hash, $ikm, $length, $info, $salt); - } - - $digest_length = Core::ourStrlen(\hash_hmac($hash, '', '', true)); - - // Sanity-check the desired output length. - if (empty($length) || ! \is_int($length) || - $length < 0 || $length > 255 * $digest_length) { - throw new Ex\EnvironmentIsBrokenException( - 'Bad output length requested of HKDF.' - ); - } - - // "if [salt] not provided, is set to a string of HashLen zeroes." - if (\is_null($salt)) { - $salt = \str_repeat("\x00", $digest_length); - } - - // HKDF-Extract: - // PRK = HMAC-Hash(salt, IKM) - // The salt is the HMAC key. - $prk = \hash_hmac($hash, $ikm, $salt, true); - - // HKDF-Expand: - - // This check is useless, but it serves as a reminder to the spec. - if (Core::ourStrlen($prk) < $digest_length) { - throw new Ex\EnvironmentIsBrokenException(); - } - - // T(0) = '' - $t = ''; - $last_block = ''; - for ($block_index = 1; Core::ourStrlen($t) < $length; ++$block_index) { - // T(i) = HMAC-Hash(PRK, T(i-1) | info | 0x??) - $last_block = \hash_hmac( - $hash, - $last_block . $info . \chr($block_index), - $prk, - true - ); - // T = T(1) | T(2) | T(3) | ... | T(N) - $t .= $last_block; - } - - // ORM = first L octets of T - /** @var string $orm */ - $orm = Core::ourSubstr($t, 0, $length); - if (!\is_string($orm)) { - throw new Ex\EnvironmentIsBrokenException(); - } - return $orm; - } - - /** - * Checks if two equal-length strings are the same without leaking - * information through side channels. - * - * @param string $expected - * @param string $given - * - * @throws Ex\EnvironmentIsBrokenException - * - * @return bool - */ - public static function hashEquals($expected, $given) - { - static $native = null; - if ($native === null) { - $native = \function_exists('hash_equals'); - } - if ($native) { - return \hash_equals($expected, $given); - } - - // We can't just compare the strings with '==', since it would make - // timing attacks possible. We could use the XOR-OR constant-time - // comparison algorithm, but that may not be a reliable defense in an - // interpreted language. So we use the approach of HMACing both strings - // with a random key and comparing the HMACs. - - // We're not attempting to make variable-length string comparison - // secure, as that's very difficult. Make sure the strings are the same - // length. - if (Core::ourStrlen($expected) !== Core::ourStrlen($given)) { - throw new Ex\EnvironmentIsBrokenException(); - } - - $blind = Core::secureRandom(32); - $message_compare = \hash_hmac(Core::HASH_FUNCTION_NAME, $given, $blind); - $correct_compare = \hash_hmac(Core::HASH_FUNCTION_NAME, $expected, $blind); - return $correct_compare === $message_compare; - } - /** - * Throws an exception if the constant doesn't exist. - * - * @param string $name - * @return void - * - * @throws Ex\EnvironmentIsBrokenException - */ - public static function ensureConstantExists($name) - { - if (! \defined($name)) { - throw new Ex\EnvironmentIsBrokenException(); - } - } - - /** - * Throws an exception if the function doesn't exist. - * - * @param string $name - * @return void - * - * @throws Ex\EnvironmentIsBrokenException - */ - public static function ensureFunctionExists($name) - { - if (! \function_exists($name)) { - throw new Ex\EnvironmentIsBrokenException(); - } - } - - /* - * We need these strlen() and substr() functions because when - * 'mbstring.func_overload' is set in php.ini, the standard strlen() and - * substr() are replaced by mb_strlen() and mb_substr(). - */ - - /** - * Computes the length of a string in bytes. - * - * @param string $str - * - * @throws Ex\EnvironmentIsBrokenException - * - * @return int - */ - public static function ourStrlen($str) - { - static $exists = null; - if ($exists === null) { - $exists = \function_exists('mb_strlen'); - } - if ($exists) { - $length = \mb_strlen($str, '8bit'); - if ($length === false) { - throw new Ex\EnvironmentIsBrokenException(); - } - return $length; - } else { - return \strlen($str); - } - } - - /** - * Behaves roughly like the function substr() in PHP 7 does. - * - * @param string $str - * @param int $start - * @param int $length - * - * @throws Ex\EnvironmentIsBrokenException - * - * @return string|bool - */ - public static function ourSubstr($str, $start, $length = null) - { - static $exists = null; - if ($exists === null) { - $exists = \function_exists('mb_substr'); - } - - if ($exists) { - // mb_substr($str, 0, NULL, '8bit') returns an empty string on PHP - // 5.3, so we have to find the length ourselves. - if (! isset($length)) { - if ($start >= 0) { - $length = Core::ourStrlen($str) - $start; - } else { - $length = -$start; - } - } - - // This is required to make mb_substr behavior identical to substr. - // Without this, mb_substr() would return false, contra to what the - // PHP documentation says (it doesn't say it can return false.) - if ($start === Core::ourStrlen($str) && $length === 0) { - return ''; - } - - if ($start > Core::ourStrlen($str)) { - return false; - } - - $substr = \mb_substr($str, $start, $length, '8bit'); - if (Core::ourStrlen($substr) !== $length) { - throw new Ex\EnvironmentIsBrokenException( - 'Your version of PHP has bug #66797. Its implementation of - mb_substr() is incorrect. See the details here: - https://bugs.php.net/bug.php?id=66797' - ); - } - return $substr; - } - - // Unlike mb_substr(), substr() doesn't accept NULL for length - if (isset($length)) { - return \substr($str, $start, $length); - } else { - return \substr($str, $start); - } - } - - /** - * Computes the PBKDF2 password-based key derivation function. - * - * The PBKDF2 function is defined in RFC 2898. Test vectors can be found in - * RFC 6070. This implementation of PBKDF2 was originally created by Taylor - * Hornby, with improvements from http://www.variations-of-shadow.com/. - * - * @param string $algorithm The hash algorithm to use. Recommended: SHA256 - * @param string $password The password. - * @param string $salt A salt that is unique to the password. - * @param int $count Iteration count. Higher is better, but slower. Recommended: At least 1000. - * @param int $key_length The length of the derived key in bytes. - * @param bool $raw_output If true, the key is returned in raw binary format. Hex encoded otherwise. - * - * @throws Ex\EnvironmentIsBrokenException - * - * @return string A $key_length-byte key derived from the password and salt. - */ - public static function pbkdf2($algorithm, $password, $salt, $count, $key_length, $raw_output = false) - { - // Type checks: - if (! \is_string($algorithm)) { - throw new \InvalidArgumentException( - 'pbkdf2(): algorithm must be a string' - ); - } - if (! \is_string($password)) { - throw new \InvalidArgumentException( - 'pbkdf2(): password must be a string' - ); - } - if (! \is_string($salt)) { - throw new \InvalidArgumentException( - 'pbkdf2(): salt must be a string' - ); - } - // Coerce strings to integers with no information loss or overflow - $count += 0; - $key_length += 0; - - $algorithm = \strtolower($algorithm); - if (! \in_array($algorithm, \hash_algos(), true)) { - throw new Ex\EnvironmentIsBrokenException( - 'Invalid or unsupported hash algorithm.' - ); - } - - // Whitelist, or we could end up with people using CRC32. - $ok_algorithms = [ - 'sha1', 'sha224', 'sha256', 'sha384', 'sha512', - 'ripemd160', 'ripemd256', 'ripemd320', 'whirlpool', - ]; - if (! \in_array($algorithm, $ok_algorithms, true)) { - throw new Ex\EnvironmentIsBrokenException( - 'Algorithm is not a secure cryptographic hash function.' - ); - } - - if ($count <= 0 || $key_length <= 0) { - throw new Ex\EnvironmentIsBrokenException( - 'Invalid PBKDF2 parameters.' - ); - } - - if (\function_exists('hash_pbkdf2')) { - // The output length is in NIBBLES (4-bits) if $raw_output is false! - if (! $raw_output) { - $key_length = $key_length * 2; - } - return \hash_pbkdf2($algorithm, $password, $salt, $count, $key_length, $raw_output); - } - - $hash_length = Core::ourStrlen(\hash($algorithm, '', true)); - $block_count = \ceil($key_length / $hash_length); - - $output = ''; - for ($i = 1; $i <= $block_count; $i++) { - // $i encoded as 4 bytes, big endian. - $last = $salt . \pack('N', $i); - // first iteration - $last = $xorsum = \hash_hmac($algorithm, $last, $password, true); - // perform the other $count - 1 iterations - for ($j = 1; $j < $count; $j++) { - $xorsum ^= ($last = \hash_hmac($algorithm, $last, $password, true)); - } - $output .