public function createCsrfKey()
 {
     $csrfKey = '';
     while (strlen($csrfKey) <= 50) {
         $csrfKey .= base_convert(crypt_random(), 10, 32);
     }
     return $csrfKey;
 }
Esempio n. 2
0
 /**
  * Generates a random string x bytes long
  *
  * @access private
  * @static
  * @param Integer $bytes
  * @param optional Integer $nonzero
  * @return String
  */
 private static function _random($bytes, $nonzero = false)
 {
     $temp = '';
     if ($nonzero) {
         for ($i = 0; $i < $bytes; $i++) {
             $temp .= chr(crypt_random(1, 255));
         }
     } else {
         $ints = $bytes + 1 >> 2;
         for ($i = 0; $i < $ints; $i++) {
             $temp .= pack('N', crypt_random());
         }
         $temp = substr($temp, 0, $bytes);
     }
     return $temp;
 }
Esempio n. 3
0
 /**
  * Sends Binary Packets
  *
  * See '6. Binary Packet Protocol' of rfc4253 for more info.
  *
  * @param String $data
  * @see Net_SSH2::_get_binary_packet()
  * @return Boolean
  * @access private
  */
 function _send_binary_packet($data)
 {
     if (feof($this->fsock)) {
         user_error('Connection closed prematurely', E_USER_NOTICE);
         return false;
     }
     //if ($this->compress) {
     //    // the -4 removes the checksum:
     //    // http://php.net/function.gzcompress#57710
     //    $data = substr(gzcompress($data), 0, -4);
     //}
     // 4 (packet length) + 1 (padding length) + 4 (minimal padding amount) == 9
     $packet_length = strlen($data) + 9;
     // round up to the nearest $this->encrypt_block_size
     $packet_length += ($this->encrypt_block_size - 1) * $packet_length % $this->encrypt_block_size;
     // subtracting strlen($data) is obvious - subtracting 5 is necessary because of packet_length and padding_length
     $padding_length = $packet_length - strlen($data) - 5;
     $padding = '';
     for ($i = 0; $i < $padding_length; $i++) {
         $padding .= chr(crypt_random(0, 255));
     }
     // we subtract 4 from packet_length because the packet_length field isn't supposed to include itself
     $packet = pack('NCa*', $packet_length - 4, $padding_length, $data . $padding);
     $hmac = $this->hmac_create !== false ? $this->hmac_create->hash(pack('Na*', $this->send_seq_no, $packet)) : '';
     $this->send_seq_no++;
     if ($this->encrypt !== false) {
         $packet = $this->encrypt->encrypt($packet);
     }
     $packet .= $hmac;
     $start = strtok(microtime(), ' ') + strtok('');
     // http://php.net/microtime#61838
     $result = strlen($packet) == fputs($this->fsock, $packet);
     $stop = strtok(microtime(), ' ') + strtok('');
     if (defined('NET_SSH2_LOGGING')) {
         $temp = isset($this->message_numbers[ord($data[0])]) ? $this->message_numbers[ord($data[0])] : 'UNKNOWN (' . ord($data[0]) . ')';
         $this->message_number_log[] = '-> ' . $temp . ' (' . round($stop - $start, 4) . 's)';
         if (NET_SSH2_LOGGING == NET_SSH2_LOG_COMPLEX) {
             $this->message_log[] = substr($data, 1);
         }
     }
     return $result;
 }
Esempio n. 4
0
 /**
  * Generates a random string x bytes long
  *
  * @access public
  * @param Integer $bytes
  * @param optional Integer $nonzero
  * @return String
  */
 function _random($bytes, $nonzero = false)
 {
     $temp = '';
     for ($i = 0; $i < $bytes; $i++) {
         $temp .= chr(crypt_random($nonzero, 255));
     }
     return $temp;
 }
Esempio n. 5
0
 /**
  * RSA Encrypt
  *
  * Returns mod(pow($m, $e), $n), where $n should be the product of two (large) primes $p and $q and where $e
  * should be a number with the property that gcd($e, ($p - 1) * ($q - 1)) == 1.  Could just make anything that
  * calls this call modexp, instead, but I think this makes things clearer, maybe...
  *
  * @see Net_SSH1::Net_SSH1()
  * @param Math_BigInteger $m
  * @param Array $key
  * @return Math_BigInteger
  * @access private
  */
 function _rsa_crypt($m, $key)
 {
     /*
     if (!class_exists('Crypt_RSA')) {
         require_once('Crypt/RSA.php');
     }
     
     $rsa = new Crypt_RSA();
     $rsa->loadKey($key, CRYPT_RSA_PUBLIC_FORMAT_RAW);
     $rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1);
     return $rsa->encrypt($m);
     */
     // To quote from protocol-1.5.txt:
     // The most significant byte (which is only partial as the value must be
     // less than the public modulus, which is never a power of two) is zero.
     //
     // The next byte contains the value 2 (which stands for public-key
     // encrypted data in the PKCS standard [PKCS#1]).  Then, there are non-
     // zero random bytes to fill any unused space, a zero byte, and the data
     // to be encrypted in the least significant bytes, the last byte of the
     // data in the least significant byte.
     // Presumably the part of PKCS#1 they're refering to is "Section 7.2.1 Encryption Operation",
     // under "7.2 RSAES-PKCS1-v1.5" and "7 Encryption schemes" of the following URL:
     // ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf
     $temp = chr(0) . chr(2);
     $modulus = $key[1]->toBytes();
     $length = strlen($modulus) - strlen($m) - 3;
     for ($i = 0; $i < $length; $i++) {
         $temp .= chr(crypt_random(1, 255));
     }
     $temp .= chr(0) . $m;
     $m = new Math_BigInteger($temp, 256);
     $m = $m->modPow($key[0], $key[1]);
     return $m->toBytes();
 }