= $xorsum; - } - - if ($raw_output) { - return (string) Core::ourSubstr($output, 0, $key_length); - } else { - return Encoding::binToHex((string) Core::ourSubstr($output, 0, $key_length)); - } - } -} diff --git a/vendor/defuse/php-encryption/src/Crypto.php b/vendor/defuse/php-encryption/src/Crypto.php deleted file mode 100644 index fdb411c76e..0000000000 --- a/vendor/defuse/php-encryption/src/Crypto.php +++ /dev/null @@ -1,393 +0,0 @@ -deriveKeys($salt); - $ekey = $keys->getEncryptionKey(); - $akey = $keys->getAuthenticationKey(); - $iv = Core::secureRandom(Core::BLOCK_BYTE_SIZE); - - $ciphertext = Core::CURRENT_VERSION . $salt . $iv . self::plainEncrypt($plaintext, $ekey, $iv); - $auth = \hash_hmac(Core::HASH_FUNCTION_NAME, $ciphertext, $akey, true); - $ciphertext = $ciphertext . $auth; - - if ($raw_binary) { - return $ciphertext; - } - return Encoding::binToHex($ciphertext); - } - - /** - * Decrypts a ciphertext to a string with either a key or a password. - * - * @param string $ciphertext - * @param KeyOrPassword $secret - * @param bool $raw_binary - * - * @throws Ex\EnvironmentIsBrokenException - * @throws Ex\WrongKeyOrModifiedCiphertextException - * - * @return string - */ - private static function decryptInternal($ciphertext, KeyOrPassword $secret, $raw_binary) - { - RuntimeTests::runtimeTest(); - - if (! $raw_binary) { - try { - $ciphertext = Encoding::hexToBin($ciphertext); - } catch (Ex\BadFormatException $ex) { - throw new Ex\WrongKeyOrModifiedCiphertextException( - 'Ciphertext has invalid hex encoding.' - ); - } - } - - if (Core::ourStrlen($ciphertext) < Core::MINIMUM_CIPHERTEXT_SIZE) { - throw new Ex\WrongKeyOrModifiedCiphertextException( - 'Ciphertext is too short.' - ); - } - - // Get and check the version header. - /** @var string $header */ - $header = Core::ourSubstr($ciphertext, 0, Core::HEADER_VERSION_SIZE); - if ($header !== Core::CURRENT_VERSION) { - throw new Ex\WrongKeyOrModifiedCiphertextException( - 'Bad version header.' - ); - } - - // Get the salt. - /** @var string $salt */ - $salt = Core::ourSubstr( - $ciphertext, - Core::HEADER_VERSION_SIZE, - Core::SALT_BYTE_SIZE - ); - if (!\is_string($salt)) { - throw new Ex\EnvironmentIsBrokenException(); - } - - // Get the IV. - /** @var string $iv */ - $iv = Core::ourSubstr( - $ciphertext, - Core::HEADER_VERSION_SIZE + Core::SALT_BYTE_SIZE, - Core::BLOCK_BYTE_SIZE - ); - if (!\is_string($iv)) { - throw new Ex\EnvironmentIsBrokenException(); - } - - // Get the HMAC. - /** @var string $hmac */ - $hmac = Core::ourSubstr( - $ciphertext, - Core::ourStrlen($ciphertext) - Core::MAC_BYTE_SIZE, - Core::MAC_BYTE_SIZE - ); - if (!\is_string($hmac)) { - throw new Ex\EnvironmentIsBrokenException(); - } - - // Get the actual encrypted ciphertext. - /** @var string $encrypted */ - $encrypted = Core::ourSubstr( - $ciphertext, - Core::HEADER_VERSION_SIZE + Core::SALT_BYTE_SIZE + - Core::BLOCK_BYTE_SIZE, - Core::ourStrlen($ciphertext) - Core::MAC_BYTE_SIZE - Core::SALT_BYTE_SIZE - - Core::BLOCK_BYTE_SIZE - Core::HEADER_VERSION_SIZE - ); - if (!\is_string($encrypted)) { - throw new Ex\EnvironmentIsBrokenException(); - } - - // Derive the separate encryption and authentication keys from the key - // or password, whichever it is. - $keys = $secret->deriveKeys($salt); - - if (self::verifyHMAC($hmac, $header . $salt . $iv . $encrypted, $keys->getAuthenticationKey())) { - $plaintext = self::plainDecrypt($encrypted, $keys->getEncryptionKey(), $iv, Core::CIPHER_METHOD); - return $plaintext; - } else { - throw new Ex\WrongKeyOrModifiedCiphertextException( - 'Integrity check failed.' - ); - } - } - - /** - * Raw unauthenticated encryption (insecure on its own). - * - * @param string $plaintext - * @param string $key - * @param string $iv - * - * @throws Ex\EnvironmentIsBrokenException - * - * @return string - */ - protected static function plainEncrypt($plaintext, $key, $iv) - { - Core::ensureConstantExists('OPENSSL_RAW_DATA'); - Core::ensureFunctionExists('openssl_encrypt'); - /** @var string $ciphertext */ - $ciphertext = \openssl_encrypt( - $plaintext, - Core::CIPHER_METHOD, - $key, - OPENSSL_RAW_DATA, - $iv - ); - - if (!\is_string($ciphertext)) { - throw new Ex\EnvironmentIsBrokenException( - 'openssl_encrypt() failed.' - ); - } - - return $ciphertext; - } - - /** - * Raw unauthenticated decryption (insecure on its own). - * - * @param string $ciphertext - * @param string $key - * @param string $iv - * @param string $cipherMethod - * - * @throws Ex\EnvironmentIsBrokenException - * - * @return string - */ - protected static function plainDecrypt($ciphertext, $key, $iv, $cipherMethod) - { - Core::ensureConstantExists('OPENSSL_RAW_DATA'); - Core::ensureFunctionExists('openssl_decrypt'); - - /** @var string $plaintext */ - $plaintext = \openssl_decrypt( - $ciphertext, - $cipherMethod, - $key, - OPENSSL_RAW_DATA, - $iv - ); - if (!\is_string($plaintext)) { - throw new Ex\EnvironmentIsBrokenException( - 'openssl_decrypt() failed.' - ); - } - - return $plaintext; - } - - /** - * Verifies an HMAC without leaking information through side-channels. - * - * @param string $expected_hmac - * @param string $message - * @param string $key - * - * @throws Ex\EnvironmentIsBrokenException - * - * @return bool - */ - protected static function verifyHMAC($expected_hmac, $message, $key) - { - $message_hmac = \hash_hmac(Core::HASH_FUNCTION_NAME, $message, $key, true); - return Core::hashEquals($message_hmac, $expected_hmac); - } -} diff --git a/vendor/defuse/php-encryption/src/DerivedKeys.php b/vendor/defuse/php-encryption/src/DerivedKeys.php deleted file mode 100644 index 86a48e5ea9..0000000000 --- a/vendor/defuse/php-encryption/src/DerivedKeys.php +++ /dev/null @@ -1,50 +0,0 @@ -akey; - } - - /** - * Returns the encryption key. - * @return string - */ - public function getEncryptionKey() - { - return $this->ekey; - } - - /** - * Constructor for DerivedKeys. - * - * @param string $akey - * @param string $ekey - */ - public function __construct($akey, $ekey) - { - $this->akey = $akey; - $this->ekey = $ekey; - } -} diff --git a/vendor/defuse/php-encryption/src/Encoding.php b/vendor/defuse/php-encryption/src/Encoding.php deleted file mode 100644 index 001fb6e89e..0000000000 --- a/vendor/defuse/php-encryption/src/Encoding.php +++ /dev/null @@ -1,270 +0,0 @@ -> 4; - $hex .= \pack( - 'CC', - 87 + $b + ((($b - 10) >> 8) & ~38), - 87 + $c + ((($c - 10) >> 8) & ~38) - ); - } - return $hex; - } - - /** - * Converts a hexadecimal string into a byte string without leaking - * information through side channels. - * - * @param string $hex_string - * - * @throws Ex\BadFormatException - * @throws Ex\EnvironmentIsBrokenException - * - * @return string - */ - public static function hexToBin($hex_string) - { - $hex_pos = 0; - $bin = ''; - $hex_len = Core::ourStrlen($hex_string); - $state = 0; - $c_acc = 0; - - while ($hex_pos < $hex_len) { - $c = \ord($hex_string[$hex_pos]); - $c_num = $c ^ 48; - $c_num0 = ($c_num - 10) >> 8; - $c_alpha = ($c & ~32) - 55; - $c_alpha0 = (($c_alpha - 10) ^ ($c_alpha - 16)) >> 8; - if (($c_num0 | $c_alpha0) === 0) { - throw new Ex\BadFormatException( - 'Encoding::hexToBin() input is not a hex string.' - ); - } - $c_val = ($c_num0 & $c_num) | ($c_alpha & $c_alpha0); - if ($state === 0) { - $c_acc = $c_val * 16; - } else { - $bin .= \pack('C', $c_acc | $c_val); - } - $state ^= 1; - ++$hex_pos; - } - return $bin; - } - - /** - * Remove trialing whitespace without table look-ups or branches. - * - * Calling this function may leak the length of the string as well as the - * number of trailing whitespace characters through side-channels. - * - * @param string $string - * @return string - */ - public static function trimTrailingWhitespace($string = '') - { - $length = Core::ourStrlen($string); - if ($length < 1) { - return ''; - } - do { - $prevLength = $length; - $last = $length - 1; - $chr = \ord($string[$last]); - - /* Null Byte (0x00), a.k.a. \0 */ - // if ($chr === 0x00) $length -= 1; - $sub = (($chr - 1) >> 8 ) & 1; - $length -= $sub; - $last -= $sub; - - /* Horizontal Tab (0x09) a.k.a. \t */ - $chr = \ord($string[$last]); - // if ($chr === 0x09) $length -= 1; - $sub = (((0x08 - $chr) & ($chr - 0x0a)) >> 8) & 1; - $length -= $sub; - $last -= $sub; - - /* New Line (0x0a), a.k.a. \n */ - $chr = \ord($string[$last]); - // if ($chr === 0x0a) $length -= 1; - $sub = (((0x09 - $chr) & ($chr - 0x0b)) >> 8) & 1; - $length -= $sub; - $last -= $sub; - - /* Carriage Return (0x0D), a.k.a. \r */ - $chr = \ord($string[$last]); - // if ($chr === 0x0d) $length -= 1; - $sub = (((0x0c - $chr) & ($chr - 0x0e)) >> 8) & 1; - $length -= $sub; - $last -= $sub; - - /* Space */ - $chr = \ord($string[$last]); - // if ($chr === 0x20) $length -= 1; - $sub = (((0x1f - $chr) & ($chr - 0x21)) >> 8) & 1; - $length -= $sub; - } while ($prevLength !== $length && $length > 0); - return (string) Core::ourSubstr($string, 0, $length); - } - - /* - * SECURITY NOTE ON APPLYING CHECKSUMS TO SECRETS: - * - * The checksum introduces a potential security weakness. For example, - * suppose we apply a checksum to a key, and that an adversary has an - * exploit against the process containing the key, such that they can - * overwrite an arbitrary byte of memory and then cause the checksum to - * be verified and learn the result. - * - * In this scenario, the adversary can extract the key one byte at - * a time by overwriting it with their guess of its value and then - * asking if the checksum matches. If it does, their guess was right. - * This kind of attack may be more easy to implement and more reliable - * than a remote code execution attack. - * - * This attack also applies to authenticated encryption as a whole, in - * the situation where the adversary can overwrite a byte of the key - * and then cause a valid ciphertext to be decrypted, and then - * determine whether the MAC check passed or failed. - * - * By using the full SHA256 hash instead of truncating it, I'm ensuring - * that both ways of going about the attack are equivalently difficult. - * A shorter checksum of say 32 bits might be more useful to the - * adversary as an oracle in case their writes are coarser grained. - * - * Because the scenario assumes a serious vulnerability, we don't try - * to prevent attacks of this style. - */ - - /** - * INTERNAL USE ONLY: Applies a version header, applies a checksum, and - * then encodes a byte string into a range of printable ASCII characters. - * - * @param string $header - * @param string $bytes - * - * @throws Ex\EnvironmentIsBrokenException - * - * @return string - */ - public static function saveBytesToChecksummedAsciiSafeString($header, $bytes) - { - // Headers must be a constant length to prevent one type's header from - // being a prefix of another type's header, leading to ambiguity. - if (Core::ourStrlen($header) !== self::SERIALIZE_HEADER_BYTES) { - throw new Ex\EnvironmentIsBrokenException( - 'Header must be ' . self::SERIALIZE_HEADER_BYTES . ' bytes.' - ); - } - - return Encoding::binToHex( - $header . - $bytes . - \hash( - self::CHECKSUM_HASH_ALGO, - $header . $bytes, - true - ) - ); - } - - /** - * INTERNAL USE ONLY: Decodes, verifies the header and checksum, and returns - * the encoded byte string. - * - * @param string $expected_header - * @param string $string - * - * @throws Ex\EnvironmentIsBrokenException - * @throws Ex\BadFormatException - * - * @return string - */ - public static function loadBytesFromChecksummedAsciiSafeString($expected_header, $string) - { - // Headers must be a constant length to prevent one type's header from - // being a prefix of another type's header, leading to ambiguity. - if (Core::ourStrlen($expected_header) !== self::SERIALIZE_HEADER_BYTES) { - throw new Ex\EnvironmentIsBrokenException( - 'Header must be 4 bytes.' - ); - } - - /* If you get an exception here when attempting to load from a file, first pass your - key to Encoding::trimTrailingWhitespace() to remove newline characters, etc. */ - $bytes = Encoding::hexToBin($string); - - /* Make sure we have enough bytes to get the version header and checksum. */ - if (Core::ourStrlen($bytes) < self::SERIALIZE_HEADER_BYTES + self::CHECKSUM_BYTE_SIZE) { - throw new Ex\BadFormatException( - 'Encoded data is shorter than expected.' - ); - } - - /* Grab the version header. */ - $actual_header = (string) Core::ourSubstr($bytes, 0, self::SERIALIZE_HEADER_BYTES); - - if ($actual_header !== $expected_header) { - throw new Ex\BadFormatException( - 'Invalid header.' - ); - } - - /* Grab the bytes that are part of the checksum. */ - $checked_bytes = (string) Core::ourSubstr( - $bytes, - 0, - Core::ourStrlen($bytes) - self::CHECKSUM_BYTE_SIZE - ); - - /* Grab the included checksum. */ - $checksum_a = (string) Core::ourSubstr( - $bytes, - Core::ourStrlen($bytes) - self::CHECKSUM_BYTE_SIZE, - self::CHECKSUM_BYTE_SIZE - ); - - /* Re-compute the checksum. */ - $checksum_b = \hash(self::CHECKSUM_HASH_ALGO, $checked_bytes, true); - - /* Check if the checksum matches. */ - if (! Core::hashEquals($checksum_a, $checksum_b)) { - throw new Ex\BadFormatException( - "Data is corrupted, the checksum doesn't match" - ); - } - - return (string) Core::ourSubstr( - $bytes, - self::SERIALIZE_HEADER_BYTES, - Core::ourStrlen($bytes) - self::SERIALIZE_HEADER_BYTES - self::CHECKSUM_BYTE_SIZE - ); - } -} diff --git a/vendor/defuse/php-encryption/src/Exception/BadFormatException.php b/vendor/defuse/php-encryption/src/Exception/BadFormatException.php deleted file mode 100644 index 804d9c17e8..0000000000 --- a/vendor/defuse/php-encryption/src/Exception/BadFormatException.php +++ /dev/null @@ -1,7 +0,0 @@ -deriveKeys($file_salt); - $ekey = $keys->getEncryptionKey(); - $akey = $keys->getAuthenticationKey(); - - $ivsize = Core::BLOCK_BYTE_SIZE; - $iv = Core::secureRandom($ivsize); - - /* Initialize a streaming HMAC state. */ - /** @var resource $hmac */ - $hmac = \hash_init(Core::HASH_FUNCTION_NAME, HASH_HMAC, $akey); - if (!\is_resource($hmac)) { - throw new Ex\EnvironmentIsBrokenException( - 'Cannot initialize a hash context' - ); - } - - /* Write the header, salt, and IV. */ - self::writeBytes( - $outputHandle, - Core::CURRENT_VERSION . $file_salt . $iv, - Core::HEADER_VERSION_SIZE + Core::SALT_BYTE_SIZE + $ivsize - ); - - /* Add the header, salt, and IV to the HMAC. */ - \hash_update($hmac, Core::CURRENT_VERSION); - \hash_update($hmac, $file_salt); - \hash_update($hmac, $iv); - - /* $thisIv will be incremented after each call to the encryption. */ - $thisIv = $iv; - - /* How many blocks do we encrypt at a time? We increment by this value. */ - $inc = (int) (Core::BUFFER_BYTE_SIZE / Core::BLOCK_BYTE_SIZE); - - /* Loop until we reach the end of the input file. */ - $at_file_end = false; - while (! (\feof($inputHandle) || $at_file_end)) { - /* Find out if we can read a full buffer, or only a partial one. */ - /** @var int */ - $pos = \ftell($inputHandle); - if (!\is_int($pos)) { - throw new Ex\IOException( - 'Could not get current position in input file during encryption' - ); - } - if ($pos + Core::BUFFER_BYTE_SIZE >= $inputSize) { - /* We're at the end of the file, so we need to break out of the loop. */ - $at_file_end = true; - $read = self::readBytes( - $inputHandle, - $inputSize - $pos - ); - } else { - $read = self::readBytes( - $inputHandle, - Core::BUFFER_BYTE_SIZE - ); - } - - /* Encrypt this buffer. */ - /** @var string */ - $encrypted = \openssl_encrypt( - $read, - Core::CIPHER_METHOD, - $ekey, - OPENSSL_RAW_DATA, - $thisIv - ); - - if (!\is_string($encrypted)) { - throw new Ex\EnvironmentIsBrokenException( - 'OpenSSL encryption error' - ); - } - - /* Write this buffer's ciphertext. */ - self::writeBytes($outputHandle, $encrypted, Core::ourStrlen($encrypted)); - /* Add this buffer's ciphertext to the HMAC. */ - \hash_update($hmac, $encrypted); - - /* Increment the counter by the number of blocks in a buffer. */ - $thisIv = Core::incrementCounter($thisIv, $inc); - /* WARNING: Usually, unless the file is a multiple of the buffer - * size, $thisIv will contain an incorrect value here on the last - * iteration of this loop. */ - } - - /* Get the HMAC and append it to the ciphertext. */ - $final_mac = \hash_final($hmac, true); - self::writeBytes($outputHandle, $final_mac, Core::MAC_BYTE_SIZE); - } - - /** - * Decrypts a file-backed resource with either a key or a password. - * - * @param resource $inputHandle - * @param resource $outputHandle - * @param KeyOrPassword $secret - * @return void - * - * @throws Ex\EnvironmentIsBrokenException - * @throws Ex\IOException - * @throws Ex\WrongKeyOrModifiedCiphertextException - */ - public static function decryptResourceInternal($inputHandle, $outputHandle, KeyOrPassword $secret) - { - if (! \is_resource($inputHandle)) { - throw new Ex\IOException( - 'Input handle must be a resource!' - ); - } - if (! \is_resource($outputHandle)) { - throw new Ex\IOException( - 'Output handle must be a resource!' - ); - } - - /* Make sure the file is big enough for all the reads we need to do. */ - $stat = \fstat($inputHandle); - if ($stat['size'] < Core::MINIMUM_CIPHERTEXT_SIZE) { - throw new Ex\WrongKeyOrModifiedCiphertextException( - 'Input file is too small to have been created by this library.' - ); - } - - /* Check the version header. */ - $header = self::readBytes($inputHandle, Core::HEADER_VERSION_SIZE); - if ($header !== Core::CURRENT_VERSION) { - throw new Ex\WrongKeyOrModifiedCiphertextException( - 'Bad version header.' - ); - } - - /* Get the salt. */ - $file_salt = self::readBytes($inputHandle, Core::SALT_BYTE_SIZE); - - /* Get the IV. */ - $ivsize = Core::BLOCK_BYTE_SIZE; - $iv = self::readBytes($inputHandle, $ivsize); - - /* Derive the authentication and encryption keys. */ - $keys = $secret->deriveKeys($file_salt); - $ekey = $keys->getEncryptionKey(); - $akey = $keys->getAuthenticationKey(); - - /* We'll store the MAC of each buffer-sized chunk as we verify the - * actual MAC, so that we can check them again when decrypting. */ - $macs = []; - - /* $thisIv will be incremented after each call to the decryption. */ - $thisIv = $iv; - - /* How many blocks do we encrypt at a time? We increment by this value. */ - $inc = (int) (Core::BUFFER_BYTE_SIZE / Core::BLOCK_BYTE_SIZE); - - /* Get the HMAC. */ - if (\fseek($inputHandle, (-1 * Core::MAC_BYTE_SIZE), SEEK_END) === false) { - throw new Ex\IOException( - 'Cannot seek to beginning of MAC within input file' - ); - } - - /* Get the position of the last byte in the actual ciphertext. */ - /** @var int $cipher_end */ - $cipher_end = \ftell($inputHandle); - if (!\is_int($cipher_end)) { - throw new Ex\IOException( - 'Cannot read input file' - ); - } - /* We have the position of the first byte of the HMAC. Go back by one. */ - --$cipher_end; - - /* Read the HMAC. */ - /** @var string $stored_mac */ - $stored_mac = self::readBytes($inputHandle, Core::MAC_BYTE_SIZE); - - /* Initialize a streaming HMAC state. */ - /** @var resource $hmac */ - $hmac = \hash_init(Core::HASH_FUNCTION_NAME, HASH_HMAC, $akey); - if (!\is_resource($hmac)) { - throw new Ex\EnvironmentIsBrokenException( - 'Cannot initialize a hash context' - ); - } - - /* Reset file pointer to the beginning of the file after the header */ - if (\fseek($inputHandle, Core::HEADER_VERSION_SIZE, SEEK_SET) === false) { - throw new Ex\IOException( - 'Cannot read seek within input file' - ); - } - - /* Seek to the start of the actual ciphertext. */ - if (\fseek($inputHandle, Core::SALT_BYTE_SIZE + $ivsize, SEEK_CUR) === false) { - throw new Ex\IOException( - 'Cannot seek input file to beginning of ciphertext' - ); - } - - /* PASS #1: Calculating the HMAC. */ - - \hash_update($hmac, $header); - \hash_update($hmac, $file_salt); - \hash_update($hmac, $iv); - /** @var resource $hmac2 */ - $hmac2 = \hash_copy($hmac); - - $break = false; - while (! $break) { - /** @var int $pos */ - $pos = \ftell($inputHandle); - if (!\is_int($pos)) { - throw new Ex\IOException( - 'Could not get current position in input file during decryption' - ); - } - - /* Read the next buffer-sized chunk (or less). */ - if ($pos + Core::BUFFER_BYTE_SIZE >= $cipher_end) { - $break = true; - $read = self::readBytes( - $inputHandle, - $cipher_end - $pos + 1 - ); - } else { - $read = self::readBytes( - $inputHandle, - Core::BUFFER_BYTE_SIZE - ); - } - - /* Update the HMAC. */ - \hash_update($hmac, $read); - - /* Remember this buffer-sized chunk's HMAC. */ - /** @var resource $chunk_mac */ - $chunk_mac = \hash_copy($hmac); - if (!\is_resource($chunk_mac)) { - throw new Ex\EnvironmentIsBrokenException( - 'Cannot duplicate a hash context' - ); - } - $macs []= \hash_final($chunk_mac); - } - - /* Get the final HMAC, which should match the stored one. */ - /** @var string $final_mac */ - $final_mac = \hash_final($hmac, true); - - /* Verify the HMAC. */ - if (! Core::hashEquals($final_mac, $stored_mac)) { - throw new Ex\WrongKeyOrModifiedCiphertextException( - 'Integrity check failed.' - ); - } - - /* PASS #2: Decrypt and write output. */ - - /* Rewind to the start of the actual ciphertext. */ - if (\fseek($inputHandle, Core::SALT_BYTE_SIZE + $ivsize + Core::HEADER_VERSION_SIZE, SEEK_SET) === false) { - throw new Ex\IOException( - 'Could not move the input file pointer during decryption' - ); - } - - $at_file_end = false; - while (! $at_file_end) { - /** @var int $pos */ - $pos = \ftell($inputHandle); - if (!\is_int($pos)) { - throw new Ex\IOException( - 'Could not get current position in input file during decryption' - ); - } - - /* Read the next buffer-sized chunk (or less). */ - if ($pos + Core::BUFFER_BYTE_SIZE >= $cipher_end) { - $at_file_end = true; - $read = self::readBytes( - $inputHandle, - $cipher_end - $pos + 1 - ); - } else { - $read = self::readBytes( - $inputHandle, - Core::BUFFER_BYTE_SIZE - ); - } - - /* Recalculate the MAC (so far) and compare it with the one we - * remembered from pass #1 to ensure attackers didn't change the - * ciphertext after MAC verification. */ - \hash_update($hmac2, $read); - /** @var resource $calc_mac */ - $calc_mac = \hash_copy($hmac2); - if (!\is_resource($calc_mac)) { - throw new Ex\EnvironmentIsBrokenException( - 'Cannot duplicate a hash context' - ); - } - $calc = \hash_final($calc_mac); - - if (empty($macs)) { - throw new Ex\WrongKeyOrModifiedCiphertextException( - 'File was modified after MAC verification' - ); - } elseif (! Core::hashEquals(\array_shift($macs), $calc)) { - throw new Ex\WrongKeyOrModifiedCiphertextException( - 'File was modified after MAC verification' - ); - } - - /* Decrypt this buffer-sized chunk. */ - /** @var string $decrypted */ - $decrypted = \openssl_decrypt( - $read, - Core::CIPHER_METHOD, - $ekey, - OPENSSL_RAW_DATA, - $thisIv - ); - if (!\is_string($decrypted)) { - throw new Ex\EnvironmentIsBrokenException( - 'OpenSSL decryption error' - ); - } - - /* Write the plaintext to the output file. */ - self::writeBytes( - $outputHandle, - $decrypted, - Core::ourStrlen($decrypted) - ); - - /* Increment the IV by the amount of blocks in a buffer. */ - /** @var string $thisIv */ - $thisIv = Core::incrementCounter($thisIv, $inc); - /* WARNING: Usually, unless the file is a multiple of the buffer - * size, $thisIv will contain an incorrect value here on the last - * iteration of this loop. */ - } - } - - /** - * Read from a stream; prevent partial reads. - * - * @param resource $stream - * @param int $num_bytes - * @return string - * - * @throws Ex\IOException - * @throws Ex\EnvironmentIsBrokenException - * - * @return string - */ - public static function readBytes($stream, $num_bytes) - { - if ($num_bytes < 0) { - throw new Ex\EnvironmentIsBrokenException( - 'Tried to read less than 0 bytes' - ); - } elseif ($num_bytes === 0) { - return ''; - } - $buf = ''; - $remaining = $num_bytes; - while ($remaining > 0 && ! \feof($stream)) { - /** @var string $read */ - $read = \fread($stream, $remaining); - if (!\is_string($read)) { - throw new Ex\IOException( - 'Could not read from the file' - ); - } - $buf .= $read; - $remaining -= Core::ourStrlen($read); - } - if (Core::ourStrlen($buf) !== $num_bytes) { - throw new Ex\IOException( - 'Tried to read past the end of the file' - ); - } - return $buf; - } - - /** - * Write to a stream; prevents partial writes. - * - * @param resource $stream - * @param string $buf - * @param int $num_bytes - * @return int - * - * @throws Ex\IOException - * - * @return string - */ - public static function writeBytes($stream, $buf, $num_bytes = null) - { - $bufSize = Core::ourStrlen($buf); - if ($num_bytes === null) { - $num_bytes = $bufSize; - } - if ($num_bytes > $bufSize) { - throw new Ex\IOException( - 'Trying to write more bytes than the buffer contains.' - ); - } - if ($num_bytes < 0) { - throw new Ex\IOException( - 'Tried to write less than 0 bytes' - ); - } - $remaining = $num_bytes; - while ($remaining > 0) { - /** @var int $written */ - $written = \fwrite($stream, $buf, $remaining); - if (!\is_int($written)) { - throw new Ex\IOException( - 'Could not write to the file' - ); - } - $buf = (string) Core::ourSubstr($buf, $written, null); - $remaining -= $written; - } - return $num_bytes; - } - - /** - * Returns the last PHP error's or warning's message string. - * - * @return string - */ - private static function getLastErrorMessage() - { - $error = error_get_last(); - if ($error === null) { - return '[no PHP error]'; - } else { - return $error['message']; - } - } -} diff --git a/vendor/defuse/php-encryption/src/Key.php b/vendor/defuse/php-encryption/src/Key.php deleted file mode 100644 index fe4bf7d542..0000000000 --- a/vendor/defuse/php-encryption/src/Key.php +++ /dev/null @@ -1,95 +0,0 @@ -key_bytes - ); - } - - /** - * Gets the raw bytes of the key. - * - * @return string - */ - public function getRawBytes() - { - return $this->key_bytes; - } - - /** - * Constructs a new Key object from a string of raw bytes. - * - * @param string $bytes - * - * @throws Ex\EnvironmentIsBrokenException - */ - private function __construct($bytes) - { - if (Core::ourStrlen($bytes) !== self::KEY_BYTE_SIZE) { - throw new Ex\EnvironmentIsBrokenException( - 'Bad key length.' - ); - } - $this->key_bytes = $bytes; - } - -} diff --git a/vendor/defuse/php-encryption/src/KeyOrPassword.php b/vendor/defuse/php-encryption/src/KeyOrPassword.php deleted file mode 100644 index 4a810d3f62..0000000000 --- a/vendor/defuse/php-encryption/src/KeyOrPassword.php +++ /dev/null @@ -1,133 +0,0 @@ -secret_type === self::SECRET_TYPE_KEY) { - if (!($this->secret instanceof Key)) { - throw new Ex\CryptoException('Expected a Key object'); - } - $akey = Core::HKDF( - Core::HASH_FUNCTION_NAME, - $this->secret->getRawBytes(), - Core::KEY_BYTE_SIZE, - Core::AUTHENTICATION_INFO_STRING, - $salt - ); - $ekey = Core::HKDF( - Core::HASH_FUNCTION_NAME, - $this->secret->getRawBytes(), - Core::KEY_BYTE_SIZE, - Core::ENCRYPTION_INFO_STRING, - $salt - ); - return new DerivedKeys($akey, $ekey); - } elseif ($this->secret_type === self::SECRET_TYPE_PASSWORD) { - if (!\is_string($this->secret)) { - throw new Ex\CryptoException('Expected a string'); - } - /* Our PBKDF2 polyfill is vulnerable to a DoS attack documented in - * GitHub issue #230. The fix is to pre-hash the password to ensure - * it is short. We do the prehashing here instead of in pbkdf2() so - * that pbkdf2() still computes the function as defined by the - * standard. */ - $prehash = \hash(Core::HASH_FUNCTION_NAME, $this->secret, true); - $prekey = Core::pbkdf2( - Core::HASH_FUNCTION_NAME, - $prehash, - $salt, - self::PBKDF2_ITERATIONS, - Core::KEY_BYTE_SIZE, - true - ); - $akey = Core::HKDF( - Core::HASH_FUNCTION_NAME, - $prekey, - Core::KEY_BYTE_SIZE, - Core::AUTHENTICATION_INFO_STRING, - $salt - ); - /* Note the cryptographic re-use of $salt here. */ - $ekey = Core::HKDF( - Core::HASH_FUNCTION_NAME, - $prekey, - Core::KEY_BYTE_SIZE, - Core::ENCRYPTION_INFO_STRING, - $salt - ); - return new DerivedKeys($akey, $ekey); - } else { - throw new Ex\EnvironmentIsBrokenException('Bad secret type.'); - } - } - - /** - * Constructor for KeyOrPassword. - * - * @param int $secret_type - * @param mixed $secret (either a Key or a password string) - */ - private function __construct($secret_type, $secret) - { - $this->secret_type = $secret_type; - $this->secret = $secret; - } -} diff --git a/vendor/defuse/php-encryption/src/KeyProtectedByPassword.php b/vendor/defuse/php-encryption/src/KeyProtectedByPassword.php deleted file mode 100644 index 9d32e76295..0000000000 --- a/vendor/defuse/php-encryption/src/KeyProtectedByPassword.php +++ /dev/null @@ -1,115 +0,0 @@ -saveToAsciiSafeString(), - \hash(Core::HASH_FUNCTION_NAME, $password, true), - true - ); - - return new KeyProtectedByPassword($encrypted_key); - } - - /** - * Loads a KeyProtectedByPassword from its encoded form. - * - * @param string $saved_key_string - * - * @throws Ex\BadFormatException - * - * @return KeyProtectedByPassword - */ - public static function loadFromAsciiSafeString($saved_key_string) - { - $encrypted_key = Encoding::loadBytesFromChecksummedAsciiSafeString( - self::PASSWORD_KEY_CURRENT_VERSION, - $saved_key_string - ); - return new KeyProtectedByPassword($encrypted_key); - } - - /** - * Encodes the KeyProtectedByPassword into a string of printable ASCII - * characters. - * - * @throws Ex\EnvironmentIsBrokenException - * - * @return string - */ - public function saveToAsciiSafeString() - { - return Encoding::saveBytesToChecksummedAsciiSafeString( - self::PASSWORD_KEY_CURRENT_VERSION, - $this->encrypted_key - ); - } - - /** - * Decrypts the protected key, returning an unprotected Key object that can - * be used for encryption and decryption. - * - * @throws Ex\EnvironmentIsBrokenException - * @throws Ex\WrongKeyOrModifiedCiphertextException - * - * @return Key - */ - public function unlockKey($password) - { - try { - $inner_key_encoded = Crypto::decryptWithPassword( - $this->encrypted_key, - \hash(Core::HASH_FUNCTION_NAME, $password, true), - true - ); - return Key::loadFromAsciiSafeString($inner_key_encoded); - } catch (Ex\BadFormatException $ex) { - /* This should never happen unless an attacker replaced the - * encrypted key ciphertext with some other ciphertext that was - * encrypted with the same password. We transform the exception type - * here in order to make the API simpler, avoiding the need to - * document that this method might throw an Ex\BadFormatException. */ - throw new Ex\WrongKeyOrModifiedCiphertextException( - "The decrypted key was found to be in an invalid format. " . - "This very likely indicates it was modified by an attacker." - ); - } - } - - /** - * Constructor for KeyProtectedByPassword. - * - * @param string $encrypted_key - */ - private function __construct($encrypted_key) - { - $this->encrypted_key = $encrypted_key; - } -} diff --git a/vendor/defuse/php-encryption/src/RuntimeTests.php b/vendor/defuse/php-encryption/src/RuntimeTests.php deleted file mode 100644 index 9f00a97a1f..0000000000 --- a/vendor/defuse/php-encryption/src/RuntimeTests.php +++ /dev/null @@ -1,247 +0,0 @@ -getRawBytes()) != Core::KEY_BYTE_SIZE) { - throw new Ex\EnvironmentIsBrokenException(); - } - - if (Core::ENCRYPTION_INFO_STRING == Core::AUTHENTICATION_INFO_STRING) { - throw new Ex\EnvironmentIsBrokenException(); - } - } catch (Ex\EnvironmentIsBrokenException $ex) { - // Do this, otherwise it will stay in the "tests are running" state. - $test_state = 3; - throw $ex; - } - - // Change this to '0' make the tests always re-run (for benchmarking). - $test_state = 1; - } - - /** - * High-level tests of Crypto operations. - * - * @throws Ex\EnvironmentIsBrokenException - * @return void - */ - private static function testEncryptDecrypt() - { - $key = Key::createNewRandomKey(); - $data = "EnCrYpT EvErYThInG\x00\x00"; - - // Make sure encrypting then decrypting doesn't change the message. - $ciphertext = Crypto::encrypt($data, $key, true); - try { - $decrypted = Crypto::decrypt($ciphertext, $key, true); - } catch (Ex\WrongKeyOrModifiedCiphertextException $ex) { - // It's important to catch this and change it into a - // Ex\EnvironmentIsBrokenException, otherwise a test failure could trick - // the user into thinking it's just an invalid ciphertext! - throw new Ex\EnvironmentIsBrokenException(); - } - if ($decrypted !== $data) { - throw new Ex\EnvironmentIsBrokenException(); - } - - // Modifying the ciphertext: Appending a string. - try { - Crypto::decrypt($ciphertext . 'a', $key, true); - throw new Ex\EnvironmentIsBrokenException(); - } catch (Ex\WrongKeyOrModifiedCiphertextException $e) { /* expected */ - } - - // Modifying the ciphertext: Changing an HMAC byte. - $indices_to_change = [ - 0, // The header. - Core::HEADER_VERSION_SIZE + 1, // the salt - Core::HEADER_VERSION_SIZE + Core::SALT_BYTE_SIZE + 1, // the IV - Core::HEADER_VERSION_SIZE + Core::SALT_BYTE_SIZE + Core::BLOCK_BYTE_SIZE + 1, // the ciphertext - ]; - - foreach ($indices_to_change as $index) { - try { - $ciphertext[$index] = \chr((\ord($ciphertext[$index]) + 1) % 256); - Crypto::decrypt($ciphertext, $key, true); - throw new Ex\EnvironmentIsBrokenException(); - } catch (Ex\WrongKeyOrModifiedCiphertextException $e) { /* expected */ - } - } - - // Decrypting with the wrong key. - $key = Key::createNewRandomKey(); - $data = 'abcdef'; - $ciphertext = Crypto::encrypt($data, $key, true); - $wrong_key = Key::createNewRandomKey(); - try { - Crypto::decrypt($ciphertext, $wrong_key, true); - throw new Ex\EnvironmentIsBrokenException(); - } catch (Ex\WrongKeyOrModifiedCiphertextException $e) { /* expected */ - } - - // Ciphertext too small. - $key = Key::createNewRandomKey(); - $ciphertext = \str_repeat('A', Core::MINIMUM_CIPHERTEXT_SIZE - 1); - try { - Crypto::decrypt($ciphertext, $key, true); - throw new Ex\EnvironmentIsBrokenException(); - } catch (Ex\WrongKeyOrModifiedCiphertextException $e) { /* expected */ - } - } - - /** - * Test HKDF against test vectors. - * - * @throws Ex\EnvironmentIsBrokenException - * @return void - */ - private static function HKDFTestVector() - { - // HKDF test vectors from RFC 5869 - - // Test Case 1 - $ikm = \str_repeat("\x0b", 22); - $salt = Encoding::hexToBin('000102030405060708090a0b0c'); - $info = Encoding::hexToBin('f0f1f2f3f4f5f6f7f8f9'); - $length = 42; - $okm = Encoding::hexToBin( - '3cb25f25faacd57a90434f64d0362f2a' . - '2d2d0a90cf1a5a4c5db02d56ecc4c5bf' . - '34007208d5b887185865' - ); - $computed_okm = Core::HKDF('sha256', $ikm, $length, $info, $salt); - if ($computed_okm !== $okm) { - throw new Ex\EnvironmentIsBrokenException(); - } - - // Test Case 7 - $ikm = \str_repeat("\x0c", 22); - $length = 42; - $okm = Encoding::hexToBin( - '2c91117204d745f3500d636a62f64f0a' . - 'b3bae548aa53d423b0d1f27ebba6f5e5' . - '673a081d70cce7acfc48' - ); - $computed_okm = Core::HKDF('sha1', $ikm, $length, '', null); - if ($computed_okm !== $okm) { - throw new Ex\EnvironmentIsBrokenException(); - } - } - - /** - * Test HMAC against test vectors. - * - * @throws Ex\EnvironmentIsBrokenException - * @return void - */ - private static function HMACTestVector() - { - // HMAC test vector From RFC 4231 (Test Case 1) - $key = \str_repeat("\x0b", 20); - $data = 'Hi There'; - $correct = 'b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7'; - if (\hash_hmac(Core::HASH_FUNCTION_NAME, $data, $key) !== $correct) { - throw new Ex\EnvironmentIsBrokenException(); - } - } - - /** - * Test AES against test vectors. - * - * @throws Ex\EnvironmentIsBrokenException - * @return void - */ - private static function AESTestVector() - { - // AES CTR mode test vector from NIST SP 800-38A - $key = Encoding::hexToBin( - '603deb1015ca71be2b73aef0857d7781' . - '1f352c073b6108d72d9810a30914dff4' - ); - $iv = Encoding::hexToBin('f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff'); - $plaintext = Encoding::hexToBin( - '6bc1bee22e409f96e93d7e117393172a' . - 'ae2d8a571e03ac9c9eb76fac45af8e51' . - '30c81c46a35ce411e5fbc1191a0a52ef' . - 'f69f2445df4f9b17ad2b417be66c3710' - ); - $ciphertext = Encoding::hexToBin( - '601ec313775789a5b7a7f504bbf3d228' . - 'f443e3ca4d62b59aca84e990cacaf5c5' . - '2b0930daa23de94ce87017ba2d84988d' . - 'dfc9c58db67aada613c2dd08457941a6' - ); - - $computed_ciphertext = Crypto::plainEncrypt($plaintext, $key, $iv); - if ($computed_ciphertext !== $ciphertext) { - echo \str_repeat("\n", 30); - echo \bin2hex($computed_ciphertext); - echo "\n---\n"; - echo \bin2hex($ciphertext); - echo \str_repeat("\n", 30); - throw new Ex\EnvironmentIsBrokenException(); - } - - $computed_plaintext = Crypto::plainDecrypt($ciphertext, $key, $iv, Core::CIPHER_METHOD); - if ($computed_plaintext !== $plaintext) { - throw new Ex\EnvironmentIsBrokenException(); - } - } -} diff --git a/vendor/defuse/php-encryption/test.sh b/vendor/defuse/php-encryption/test.sh new file mode 100644 index 0000000000..d1691e7c6e --- /dev/null +++ b/vendor/defuse/php-encryption/test.sh @@ -0,0 +1,30 @@ +#!/bin/bash + +echo "Normal" +echo "--------------------------------------------------" +php -d mbstring.func_overload=0 tests/runtime.php +if [ $? -ne 0 ]; then + echo "FAIL." + exit 1 +fi +echo "--------------------------------------------------" + +echo "" + +echo "Multibyte" +echo "--------------------------------------------------" +php -d mbstring.func_overload=7 tests/runtime.php +if [ $? -ne 0 ]; then + echo "FAIL." + exit 1 +fi +echo "--------------------------------------------------" + +echo "" + +if [ -z "$(php Crypto.php)" ]; then + echo "PASS: Crypto.php output is empty." +else + echo "FAIL: Crypto.php output is not empty." + exit 1 +fi diff --git a/vendor/defuse/php-encryption/tests/runtime.php b/vendor/defuse/php-encryption/tests/runtime.php new file mode 100644 index 0000000000..76565c58e3 --- /dev/null +++ b/vendor/defuse/php-encryption/tests/runtime.php @@ -0,0 +1,32 @@ + diff --git a/vendor/paragonie/random_compat/LICENSE b/vendor/paragonie/random_compat/LICENSE deleted file mode 100644 index 45c7017dfb..0000000000 --- a/vendor/paragonie/random_compat/LICENSE +++ /dev/null @@ -1,22 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2015 Paragon Initiative Enterprises - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. - diff --git a/vendor/paragonie/random_compat/build-phar.sh b/vendor/paragonie/random_compat/build-phar.sh deleted file mode 100644 index b4a5ba31cc..0000000000 --- a/vendor/paragonie/random_compat/build-phar.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/usr/bin/env bash - -basedir=$( dirname $( readlink -f ${BASH_SOURCE[0]} ) ) - -php -dphar.readonly=0 "$basedir/other/build_phar.php" $* \ No newline at end of file diff --git a/vendor/paragonie/random_compat/composer.json b/vendor/paragonie/random_compat/composer.json deleted file mode 100644 index 1c5978c6fb..0000000000 --- a/vendor/paragonie/random_compat/composer.json +++ /dev/null @@ -1,37 +0,0 @@ -{ - "name": "paragonie/random_compat", - "description": "PHP 5.x polyfill for random_bytes() and random_int() from PHP 7", - "keywords": [ - "csprng", - "random", - "pseudorandom" - ], - "license": "MIT", - "type": "library", - "authors": [ - { - "name": "Paragon Initiative Enterprises", - "email": "security@paragonie.com", - "homepage": "https://paragonie.com" - } - ], - "support": { - "issues": "https://github.com/paragonie/random_compat/issues", - "email": "info@paragonie.com", - "source": "https://github.com/paragonie/random_compat" - }, - "require": { - "php": ">=5.2.0" - }, - "require-dev": { - "phpunit/phpunit": "4.*|5.*" - }, - "suggest": { - "ext-libsodium": "Provides a modern crypto API that can be used to generate random bytes." - }, - "autoload": { - "files": [ - "lib/random.php" - ] - } -} diff --git a/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey b/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey deleted file mode 100644 index eb50ebfcd6..0000000000 --- a/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey +++ /dev/null @@ -1,5 +0,0 @@ ------BEGIN PUBLIC KEY----- -MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEEd+wCqJDrx5B4OldM0dQE0ZMX+lx1ZWm -pui0SUqD4G29L3NGsz9UhJ/0HjBdbnkhIK5xviT0X5vtjacF6ajgcCArbTB+ds+p -+h7Q084NuSuIpNb6YPfoUFgC/CL9kAoc ------END PUBLIC KEY----- diff --git a/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey.asc b/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey.asc deleted file mode 100644 index 6a1d7f3006..0000000000 --- a/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey.asc +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.22 (MingW32) - -iQEcBAABAgAGBQJWtW1hAAoJEGuXocKCZATaJf0H+wbZGgskK1dcRTsuVJl9IWip -QwGw/qIKI280SD6/ckoUMxKDCJiFuPR14zmqnS36k7N5UNPnpdTJTS8T11jttSpg -1LCmgpbEIpgaTah+cELDqFCav99fS+bEiAL5lWDAHBTE/XPjGVCqeehyPYref4IW -NDBIEsvnHPHPLsn6X5jq4+Yj5oUixgxaMPiR+bcO4Sh+RzOVB6i2D0upWfRXBFXA -NNnsg9/zjvoC7ZW73y9uSH+dPJTt/Vgfeiv52/v41XliyzbUyLalf02GNPY+9goV -JHG1ulEEBJOCiUD9cE1PUIJwHA/HqyhHIvV350YoEFiHl8iSwm7SiZu5kPjaq74= -=B6+8 ------END PGP SIGNATURE----- diff --git a/vendor/paragonie/random_compat/lib/byte_safe_strings.php b/vendor/paragonie/random_compat/lib/byte_safe_strings.php deleted file mode 100644 index 3de86b223c..0000000000 --- a/vendor/paragonie/random_compat/lib/byte_safe_strings.php +++ /dev/null @@ -1,181 +0,0 @@ - RandomCompat_strlen($binary_string)) { - return ''; - } - - return (string) mb_substr($binary_string, $start, $length, '8bit'); - } - - } else { - - /** - * substr() implementation that isn't brittle to mbstring.func_overload - * - * This version just uses the default substr() - * - * @param string $binary_string - * @param int $start - * @param int $length (optional) - * - * @throws TypeError - * - * @return string - */ - function RandomCompat_substr($binary_string, $start, $length = null) - { - if (!is_string($binary_string)) { - throw new TypeError( - 'RandomCompat_substr(): First argument should be a string' - ); - } - - if (!is_int($start)) { - throw new TypeError( - 'RandomCompat_substr(): Second argument should be an integer' - ); - } - - if ($length !== null) { - if (!is_int($length)) { - throw new TypeError( - 'RandomCompat_substr(): Third argument should be an integer, or omitted' - ); - } - - return (string) substr($binary_string, $start, $length); - } - - return (string) substr($binary_string, $start); - } - } -} diff --git a/vendor/paragonie/random_compat/lib/cast_to_int.php b/vendor/paragonie/random_compat/lib/cast_to_int.php deleted file mode 100644 index 9a4fab9919..0000000000 --- a/vendor/paragonie/random_compat/lib/cast_to_int.php +++ /dev/null @@ -1,75 +0,0 @@ - operators might accidentally let a float - * through. - * - * @param int|float $number The number we want to convert to an int - * @param bool $fail_open Set to true to not throw an exception - * - * @return float|int - * @psalm-suppress InvalidReturnType - * - * @throws TypeError - */ - function RandomCompat_intval($number, $fail_open = false) - { - if (is_int($number) || is_float($number)) { - $number += 0; - } elseif (is_numeric($number)) { - $number += 0; - } - - if ( - is_float($number) - && - $number > ~PHP_INT_MAX - && - $number < PHP_INT_MAX - ) { - $number = (int) $number; - } - - if (is_int($number)) { - return (int) $number; - } elseif (!$fail_open) { - throw new TypeError( - 'Expected an integer.' - ); - } - return $number; - } -} diff --git a/vendor/paragonie/random_compat/lib/error_polyfill.php b/vendor/paragonie/random_compat/lib/error_polyfill.php deleted file mode 100644 index 6a91990ce6..0000000000 --- a/vendor/paragonie/random_compat/lib/error_polyfill.php +++ /dev/null @@ -1,49 +0,0 @@ -= 70000) { - return; -} - -if (!defined('RANDOM_COMPAT_READ_BUFFER')) { - define('RANDOM_COMPAT_READ_BUFFER', 8); -} - -$RandomCompatDIR = dirname(__FILE__); - -require_once $RandomCompatDIR . '/byte_safe_strings.php'; -require_once $RandomCompatDIR . '/cast_to_int.php'; -require_once $RandomCompatDIR . '/error_polyfill.php'; - -if (!is_callable('random_bytes')) { - /** - * PHP 5.2.0 - 5.6.x way to implement random_bytes() - * - * We use conditional statements here to define the function in accordance - * to the operating environment. It's a micro-optimization. - * - * In order of preference: - * 1. Use libsodium if available. - * 2. fread() /dev/urandom if available (never on Windows) - * 3. mcrypt_create_iv($bytes, MCRYPT_DEV_URANDOM) - * 4. COM('CAPICOM.Utilities.1')->GetRandom() - * - * See RATIONALE.md for our reasoning behind this particular order - */ - if (extension_loaded('libsodium')) { - // See random_bytes_libsodium.php - if (PHP_VERSION_ID >= 50300 && is_callable('\\Sodium\\randombytes_buf')) { - require_once $RandomCompatDIR . '/random_bytes_libsodium.php'; - } elseif (method_exists('Sodium', 'randombytes_buf')) { - require_once $RandomCompatDIR . '/random_bytes_libsodium_legacy.php'; - } - } - - /** - * Reading directly from /dev/urandom: - */ - if (DIRECTORY_SEPARATOR === '/') { - // DIRECTORY_SEPARATOR === '/' on Unix-like OSes -- this is a fast - // way to exclude Windows. - $RandomCompatUrandom = true; - $RandomCompat_basedir = ini_get('open_basedir'); - - if (!empty($RandomCompat_basedir)) { - $RandomCompat_open_basedir = explode( - PATH_SEPARATOR, - strtolower($RandomCompat_basedir) - ); - $RandomCompatUrandom = (array() !== array_intersect( - array('/dev', '/dev/', '/dev/urandom'), - $RandomCompat_open_basedir - )); - $RandomCompat_open_basedir = null; - } - - if ( - !is_callable('random_bytes') - && - $RandomCompatUrandom - && - @is_readable('/dev/urandom') - ) { - // Error suppression on is_readable() in case of an open_basedir - // or safe_mode failure. All we care about is whether or not we - // can read it at this point. If the PHP environment is going to - // panic over trying to see if the file can be read in the first - // place, that is not helpful to us here. - - // See random_bytes_dev_urandom.php - require_once $RandomCompatDIR . '/random_bytes_dev_urandom.php'; - } - // Unset variables after use - $RandomCompat_basedir = null; - } else { - $RandomCompatUrandom = false; - } - - /** - * mcrypt_create_iv() - * - * We only want to use mcypt_create_iv() if: - * - * - random_bytes() hasn't already been defined - * - the mcrypt extensions is loaded - * - One of these two conditions is true: - * - We're on Windows (DIRECTORY_SEPARATOR !== '/') - * - We're not on Windows and /dev/urandom is readabale - * (i.e. we're not in a chroot jail) - * - Special case: - * - If we're not on Windows, but the PHP version is between - * 5.6.10 and 5.6.12, we don't want to use mcrypt. It will - * hang indefinitely. This is bad. - * - If we're on Windows, we want to use PHP >= 5.3.7 or else - * we get insufficient entropy errors. - */ - if ( - !is_callable('random_bytes') - && - // Windows on PHP < 5.3.7 is broken, but non-Windows is not known to be. - (DIRECTORY_SEPARATOR === '/' || PHP_VERSION_ID >= 50307) - && - // Prevent this code from hanging indefinitely on non-Windows; - // see https://bugs.php.net/bug.php?id=69833 - ( - DIRECTORY_SEPARATOR !== '/' || - (PHP_VERSION_ID <= 50609 || PHP_VERSION_ID >= 50613) - ) - && - extension_loaded('mcrypt') - ) { - // See random_bytes_mcrypt.php - require_once $RandomCompatDIR . '/random_bytes_mcrypt.php'; - } - $RandomCompatUrandom = null; - - /** - * This is a Windows-specific fallback, for when the mcrypt extension - * isn't loaded. - */ - if ( - !is_callable('random_bytes') - && - extension_loaded('com_dotnet') - && - class_exists('COM') - ) { - $RandomCompat_disabled_classes = preg_split( - '#\s*,\s*#', - strtolower(ini_get('disable_classes')) - ); - - if (!in_array('com', $RandomCompat_disabled_classes)) { - try { - $RandomCompatCOMtest = new COM('CAPICOM.Utilities.1'); - if (method_exists($RandomCompatCOMtest, 'GetRandom')) { - // See random_bytes_com_dotnet.php - require_once $RandomCompatDIR . '/random_bytes_com_dotnet.php'; - } - } catch (com_exception $e) { - // Don't try to use it. - } - } - $RandomCompat_disabled_classes = null; - $RandomCompatCOMtest = null; - } - - /** - * throw new Exception - */ - if (!is_callable('random_bytes')) { - /** - * We don't have any more options, so let's throw an exception right now - * and hope the developer won't let it fail silently. - * - * @param mixed $length - * @return void - * @throws Exception - */ - function random_bytes($length) - { - unset($length); // Suppress "variable not used" warnings. - throw new Exception( - 'There is no suitable CSPRNG installed on your system' - ); - } - } -} - -if (!is_callable('random_int')) { - require_once $RandomCompatDIR . '/random_int.php'; -} - -$RandomCompatDIR = null; diff --git a/vendor/paragonie/random_compat/lib/random_bytes_com_dotnet.php b/vendor/paragonie/random_compat/lib/random_bytes_com_dotnet.php deleted file mode 100644 index fc1926e5ca..0000000000 --- a/vendor/paragonie/random_compat/lib/random_bytes_com_dotnet.php +++ /dev/null @@ -1,88 +0,0 @@ -GetRandom($bytes, 0)); - if (RandomCompat_strlen($buf) >= $bytes) { - /** - * Return our random entropy buffer here: - */ - return RandomCompat_substr($buf, 0, $bytes); - } - ++$execCount; - } while ($execCount < $bytes); - - /** - * If we reach here, PHP has failed us. - */ - throw new Exception( - 'Could not gather sufficient random data' - ); - } -} \ No newline at end of file diff --git a/vendor/paragonie/random_compat/lib/random_bytes_dev_urandom.php b/vendor/paragonie/random_compat/lib/random_bytes_dev_urandom.php deleted file mode 100644 index df5b91524e..0000000000 --- a/vendor/paragonie/random_compat/lib/random_bytes_dev_urandom.php +++ /dev/null @@ -1,167 +0,0 @@ - 0); - - /** - * Is our result valid? - */ - if (is_string($buf)) { - if (RandomCompat_strlen($buf) === $bytes) { - /** - * Return our random entropy buffer here: - */ - return $buf; - } - } - } - - /** - * If we reach here, PHP has failed us. - */ - throw new Exception( - 'Error reading from source device' - ); - } -} diff --git a/vendor/paragonie/random_compat/lib/random_bytes_libsodium.php b/vendor/paragonie/random_compat/lib/random_bytes_libsodium.php deleted file mode 100644 index 4af1a24227..0000000000 --- a/vendor/paragonie/random_compat/lib/random_bytes_libsodium.php +++ /dev/null @@ -1,88 +0,0 @@ - 2147483647) { - $buf = ''; - for ($i = 0; $i < $bytes; $i += 1073741824) { - $n = ($bytes - $i) > 1073741824 - ? 1073741824 - : $bytes - $i; - $buf .= \Sodium\randombytes_buf($n); - } - } else { - $buf = \Sodium\randombytes_buf($bytes); - } - - if ($buf !== false) { - if (RandomCompat_strlen($buf) === $bytes) { - return $buf; - } - } - - /** - * If we reach here, PHP has failed us. - */ - throw new Exception( - 'Could not gather sufficient random data' - ); - } -} diff --git a/vendor/paragonie/random_compat/lib/random_bytes_libsodium_legacy.php b/vendor/paragonie/random_compat/lib/random_bytes_libsodium_legacy.php deleted file mode 100644 index 705af5262b..0000000000 --- a/vendor/paragonie/random_compat/lib/random_bytes_libsodium_legacy.php +++ /dev/null @@ -1,92 +0,0 @@ - 2147483647) { - for ($i = 0; $i < $bytes; $i += 1073741824) { - $n = ($bytes - $i) > 1073741824 - ? 1073741824 - : $bytes - $i; - $buf .= Sodium::randombytes_buf((int) $n); - } - } else { - $buf .= Sodium::randombytes_buf((int) $bytes); - } - - if (is_string($buf)) { - if (RandomCompat_strlen($buf) === $bytes) { - return $buf; - } - } - - /** - * If we reach here, PHP has failed us. - */ - throw new Exception( - 'Could not gather sufficient random data' - ); - } -} diff --git a/vendor/paragonie/random_compat/lib/random_bytes_mcrypt.php b/vendor/paragonie/random_compat/lib/random_bytes_mcrypt.php deleted file mode 100644 index aac9c013d4..0000000000 --- a/vendor/paragonie/random_compat/lib/random_bytes_mcrypt.php +++ /dev/null @@ -1,77 +0,0 @@ - operators might accidentally let a float - * through. - */ - - try { - $min = RandomCompat_intval($min); - } catch (TypeError $ex) { - throw new TypeError( - 'random_int(): $min must be an integer' - ); - } - - try { - $max = RandomCompat_intval($max); - } catch (TypeError $ex) { - throw new TypeError( - 'random_int(): $max must be an integer' - ); - } - - /** - * Now that we've verified our weak typing system has given us an integer, - * let's validate the logic then we can move forward with generating random - * integers along a given range. - */ - if ($min > $max) { - throw new Error( - 'Minimum value must be less than or equal to the maximum value' - ); - } - - if ($max === $min) { - return (int) $min; - } - - /** - * Initialize variables to 0 - * - * We want to store: - * $bytes => the number of random bytes we need - * $mask => an integer bitmask (for use with the &) operator - * so we can minimize the number of discards - */ - $attempts = $bits = $bytes = $mask = $valueShift = 0; - - /** - * At this point, $range is a positive number greater than 0. It might - * overflow, however, if $max - $min > PHP_INT_MAX. PHP will cast it to - * a float and we will lose some precision. - */ - $range = $max - $min; - - /** - * Test for integer overflow: - */ - if (!is_int($range)) { - - /** - * Still safely calculate wider ranges. - * Provided by @CodesInChaos, @oittaa - * - * @ref https://gist.github.com/CodesInChaos/03f9ea0b58e8b2b8d435 - * - * We use ~0 as a mask in this case because it generates all 1s - * - * @ref https://eval.in/400356 (32-bit) - * @ref http://3v4l.org/XX9r5 (64-bit) - */ - $bytes = PHP_INT_SIZE; - $mask = ~0; - - } else { - - /** - * $bits is effectively ceil(log($range, 2)) without dealing with - * type juggling - */ - while ($range > 0) { - if ($bits % 8 === 0) { - ++$bytes; - } - ++$bits; - $range >>= 1; - $mask = $mask << 1 | 1; - } - $valueShift = $min; - } - - $val = 0; - /** - * Now that we have our parameters set up, let's begin generating - * random integers until one falls between $min and $max - */ - do { - /** - * The rejection probability is at most 0.5, so this corresponds - * to a failure probability of 2^-128 for a working RNG - */ - if ($attempts > 128) { - throw new Exception( - 'random_int: RNG is broken - too many rejections' - ); - } - - /** - * Let's grab the necessary number of random bytes - */ - $randomByteString = random_bytes($bytes); - - /** - * Let's turn $randomByteString into an integer - * - * This uses bitwise operators (<< and |) to build an integer - * out of the values extracted from ord() - * - * Example: [9F] | [6D] | [32] | [0C] => - * 159 + 27904 + 3276800 + 201326592 => - * 204631455 - */ - $val &= 0; - for ($i = 0; $i < $bytes; ++$i) { - $val |= ord($randomByteString[$i]) << ($i * 8); - } - - /** - * Apply mask - */ - $val &= $mask; - $val += $valueShift; - - ++$attempts; - /** - * If $val overflows to a floating point number, - * ... or is larger than $max, - * ... or smaller than $min, - * then try again. - */ - } while (!is_int($val) || $val > $max || $val < $min); - - return (int) $val; - } -} diff --git a/vendor/paragonie/random_compat/other/build_phar.php b/vendor/paragonie/random_compat/other/build_phar.php deleted file mode 100644 index 70ef4b2ed8..0000000000 --- a/vendor/paragonie/random_compat/other/build_phar.php +++ /dev/null @@ -1,57 +0,0 @@ -buildFromDirectory(dirname(__DIR__).'/lib'); -rename( - dirname(__DIR__).'/lib/index.php', - dirname(__DIR__).'/lib/random.php' -); - -/** - * If we pass an (optional) path to a private key as a second argument, we will - * sign the Phar with OpenSSL. - * - * If you leave this out, it will produce an unsigned .phar! - */ -if ($argc > 1) { - if (!@is_readable($argv[1])) { - echo 'Could not read the private key file:', $argv[1], "\n"; - exit(255); - } - $pkeyFile = file_get_contents($argv[1]); - - $private = openssl_get_privatekey($pkeyFile); - if ($private !== false) { - $pkey = ''; - openssl_pkey_export($private, $pkey); - $phar->setSignatureAlgorithm(Phar::OPENSSL, $pkey); - - /** - * Save the corresponding public key to the file - */ - if (!@is_readable($dist.'/random_compat.phar.pubkey')) { - $details = openssl_pkey_get_details($private); - file_put_contents( - $dist.'/random_compat.phar.pubkey', - $details['key'] - ); - } - } else { - echo 'An error occurred reading the private key from OpenSSL.', "\n"; - exit(255); - } -} diff --git a/vendor/paragonie/random_compat/psalm-autoload.php b/vendor/paragonie/random_compat/psalm-autoload.php deleted file mode 100644 index d71d1b818c..0000000000 --- a/vendor/paragonie/random_compat/psalm-autoload.php +++ /dev/null @@ -1,9 +0,0 @@ - - - - - - - - - - - -